How to solve the chicken and egg problem – Which comes first when machines and control systems need identity cards
In a previous blog this year, I talked about how components for networking machines and transport systems in production environments require that these components "know" each other and trust each other and that this can only be achieved if each system is given a digital identity. But at what stage in the product life cycle should a product or system receive its first identity (also known as birth or vendor identity), taking into account that a product very often is an assembly of multiple components?
Many products are today designed to include Secure Elements (SE) or Trusted Platform Module (TPM) chips for secure storage of digital identities, encryption keys and other sensitive data. Using approaches where the identity is only issued “before” the production of the product, i.e. the SEs or TPMs are "pre-personalized" in advance by the semiconductor distributor and are recorded with corresponding "product" certificates before they are then installed on the circuit boards in the final production stage have disadvantages. One major disadvantage is the loss of flexibility: data and information that is only available at the time of production of the final product, that is equipped with the SE or TPM, can then no longer be included in the identity certificate and important identity information can not be secured in the supply chain. Here is an example: A production facility manufactures control units for a certain kind of automatic production machine. A variant of this control system also includes a board for regulating the current switching power. This board also has its own digital identity. Whether it is a control system with or without an additional board can only be determined on site, during the production process. This means that there must be a possibility to also equip products with the respective identity directly on the assembly line - in one case the identity is "with additional board". In the other case, the identity is "without power switch board".
Issuing identity cards to machines and control systems during the production process in a trustworthy way
While building a trustworthy solution that can issue digital identities during the production process, there are, of course, a wide range of requirements to consider. It is essential to build a reliable and secure solution where the initial product identity can be validated and verified during the production, considering the assembly of components included (as described in the example above). The solution needs to become an integral part of both IT and OT and in alignment with how these two worlds continue to converge in the manufacturing industry. An appropriate concept for the solution has to be developed and the areas that need to be considered include:
- Security requirements, policies, processes and systems that need to be considered to define and implement a trusted and validated product identity.
- Communication with and interfaces towards the products, including SE and TPM
- Access to one or several PKI services.
- Continuous administration and maintenance for the solution.
The solution also has to have the capability to be easily adapted with the production line when changes are needed for new products and without having to revise the entire security concept each time. If the security and control of the components used to build the product are incomplete, it is possible that malicious partners or others could manipulate the identity of the product or create plagiarisms resulting in untrusted supply chains and business critical data. A product is an assembly of multiple components and the product identity may need to represent all these components to be effective and trustworthy. Business and maintenance models for modern solutions in IoT and IIoT today rely on data and secure remote updates. Customers will require not only smart, but also secure supply chains from their product suppliers. Trusted product identities, that are issued during the production, are the foundation for this.
Want to know more about security for IIoT?
PrimeKey is a pioneer in open source PKI and signing security software that provides businesses and organizations around the world with the ability to implement secure IoT and IIoT solutions in the healthcare industry, for smart factories, to secure supply chains and more.
Sign up for one of webinars to learn more: