Situation

Device Authority and Entrust partnered to provide solutions to a global manufacturer of automotive components that has multiple secure manufacturing lines that require a Key Distribution and Management System and PKI service to provision digital certificates to each OEM.
This manufacturer needed to be able to securely transport keys from the OEM delivery service to the remote factories. These keys are injected directly into the OEM’s vehicle electronic components, which are then distributed to end customers for inclusion in their finished automotive products. Those finished products needed to be able to close the loop with the initial key provider for auditing purposes.

Solution

Device Authority’s KeyScaler and Entrust PKI were implemented to provide:

• A hybrid and high scale PKI service to provision digital certificates as a trusted identity, unique to each OEM
• Certificate Lifecycle Management capabilities to reduce management overheads and risk
• Device Identity management via the use of Device Authority’s Dynamic Device Key Generation (DDKG) technology
• KeyScaler, a key distribution and management solution backed by the PKI, to securely transport keys from the OEMs of production equipment to remote factories worldwide
• Policy-driven Encryption with granular read/write access permissions HSM Access Control for integration with third-party
• HSM for secure and automated key generation and storage using HSM
• Key generation and usage reporting for auditing

Situation

A multi-utility company based in Italy, specializing in waste management, recycling logistics, and environmental services, sought a robust PKI-based security framework for its growing fleet of connected waste disposal trucks. These vehicles rely on telematics systems for routing, diagnostics, emissions monitoring, and driver safety — all of which require secure, authenticated communication with cloud-based platforms.

Given the critical nature of the services provided, the customer needed a way to manage vehicle identity, ensure secure ownership transfers (in cases of resale or leasing), and automate certificate provisioning and renewal throughout the vehicle’s lifecycle. Manual processes were inefficient and risk-prone, especially at scale, and a future-proof solution was required to integrate with their existing Azure-based infrastructure.

Solution

Device Authority KeyScaler was used to provide:

• PKI Services for IoT with full Automated Identity Lifecycle Management, including certificate issuance, renewal, and revocation.
• Trust anchor technology embedded in each vehicle’s Telematics Control Unit (TCU) to establish secure identity at the hardware level.
• Seamless integration with Microsoft Azure IoT and the customer’s Connected Vehicle Platform, enabling zero-touch device provisioning via Microsoft DPS (Device Provisioning Service).