Thales Blog

Industry 4.0 and Securing the IoT

May 12, 2020

Sharon Ginga Sharon Ginga | Director of Product Marketing More About This Author >

Industry 4.0 describes the fourth industrial revolution – industry based on the Internet of Things. At its core, Industry 4.0 includes customization, or individualization, of products built under the conditions of highly-flexible mass production.

Like most changes, Industry 4.0 brings about new as well as existing challenges to security, from remote controlled attacks on smart devices to industrial control systems.

Products built in these environments require a strong identity both during the manufacturing process and then subsequently through deployment and use. Even when following best practices, this identity is generated and protected by a Public Key Infrastructure (PKI). The heart of a PKI is the root private key which acts as the gateway to the devices and services they operate:

  • The root key controls the chain of certificates that are used to verify who is allowed to obtain access to system data; and,
  • The root key signs the chain of certificates that represent the identity of devices --controlling access to networks, preventing counterfeit protection and ensuring customer data security.

If not secured, certificates signed by PKI keys can be used to make fraudulent data appear as if it originated from legitimate devices. The private key is, therefore, like a gold nugget to a malicious actor or hacker.

Today, many organizations still store these critical assets in a software key vault that is easy to compromise and tough to audit. However, more advanced, security-aware organizations are looking for a better solution. Thales Luna HSMs provide you with the peace of mind that your critical PKI root key is securely stored in NIST FIPS 140-2 Level 3 certified hardware, always backed up and highly available - underpinning both your security and compliance mandates, and are available on-premises or in the cloud as-a-service.

An on-demand cloud-based HSM root of trust service, Thales Data Protection on Demand (DPoD) provides Luna Cloud HSM services that fortify key protection for Certificate Services root keys, significantly improving security and reducing risk.

Together with partners like Keyfactor, a leading provider of secure digital identity management solutions, Thales can help ensure Industry 4.0 security. To this end, we’ve just launched three new partner tiles on the Thales DPoD marketplace, including:

  • Keyfactor Code Assure - Code signing at the speed of DevOps to securely sign any code, anywhere;
  • Keyfactor Control -The end-to-end secure identity platform for connected devices; and,
  • Keyfactor Command - Secure digital identity for the entire enterprise.

Ted Shorter, CTO & Co-Founder of Keyfactor said of our partnership, “Thales Luna HSMs are the only solution that checks all the boxes for us when it comes to scalability, performance, and a secure root of trust. That’s why we’ve built DPoD Luna Cloud HSM right into our PKI as-a-Service platform for IoT security, code signing, and certificate lifecycle automation.”

In addition, Thales’s Todd Moore, VP, encryption products for cloud protection and licensing activity described our relationship with Keyfactor as an important milestone in the expansion of our partner ecosystem. Specifically, he said, “Moving to higher order use cases will provide strong differentiation and repeatability for our DPoD and Luna sales. It has always been our goal to tightly bundle DPoD sales with those applications led by partners such as Keyfactor.”

Thales and Keyfactor have already worked closely together with customers to deploy both Luna HSMs on-premises and DPoD Luna Cloud HSM (HSM on Demand) services. In fact, one of our implementations recently won an industry award.

With PKI as the basis for ensuring IoT and other key use cases for Industry 4.0, organizations can work to ensure they are ready to meet their security challenges effectively.

For more information, please see a recent blog from Keyfactor’s CSO Chis Hickman on the “6 Key Considerations for IoT Security by Design”. In addition, please join Thales’s Gorav Arora and Keyfactor’s Ted Shorter on May 21 at 2:00 p.m. ET for a webinar, “Evolving Security for an IoT World,” about how PKI enables IoT, making devices smarter and more connected.

Thales Data Protection on Demand marketplace

Fig. 1: Thales Data Protection on Demand marketplace


If you are interested in finding out about adding your offering to the DPoD marketplace, please contact

Related Articles

No Result Found