| Component |
Purpose |
Description |
| IMA |
Linux Integrity Measurement Architecture |
Industrial Edge implements the Linux Integrity Measurement Architecture (IMA) to guarantee the integrity of the loaded modules. |
| Measured boot |
Measure trusted boot and update channels |
The measured boot checks the integrity of the whole boot chain and compares it with the trusted initial deployment. The fingerprints are stored in crypto hardware.* |
| Full disk encryption |
Encrypted rootfs and data partitions |
All system partitions are encrypted and locked by crypto hardware.* |
| Policy engine |
Supervise app policies |
During an app installation, the policy engine checks the app against a list of rules and informs the operator of any special permissions required by the app. The operator can then accept or decline the installation. |
| No root user login |
Allow only user access |
The Industrial Edge Management Operating System (IEM OS) does not provide any possibility to login as root user. |
| System update |
Keep the system updated and secure |
A system update functionality is provided by the Industrial Edge Management. Security patches and system updates are published in the IE Hub shortly after vulnerabilities are known and issues are fixed. |
| *For deployments on hosting environments with Trusted Platform Module (TPM). |