Icon Labs Partners With Infineon

Icon Labs announces its IoT Certificate management solution supports Infineon Technologies’ OPTIGA Trusted Platform Module (TPM). The partnership enables device manufacturers to manage PKI certificates throughout the product lifecycle using the OPTIGA TPM, including support for certificate injection during device manufacturing.

 

Instead of having to manually install a certificate into each device, the device comes off the assembly line with a PKI certificate already installed. Infineon`s OPTIGA TPM chip complies with the internationally recognized security standards of the Trusted Computing Group (TCG). Infineon is recognized as the world’s leading supplier of security solutions for Trusted Computing.

Free Monthly Newsletter

Compelling read? Subscribe to FierceEmbeddedTech!

The embedded tech sector runs the market’s trends. FierceEmbeddedTech subscribers rely on our suite of newsletters as their must-read source for the latest news, developments and analysis impacting their world. Sign up today to get news and updates delivered to your inbox and read on the go.

 

Icon Labs provides both the client- and server-sides of the PKI solution required to automate secure provisioning and enrollment. The Floodgate PKI Client is compatible with public and private CAs, providing the flexibility to operate a private PKI system without dependence on a public CA or to operate within the hierarchy of a public CA.  The OPTIGA™ TPM securely stores the keys, the Floodgate Factory CA Server creates device authentication certificates, and the Floodgate PKI Client enables a connection in the field to a CA for issuance of TLS and other run-time certificates. The certificates create a Root of Trust enabling secure machine-to-machine communications, using keys secured by the OPTIGA TPM.

 

How Does the Solution Work? 

 

Creating a signed certificate during manufacturing requires several steps. First, the Floodgate PKI Client requests the OPTIGA™ TPM to generate a new public-private key pair. Using this key pair, a certificate signing request (CSR) is created while the private key does not leave the TPM. The Floodgate PKI Client sends the CSR to the Factory CA Server, which signs the request and returns a signed certificate to the PKI Client. This certificate can then be used to authenticate the device when the device is provisioned in the field. Follow this link for more information: Automated certificate insertion for OPTIGA TPM

 

More information is at:

http://www.iconlabs.com

http://www.infineon.com

Read more on

Suggested Articles

The technology and business issues of hybrid and electric vehicles will be open for debate at the Electric and Hybrid Vehicle Technology Expo and Battery Show…

HCC Embedded (HCC) has unveiled SafeexFAT, a failsafe RTOS-independent exFAT file system implementation for deeply embedded applications. The system is…

General Motors has decided to team with Google to integrate more of that platform’s features into future vehicle infotainment systems.