Certificate Lifecycle Management

Why is implementation of security lifecycle management for IoT devices needed?

Industry 4.0 has pushed security improvements in the smart factory and smart building markets but security at scale is still complex and requires many steps to accomplish a secure ecosystem. Efforts such as the one led by the IEC62443 security suite of standards try to establish a robust security framework. The standard is geared towards improving the cyber security robustness and the safety of people and equipment connected to an industrial plant. Standards give recommendations on what security practices to put in place but not necessarily how to implement them and the devil is in the detail. That is the conundrum of security guidance versus a secure implementation.

Imagine a smart factory equipped with several expensive tools to manufacture high precision goods such as a nuclear plant, a vehicle (car, plane, truck) manufacturer plant or even pharmaceutical factories. Many of these examples have in common the high value and/or high standards of the goods they produce. As tools are networked, they become vulnerable to cyber-attacks. The important question we are discussing today is, how do you manage them when installed?

From setting the standard to implementation of the security lifecycle management of IoT devices in a smart factory, where do we start?

QuarkLink from Crypto Quantique and Microchip’s Trust Platform Design Suite

This is where our partner, Crypto Quantique, can help. Learn how they can take a provisioned secure element like the ATECC608 TrustFLEX with a X509 certificate, onboard the certificate into their QuarkLink device management platform and start to revoke or rotate device identities.

Let us look at the lifecycle management process from start to finish.

1. Secure provisioning of cryptographic keys inside the secure element starts with the Trust Platform Design Suite software. The software will guide you through the selection of authentication use cases to match your threat model and navigate you through the secure key exchange otherwise known as the key ceremony. This is where Certificate Signing Requests (CSR) are sent between the Microchip HSM (Hardware Security Module) and the customer. At the end of this process, the customer obtains secure elements as part of the Trust Platform with its cryptographic keys provisioned by Microchip HSM equipped factories and associate manifests. For the mutual authentication use case, the “day zero” or “birth certificate” could be the pre-loaded thumbprint certificate provided by Microchip or the customer’s custom Public Key Infrastructure (PKI).
2. Onboarding [custom PKI BYOC or JITR style] massive quantities of devices in a cloud platform have been a challenge that Microchip secure elements partially address with the Trust Platform. Secure elements Trust&GO, TrustFLEX or TrustCUSTOM come with a manifest. The manifest is a JSON file in base64 code that contains the public credentials (serial numbers, certificates, public keys, …) associated with each secure elements order. It is downloadable from the eCommerce site of your choice such as Microchip Purchasing and Client Services and can be uploaded in bulk on a cloud platform. This is the first friction point QuarkLink helps reduce by offering the capability to ingest the manifest directly within its user interface to assign the certificates and serial numbers to a target user account. There is no need to develop custom scripts anymore resulting in easier onboarding. Not just easier, but also quicker as the QuarkLink platform can upload thousands of certificates in seconds. In the cloud backend, QuarkLink provides a unique identity and endpoint to a device in a cloud platform agnostic architecture, either using on-premise servers, or cloud providers such as AWS (Amazon Web Services), Microsoft Azure, Google, or Mosquito. QuarkLink is that security management bridge between the devices and your IT infrastructure.
3. Revocation certificates: now that the devices are onboarded in the cloud backend of your choice, you can start revoking them when needed, as per your IT security policy. QuarkLink provides a certificate revocation service allowing you to end the life of a device or block it for a determined period.
4. Renew certificates: when the IT policy or the cyber-security standard mandates it, certificate renewal becomes quickly cumbersome to understand let alone implement. Here again QuarkLink offers a simple user interface to automatically set the renewal date of a device certificate.
5. Secure Communication: Logically any communication between the device and QuarkLink platform is handled via a TLS (Transport Layer Security) encrypted channel.

We invite you to discover the QuarkLink product from Crypto Quantique and download Microchip’s Trust Platform Design Suite to configure and prototype with our Trust Platform secure elements. You can also watch our introduction to device management in this Design Week webinar.