Ultimate Secure Yocto layer for Industrial IoT
We are proud to present Athenyx, a specialized Yocto Project layer designed by Engicam's Team to provide a production-ready foundation for modern industrial applications.
Athenyx is Engicam's solution to simplify the complexities of the Yocto ecosystem by integrating critical features—like hardware-rooted security and fail-safe updates—directly into your build process.
Core Features: Built for Resilience
Athenyx isn't just another layer; it is a curated suite of tools and configurations designed to take your hardware from prototype to a secure, field-deployed product.
-
Secure Boot: Protect your IP and ensure firmware integrity. Athenyx provides the infrastructure to verify every stage of the boot process, ensuring only trusted code runs on your hardware.
-
A/B System Updates: Downtime is not an option. Powered by RAUC, Athenyx implements a robust A/B switching mechanism, allowing for fail-safe, atomic updates that can roll back automatically if an error occurs.
-
CVE Inspection: Security isn’t a guessing game. With integrated
cve-checktools, developers can audit their images for known vulnerabilities (Common Vulnerabilities and Exposures) directly during the build phase. -
Open Source & Documented: Transparency is key. Athenyx is fully available on GitHub, supported by comprehensive documentation to ensure seamless integration into your existing workflow.
Professional Services: Tailoring Excellence
While Athenyx provides a powerful baseline, Engicam offers a suite of professional services to help you navigate the "last mile" of industrial product development.
1. Custom Board Porting
Moving from a development kit to a custom PCB involves significant risk. Our experts handle the low-level heavy lifting:
-
Hardware Integration: Kernel tuning and bootloader optimization for your specific hardware.
-
Clean Architecture: We follow a modular meta-layer approach, ensuring your project remains sustainable and easy to update to future LTS (Long Term Support) versions.
-
QA Validation: Rigorous testing of peripherals (I2C, SPI, Wi-Fi/BT) within the Yocto environment.
2. Advanced CVE Analysis
A standard scanner often reports hundreds of "vulnerabilities" that don't actually impact your device. We provide context-aware analysis:
-
False Positive Filtering: We identify backported patches that scanners might miss.
-
Attack Surface Reduction: We determine if a vulnerability is unreachable due to your specific hardware isolation or network configuration.
-
Prioritized Patching: We focus your resources on the threats that pose a real-world risk to your application.
3. Proactive CVE Monitoring
Security is a continuous process, not a one-time task. Our monitoring service offers:
-
NVD Tracking: Constant surveillance of the National Vulnerability Database for your specific software stack.
-
Expert Filtering: Distinguishing between general industry threats and specific risks to your board.
-
Automated Reporting: Specialized infrastructure to keep your team informed of new risks the moment they are discovered.
Ready to harden your embedded project? Ask for information!
