security

Greater security for critical infrastructures

Security and data protection requirements tightened

In the age of digitisation, people are not the only ones communicating with one another, as networked objects also exchange data. The term “machine-to-machine" (M2M) is used to describe this form of electronic communication. According to information provided in 2018 by leading statistics portal Statista, we are set to see massive growth in this field by 2021.

Alongside automation of production (aka Industry 4.0), key topics in this development include networking of modes of transport with road traffic and the associated infrastructure, as well as the use of information and communication systems in vehicles, the energy market and healthcare. As the systems and components used become increasingly complex, networked and thereby create massive data volumes, these critical infrastructures offer growing potential for attacks on functionality, security and privacy.



Comprehensive security portfolio for critical infrastructures

Security is scalable

Currently, there are still many applications in the private or business sector that have no legal obligations to comply with security standards.In this environment, everyone simply "relies on each other“. Another extreme can be observed in the field of critical infrastructures. In some cases, IT systems are facing major hurdles in complying with the security requirements here.

achelos offers a comprehensive portfolio of products, solutions and services and supports any level of security, since security is scalable. Thanks to the combination of extensive expert knowledge, development based on the "Security by Design" principle, as well as automated test procedures, we offer the highest quality for security-relevant software at a fair price. Alongside the healthcare, IoT, mobility and public segments, we focus on general security-related topics in customer-specific developments.

GSMA

Security consulting and services in line with the GSMA IoT Security Guidelines

achelos supports customers to assess and to improve the security of their overall IoT system. The Service is based on the GSMA IoT Security Guidelines (CLP.12 for IoT Service Ecosystems and CLP.13 for IoT Endpoint Ecosystems) and the GSMA IoT Security Assessment Checklist (CLP.17).

Our customers include:

  • Evaluators
  • ISO 27001 test centers
  • Manufacturers of security-critical application software
  • Manufacturers of TLS stacks
  • Manufacturers of IoT devices
  • Device manufacturers, such as Smart Meter or Smart Meter Gateway manufacturers
  • Software houses

The benefits for you!:

  • Many years of experience in creating automated test suites
  • Recognised experts from the Common Criteria environment
  • Provision of domain expertise in the field of network security (TLS and IKE/IPsec)
  • Significant savings in quality assurance
  • User-friendly products and solutions
achelos Security-Portfolio

achelos security portfolio for critical infrastructures

Greater security in a networked world

achelos offers an innovative portfolio of products and solutions on the basis of the latest technologies and encryption methods. We have been active in the market as a manufacturer-independent software development house for more than ten years. achelos works on major projects both nationally and throughout Europe that focus on the security of personal, confidential and particularly sensitive data.

Our technical solutions range from conceptual design and specification, through development and integration, all the way up to testing in security-critical fields of application.

 

The achelos security offering at a glance

Security management

  • IT security concept policy
  • Definition of security requirements
  • IT security architectures
  • IT security organisation and processes
  • Risk analyses
  • Supporting CC evaluation and CC certification
  • Audit-standard documentation

Special security technologies

  • Public Key Infrastructure (PKI)
  • Single Sign On (SSO)
  • Smart cards
  • Security token 

System and application security of

  • smart cards and smart card terminals
  • high security modules (HSM)
  • mobile terminals
  • web server infrastructures
  • client/server systems

Consulting and security test suites for critical infrastructures

Together with partners, achelos offers customers from the critical infrastructure sector a full-scope service for implementation of the IT security compliance objectives, such as implementation as per ISO 27001, sector-specific IT security standards or general security requirements (based on recommendations from the Federal Office for Information Security (BSI)). In line with the German government's IT security legislation, this affects all sectors with supply relevance in which failures could lead to dramatic consequences for society at large, the economy and the state.

TLS and IKE/IPsec test suites from achelos

TLS and IKE/IPsec test suites from achelos

Flexible software tools deliver verifiable IT security

The TLS and IKE/IPsec test suites from achelos are used to check secure configuration and implementation of network connections:

Benefits of the TLS and IKE/IPsec test suites from achelos:

  • Comprehensive testing of potential attack scenarios (considerable test depth)
  • Thorough implementation of BSI requirements
    Cost savings thanks to faster certification
  • High degree of automation
  • Reproducible test results
  • Significant reduction of test time and costs

Product versions

The test suites are available individually with the following testing tools:

  • Qumate.Security.TLS-Client
  • Qumate.Security.TLS-Server
  • Qumate.Security.TLS-Checklist
  • Qumate.Security.IKE/IPsec

               

Services

Security and prevention as core competency

The services offered by achelos encompass drafting of test concepts for conformity tests with technical specifications and BSI guidelines, as well as preparation of evaluations and certifications to security standards, such as Common Criteria, PCI-DSS or FIPS.

 

Expert knowledge for a secure future

We help our customers implement legal and individual security requirements in stable, user-friendly and sustainable solutions. This starts with consulting, employing a great deal of expert knowledge, continues throughout our development activities with "Security by Design" and ends with the customer, who then benefits from flexible and high-performance solutions, the results of which flow into verifiable documentation. The achelos team comprises recognised experts in security technology that have implemented projects worldwide.

achelos reference projects

achelos reference projects

We have references in many areas, including the following:

  • Electronic ID systems
  • Electronic health cards
  • Interoperability laboratory for all components of the telematics infrastructure in the German healthcare sector
  • Digital tachograph (driver card, workshop card, control card, company card) 
  • Subscription and connectivity management
  • Bank cards with chip
  • Security in electronic communication
  • Public Key Infrastructures (make-or-buy consulting)
  • Digital signatures
IT security tips

IT security tips

Questions for assessing IT security

  • How is my IT system protected against internal and external threats?
  • Is the level of IT security in line with the latest state of the art developments and the requirements of my business partners?
  • Which security standards are currently in place and are they being met?
  • How are the quality and security standards documented in a verifiable way?
  • What risks and what kind of damage could potentially occur in my organisation as a result of inadequate IT security?

We would love to be your trusted partner with products, solutions and services for security-critical fields of application.

Heinfried Cznottka

Director Business Development

Email:

Phone:
+49 5251 14212-327