Icon Labs partners with Infineon on PKI Management Solution for OPTIGA TPM

Icon Labs announced its IoT Certificate management solution supports Infineon Technologies’ OPTIGA Trusted Platform Module (TPM). The partnership enables device manufacturers to manage PKI (Public Key Infrastructure) certificates throughout the product lifecycle using the OPTIGA TPM, including support for certificate injection during device manufacturing. Instead of having to manually install a certificate into each device, the device comes off the assembly line with a PKI certificate already installed. Infineon`s OPTIGA TPM chip complies with the internationally recognized security standards of the Trusted Computing Group.  

Security is a critical requirement for the IoT, and strong device authentication, using widely adopted PKI technology, enables managed security solutions for IoT deployments. Icon Labs’ Floodgate Certificate Authority and Floodgate PKI Client allow manufacturers to incorporate certificate-based authentication using the OPTIGA TPM for secure key storage. Capabilities include certificate creation during the manufacturing process using private keys stored in the TPM, certificate creation during device provisioning, and certificate management throughout the life of the device.

Icon Labs provides both the client- and server-sides of the PKI solution required to automate secure provisioning and enrollment. The Floodgate PKI Client is compatible with public and private CAs, providing the flexibility to operate a private PKI system without dependence on a public CA or to operate within the hierarchy of a public CA. The OPTIGA TPM securely stores the keys, the Floodgate Factory CA Server creates device authentication certificates, and the Floodgate PKI Client enables a connection in the field to a CA for issuance of TLS and other run-time certificates. The certificates create a Root of Trust enabling secure machine-to-machine communications, using keys secured by the OPTIGA TPM.

Creating a signed certificate during manufacturing requires several steps. First, the Floodgate PKI Client requests the OPTIGA TPM to generate a new public-private key pair. Using this key pair, a certificate signing request (CSR) is created while the private key does not leave the TPM. The Floodgate PKI Client sends the CSR to the Factory CA Server, which signs the request and returns a signed certificate to the PKI Client. This certificate can then be used to authenticate the device when the device is provisioned in the field.

Latest News from

Infineon simplifies speed measuring sensor designs
Infineon: smart power switches with PROFET+2 and High Current PROFET
Infineon: preventing cyber-attacks in rescue services
Infineon starts volume production of first full-SiC-module
Infineon: intelligent power module CIPOS Mini integrates power factor correction
Icon Labs partners with Infineon on PKI Management Solution for OPTIGA TPM
Infineon: flyback controller and integrated power IC CoolSET family
Infineon: logic level MOSFETs in PQFN package deliver high power density
Infineon: high voltage MOSFETs address power classes from 100 W to 15 kW
Infineon: EtherCAT implementation in next to no time
Infineon: RF solutions for fast, efficient and reliable 5G
Infineon: integrated MOSFET voltage regulator for high-density applications

Taking SiC Mainstream: The Story of Littelfuse Power Semiconductors

Since 1964, Littelfuse has brought its legacy of stability and reliability in circuit protection to the power semiconductor space. Now, the company is pioneering a series of in-house technology breakt...


Intel and Wind River Lead Technology Innovation Delivering Resilient and Secure Functional Safety Solutions

Together, industry leaders Wind River and Intel are delivering innovative Industrial IEC 61508 functional safety certification solutions that reduce project risk. A holistic approach is used to combin...


Wind River Titanium Control Advances Industrial IoT

Gareth Noyes, Chief Strategy Officer at Wind River introduces Wind River Titanium Control, a software platform that enables critical infrastructure companies to cost-effectively evolve aging legacy co...


WSI's OLED Professional innovations create more value for You.

WSI are the PMOLED manufacturer and our factory located in Chun-Nan in Taiwan. Our products are the market leader and pioneer in PMOLED module, including the monochrome, area colors and full color one...


SKIPPER UBT21 - a Bluetooth 4.0 USB serial adapter for industrial and medical use

SKIPPER UBT21 is a Bluetooth 4.0 USB serial adapter for industrial and medical use. It incorporates a Bluetooth Dual-Mode Stack, supports ranges of up to 300 meters and transferrates of 720 kbit/s (ne...


Three of a kind - Versatility based on Low Power ARM Cortex-A15

At this year's Embedded World, MEN has presented three low power, ARM Cortex-A15-based solutions on different form factors: a VMEbus SBC, an industrial box PC and a COM Express Mini module. All so...


Enabling Embedded IoT

Eurotech, a long-time leading provider of embedded systems and a global leader in IoT enablement, showed its new modules and Multi-service IoT Gateways at Embedded World 2017. The newly introduced Eu...


PLS’ UDE and new UAD2next allow more powerful trace analysis of embedded multicore systems

The new Universal Debug Engine 4.8 from PLS Development Tools offers a bunch of new and improved features for trace analysis of embedded multicore systems. With the new access device UAD2next PLS cont...


Disruptive technologies

Rahman Jamal, Global Technology & Marketing Director, National Instruments, talks about disruptive technologies in the consumer world, but also in measurement, automation, and the embedded industr...


AdaCore Announces Availability of QGen Debugger at Embedded World 2017

Jose Ruiz, technical lead at AdaCore for the company's QGen automatic code generator toolset for model-based development, discusses that product and explains what differentiates it from other prod...


SECO IoT roadmap: from the proof of concept to the market

During Embedded World 2017 Gianluca Venere, SECO Director of Global Sales, leads us to discover the company's Industrial IoT roadmap showcased at SECO's main booth, along with the latest UDOO ...


Internet of Chocolate

HCC show off an embedded chocolate vending machine using MQTT to connect to a broker in the cloud. There is an important message behind this cool demo – security and reliability of embedded soft...