A final good may contain the products (or ‘components’) of several different manufacturers. Many of them are connected devices with direct or indirect access to the IoT and with onboard software and firmware. Before any product enters the market, manufacturing considerations to component authentication is a crucial element of a security and safety strategy in order to ensure secure communication as well as updates to software and firmware over the product's lifetime.
- Authentication - every component requires a ‘trusted’ identity for efficient point-to-point network configuration.
- Integrity - mission-critical communications (i.e, firmware updates) must be digitally signed
- Data encryption - Ensuring data privacy at rest and in transit
Counterfeit components entering the market can also provide cause for concern- damage to brand and reputation, as well as the safety of the end device leading to liability issues. In this instance, visibility is key- components entering the connected network must prove that they are genuine with a cryptographic authentication.
With identifiable components, manufacturers open the door to service business models around their product, either directly or as ecosystem-service members of the final goods manufacturers. Such service opportunities rely on the security and trustworthiness of the cryptographic identity over the good’s life-time.
Utimaco assures device security and data privacy throughout the complete device life-cycle from manufacturing (key injection) through device operation (PKI) to end-of-operation (key termination).