Product capabilities and addressed threats

This section gives an overview of the Data Gateway's security capabilities and the addressed threats through the design and implementation of the product. The application was developed to run exclusively as a Nerve Docker workload deployed via the Nerve Edge hosting platform. Therefore, implementers of security must also take into account the Nerve security capabilities as well as the threats addressed by Nerve

Security capabilities implemented by the product

Below is a list of security capabilities implemented by the Data Gateway. Note that this is not a complete list.

Security capability	Description
Secure Connections	All connections to external components support state-of-the-art cryptography (e.g. TLS) and the use of certificates
Rate control	The MQTT input allows enforcing a rate control
Authenticity and integrity verification of configuration files	A digital signature can be used to sign all configuration files, and the Data Gateway can perform a verification of the signature against a public key. This ensures that the configuration files come from a trusted source and have not been modified.

Addressed threats

The following is a list of potential threats that have been addressed by the product and shall be considered by the implementers. Measures that need to be taken by the implementers are formatted in bold:

Threat	Measures to be taken by the implementers
DoS attack on MQTT client	The MQTT interface may be subject to denial of service attacks by flooding the application with incoming data. Implementers of security shall activate MQTT rate limitation for the application. Alternatively, implementers of security shall activate MQTT rate limitation on the broker that the application connects to.
Identity spoofing of data sources and sinks	The Data Gateway may be subject to an identity spoofing attack (spoofing the identity of an OPC UA server or an MQTT broker). Implementers of security shall activate server certificate verification for all connections.