IoT device PKI implementation
Brief :
A major German consumer devices manufacturer required support in designing and implementing a Public Key Infrastructure (PKI) for their consumer devices ecosystem. The customer aimed at securing the lifecycle of their devices, including secure provisioning of firmware updates, secure connection to the service backend, and protecting customer content processed by the devices.
BxC was asked to support the design of an overarching PKI for different device families and generations, including the subsequent PKI integration with different managed PKI service providers.
Activities :
BxC enabled the customer with a future-proof and scalable PKI solution to develop the IoT device business and grow flexibly with market demand:
PKI HIERARCHY & CERTIFICATE DESIGN
BxC defined the PKI hierarchy and required services for secure key and certificate generation, provisioning, renewal, and validation. A key item was the delivery of cost-effective services by ensuring compliance for global deployment.
OPERATIONALIZATION OF PKI SERVICES
BxC supported setting up the Target Operating Model and creating documentation for onboarding operational teams. This ensured a rapid operationalization of the PKI and a harmless integration into the device production and digital service delivery.
IMPLEMENTATION OF PKI SERVICES
BxC supported the technical implementation of PKI services with process and solution know-how. Onsite factory CAs were implemented by BxC and taken into production at various customer production sites. BxC also coordinated the integration of the Managed PKI services into the customer service offering for integrated certificate management throughout the complete devices’ lifecycle.
results :
With BxC’s PKI expertise an IoT PKI was efficiently implemented with ongoing improvements. ? Learn more!
Implementation of a 4-Tier PKI hierarchy with more than 20 Issuing CA’s
Implementation of 4 Factory CA’s in production facilities for device mass production
Integration of PKI into product and software development with more than 15 teams
Set up of PKI services operations, process excellence monitoring, and improvement program