Robots moving boxes
Manufacturing & IoT

Cryptographic Identity for Components

A final good may contain the products (or ‘components’) of several different manufacturers. Many of them are connected devices with direct or indirect access to the IoT and with onboard software and firmware. Before any product enters the market, manufacturing considerations to component authentication is a crucial element of a security and safety strategy in order to ensure secure communication as well as updates to software and firmware over the product's lifetime.

  • Authentication - every component requires a ‘trusted’ identity for efficient point-to-point network configuration.
  • Integrity - mission-critical communications (i.e, firmware updates) must be digitally signed
  • Data encryption - Ensuring data privacy at rest and in transit

Counterfeit components entering the market can also provide cause for concern- damage to brand and reputation, as well as the safety of the end device leading to liability issues. In this instance, visibility is key- components entering the connected network must prove that they are genuine with a cryptographic authentication.

With identifiable components, manufacturers open the door to service business models around their product, either directly or as ecosystem-service members of the final goods manufacturers. Such service opportunities rely on the security and trustworthiness of the cryptographic identity over the good’s life-time.

Utimaco assures device security and data privacy throughout the complete device life-cycle from manufacturing (key injection) through device operation (PKI) to end-of-operation (key termination).

Safe Processes

Applications for Safe Digital Processes


Key Injection

The route to secure identity commences during the manufacturing process when components are enhanced through cryptographic key injection. Key injection gives every device an identity and need to be generated by an HSM.


Digital Signatures

Electronic seals leverage PKI certificates to offer the highest levels of security for safety-critical and sensitive collaboration use cases of service providers and cross-corporate integrated automation processes. In compliance with regulations such as eIDAS, they also provide legal assertion and probative evidence throughout the lifespan of the manufactured product or system.


Public Key Infrastructure (PKI)

IoT devices are operated within PKI-Infrastructures, ensuring confidentiality, integrity, authenticity and non-repudiation of sensitive information. Encrypting data at rest and in transit guards it against theft or tampering, and guarantees that digital identity provides secure authentication of users and applications to protect against fraud.


Machine Identity Management & Security of IoT Components

Key injection- giving each component a unique electronic identity, increasing the authenticity of the device.

With a unique ID, delivered by key injection, IT system administrators can track the device throughout its lifecycle, monitoring and revoking privileges, as required.


Compliance for data security and privacy

Contact us

We look forward to answering your questions.

How can we help you?

Talk to one of our specialists and find out how Utimaco can support you today.
You have selected two different types of downloads, so you need to submit different forms which you can select via the two tabs.

Your download request(s):

    By submitting below form you will receive links for your selected downloads.

    Your download request(s):

      For this type of documents, your e-mail address needs to be verified. You will receive the links for your selected downloads via e-mail after submitting below form.

      Your collection of download requests is empty. Visit our Downloads section and select from resources such as data sheets, white papers, webinar recordings and much more.