In accordance with a further advantageous embodiment, a fourth functional block that permits access to a web server of the embedded device is arranged in a fourth level that is disposed above the third level. In this respect, a function belonging to the fourth functional block in particular permits a data input and a data output at the web server. This means that the access to the web server itself can also already be protected by an authentication.

Access to functions of the embedded device is preferably checked by a firewall of the embedded device. The firewall can be provided by the embedded device itself, i.e. it can, for example, be integrated in the embedded device as separate hardware. The firewall can provide additional security for the embedded device in that the firewall, for example, carries out a preselection of authorized queries with reference to predefined rules.

In addition, the firewall can serve as the end point of a VPN (virtual private network) connection. In this case, only access attempts by means of the VPN connection can be authorized by the embedded device.

In accordance with a further advantageous embodiment, a user management is used in which users are stored to whom an authentication is permitted for predefined functional blocks. The authentication can take place centrally, for example by means of an access control matrix (ACM) or in the respective level. An access control list (ACL) can be present for the respective level. Those users can be stored in the access control matrix and in the access control list who may respectively access the functional blocks of a specific level. The access control list for a level can be respectively stored in the level disposed above it.