Linux OS operating system KontronOS

Security and up-to-dateness of edge devices in the field

KontronOS guarantees the highest level of security and up-to-dateness of embedded hardware devices in the field - over the entire product life cycle.

The requirements for embedded devices with an existing IoT connection go far beyond security updates in the field. Whether it is the reliability and modifiability of the software, delta updates or low data consumption: With KontronOS, we deliver a hardened Linux®-based operating system for the reliable operation of customer applications in embedded devices that meets all these requirements.

bild 1 zu Produkte SecureOS Schlüssel Hologramm

KontronOS creates the necessary space for you to focus on your core competencies for your end products and applications: The fully automatic update function guarantees that the operating system is always up to date and secure - without the need for any intervention.

KontronOS has several possible integration levels that enable smooth interaction between the operating system and application. This includes not only the containerization of the software, but also separate partitions for the customer application and the integration of specific runtimes in smaller systems.

Bild 2 zu Produkte SecureOS abstrakte Hologrammgrafik

The Smart Factory with solutions from the Kontron susietec® Toolkit.

Digital security for embedded PCs

Digital security is of enormous importance for Embedded PCs: the growing number of autonomous devices without operators offers hackers a considerable attack surface. Different user groups have different needs and security requirements.

With KontronOS, we provide a customized Linux®-based operating system that is tailored to the individual requirements of your software and hardware. Especially for large numbers of devices, we guarantee that all devices in the field have the same software version despite different schedules and threat scenarios.

Managed service for secure and customized hardware configurations

By providing KontronOS as a managed service, we cover a wide range of hardware configurations for the most diverse requirements. In each case, various basic properties can be configured via a customizable web interface with the aim of minimizing service times. Automated penetration tests provide the necessary security.

In the event of zero-day exploits, vulnerabilities or threats, the system updates itself within a very short time. To avoid downtime in the event of any problems, it is possible to switch back to the last functioning version on the passive partition at any time. On this basis, KontronOS allows you to create a customized and secure operating system for your company's digital business cases.

Mehr Informationen

Remoting - simple and efficient solution for digital remote access and maintenance

With Remoting, we offer the option of carrying out maintenance for industrial IoT systems around the clock - remotely and without fixed on-site appointments.

A networked working environment with low downtimes often requires direct access by specialists on site. With Remoting, we offer an integrated remote maintenance solution that does not require any additional software. The connection between the target machine and technician is established via a mobile device such as a smartphone or tablet, regardless of location. This means you receive immediate and uncomplicated support at all times.

Thanks to the direct integration of remoting into the products of the Kontron susietec®® toolset, we guarantee the appropriate rights and device management with the comprehensive KontronGrid fleet management solution. This ensures that only authorized persons have access to your devices. This function offers manufacturers greater security and control, especially when working with local service providers.

Managed service for secure, custom-built hardware configurations

Regardless of whether you want to test a new version of your container-based application or check your individually trained AI network:

Remoting provides direct access via the SSH console, the remote desktop or the configuration interface.

Our goal is to optimize your support and thus reduce costs for your end customers. Whether a simple debugging or the export of important data: Remoting is available to your service department around the clock for the maintenance of devices in the field.

Mehr Informationen

KontronOS

to the PDF-Factsheet

More information

Hardware

AL i.MX8M Mini

Solution for demanding automation tasks

Compact, Linux®-based box PC on DIN rails, based on NXP i.MX8M Mini Quad Core application processor and powerful Arm® Cortex® -A53 microprocessor. AL i.MX8M Mini is the solution for demanding automation tasks, real-time applications and high-quality visualization solutions. The version in a robust housing is perfectly suited as an intelligent gateway for IoT applications, expandable via multifunction I/O modules.

More information

KBox A-251-AML/ADN

Compact industrial box PC for demanding IoT edge applications

The extremely compact KBox A-251-AML/ADN is based on a powerful 2.5” single board computer with Intel Atom® x7000RE, Intel® N97 or Intel® Core™ i3-N305 processors and is ideally suited for demanding real-time applications, machine learning or processing large amounts of data in an industrial environment. The system has an expansion slot (IO Door) on the left-hand side of the system, which can be used to add additional functionalities to the KBox A-251-AML/ADN, such as fieldbuses, interfaces for graphics or Ethernet. Optional integration of 4G/5G or WiFi 6 connectivity is also possible.

More information

KBox A-151-EKL

For low-power IoT edge applications

The fanless KBox A-151-EKL is based on Intel Atom® x6000 or Celeron® processors and offers sufficient computing and graphics performance. The system has an expansion slot on the front (I/O door), which can be used to expand the KBox A-151-EKL with additional functionalities such as field buses, interfaces for graphics or Ethernet etc. Optionally, 4G/5G or WiFi 6 connectivity can also be added.

More information

KBox A-151-TGL

For particularly demanding IoT edge and AI applications

The fanless KBox A-151-TGL is based on the 11th generation Intel® Core™ or Celeron® processors and offers high computing and graphics performance. The system has an expansion slot on the front (I/O door), which can be used to expand the KBox A-151-TGL with additional functionalities such as fieldbuses, interfaces for graphics or Ethernet, etc. The system can also be optionally supplemented with 4G/5G or WiFi 6 connectivity.

More information

KBox A-250

Cost-optimized gateway for IoT edge applications

The fanless KBox A-250 is based on a pITX 2.5” SBC with Intel Atom® processors from the E3900 family and offers an excellent price-performance ratio. The compact system has numerous interfaces for connecting different communication levels. Wireless technologies such as LTE and GSM are supported, and an integrated LTE module can be added as an option.

More information

The most important questions about KontronOS

What are the potential risks of a network-based cyberattack?

At the heart of KontronOS is a read-only sector that cannot be changed. Access to the operating system is managed by assigning user and user rights. Each application is assigned specific user rights, which are very limited and restricted to only the necessary functions. In the production version, the bootloader and the operating system are hardened and reduced to the essentials.
Are there means and measures that prevent the user from accessing the underlying operating system from accessing the underlying operating system?

The KontronOS core is a read only sector that cannot be changed. Access to the operatingsystem is managed by assigning user user and user rights. Each application is assigned specific user rights, which are very limited and restricted to only the necessary functions. In the production version, the bootloader and the operating system are hardened and reduced to the essentials.
What are the risks if the web panel software is not maintained?

We maintain and service the. Webpanel software and KontronOS in general by releasing newupdates with corrections, security updates and functional improvements four times a year. If our customer does not use this updated software, he cannot benefit from the security updatesand other improvements. The risk is that security vulnerabilities are exploited and devices are compromised. Also, future regulations such as CRA (Cyber Resilience Act) may not becomplied with.
Are security patches recommended and provided? How are they installed? Support until when? What are the costs?

We strongly recommend that you install the security updates. Updates with integrated security patches are released published four times a year and provided as delta updates to reduce the data volume for LTE connections. The updates can be installed from the cloud or locally using a USB stick, for example. The update of our standard image runs via a service fee. Customer-specific adaptations or developments are offered separately.
Does the device have protection against network-based cyber attacks?

Yes, a firewall prevents uncontrolled access to the system. In addition, the system is protected by regular penetration tests against external attacks. These tests reveal possible security gaps in the system. We assess the risks and eliminate the critical security security problems in our KontronOS.
What are the potential risks of a network-based cyberattack?

If attackers gain access to the corporate network through devices, they can either encrypt corporate data and hold it for ransom, steal data, or perform negative actions such as disabling systems.

Your contact to our specialists for the susietec® toolset

Do you have questions about the susietec® service portfolio or need support in the analysis, planning and implementation of your digitalization strategy?

The susietec® experts accompany you step by step on the way to the digital transformation of your company - customer-specific, solution-oriented, success-oriented. We look forward to hearing from you!

Please contact us

Roman Jachs

Produktmanager KontronOS