Siemens produces a wide range of products used in critical infrastructure where security is of the utmost importance. Digitalization is a focus field of Siemens’ vision for the future. Public Key Infrastructure (PKI) technology is a core component for secure communication, and utilized to identify both devices and personnel in these networks. Siemens deploys several PKI systems to support the organization’s exacting security requirements.
PrimeKey delivers a PKI solution that provides digital certificates to Siemens’ products, enabling these to identify devices and secure communication. Modern industrial processes demand a high level of automation, along with the capability to handle high volumes while maintaining strict security. Using open standards and off the shelf products lower costs and enable access to the latest standards, including Elliptic curve cryptography. It also makes Siemens less dependent on vendors.
The carefully chosen PKI solution means Siemens can rapidly roll out new security technologies for its high security products.
EJBCA Enterprise PKI was chosen as the certificate authority software, to provide the necessary PKI functionality and integration capabilities. EJBCA includes all the latest PKI standards, with support for RSA and ECC certificates, as well as offering the opportunity to automate processes.
EJBCA operates as a central, high availability, certificate authority, from which departments and partners in the Siemens network can enrol for certificates for their product lines and administrators. The solution uses a multi-layered approach to provide extra levels of security between the entities and the certificate authority, which communicate using the standard CMP protocol. All requests are identified using digital signatures to ensure that only authorized clients have access.