IT security products and solutions for security-critical application areas

Gigantic growth in digitisation

Security and data protection requirements tightened

In the age of digitisation, people are not the only ones communicating with one another, as networked objects also exchange data. According to Statista, the number of Internet-of-Things (IoT) devices worldwide will almost triple from 9.7 billion in 2020 to more than 29 billion IoT devices in 2030.

Alongside automation of production (aka Industry 4.0), key topics in this development are the networking of transport modes with road traffic and information and communication systems in vehicles, the energy market and healthcare.

With the increasing complexity of the systems and components used, their networking and the resulting data volumes, these critical infrastructures offer growing potential for attacks on functionality, security, and privacy.

Number of connected IoT devices worldwide from 2020 to 2030

(Source: Statista 2022)

New threat situation requires rapid action

Especially during the last two pandemic years pandemic, companies suddenly found themselves confronted with a new threat situation. Very often, fast functionality was prioritised over security aspects in software development. The danger here is that digitisation projects born out of necessity neglect information security and thus endanger entire corporate networks.

In addition, there are still many applications in the private or business sector that have no legal obligations to comply with security standards. Another extreme can be observed in the field of critical infrastructures. In some cases, IT systems are facing major hurdles in complying with the high security requirements here.  



achelos portfolio for security-critical applications

The achelos security portfolio

What we offer

achelos supports companies and organisations holistically on their path to digitalisation.

We offer a comprehensive product and service portfolio for the development of secure and certifiable IT solutions:

  • Consultancy from our experienced security experts
  • Development of certifiable software according to the "Security by Design" principle
  • Acceptance and auditing support according to relevant standards
  • Automated test suites and powerful simulations
  • Intelligent solutions for industry-specific requirements
  • Certified partner products in the field of public key infrastructures (PKI) and hardware security modules (HSM)

Our expertise for your success

Benefit from:

  • Many years of experience in creating automated test suites
  • Recognised experts from the Common Criteria environment
  • Provision of domain expertise in the field of network security (TLS and IKE/IPsec)
  • Significant savings in quality assurance
  • User-friendly products and solutions

 

 

      

Our customers

Our customers include:

  • Software houses
  • Evaluators
  • ISO 27001 test centers
  • Manufacturers of security-critical application software
  • Manufacturers of TLS stacks
  • Manufacturers of IoT devices
  • Trust centres
  • Device manufacturers, such as Smart Meter or Smart Meter Gateway manufacturers

Reference projects

We have references in many areas, including the following:

  • Public Key Infrastructures (make-or-buy consulting)
  • Electronic ID systems
  • Electronic health cards
  • Interoperability laboratory for all components of the telematics infrastructure in the German healthcare sector
  • Digital tachograph (driver card, workshop card, control card, company card)
  • Subscription and connectivity management
  • Bank cards with chip
  • Security in electronic communication
  • Digital signatures

Portfolio highlights

Key management solutions

Highest cybersecurity in industry and transport

Cybersecurity based on Public Key Infrastructure (PKI) forms the basis for the intelligent connection of devices, machines, and products. It is used both in the industrial environment for the digitalisation of processes (Industry 4.0) and in the development of future connected transport solutions. The basis of every PKI is hardware security modules (HSM). They provide protected cryptographic processes by generating keys through random generators and then protecting and managing them.

achelos offers comprehensive services for setting up new key management systems or migrating existing ones. Through the optimal mix of consulting, professional service, development and certification support, our customers achieve maximum efficiency with full cost control.

 

Security engineering

Successfully develop secure and certifiable products and solutions

Digital, connected manufacturing and cyber security meet at a new level of security. The market demands secure products and solutions that are hardened against hacker attacks and have proof of security, e.g. in the form of security certification according to IEC 62443. achelos offers a comprehensive range of security engineering services for industrial cyber security.

Our security engineers accompany your entire development process. They take care of the security requirements; they develop security architectures together with you and finally they are the central point of contact about product security. As your integration partner, we also support the implementation of cyber security and cryptographic functions in eSE and HSMs to enable the hardening of ICS components for product certification.

Certification and auditing

Certification support from experts

We provide holistic support to manufacturers and those responsible for products, systems and applications in the auditing and certification of their new solutions. This includes, among other things, assistance in the application process, the creation of legally compliant documentation and the development of software based on many years of project and evaluator activities.

The achelos experts have specific know-how from a wide range of industries and thus can actively support their clients in every project phase. We act in a manufacturer-neutral manner and work closely with certification and accredited testing bodies in the area of evaluation. With our own CC site certification, we can provide holistic support for development projects with highest demands.

In this way, you can master the approval of your new products safely and efficiently.

 

Test suites

Network security test suites

IT security and data protection are the central issues in electronic data traffic and affect all industries. Transport Layer Security (TLS) and Internet Key Exchange (IKE) / Internet Protocol Security (IPsec) are recognised standards that form the basis for secure IT networks.

Implementation and configuration are very complex and can provide loopholes for attackers if implemented incorrectly. With our flexible security test suites TLS Inspector and IKE/IPsec Inspector, you can test the configuration and implementation of TLS and IKE/IPsec network connections, independent of the manufacturer.

The test suites are characterised by a high degree of automation, simple integration into other systems and an intuitive, web-based user interface. Detailed reporting and audit-proof documentation also guarantee the traceability of the test execution.

 

    

We are happy to be your trusted partner with products, solutions, and services for security-critical fields of application.

Heinfried Cznottka

Director Security Solutions

Email:
heinfried.cznottka@achelos.de

Phone:
+49 5251 14212-327