During the last four years, NXP Semiconductors was involved in the OPTIMUM project, spearheaded by
an international consortium consisting of 17 contributors. There were seven partners in the German
use case (Comnovo GmbH, Demag Cranes & Components GmbH, Institut für Automation und Kommunikation
e.V., NXP, Tarakos GmbH, Thorsis Technologies GmbH, University of Rostock). The project focused on
smart manufacturing and smart material handling, equipping cranes and their operators with
ultra-wideband technology, creating context awareness. This enables intelligent functions
including follow-me, come to me, follow machine to optimize manufacturing processes and increase
their efficiency. Additionally, different kinds of machines from different manufacturers can now
communicate with each other on the shop floor.
NXP’s Industrial System Innovation Team (ISI) contributed to the OPTIMUM project
providing practical solutions to cover the security needs. NXP’s
i.MX application processors, for example, are an excellent basis for the OPTIMUM hardware platform.
NXP also provided its Secure Element solution EdgeLock SE050, which gave the project partners the right tool to harden the whole network communication based
on Transport Layer Security (TLS), OPC Unified Architecture (UA) and the proprietary Data,
Optimization, Model and Evaluation (DOME) protocol. EdgeLock SE050 helps enable communications,
and also acquires the initial communication certificates for OPTIMUM devices. NXP´s solution makes
it possible to implement a seamless and easy-to-handle provisioning process for factory operators.
NXP enabled the webservice as well as the Certificate Authority for the user identification on the
backend system of OPTIMUM. After the operator device establishes a TLS-secured connection to the
webservice on the backend, a two-factor authentication occurs using a near-field communication
(NFC) badge in combination with either password or fingerprint. For the NFC badge, the team opted
for NXP's MIFARE DESFire card, which enables user authentication in a rough environment. The
operator device can be a tablet or smartphone having the OPTIMUM human machine interface (HMI) app
running on it.
Once the HMI app on the operator device is started, the user is asked to present their badge.
After reading and checking the user-related information from the badge, the web-service asks for
the user’s password as the second factor. In case the operator device has a fingerprint sensor,
the password must be provided only once and for future logins, the fingerprint is sufficient.
After this verification process, a time-restricted certificate is created, containing the
authorizations granted to the user in the system. This so-called short-lived certificate is
provisioned to the operator device. The user is therefore enabled for an entire working day to use
the device and service according to the granted authorizations.
NXP's Industrial System Innovation team also provided initial implementations of backend services
such as a webservice and a Certificate Authority. The collaboration of the consortium within
OPTIMUM, a project from the Eureka Research and Development and Innovation (R&D&I) Cluster for
software innovation ITEA, was a great success. During the whole project, there was a very good
team spirit and drive to solve the—sometimes challenging—tasks. In the end, the NXP team created a
very good basis for future smart solutions in industrial material handling of Industry 4.0.
For the reviewers of OPTIMUM, the results were impressive, telling the consortium, “the project
has clearly overachieved. It shows an outstanding achievement in human capital, dissemination,
standardization. It has really demonstrated in real life use cases the digital
transformation expected with Industry 4.0. The management of the project has been excellent, and
despite COVID-19, the project has a very strong dissemination.”
Watch video retrospective.
For more information, please contact
Karsten Meisberger or