Industrial Automation Companies Partnering in Efforts to Redefine IoT Device Security

April 24, 2020 by Stephanie Leonida

Sectigo and Infineon Technologies AG enter into a partnership to redefine IoT device security for enterprises and businesses worldwide.  

Recognizing the Need to Strengthen Security Devices

Sectigo is a leading authority in the world of cybersecurity. It’s digital identity solutions encompass including TLS/SSL certificates, DevOps, IoT, enterprise-grade PKI management, as well as multi-layered web security. The company has a global reach and provides its partners and businesses with automated public and private trust solutions for securing webservers, user access, connected devices, and applications.

Recently, Sectigo announced its partnership with Infineon Technologies AG. Sectigo plans to provide automated certificate provisioning for Infineon’s OPTIGA Trusted Platform Module (TPM) 2.0 using Sectigo IoT Identity Manager.

With the fast-growing development of IoT security standards and regulations worldwide, it has become extremely important for manufacturers to keep their devices well protected and compliant. The Sectigo-Infineon solution will provide manufacturers with enhanced security through complete certificate management.

This includes issuance and renewal, starting right on the factory floor, with secure certificate creation and insertion using the OPTIGA TPM for private key storage. 


Infineon’s OPTIGA TPM 2.0 

Infineon’s OPTIGA TPM offers an extensive portfolio of standardized security controllers designed to protect the integrity and authenticity of embedded devices and systems. OPTIGA TPM security chips support a variety of encryption algorithms and come with a secure key store to protect critical data and processes.

According to Trusted Computing Group (TCG) standards, they support the TPM 1.2 or the latest TPM 2.0 standard. Devices from OPTIGA TPM 2.0 are essential for embedded security, trusted computing, PC and mobile computing, and automotive and industrial security.  


Sectigo IoT Identity Platform

Sectigo’s IoT platform allows maintained security and easy authentication of connected devices to protect business infrastructures. By using the platform, customers can be reassured of their device integrity and identity. Sectigo’s technologies and certificate management system is scalable, cost-effective, and easy to monitor. 


iot platform diagram

Sectigo's new IoT security platform. Image used courtesy of Sectigo


The IoT identity management component of Sectigo’s platform utilizes cloud-based certificate insurance, on-premise certificate insurance, and certificate lifecycle management. In addition to using secure key storage, device integrity and identity is managed using a variety of capabilities including an embedded public key infrastructure (PKI) client, a TPM library, secure boot, an embedded firewall, and data at rest protection. PKI is the gold-standard in identity security and adds an extra level of reassurance to customers. 

Sectigo’s platform enables customers to certificates over the air, providing cryptographic agility to guard a possible “crypto-apocalypse” associated with the arrival of post-quantum computing. Another benefit of using the platform for customers is that is easy to operate.

The device-hardening technologies, and certificate insurance and management systems are interoperable across nearly all trust models, devices, operating systems, chipset architectures, and protocols. Within business enterprises and complex device supply chains, this capability removes the complexity and difficulty of securely building, provisioning, and running embedded devices.

With Sectigo’s certificate management solutions, strong authentication coupled with Infineon's TPM chip provides secure key storage to safeguard against security attacks. The Sectigo-Infineon solution allows certificates to be inserted into devices before they are manufactured when the device is first provisioned into a network, or into the TPM chip itself before shipping to the manufacturer.


How does your company keep devices connected and safe?