Thanks to its collaboration with atsec information security, Express Logic’s industrial-grade X-Ware IoT Platform NetX Crypto library has achieved Federal Information Processing Standards (FIPS) 140-2 cryptographic certification. The certification authority for this effort, the National Institute of Standards and Technology (NIST), issued the FIPS 140 Publication Series in May 2001 to align the requirements and standards for cryptography modules that include both hardware and software components.
FIPS 140-2 was instituted to protect sensitive or valuable U.S. government data, and data from commercial industries such as financial and health-care institutions that is collected, stored, shared, and disseminated electronically.
With billions of devices expected to be on the IoT by 2020, security has become the primary concern of the embedded industry. To address this concern, Express Logic has established itself as the safety and security leader in the embedded IoT space with its industrial-grade approach, including pre-certification to SIL 4 and ASIL D safety standards and EAL4+ security common criteria certification for X-Ware IoT Secure Connectivity (SC), TLS/DTLS, and IPsec security protocols and standards. The FIPS 140-2 certification effort represents another significant step forward in focusing directly on IoT security needs of the embedded industry.
In addition to the ThreadX RTOS and NetX Duo, the X-Ware IoT Platform includes the safety-certified FileX embedded FAT-32/exFAT file system, the GUIX GUI development and embedded runtime framework, and the USBX embedded host/device USB stack. This enables embedded developers to leverage the entire X-Ware IoT Platform solution to solve IoT applications that need to do more than just communicate with other devices and/or networks.
“Security is a major concern in the embedded IoT community, and at the same time, securing the IoT is technically very challenging for embedded developers,” said William E. Lamie, President, Express Logic. “This X-Ware IoT Platform FIPS 140-2 certification helps our customers meet stringent government security requirements, thus improving time-to-market and greatly improving the security profile of their device.”