For the operator, plant availability is very important. If faults occur, a quick help via remote maintenance is necessary. On the other hand, machine and plant builders often encounter security concerns when they want to access their customers’ corporate network. That’s why MB connect line has come up with a whole new generation of industrial routers, leaving the customer in full control.
The most striking feature of the mbNET.rokey is its key switch. With this, the operator can decide whether he cuts the active Internet and VPN connection, or in a second key position can only access the internal router services – but the network behind the router can not be accessed. In this position, data logging is possible for the operator, but intervention via remote maintenance is excluded. Finally, the operator can also decide to open the connection in both directions. Thus, both data logging and remote maintenance would be possible.
To further increase security, other hardware elements were added. The boot ROM with the bootloader and the manufacturer’s certificates ensures that the system is booted with a steady trust anchor. Thus, only the firmware signed by the manufacturer can be used and also with updates no manipulated firmware can be introduced on the system. In addition, a so-called “Secure Element” has been added. This is a separate hardware component that stores the digital keys and certificates independently of the flash.