Digital identities, implemented as PKI certificates, enable secure communication and updates throughout the
product lifecycle. This means that the product can be trusted and software updates are reliable.
Secure supply chains start at
the product assembly line
Concepts for interconnected machines and systems in IoT and
Industrial IoT applications require that all subcomponents know and
trust each other. This can only be achieved if each part is given a
secure digital identity.
Digital identity solution to secure
the supply chain


Product security from birth
Issuing factory or product certificates to the individual components directly during production.

Deployment
When components are assembled and deployed in a solution at the customer, a customer-branded operating certificate can be issued based on the birth certificate.

Operation
Managing product identities throughout the entire lifecycle means being able to renew certificates, do secure software updates and change the owner of the device.

What are the challenges when implementing
secure supply chains?

Minimize operation downtime
Birth certificates must be issued smoothly during production, no standstill is allowed in the production or services.

Integration into operations
The PKI and signing solutions must integrate into the manufacturing environment and support backend systems such as MES, be configurable to support interfaces to different products and be easy to manage by operations and production staff.

Trust components from different vendors
All components, from different vendors, must be trusted to ensure trust in the whole solution.
Benefits of
Keyfactor's PKI for
securing the supply
chain
Manage devices from manufacturing and throughout their lifecycle. Keyfactor offers flexible and scalable solutions for PKI, certificate issuance, and code signing.

Reliable lifecycle management
Keyfactor solutions are proven in numerous customer installations and can issue and manage digital certificates in complex environments with strict requirements on availability.

Physical separation of CA and RA
Keyfactor offers an industry-first Registration Authority (RA) hardware appliance solution, Identity Authority Manager, that is installed directly on the production line and securely and physically separated from the Certificate Authority function.

Smooth management of devices and PKI
The Identity Authority Manager offers the ability to interface and issue digital identities to a heterogeneous device fleet. You can configure and reconfigure it “on the fly” to support the production schedules, and integrate it into the production logistics and ERP systems.

Code signing
Digitally signed code ensures that the software running on devices is trusted and unmodified, and can be updated in a secure way. With Keyfactor’s solutions, code signing can easily be integrated into the production line processes via standard interfaces.