The number of devices generating, accessing and utilizing data today is mind boggling. And as organizations become increasingly dependent on this data, the need to not only secure but authenticate these devices is intensifying.
PrimeKey, one of the world’s leading providers of Public Key Infrastructure (PKI) and digital signature solutions, recently announced the release of Identity Authority Manager, a first-of-its-kind industrial hardware appliance for smart device manufacturers, allowing them to issue trusted certificates at the point of production.
Today’s manufacturing plants have gone from isolated factory floors to highly distributed production environments involving multiple stakeholders, including suppliers, partners and customers across regions and country borders. In the case of Industrial Internet of Things [IIoT], manufacturers are required to enable production access points to external solutions such as enterprise resource planning systems and analytics software to carry out tasks such as predictive maintenance on machines. In IoT industries such as automotive, energy, healthcare, and automation, this is creating an unprecedented need for solutions that can secure the entire production lifecycle. IoT and IIoT solutions require that digital components are validated to trust signaling between each other, and this can only be achieved if each system is given a digital identity. With PrimeKey’s Identity Authority Manager, for the first time, this can now be done at the very first point of production of each individual component.
“In IoT and Industrial IoT, digital identities are absolutely critical to track the entire lifecycle of a product. Without it, consumers wouldn’t be able to rely on manufacturers for the software patches and version upgrades that are necessary to keep devices and user data safe from the continuous threat of attacks that today’s internet-enabled devices are under,” said Tomas Gustavsson, Chief Technology Officer at PrimeKey. “Replacing the complex legacy processes that’s plagued production environments, we’re now extending the power of our patented hardware-based PKI security and digital signing to the world of manufacturing with Identity Authority Manager.”
Identity Authority Manager works by giving smart device manufacturers the ability to embed the trusted security certificate issuing process at the production level. The digital signing made possible by Identity Authority Manager bridges the distributed environments of Information Technology (IT) and Operational Technology (OT), which characterize today’s connected manufacturing process. Now, production planners and managers can customize the certification and validation process through an integration framework where they can design workflows and add scripts to enable their desired functionality.
“We are communicating with the device, getting all the parameters out of the device chassis and validating the information against SQL databases,” PrimeKey’s Business Development Manager Andreas Philipp tells IndustryWeek. “If the validation rules are positive, Identify Authority Manager generates a certificate request through IT and securely transfers the birth certificate into the device itself.
Obviously, in today's digital manufacturing environments, the need for agility is crucial, explains Philipp. “As a result, they need to be able to easily configure and reconfigure the whole validation process base on the given workflow and production processes,” he says. “To address this our process uses a rule change engine where we can design the validation process, add connectors to the backend, leverage a crypto-graphical function or add individual logging capabilities.”