Secure communication between devices with encryption and passwords
Encryption software ensures tap-proof TCP communication between your users and our modules. DEDITEC ETH modules can be configured in stages using passwords (from comprehensive security to full access).
DEDITEC ETH modules secure data transmission in the same way as classic encryption: using an algorithm—secure TCP communication—readable characters are converted into unreadable characters within DEDITEC-delib.dll before the data is transmitted. The data only becomes readable again when it is decrypted during readout. The encryption algorithm is stored in the software and, if password-protected, cannot be viewed – comparable to the end-to-end data encryption of modern email programs or messaging apps.
TCP communication between the user and the module is secured for the modules using a password. In order to write the password to the module in a secure manner, in addition to direct configuration via USB, it is also possible to encrypt the password in the ICT tool via Ethernet using the temporary admin mode.
The encryption types can be configured in four modes for ETH modules, allowing for gradual control of security. This means that password assignment can be configured for admin, temp admin, and user encryption modes, as well as for unencrypted transmission. This allows for a wide range of applications, even in large systems with different user levels.
Encryption on the DEDITEC ETH module
With numerous configuration options and various access levels to encryption, the DEDITEC ETH modules are prepared for a wide range of applications and can also be used in large systems with complex security measures.
In admin mode, full access to I/Os and module configuration is granted, and TCP transmission is encrypted. When configuring in temporary admin mode, switches or buttons must be physically pressed directly on the board to ensure that no unauthorized person can make this configuration. In user encryption mode, transmission is encrypted and the user can access I/Os but cannot modify the module configuration. Only in the lowest security level, “Unencrypted,” can the module be accessed unencrypted (without a password). However, this type of access can also be prohibited in the configuration to protect the module.
All-round talents with coding protection: The various application and configuration modes of encryption make DEDITEC’s ETH modules usable and ready for encryption in a wide range of areas.
Security measures for ETH modules
Write protection
With DIP switch 2, you can disable write protection for access to the module configuration memory via Ethernet or USB interface. DIP-2 on = write protection enabled DIP-2 off = write protection disabled
TCP encryption
The ICT tool allows you to encrypt communication via TCP. Partial or full access to the module configuration memory can also be set using the admin and user protocols.
Encryption types
- Unencrypted: The module can be accessed unencrypted
- User encryption: TCP transmission is encrypted. The I/Os can be accessed, but no changes can be made to the module configuration
- Admin encryption: TCP transmission is encrypted. Full access to I/Os and module configuration
- Temp Admin: Temporary encryption mode to transfer the set password to the module in encrypted form