Skip to main content
banner image
venafi logo

Securing Machine Identities for Industrial IoT Devices: [Interview with Intrinsic ID]

Securing Machine Identities for Industrial IoT Devices: [Interview with Intrinsic ID]

a person holding a tablet in front of a robotic piece of industrial machinery
February 13, 2020 | Bridget Hildebrand


In the age of the machine, Industrial IoT networks are widely distributed over different organizations and geographies. If the machine identities for an organization’s IoT devices expire or are otherwise compromised, they can trigger network disruptions with far-reaching effects. Reducing the risk of such effects demands a sophisticated and comprehensive approach to protecting machine identities for enterprise IoT devices. This solution needs to be IoT aware, providing the visibility, intelligence and automation required to deal with all the risks that IoT devices present. As digital transformation matures, protecting machine identities becomes an issue of trust and protecting IP.
 

Thankfully Intrinsic ID, the experts in hardware-based root-of-trust security, has joined the Machine Identity Protection Development Fund! In this continuing interview series about expanding the infrastructure for protecting machine identities, I am speaking with Geert-Jan Schrijen, Intrinsic ID’s CTO and co-founder.

 




How does your organization benefit from the Machine Identity Protection Development Fund? View the On-Demand Webinar

 

Bridget: Who is Intrinsic ID?

Geert-Jan: Intrinsic ID is the world’s leading digital authentication company, providing the Internet of Things with hardware-based root-of-trust security via unclonable identities for any IoT-connected device. Based on our patented SRAM PUF technology, our security solutions can be implemented in hardware or software. Intrinsic ID security can be deployed at any stage of a product’s life cycle, and it is used to validate payment systems, secure connectivity, authenticate sensors, and protect sensitive government and military systems. Intrinsic ID technology has been deployed in more than 150 million devices. Our security has been proven in millions of devices certified by Common Criteria, EMVCo, Visa and multiple governments. Our mission is “Authenticate Everything.”
 

Bridget: What struggles do you see enterprises facing in the IoT world?

Geert-Jan: Enterprises deploying industrial and high-risk IoT must solve three critical problems: first, how to set up a trust anchor in every device; second, how to use this trust anchor to establish a verifiable device identity; and third, how to validate the device authenticity throughout its life cycle. Today, there is no standard interface to acquire IoT machine identities with MQTT and other protocols. Most often, manufacturer or IoT platform defaults are used for machine identities. This creates new risks for deployment, and in the future when machine identities can’t be updated. And even if machine identities can be created or updated, device authenticity remains elusive. Assurance that a key pair is generated on a trusted device for the machine identity requested has, to date, not been possible for IoT devices.


Bridget: What will Intrinsic ID do to address this authentication issue?

Geert-Jan: We are connecting the Venafi Platform with the Citadel provisioning tool. Our Citadel Infrastructure Tools are a suite of software products which accelerate deployment of unclonable device identities based on SRAM PUF technology. The Citadel provisioning tool provides a basis for securing  the lifecycle of IoT applications with wide-scale deployment. It can be used by semiconductor vendors and OEMs to provision devices that deploy Intrinsic ID’s BroadKey or QuiddiKey products for secure key storage and management. 
 

Bridget: How will this integration benefit Venafi customers?

Geert-Jan: By integrating the Venafi Platform with the Citadel provisioning tool, Intrinsic ID will enable Venafi customers to ensure device authenticity on embedded platforms typically used in the IoT. This will also allow organizations to standardize on the use of the Venafi Platform for managing machine identities, not just for IoT. We are excited to be able to demonstrate the Venafi Platform providing digital identity certificates to embedded devices secured with Intrinsic ID’s BroadKey solution.
 

Intrinsic ID’s integration is targeted to be complete in May 2020 . Visit Intrinsic ID on the Venafi Marketplace for more information. And stay tuned for future interviews with Machine Identity Protection Development Fund recipients.

Learn more about machine identity protection. Explore now.
 

Related posts

 

Like this blog? We think you will love this.
image of a three professionals looking at a paper, one woman and two men
Featured Blog

Machine Identity Protection Development Fund Exceeds Expectations [First Year Report Card]

Read More
Subscribe to our Weekly Blog Updates!

Join thousands of other security professionals

Get top blogs delivered to your inbox every week

See Popular Tags

You might also like

CIO Study: Certificate-Related Outages Continue to Plague Organizations
White Paper

CIO Study: Certificate-Related Outages Continue to Plague Organizations

Forrester Consulting Whitepaper: Securing the Enterprise with Machine Identity Protection
Industry Research

Forrester Consulting Whitepaper: Securing the Enterprise with Machine Identity Protection

Machine Identity Protection for Dummies
eBook

Machine Identity Protection for Dummies

About the author

Bridget Hildebrand
Bridget Hildebrand

Bridget is Sr. Product Marketing Manager for Ecosystem at Venafi. She has over 20 years of experience managing strategic alliances and global channel programs for a broad range of technology organizations.

Read Posts by Author
get-started-overlay close-overlay cross icon
get-started-overlay close-overlay cross icon
Venafi Risk assessment Form Image

Sign up for Venafi Cloud


Venafi Cloud manages and protects certificates



* Please fill in this field Please enter valid email address
* Please fill in this field Password must be
At least 8 characters long
At least one digit
At last one lowercase letter
At least one uppercase letter
At least one special character
(@%+^!#$?:,(){}[]~`-_)
* Please fill in this field
* Please fill in this field
* Please fill in this field
*

End User License Agreement needs to be viewed and accepted



Already have an account? Login Here

×
get-started-overlay close-overlay cross icon

How can we help you?

Thank you!

Venafi will reach out to you within 24 hours. If you need an immediate answer please use our chat to get a live person.

In the meantime, please explore more of our solutions

Explore Solutions

learn more

Email Us a Question

learn more

Chat With Us

learn more
Chat