Covia Labs, Inc. today announced that its Connector™ product has been awarded Federal Information Processing Standard (FIPS) 140-2 certification, a rare security distinction for software that provides public safety communications interoperability. The certification of the Covia Connector Cryptographic Module™ covers the security library of the Covia Connector's runtime engine, providing full AES 256-bit encryption. It was awarded after an extensive review process by the National Institute of Standards and Technology (NIST) and comes as the Federal Government begins the development of FirstNet, the first ever national broadband communications network for public safety.
Currently in use by Defense Advanced Research Projects Agency (DARPA), the U.S. Marine Corps and the non-profit research organization, the Stanford Research Institute (SRI International), the Covia Connector is a software platform that merges voice, data and other key Command and Control functionality found on multiple, diverse devices and equipment into one, fully integrated system. Regardless of hardware, operating system or platform, the Covia Connector is optimized as a secure fast and lightweight addition that is easily ported to any device or hardware, including servers, routers, PCs, tablets, smartphones, LMR radios, drones, cameras and even Bluetooth headsets. It provides FIPS certified encryption of both data in-transit and at-rest without first responder and defense agencies having to buy expensive hardware.
FIPS 140-2 is a U.S. government security standard used to accredit cryptographic modules. It assures federal, state, local and tribal agencies that information shared or accessed via the Covia Connector meets NIST's stringent security, encryption and compliance guidelines to prevent malicious cyber intrusions. The standard was developed through the Cryptographic Module Validation Program (CMVP), which certifies products for use by U.S. government agencies and regulated industries that handle sensitive information and data.
Since the Covia Connector creates an independent and encrypted communications system that is FIPS 140-2 certified, any current or future third-party or Covia Labs Connected Application™ operating on the Connector platform will fall under Covia's FIPS 140-2 certification and will not have to receive FIPS certification independently. All data on these applications, both in-transit and at-rest, is automatically encrypted and sealed in an instance-by-instance security enclave. By placing these applications under the shield of Covia's FIPS 140-2 certification, the Covia Connector will enable public safety Original Equipment Manufacturers (OEMs) and the military to innovate and update public safety applications, especially those expected to be developed for the new FirstNet network, without opening security holes. It also means these agencies will avoid the lengthy and costly process of certifying each new application or updates to currently certified applications. In addition to purpose-built Connected Applications™ running on the platform, native applications and legacy systems can communicate with services running inside the Connector to utilize its capabilities.
"Data security and interoperable systems are two of the most significant issues to tackle as FirstNet begins to lay the groundwork for the first ever national broadband communications network for public safety,' said David Kahn, CEO of Covia Labs. "One way to ensure systems work together while maintaining the highest security standards is by requiring FIPS 140-2 certification for the libraries at the core of a platform used by different OEMs. This platform can help the development of an ecosystem of applications which automatically inherit the data security, synchronization, redundancy, resilience, bridging, voice, text picture and video features of the platform.'