From the Cloud to the Edge — New Potentials and New Threats

The expan­si­on of edge com­pu­ting struc­tures will enab­le a wide ran­ge of new poten­ti­als to be unlo­cked. Howe­ver, this deve­lo­p­ment does not exclu­de new chal­len­ges and dan­gers. We offer you a solu­ti­on to ensu­re your IT secu­ri­ty even for decen­tra­li­zed locations.

The challenge of decentralization

With the emer­ging para­digm of edge com­pu­ting, data pro­ces­sing is done clo­ser to the end user to redu­ce the risk of laten­cy issu­es. Resour­ces are made avail­ab­le whe­re they are actual­ly nee­ded, ins­tead of in lar­ge data cen­ters as has been the case in the past. The­re­fo­re, edge com­pu­ting invol­ves decen­tra­li­zed com­pu­ting and sto­rage resour­ces at a lar­ge num­ber of dis­tri­bu­t­ed locations.

Edge computing challenges

  • Incre­a­sed phy­si­cal attack surface
  • Dis­tri­bu­t­ed edge, dis­tri­bu­t­ed pro­ces­sing and sto­rage, aggre­ga­ti­on, local data analysis
  • Auto­no­mous real-time decisi­on making (e.g. dod­ging to avoid an object)
  • Com­mon intelligence/situational awa­reness (e.g. nodes sharing cri­ti­cal secu­ri­ty infor­ma­ti­on, e.g., about non-auto­no­mous ground or air vehicles)

Increased attack potential

In addi­ti­on to low laten­cy, howe­ver, dis­tri­bu­ti­on across many loca­ti­ons also crea­tes a lar­ger attack sur­face. Clas­sic ser­vers in data cen­ters are secu­red against unaut­ho­ri­zed phy­si­cal access by the secu­ri­ty mea­su­res of the data cen­ter its­elf. In the case of dis­tri­bu­t­ed edge devices, such pro­tec­tion is not pos­si­ble from an eco­no­mic point of view.
Howe­ver, pro­tec­tion of the hard­ware com­pon­ents is an ele­men­ta­ry com­po­nent of the pro­tec­tion con­cept and is requi­red in stan­dards and cer­ti­fi­ca­ti­ons such as FIPS 140–2, ISO27001 and the IT basic pro­tec­tion cata­logs of the BSI.

Protection of many small sites

The­se decen­tra­li­zed phy­si­cal loca­ti­ons need spe­cial pro­tec­tion becau­se they are more likely to be expo­sed to unaut­ho­ri­zed phy­si­cal access. The com­pro­mi­se of just one app­li­ca­ti­on could easi­ly spread to the rest of the network.
To pro­tect sys­tems ope­ra­ting at the edge of the net­work, PHYSEC’s remo­te inte­gri­ty veri­fi­ca­ti­on solu­ti­on asses­ses the phy­si­cal sta­te and pro­vi­des a traf­fic light func­tion to the orches­tra­tor. PHYSEC’s remo­te rea­dout modu­le can be retro­fit­ted to vir­tual­ly any micro data cen­ter (MDC), enclo­sure, or even indi­vi­du­al com­pu­te and sto­rage sys­tems, if not alrea­dy inte­gra­ted by the manufacturer.

Let us convince you of our solutions for edge computing

SEAL Integrity Assessment

Our SEAL solu­ti­on can be instal­led in edge devices of any size and alerts in case of unaut­ho­ri­zed intru­si­on or occur­ring dama­ge to the edge stations.

IoTree — LoRaWAN

With PHYSEC’s paten­ted TLS over LoRa­WAN, we offer secu­re com­mu­ni­ca­ti­on in the Inter­net of Things. The well-known advan­ta­ges of LoRa­WAN are thus com­bi­ned with BSI-com­pli­ant security.

IoTree — NB-IoT

For remo­te sites, NB-IoT wire­less tech­no­lo­gy can also be used and inte­gra­ted into our solu­ti­on with the same high level of security.

Personal Consultation

React to the rising secu­ri­ty thre­ats and pre­vent the attacks of tomor­row. We at PHYSEC will glad­ly ans­wer your ques­ti­ons. Talk direct­ly to our exe­cu­ti­ves now.

Dr. Chris­ti­an Zen­ger, CEO
Email: christian.zenger@physec.de

Dr. Hei­ko Koep­ke, CFO
Email: heiko.koepke@physec.de