Proving the Business Case for the Internet of Things

Infineon and Sectigo protect IoT devices when they are made

Steve Rogerson
April 21, 2020



New Jersey-based Sectigo is working with German electronics company Infineon to protect IoT devices with automated factory provisioning of certificates.
 
Sectigo is a provider of automated digital identity management and web security. The partnership with Infineon Technologies will see it provide automated certificate provisioning for Infineon’s Optiga TPM 2.0 trusted platform module using Sectigo’s IoT identity manager.
 
The integration provides manufacturers with complete certificate management, including issuance and renewal, starting right on the factory floor, with secure certificate creation and insertion using the Optiga TPM for private key storage.
 
“Including a TPM chip in an IoT device design is the first step in enabling strong authentication and secure communication for IoT devices,” said Alan Grau, vice president at Sectigo. “Together, Sectigo and Infineon are enabling device manufactures to leverage strong authentication and secure communication for IoT devices during the manufacturing of the device itself. This integration not only automates the process of provisioning certificates for IoT devices, but also delivers a complete PKI leveraging Sectigo’s highly secure cloud infrastructure.”
 
Device manufacturers across industries increasingly recognise the need to strengthen the security of their devices. The Sectigo and Infineon joint offering enables manufacturers to provide enhanced levels of security to protect their devices and ensure compliance with emerging and evolving IoT security standards and regulations across the globe.
 
Device identity certificates enable strong authentication and the TPM – a specialised chip on an endpoint device – provides secure key storage to ensure keys are protected against attacks. The joint offering enables the insertion of certificates into the device during the manufacturing of the device, when the device is first provisioned into a network, or into the TPM chip itself before the chip is shipped to the manufacturer.
 
By installing certificates into the TPM chip prior to manufacturing, manufacturers can track the component throughout the supply chain to protect against device counterfeiting, ensuring that only authentic devices are manufactured.
 
“Infineon’s audited and certified TPMs enable manufacturers of connected devices to achieve higher levels of security,” said Lars Wemme, head of IoT security at Infineon. “Together with our partner Sectigo, we are now also able to offer automated factory provisioning. This gives our customers a proven path combining ease of integration with the benefits of higher security performance.
 
The Sectigo IoT identity platform removes the complexity associated with securing and authenticating connected devices so businesses can protect their infrastructure in an easy, scalable, cost-effective way. The platform lets enterprises and OEMs ensure the integrity and identity of their devices and maintain that security by managing certificates throughout the lifecycle of the device.
 
Optiga security products, including the Optiga TPM, offer a portfolio of security controllers to protect the integrity and authenticity of embedded devices and systems. With a secure key store and support for a variety of encryption algorithms, the security chips provide protection for critical data and processes through their functionality, and they enable strong device identity because the crypto co-processor can securely store the private key of the device.