IoT device PKI implementation

INDUSTRY CLIENT
IoT device PKI implementation
Munich, Germany

Brief :

A major German consumer devices manufacturer required support in designing and implementing a Public Key Infrastructure (PKI) for their consumer devices ecosystem. The customer aimed at securing the lifecycle of their devices, including secure provisioning of firmware updates, secure connection to the service backend, and protecting customer content processed by the devices.

BxC was asked to support the design of an overarching PKI for different device families and generations, including the subsequent PKI integration with different managed PKI service providers.

Regions of Customers
4
Regions of Customers
Regions of Customers
15 Mio
Produced Devices per Year
PKI Components and Services
50+
PKI Components and Services

Activities :

BxC enabled the customer with a future-proof and scalable PKI solution to develop the IoT device business and grow flexibly with market demand:

PKI HIERARCHY & CERTIFICATE DESIGN

PKI HIERARCHY & CERTIFICATE DESIGN

BxC defined the PKI hierarchy and required services for secure key and certificate generation, provisioning, renewal, and validation. A key item was the delivery of cost-effective services by ensuring compliance for global deployment.

OPERATIONALIZATION OF PKI SERVICES

OPERATIONALIZATION OF PKI SERVICES

BxC supported setting up the Target Operating Model and creating documentation for onboarding operational teams. This ensured a rapid operationalization of the PKI and a harmless integration into the device production and digital service delivery.

IMPLEMENTATION OF PKI SERVICES

IMPLEMENTATION OF PKI SERVICES

BxC supported the technical implementation of PKI services with process and solution know-how. Onsite factory CAs were implemented by BxC and taken into production at various customer production sites. BxC also coordinated the integration of the Managed PKI services into the customer service offering for integrated certificate management throughout the complete devices’ lifecycle.

results :

BxC enabled the customer with PKI expertise to design and technically implement an IoT PKI with reasonable efforts. Along with the PKI service implementation, its operationalization and continuous improvement were set up. Several achievements can be listed:

Implementation of a 4-Tier PKI hierarchy with more than 20 Issuing CA’s

Implementation of a 4-Tier PKI hierarchy with more than 20 Issuing CA’s

Implementation of 4 Factory CA’s in production facilities for device mass production

Implementation of 4 Factory CA’s in production facilities for device mass production

Integration of PKI into product and software development with more than 15 teams

Integration of PKI into product and software development with more than 15 teams

Set up of PKI services operations, process excellence monitoring, and improvement program

Set up of PKI services operations, process excellence monitoring, and improvement program