HSM (Hardware security Modules) based on Torricel architecture for use in supply chain smart contract solutions where data input devices needs to be trusted.
Distributed ledger (DLT) / Smart Contract Blockchains are revolutionising supply chain traceability and efficiency. However, the value of smart supply chains are entirely dependent on the integrity of the data sources which feeds the ledger.
The problem with current systems. Traditional systems are at risk due to the constant network connections required to autonomously sign smart contract transactions. Hackers can attack the underlying systems leading to the risk of compromised cryptographic keys. New smart contract logistics and supply chain auditing systems require a large number of data entry points, at multiple sites geographically, from raw material sources through to final stage delivery logistics. However, if any one of these information sources and subsequently the ledger were to become compromised, the commercial consequences could be dire and far reaching.
How Torricel’s approach solves the problem. Our Secure Smart Contract Audit Modules allow autonomous authentication and signing of digital assets, but do so whilst keeping private keys and critical data permanently off-line. The system specification uses our patented autonomous air-gapped cryptographic signing, processing and storage zones along with proprietary communication protocols to deliver truly off-line secure processing. Additionally, continual off-line checks of data content and data movement in the form of AI inspection and Policy checks, significantly mitigates the risks of volume data handling further. Our modules are platform agnostic with architecture that can be incorporated into existing supply chain audit technologies, or specified within new systems. Furthermore, the range includes management and reporting modules which seamlessly link to our Secure Industrial Control System Modules and our multi-site Point to Point Communications Trust Modules.
Our HSMs (Hardware security Modules) use Torricel data security architecture to protect communications between sites that have high security requirements, but also where the inter-site transport link (e.g. WAN or long distance fibre) is not trusted.
High-security point-to-point communications channels are ideal where sensitive information is critical to the stability of an organisation. Prospective users span organisations, businesses, military and government.
The problem with current systems. Even with cryptographic signing and encryption, the physical systems administering these services are still connected to networks and use an architectural computing platform that is inherently vulnerable to attack using both known and unknown techniques . Any off-line (cold) method requires costly and slow manual intervention. If either the source or destination systems become compromised, so becomes the critical data.
How Torricel’s approach solves the problem. Torricel’s Point-to-Point Communications Trust Modules allow two or more nodes to securely synchronise and exchange data. Crucially, by using our patented technology, data is encrypted and signed autonomously in complete network isolation prior to release via output network buffers. This means the raw unencrypted / unsigned data is never exposed to a device connected to a WAN / LAN, nor is it connected to another system with an active onward conntection. Furthermore, our Point-to-Point Communications Trust Modules allow off-line pre-authentication handshaking and AI checks on data content, data requests and data movement to futher intelligently identify attacks and secure each connected device and data. By using Torricel’s “autonomous off-lining” techniques, these modules can ensure source data originates from and is only opened in internet disconnected environments.
Our Secure Industrial Device Control System HSMs (Hardware security Modules) use Torricel data security architecture to provide always-on access to factory equipment and machinery by control and reporting systems.
Particularly suited to Industry 4.0 applications, control of new and legacy equipment and machinery in a secure way can significantly improve production quality, traceability and efficiency.
Further applications include Secured MAAS (Machinery As A Service / Pay Per Use) applications where integrity of useage and billing data is crucial.
The problem with current systems. The increasing requirement to link multiple factories and their equipment and machinery to logistics and control centres via permanently on-line links creates a direct target for cyber, industrial and state criminals. The substantial legacy manufacturing infrastructure and retrospective networking of such machinery can lead to security risks. Also, new devices are likely to be designed for functionality over security. Hackers could take over control of machinery and environmental control systems causing costly downtime in the best case, or worse extract commercially sensitive data, such as critical manufacturing techniques, customer databases and pricing / supply data.
How Torricel’s approach solves the problem. Our Secure Industrial Control System Modules provide customisable control outputs for equipment and machinery. This is done in a highly secure and autonomous way by ensuring encrypted control commands and reporting data can be passed between systems via untrusted networks and decrypted and actioned by off-line Torricel zones. Private encryption keys are permanently offline and stored in a secured storage and processing system, so they cannot be compromised from a network attacker, even if the attacker has gained access to your internal LAN networks. Permanently off-line Torricel control interfaces connect directly to equipment and machinery control / network interfaces which permits autonomous control and feedback reporting as required by Industry 4.0 objectives, but only by other systems secured by Torricel architecture.