DigiCert now enables manufacturers to embed certificates on chips prior to manufacturing

DigiCert helps companies provision and manage digital certificates at any point during the product lifecycle with the new release of the IoT Device Manager.

Manufacturers can now embed certificates on chipsets prior to and during manufacturing, or directly to an edge device, for complete end-to-end device security. IoT Device Manager is built on DigiCert ONE, which enables rapid, automated PKI deployment as a customer-managed, on-premises or cloud solution, or managed by DigiCert for any environment.

A challenge manufacturers face when implementing PKI is figuring out how to provision certificates to devices during the manufacturing and assembly process. Changing manufacturing processes by implementing new technology can be a time consuming and expensive undertaking.

To address this challenge, DigiCert provisions authentication and signing certificates to chips prior to arriving at the manufacturing plant for assembly. Having certificates pre-provisioned allows manufacturers, without changing any processes, to achieve the benefits of device identity, strong mutual authentication, and secure boot and over-the-air updates through the use of digital signatures.

Additionally, as manufacturers look for more device-level data and management capabilities, metadata on the device’s characteristics — including serial numbers, batch numbers and digital certificate data — can be loaded into DigiCert IoT Device Manager to support full device management capabilities throughout a device’s lifetime.

“Signing is a critical component of strong IoT security, and manufacturers are continually signing a variety of programming elements to ensure the integrity of interactions with their devices, and the data coming from it,” said DigiCert SVP of Product Brian Trzupek.

“Together with assuring the identity of the device at the time of manufacture and enabling certificate requests directly from any deployed device, IoT Device Manager is part of a holistic security and threat response platform for IoT device security.”

Manufacturers are simplifying the complexity of IoT deployments by pushing more activity to the edge device. To support this transition, a device-centric API in the IoT Device Manager enables unique devices to request, update and manage the lifecycle of certificates.

Complicated and expensive service layers that take time and effort to develop are no longer necessary for certificate provisioning and management. This feature allows manufacturers to simplify deployments, accelerate time to market and reduce the overall risk of their PKI.

IoT Device Manager uses a container-based, cloud-native implementation to:

• allow organizations to provision and embed device identity at any stage of the device lifecycle, from the factory to device deployment in a variety of environments to provide trusted and secure operations.
• simplify device identity, authentication, encryption and integrity with a single click and marry device data visualization with cryptographic, manufacturing and factory process data.
• support standards-based interoperability with third-party manufacturing and provisioning systems and enable technology partners to address a variety of use cases for today’s IoT security requirements.

Secure Software Manager can be utilized together with IoT Device Manager to:

• deploy modern PKI automation for frictionless secure code signing and private key management.
• sign all files at any stage of the development cycle, not only for specific code but also clusters and containers.