A method for providing truly safe and
secure installation of certificates and
cryptographic keys into devices is factory
provisioning.
Factory provisioning requires that OEMs
take it upon themselves to ensure that
secrets and certificates are incorporated
into security devices before they make
it out the door. By performing secret
injection in-house, OEMs eliminate
the potential for adversaries to steal
vulnerable information associated with
security devices, thus ensuring a more
secure safety solution for customers.
Preloading unique cryptographic keys
onto a chip during the manufacturing
process allows the chip to be made
secure from the moment it is produced.
This proactive approach in turn helps
to prevent unauthorized access to the
device or tampering with the device
throughout its entire life cycle.
Analog Devices addresses issues of key
and certificate installation by
• Utilizing a process in close collaboration
with customers in which Analog Devices
programs the provisioned parts
according to customer needs and ships
them directly to the customer.
• Offering customers alternative services
such as key generation, key storage,
and key loading.
C h a p t e r 3 | Fa c t o r y P r o v i s i o n i n g
Factory provisioning is
provisioning the device by means
of authenticating itself, as well as
connecting with other devices right
out of the factory line, to enhance
security."
Shawn Meng
Senior Program Manager, System Engineer, Garmin
16
Embedded Security: Keeping Edge Data Safe
