Why do you need PHYSEC SIoT?
Most existing solutions lack the ability to provide robust end-to-end security over LPWAN due to limited resources. The often patchy or incomplete encryption means that machines and devices remain vulnerable across the entire network – for example when communicating over the internet. As a result, they are not adequately protected against unauthorised access or manipulation. A lack of device authentication and weak key management also jeopardise the integrity and confidentiality of the transmitted data.
Smart Meter Gateways (SMGW) are a central component of modern energy infrastructure. They enable bidirectional communication between supply companies and smart meters installed on site - even in the context of critical infrastructures (CRITIS). As they become more widespread, the requirements for security in KRITIS use cases such as consumption metering are also increasing.
These include data protection, authentication, access control, secure communication protocols, intrusion detection, secure firmware updates and physical protection of the devices.
The implementation of these security requirements requires a holistic approach by the CRITIS operators. In practice, however, existing vulnerabilities are often unknown – especially if they are not (yet) regulated by law.
Regulatory requirements such as the Cyber Resilience Act (CRA) and the Radio Equipment Directive (RED) are therefore becoming increasingly important:
The CRA is the world's first regulation to define binding EU-wide minimum requirements for the cyber security of networked products and their software. The RED (Directive 2014/53/EU - ‘Radio Equipment Directive’) defines the requirements for the placing on the market and safe operation of radio equipment – including aspects of IT security.
How to close your security gaps with PHYSEC SIoT
PHYSEC SIoT is the smallest firmware available in accordance with BSI guidelines TR-03116-3 and TR-02102-2, enabling you to tackle security issues in a structured way and protect your networked devices and machines from potential security risks. PHYSEC SIoT establishes secure end-to-end data encryption via LPWAN with DTLS 1.2.
By adapting proven security measures of the SMGW infrastructure (TLS, certificates/PKI, hardware requirements, etc.), the highest possible security standard is guaranteed while at the same time making efficient use of energy, network bandwidth and spectrum. In this way, we specifically strengthen the resilience of CRITIS operators against modern cyber threats:
RED and CRA-compliant data transmission
Secure end-to-end data encryption via common LPWAN standards
Use of the industry standard (D)TLS with the cryptographic parameters recommended by the BSI (German Federal Office for Information Security)
Successful handling of limited resources thanks to sound experience in the field of embedded security
Patented DTLS technology for LoRaWAN
Support for multiple LNS implementations and backend systems
Fulfilment of the highest security standards with the ‘Security by Design’ principle
What are the integration requirements for PHYSEC SIoT?
The SIoT embedded stack is supplied as a precompiled library for the microcontroller specified by the manufacturer together with the required header files (APIs), detailed documentation and examples for integration. It must be included by the integrator in their final production binary.
The SIoT cloud stack is offered as a managed SaaS solution and provides plug-and-play integration for multiple LPWAN technologies (LoRaWAN®, NB-IoT) and provides APIs to connect to the customer's centralised backend systems.
