Hardening Credential Provisioning in the Supply Chain: A Multi-Layer PKI Architecture for Embedded Devices

Conference Details
embedded world North America 2025
Anaheim, CA
November 04, 2025 - November 06, 2025

Presenters

Authors

Abstract

Weak provisioning practices can compromise even the most hardened device platforms. This session presents a comprehensive supply-chain PKI provisioning architecture designed to remain secure even if individual network nodes or encryption layers are breached.

Drawing on two decades of hands-on deployment experience, we share practical strategies for secure device provisioning through the use of hardware security modules (HSMs), cryptographic tokens, layered encryption, and software safeguards.

We also highlight anti-cloning mechanisms that ensure device credentials cannot be duplicated or misused at any point in the manufacturing process—enabling resilient, end-to-end protection in dynamic and distributed ecosystems

Presentation Slides

Download the complete presentation as a PDF document.

Chat