Sectigo announced a partnership with Infineon Technologies AG to provide automated certificate provisioning for Infineon’s OPTIGA Trusted Platform Module (TPM) 2.0 using Sectigo IoT Identity Manager. The integration provides manufacturers with a complete certificate management solution, including issuance and renewal, starting right on the factory floor, with secure certificate creation and insertion using the OPTIGA™ TPM for private key storage.
“Including a TPM chip in an IoT device design is the first step in enabling strong authentication and secure communication for IoT devices,” explained Alan Grau, VP of IoT/Embedded Solutions at Sectigo. “Together, Sectigo and Infineon are enabling device manufactures to leverage strong authentication and secure communication for IoT devices during the manufacturing of the device itself. This integration not only automates the process of provisioning certificates for IoT devices, but also delivers a complete PKI solution leveraging Sectigo’s highly secure cloud infrastructure.”
Device manufacturers across industries increasingly recognize the need to strengthen the security of their devices. The Sectigo-Infineon joint solution enables manufacturers to provide the enhanced levels of security required to protect their devices and to ensure compliance with ever-emerging and evolving IoT security standards and regulations across the globe. For example, manufacturers are able to provision certificates into devices before they leave the factory, so that their connected IoT and IIoT products comply with the authentication requirements of the California IoT Security Law, along with other similar legislation.
Device identity certificates enable strong authentication and the TPM—a specialized chip on an endpoint device—provides secure key storage to ensure keys are protected against attacks. The joint solution enables the insertion of certificates into the device during the manufacturing of the device, when the device is first provisioned into a network, or into the TPM chip itself before the chip is shipped to the manufacturer.
By installing certificates into the TPM chip prior to manufacturing, manufacturers are able to track the component throughout the supply chain to protect against device counterfeiting, ensuring that only authentic devices are manufactured.
The Sectigo IoT Identity Platform removes the complexity associated with securing and authenticating connected devices so that businesses can protect their infrastructure in an easy, scalable, cost-effective, way. The platform enables enterprises and OEMs to ensure the integrity and identity of their devices and maintain that security by managing certificates throughout the lifecycle of the device.
Infineon’s OPTIGA security solutions, including the OPTIGA TPM, offer a broad portfolio of security controllers to protect the integrity and authenticity of embedded devices and systems. With a secure key store and support for a variety of encryption algorithms, the security chips provide robust protection for critical data and processes through their rich functionality—and are essential for strong device identity solutions because the crypto co-processor can securely store the private key of the device. Infineon’s proven key storage, coupled with Sectigo’s automated certificate issuance and management, delivers a robust, automated and easy-to-use PKI solution for device manufacturers.