Whilst Industry 4.0, digital transformation and smart manufacturing are not new terms in the manufacturing industry, COVID-19 has remote working, social distancing and fluctuating demands have emphasised the need for adopting digital technologies.
Although this acceleration of digital transformation provides many benefits for manufacturers, it is not without challenges. With reporting that their operations have been affected by a cyber incident in 2020, take a look at for zero trust IoT manufacturing.
10. End-to-end encryption
9. Integrated device management
To ensure a seamless process when generating key pairs and updating the PKI, KeyFactor highlights the importance of integrating the PKI lifecycle management tools into the device management system.
8. Root Certificate Authority (CA)
By implementing a Certificate Authority (CA) on-premise or integrating with a third-party, manufacturers can validate digital certificates. “A root CA provides further trustworthiness along the chain of trust of digital certificates.”
7. Centralised code signing
Code signing – the process of digitally signing to confirm the author and ensure the integrity of software. KeyFactor states that it is important to “ensure that firmware updates are signed by the developer and authenticated by the device before being installed.”
6. PKI management
Said to be the most complicated and most important part of managing device security, KeyFactor highlights that implementing and automating PKI and key/certificate lifecycle management will help to ensure trusted manufacturing devices.
5. Mutual M2M authentication
To establish trust between IoT endpoints, KeyFactor states that the best way is to harness machine-to-machine (M2M) mutual authentication, as well as implement strong user access controls.
4. Cryptographic software libraries
To manage crypto-operations such as encryption, TPM operations, and authentication, KeyFactor suggests that manufacturers should adopt strong crypto-libraries – such as WolfSSL – to handle such operations which are critical to protecting a device.
3. On key device generation
Manufacturers should also look to generate and store securely private keys on devices, allowing it to “attest to its own identity.” Such keys can be used for cryptography, encryption, and code signing.
2. Hardware-based security
Where possible, in order to create a trustworthy Root of Trust (RoT), KeyFactor identifies that manufacturers should leverage device-based, tamper-resistant (TMP) hardware secure elements, or hardware secure modules (HSMs).
1. Root of Trust (RoT)
Defined by KeyFactor as the foundation for which all secure computing operations are based, Root of Trust (RoT) that is installed on a device can be used to contain the keys for cryptographic functions and enable secure boot processes. It can also be implemented in hardware to make it immune to malware attacks, and comes in the form of a a security module within processors or a system on a chip (SoC).