Safeguard Industrial Data with Layered Security Architecture

Protecting our critical infrastructure and the emerging Internet of Things (IoT) from cyber threats is a worldwide priority. Industrial process automation and control systems are increasingly online, sending out information and receiving commands from local and remote control centers and corporate data systems. We cannot let security concerns undermine this transformation; security should enable it.

There isn't a single security solution capable of addressing all future risks; instead, most would agree it's necessary to implement a series of different defenses across the system. This can be done using a layered security approach that enforces security policy from the CPU to the application software running at the edge or in the industrial data center. Intel solutions for the Internet of Things help provide end-to-end security and have tremendous potential to improve operations, reduce costs, enhance safety, increase revenue, and transform industrial processes.

Security Diagram

A layered security model offers the best protection

Secure Hardware

  • Intel® AES New Instructions (Intel® AES NI) is an encryption instruction set that accelerates the Advanced Encryption Standard (AES) algorithm running on Intel® Xeon® and Intel® Core™ processors. 
  • Intel® Software Guard Extensions (Intel® SGX) are CPU instructions that allow applications to protect private regions of code and data from attack, even when the malware infiltrated privileged code.
  • Secure Boot uses a security table and keys, plus a signed kernel image and rootfs image, to verify the kernel image and file system have not been tampered with before allowing the boot to proceed.

Secure Software

  • Wind River Intelligent Device Platform* is a scalable and secure development environment that encrypts communication between industrial devices and cloud-based consoles.
  • Intel® Security Critical Infrastructure Protection (CIP) is a secure-managed platform that includes fundamental protection building blocks such as device identity, malware protection, data protection, and resiliency.