Sécurisez vos opérations de fabrication hautes technologies et produisez des appareils dotés de capacités de sécurité inhérentes.

The connected devices produced by high-tech manufacturers are attractive targets for cybercriminals, who seek opportunities to use devices for illicit activities, such as man-in-the-middle attacks, intercepted/manipulated data-in-transit and more. Entrust nShield® HSMs and data encryption solutions are trusted by manufacturers worldwide to address today's high-tech manufacturing security challenges.

    Défis

    Attacks on Connected Devices

    Devices or attackers impersonating a trusted device or user could use that status to conduct a range of illicit activities, such as a man-in-the-middle attack, tapping into corporate networks, and more. Advanced persistent threats can take control of device software to steal customer information or intellectual property.

    Introduction de code non autorisé

    Une sécurité insuffisante sur les mises à jour de code peut permettre aux pirates d’accéder à l’appareil afin de lancer des attaques ou de voler des données sur l’appareil lui-même. Sans mesures de sécurité adéquates à l’usine, un code non autorisé peut également être introduit pendant le processus de production lui-même.

    Cycles de production non autorisés

    Unsecured manufacturing processes can lead to production of unauthorized units that can be sold on the black market, either with authentic branding or white labeled. This exposes the organization to significant financial and reputational damage.

    Solutions

    Device Authentication with Digital Certificates

    Manufacturers use Entrust nShield HSMs in conjunction with security applications to secure root signing keys and the issuance of digital certificates, which are injected into connected devices during the production process. Entrust nShield HSMs provides end-to-end protection of the certificate and key generation, and device insertion process, allowing for strong authentication of each device. Read our Polycom case study for a detailed example.

    Secure Software and Firmware Updates

    Without proper security over software and firmware updates, hackers can inject unauthorized code onto devices to launch attacks or establish a trusted connection to corporate networks. With strong authentication in place, using HSMs to establish a root of trust, the device can validate that any code being introduced comes from a trusted publisher.

    Signature de code forte

    The best practice to confirm the integrity of code updates and defend against the risks associated with software tampering is to ensure that code is signed highly secure signing processes with private signing keys protected by HSMs. Entrust nShield HSMs are trusted by manufacturers worldwide to secure their critical keys.

    Avantages

    Protection contre les dommages financiers et les préjudices à la marque

    En empêchant la production d’unités non autorisées, vous atténuez les dommages financiers et les préjudices à la marque associés à la surproduction et au clonage, en particulier dans le cas d’unités de production implantées à distance.

    Ensure Only Authorized Code is Running on Devices

    By allowing only unauthorized code to run on devices you can defend against:

    • Hacker using the device's trusted status to tap into networks or conduct man-in-the-middle attacks
    • Software that sidesteps organizational policies
    • Erroneous or malicious code introduced by vendors in your supply chain

    Économies de coûts et opportunités commerciales

    Grâce aux mises à jour des appareils déployés sur différents sites, vous réduisez le temps et les coûts associés aux mises à jour sur place. Vous pouvez également mettre à jour les micrologiciels et créer de nouvelles opportunités commerciales, en renforçant les performances de vos produits ou en leur ajoutant de nouvelles fonctionnalités.

    Ressources

    Analyst Report: The Role of Authentication in Manufacturing IoT

    This paper addresses the authentication challenges facing IoT device manufacturers as well as device users, and enumerates resulting business impacts and specific recommendations.

    Fiche technique : Fiche technique de la formation des ingénieurs aux systèmes certifiés HSM Entrust nShield

    The nCSE provides the training to give your people the knowledge to get the most from your investment. Getting the best from your technology depends on how much you invest in it...

    Cas d’usage

    dialoguer en ligne