DH electronics: Embedded Security

What is Embedded Security?

Embedded systems are often used in safety-critical environments and must be protected; for example to ensure the safe operation of production facilities or critical infrastructure.

Embedded security includes measures to protect embedded systems against cyber threats, which are intended to ensure high availability of components and protection against manipulation and unauthorized information leakage.

Specialists and managers must therefore urgently gain an understanding of the criticality of cyber security in the context of embedded systems and react accordingly.
We are happy to provide support in the identification and assessment of risks as well as the design and implementation of suitable embedded security measures.

Who is embedded security relevant for?

With the introduction of the Cyber Resilience Act (CRA) at the latest, cyber security is on everyone's lips, as all products with digital elements are affected - and there are plenty of them.
This means that there will hardly be any current products that do not fall under the CRA, which is why managers, product managers and specialist departments should get to grips with it at an early stage.
In addition to the CRA, there are other security-relevant laws and standards that we would like to briefly introduce.

Cyber Resilience Act: EU-weite Vorschriften für die Sicherheit vernetzter Produkte
Produkthaftungsgesetze: Sicherheitsanforderungen an Hersteller und Anbieter
Bundesdatenschutzgesetz (BDSG): Datenschutzanforderungen in Deutschland
IT-Sicherheitsgesetz für kritische Infrastrukturen: Schutzmaßnahmen für kritische Infrastrukturen zur Gewährleistung der Systemsicherheit

The goal of DH electronics is to provide customers with comprehensive, long-term support in complying with important safety requirements and legal regulations.

Tailored Embedded Security

Tailored Embedded Security
There is no universal solution for embedded security. That's why DH electronics develops an individual security strategy for each customer - from selective consulting to holistic implementation.
~ Our philosophy

Our approach:

Risk analysis & scenario planning

Start with a joint workshop to determine the security requirements for the specific product.

Conformity & standards

Consulting on compliance with Cyber Resilience ACT (CRA), IEC 62443 and other regulations

Long-term support

We take care of cyber security during the product's service life with the help of maintenance contracts or flexible budgets.

Technological basis: security through open source

Mainline Linux as a basis for independent and fast security updates:

Regular updates

Proactive security updates keep your system up to date at all times.

Secure Boot Implementation

Protection against manipulation and unauthorized access.

Modular Yocto layer structure

Enables simple and continuous Linux upgrades.

Our offer: regular security updates & CVE reports

Mainline Kernel LTS release: Annually in Q4
DH: LTS kernel update: Every year in Q1
YOCTO LTS release: Every two years in Q2
Embedded Linux LTS update: Every two years in Q3
YOCTO LTS update: Every two years in Q3
Additional minor updates as required
Provision of YOCTO CVE reports and software bill of materials (SBOM) to identify and fix security vulnerabilities

Research & practice: cooperation with Augsburg University of Applied Sciences

Through close cooperation with Augsburg University of Applied Sciences, DH electronics brings the latest findings from research directly into practice - for maximum secure embedded systems.
Let's optimize your embedded security together! Contact us for an individual consultation or a security workshop.

Name	Purpose	Lifetime	Type	Provider
CookieConsent	Saves your consent to using cookies.	1 year	HTML	Website
fe_typo_user	Assigns your browser to a session on the server. This data influences the content you see and is not evaluated or processed by us.	session	HTTP	Website

Name	Purpose	Lifetime	Type	Provider
_ga	Is used to differentiate between users.	2 years	HTML	Google
_gat	Is used to throttle the polling rate.	1 day	HTML	Google
_gid	Is used to differentiate between users.	1 day	HTML	Google
_ga_--container-id--	Saves the current status of the session.	2 years	HTML	Google
_gac_--property-id--	Is used to evaluate campaigns created with Google Analytics.	3 months	HTML	Google
_gcl_au	Used by Google AdSense for experimenting with advertisement efficiency across websites using their services.	3 months	HTML	Google
AMP_TOKEN	Contains a token that can be used to retrieve a client ID from the AMP Client ID service. Other possible values are opt-out, inflight request, or an error retrieving a client ID from the AMP Client ID service.	1 year	HTML	Google
_dc_gtm_--property-id--	Certain data is only sent to Google Analytics a maximum of once per minute. The cookie has a lifetime of one minute. As long as it is set, certain data transfers are prevented.	2 years	HTML	Google