"The feature set of each Nerve module is optimized with unique workflows ideally suited for production facilities and machines. Independent of which module you license, Nerve offers a set of base features.These features provide a secure foundation for managing software and devices in Nerve."
Nerve architecture
Nerve's modules and their features
Base features
| API | Centralized logging | User management | Any type of hardware supported |
| Hypervisor | Managed Service OS including updates |
DNA: audited reproduceable and scalable node configuration and cloning |
Edge Hosting |
Data Services |
Remote Services |
Soft PLC |
|---|---|---|---|
| Offline and local operation | Graphically configurable Data Gateway | Remote tunnel to deploy applications | CODESYS Soft PLC |
| Apps (Docker, VM, CODESYS) | Multi-protocol Data Gateway (OPC UA, S7, MQTT, et.) | Accessing external devices | Fieldbus connectivity e.g. PROFINET, EtherCAT |
| Configuration of central repository | Data buffering | Remote shell or screen access | High speed connection to an influxDB |
| Management at the edge | Built-in visualization and Time-Series Database | Real time operation with less than 2 ms cycles | |
| Built-in data connector to 3rd party clouds | Support of retain variables |
Nerve security
Development process
Nerve software development processes are compliant with IEC 62443 (security requirements for industrial automation and control systems). Certification is envisioned for 2023. Nerve is regularly penetration tested by a third-party security consultancy.
Data location
Our Software-as-a-Service offering is hosted on Microsoft Azure in Frankfurt, Germany, compliant with the EU’s General Data Protection Regulation (GDPR). With Nerve, offline operation is fully supported, thus data can be kept fully on premises.
Secure data transport
All connections to the Management System are secured using TLS 1.2.
Fast-threat response
Nerve provides central update mechanisms for applications and firmware to ensure your devices are always updated with the latest security patches. Centralized logging helps to detect threats.
Secure access
Access to all services requires login and all passwords stored on Nerve are encrypted. Nerve’s Role-Based Access Control ensures that users can only perform functions and use services they are authorized to access. User management can be integrated into your IT systems using active directory.
Separated applications
An additional level of security is provided by the inherent isolation of user applications using VMs and Docker containers. Resource reservation prevents denial of service on the application level. The communication between workloads can be controlled via a set of pre-defined networks.
