Secure supply chains starting at the
product assembly line

The importance of digital identities when securing supply chains

Concepts for interconnected machines and systems in IoT and (I)IoT require that these components “know” each other and trust each other. This can only be achieved if each system is given a digital identity. The digital identity enables secure communication and updates. Business data generated by the solution can be trusted and updates can be performed in a reliable manner. These functions are fundamental for a trusted IoT solution and also what makes new business models possible.

But what identity and when should it  be issued to a machine or the system? Ideally, the identity should be issued directly during production of the individual components and/or when these components are assembled into a final product, machine or system. Only at this stage the necessary information is available to create the initial birth identity that enables a smart and trusted supply chain for that particular product.



IoT Security
IdAM in manufacturing

The defacto standard for digital identities is PKI certificates

Flexibility and adaptivity are key for a successful manufacturing environment and when integrating PKI and certificate issuance, these solutions must also have these capabilities.

In a PKI, the Registration Authority (RA) is responsible for the certificate issuance process, including the validation of the identity information that should go into the certificate. The PKI service/ Certificate Authority (CA) is responsible for the actual signing of the certificate. It is recommended that the CA and the RA are physically separated thus allowing the CA to reside in a secure environment with only minimal access, while the RA can reside “closer” to the actual issuing process. In a manufacturing environment this means that the RA is located on the manufacturing floor (see the illustration).

The RA has to the have the ability to adapt to an existing production process without any loss of availability or trust. PrimeKey offers an industry-first solution, Identity Authority Manager, for implementing an RA directly into a smart manufacturing environment.


PKI in manufacturing – Creating an industrial PKI Registration Authority

Read about PKI in manufacturing. The industrial Registration Authority (RA) requires extended flexibility and robustness compared to classic Public Key Infrastructure RAs.

Read more



Register for our webinar: Securing Industry 4.0 – Introducing the first industrial PKI solution to secure smart supply chains.

PrimeKey introduces its new groundbreaking industrial PKI solution designed and engineered to meet the demands of Industry 4.0.



Code signing software and PKI development - people discussing

Code signing software that prevents harmful software code

PrimeKey has vast knowledge and experience in partnering with leading software and hardware vendors, utility providers, car manufacturers and system integrators to secure their software distribution chain.

Learn more


Contact us if you have any questions and we’ll do our best to help you.

  • Hidden
    I accept that PrimeKey stores my information, and I accept cookies for analysis and business identification. Read more about cookies and privacy policy here.

How can we help?

  • Hidden
    I accept that PrimeKey stores my information, and I accept cookies for analysis and business identification. Read more about cookies and privacy policy here.
Contact us