Built-in protection with secure I/O and trusted edge intelligence.
OVERVIEW
The Future of Remote I/O with Built-In Cyber Protection
Protect your data at the Edge
Zero Trust from the Start
groov RIO has no default logins—access begins only after you create a secure admin account. This removes the risk of factory credentials being exploited. You control all access from the first connection, with no recovery backdoors. It’s security by design, not by patch.
User and Role Management
Assign access based on need. groov RIO lets you create multiple user accounts, each with permissions tailored to specific tools like Node-RED or groov Manage. Session timeouts can be enforced per user or globally. Enterprise IT teams can also connect groov RIO to LDAP directories for centralized control.
Built-In Encryption for All Communications
All connections to and from groov RIO are encrypted using HTTPS and SSL/TLS. Whether it’s a browser session, MQTT data flow, or Node-RED integration, your data is protected in transit. Encryption is on by default. That means security isn’t optional—it’s built in.
Firewall That Fits Your Network
Unlike traditional devices that depend entirely on perimeter firewalls, groov RIO includes its own configurable device firewall. Define which services and ports are accessible per interface. Use it to create secure network zones and block all unwanted traffic. It’s ideal for both standalone setups and tightly segmented networks.
Secure Remote Access, Made Easy
groov RIO supports OpenVPN, giving you encrypted, authenticated remote access—without opening inbound ports. Once connected, administrators can monitor, troubleshoot, and manage the device as if they were on site. It’s secure access, without compromise.
Smarter Connections with MQTT
MQTT uses a publish/subscribe model that enhances security by initiating connections from the device side only. With groov RIO, all connections to the broker are outbound, meaning no need to open inbound firewall ports. Once connected, data flows securely in both directions.
Features
Groov RIO Security Features
Secure by default—no security settings buried in menus.
Easily manage security from any browser, no extra software required.
Set global or user-specific session expiry for added control.
View and configure open/closed ports per application in a simple UI.
Add wireless or VPN interfaces to create layered, flexible network zones.
Optional SSH access (with license) for secure custom applications.
Optional SSH access (with license) for secure custom applications.
Designed to help meet recognised industrial cybersecurity standards.
Track user actions and system events to support audits and alerting.
Case Studies
How a Nation-Wide Bank Prevented a Data Center Shutdown by Restoring Critical Cooling
without altering existing infrastructure.
COMPARE
groov EPIC Comparison
groov EPIC PR 1
On-the-rack controller for the groov EPIC system.
groov EPIC PR2
On-the-rack controller for the groov EPIC system, with increased RAM & storage and Ignition 8
2GB memory for control, connectivity,
and data handling.
4GB memory for enhanced performance, ideal for more demanding applications, including Ignition Edge 8.
Standard memory for control, connectivity,
and data handling.
Increased memory for enhanced performance, ideal for more demanding applications, including Ignition Edge 8.
Supports PAC Control, CODESYS, Node-RED, and groov Manage; optional Ignition Edge.
Supports PAC Control, CODESYS, Node-RED, and groov Manage; optional Ignition Edge.
One HDMI port for external monitor connection, ideal for OEM applications or large-screen HMI display.
Same HDMI port configuration, supporting external visualizations of control systems for enhanced usability.
Dual independent Gigabit Ethernet ports for secure network segmentation and connectivity.
Same dual Ethernet configuration with additional internal performance optimizations for handling more network traffic.
Two USB ports for serial communication, touchscreen monitors, or approved Wi-Fi adapters.
Same two USB ports, providing extended peripheral capabilities for more advanced applications.
Zero-trust architecture with built-in firewalls, TLS certificates, and user authentication.
Advanced zero-trust security features with increased capacity for larger, multi-user environments and higher data traffic.
Compatible with up to 16 groov I/O modules
(analog, discrete, and serial).
Compatible with up to 16 groov I/O modules
(analog, discrete, and serial).
Certified for vibration and shock resistance, capable of withstanding industrial conditions with minimal wear and tear.
Includes the same certifications for operational resilience in more demanding environments.
Operating temperature range of 0° to 70°C (32° to 158°F), ensuring resilience in standard industrial environments.
Same operating temperature range, with enhanced heat dissipation for higher processing loads.
Ideal for small to medium-sized industrial control systems where you need PLC functionality, data collection, and real-time edge processing.
Best for high-performance applications requiring advanced processing, such as handling larger data volumes, complex analytics, and edge computing for big industrial sites.
Size and Weight
Height
123 mm (4.84 inches)
Height
123 mm (4.84 inches)
Width
148 mm (5.83 inches)
Width
148 mm (5.83 inches)
Depth
66 mm (2.60 inches)
Depth
66 mm (2.60 inches)
Weight
680 grams (1.50 pounds)
Weight
720 grams (1.59 pounds)
RESOURCES
groov RIO Security Resources
groov EPIC, groov RIO, MQTT
Guide to Networking groov Products
Discover how to network groov EPIC and RIO — read
groov RIO, groov RIO EMU, groov RIO M1 & M2, groov RIO Security, Opto 22
groov RIO Data Sheet
This data sheet outlines technical specifications, I/O capabilities, supported protocols,
groov RIO, groov RIO EMU, Opto 22
groov RIO EMU Brochure
Get real-time insight into your energy use with groov RIO
groov EPIC, groov RIO, Opto 22, Reports
I/O for the IIoT
See how Edge I/O creates a simpler way to meet
groov EPIC, groov EPIC Security, groov RIO, groov RIO EMU, groov RIO Security, Opto 22
groov EPIC and groov RIO Cybersecurity Design and Best Practices
groov EPIC and groov RIO are built from the ground
groov RIO, groov RIO EMU, Opto 22
groov RIO Energy Monitoring Unit Data Sheet
Technical specifications for the groov RIO EMU, including input compatibility,
FAQ
groov RIO Security Frequently Asked Questions
How is user access managed on groov RIO?
groov RIO requires the creation of an administrator account during initial setup, as there are no default usernames or passwords. Additional user accounts can be created with specific roles and permissions. For centralized management, groov RIO supports integration with LDAP-compatible directory services, allowing IT departments to manage user access across multiple devices efficiently .
Does groov RIO support secure communication protocols?
Yes, groov RIO uses HTTPS to encrypt all communications, ensuring data transmitted between the device and other systems is secure. Additionally, it supports SSL/TLS encryption for protocols like MQTT and Node-RED, providing secure data flows to cloud services and other applications .
What firewall capabilities does groov RIO offer?
groov RIO includes a configurable device-level firewall, allowing users to control which ports and services are accessible. This feature enables the disabling of unused protocols and services, reducing potential attack surfaces and enhancing overall device security .
Can groov RIO be integrated into a VPN for secure remote access?
Yes, groov RIO functions as an OpenVPN client, enabling secure, authenticated remote connections over VPNs. This capability ensures that remote data access and device management are conducted over encrypted channels, maintaining data integrity and confidentiality .
How does groov RIO handle security certificates?
Out of the box, groov RIO uses a self-signed security certificate to establish secure connections. Users have the option to upload certificates from trusted Certificate Authorities or their IT departments, facilitating integration into existing security infrastructures and enhancing trust in communications
What measures are in place to protect data integrity on groov RIO?
groov RIO employs several measures to ensure data integrity, including encrypted communications, secure user authentication, and the ability to operate within secure VPNs. These features collectively help in maintaining the accuracy and reliability of data transmitted to and from the device .
