Go To Content Go To Menu


Hardware Security Modules

Hardware for the efficient and secure processing of cryptographic operations or applications.

MTG smartHSM, the low-cost mini HSM

The smartHSM securely stores the key material and with it the cryptographic identity of a user. The smartHSM is also a highly reliable source of random numbers, ensuring that high-quality key material is generated during key generation.

Low-cost Mini-HSM - MTG smartHSM

Low-cost Mini-HSM: MTG smartHSM

Tasks & Functions

    • Generation and verification of digital signatures (e.g. for content data signature)
    • Encryption of transport layer via TLS
    • content data encryption
    • random number generation

Certifications, Evaluations, Security

    • Common Criteria EAL4+ certified secure module / mini-HSM
    • BSI-CC-PP-0095/ TR-03109-2 annex  B
    • PKI according to BSI Smart Meter Certificate Policy and TR-03109-4
    • Secure firmwareupdate
    • Firewall for USB-communication
    • Conformitly CE, WEEE & RoHS II

CLS Control & Smart Meter Gateway Communication
according to BSI TR-03109

CLS-Steuerung und  Sternförmige Kommunikation gem. BSI-TR 03109

The MTG smartHSM offers cost-effective possibilities for the secure CLS Control of IoT devices in the German Smart Grid. The MTG Mehrwert-Konnektor has already integrated the smartHSM and provides a central security system for value-added applications that need access through the Smart Meter Gateway. IoT devices can thus be controlled via the CLS channel of the Smart Meter Gateway while complying with the legal requirements of BSI TR-03109.

Key Management System

Key Management System

The smartHSM is very well suited for the operation of Key Management Systems (KMS). MTG has developed a key management system specifically designed to meet the requirements of the Smart Metering market: It can be used by manufacturers in production as well as by utilities in the management of devices. In both use cases, the MTG KMS provides the central security system to which specific applications can be attached. Either on the manufacturer's side or at the utility company.

Customer-specific applications
in the smart meter environment

Kundenindividuelle Anwendungen im Smart Meter Umfeld

Hardware Security Modules
from Utimaco

Utimaco HSM (Hardware Security Modules) Utimaco Deutschland HSM (© Utimaco)

Utimaco HSM (Hardware Security Modules) Utimaco Deutschland HSM (© Utimaco)

Utimaco's SecurityServer CSe provides tamper-proof technology and maximum security for the cryptographic key material for servers and applications. It is ideal for applications with the highest security requirements, such as government organizations or the banking and financial sector. The Deutschland-HSM (D-HSM) offers a special security solution in the eID environment as well as for smart metering in Germany.


High Availability & Scaleability

The large number of (parallel) key operations for TLS and content data protection requires flexible scalability, high availability and reliability, as demanded for example by the German Smart Meter Roll-out.

MTG-HSM HA – Cluster-capable High Availability solution (© MTG AG)

MTG-HSM HA – Cluster-capable High Availability solution (© MTG AG)

MTG HSM-HA Cluster is a software high availability layer for the Utimaco Deutschland-HSM resp. Utimaco CryptoServer LAN V4, which is already in use with the eID server for the new German electronical ID card.
The MTG solution is the only cluster-capable HSM-HA solution for the Utimaco Deutschland HSM. Both the primary and secondary systems are active and requests are processed in parallel. There is no recovery time.

The MTG HSM-HA Software provides the following features:

    • Geographical distribution possible (K-case scenario)
    • transparente Integration (API Utimaco & HSM-HA API MTG transparent)
    • Availability (99.9%)

Specific advantages compared to "hot standby solutions" are:

    • Availability with fail-over function: i.e. one HSM can fail / be serviced during operation without disrupting the operation of the others)
    • Easy dynamic scalability ( because "stateless" is easily possible by connecting further HSM's)
    • Performance / Loadbalancing (easily possible by connecting additional HSM's)

MTG recommends an HSM-HA solution ( as of 2 HSM) to ensure maximum availability. In case of failure or maintenance of one HSM, the second HSM automatically takes over the operation.

Downloads & Links

What can we do for you?

For further information feel free to contact us!

Lädt …