PKI-as-a-service: Streamlining security token generation and signing for ECUs
Agenda
A client from the automotive sector approached us with a critical need: efficiently providing security tokens for accessing restricted features within Electronic Control Units (ECUs). Our PKI as a Service solution addressed this challenge by replacing manual token generation and email distribution with an efficient web service.
This comprehensive solution was developed by our multidisciplinary team, bringing together specialized expertise in security, infrastructure, penetration testing, UI/UX, and web service development.
The system now supports users across Germany, the USA, China, Czech Republic, and Italy, having generated more than 20,000 tokens to date.
Our cybersecurity experts Gunaseelan Sivanandam (senior product owner embedded security) and Saul Dickinson (senior director cybersecurity) explain how our robust PKI infrastructure has become a foundation for expanding cybersecurity capabilities.
Our vision and mission
Saul Dickinson: Could you explain the vision behind your PKI project?
Gunaseelan Sivanandam: Our overarching vision is to create a robust and versatile Public Key Infrastructure (PKI) as a foundational service to empower clients with secure solutions for digital signing, encryption, and certificate management and numerous other cybersecurity use cases. This comprehensive PKI ecosystem enables organizations to streamline security infrastructure and backend management, enhance operational efficiency, and confidently scale their cybersecurity strategies.
Saul Dickinson: How did this specific project with the client come about?
Gunaseelan Sivanandam: Aligned with our vision, our client approached us with a critical need: efficiently providing security tokens for unlocking Electronic Control Units (ECUs). While the concept of security tokens wasn't new, our approach was a significant leap forward from their existing process.
Why security tokens and how we protect them
Saul Dickinson: Why are these security tokens so important?
Gunaseelan Sivanandam: Modern ECUs contain a wide range of security features that restrict access to functions and interfaces on the devices and limit their behaviors. Functions such as software integrity verification, intrusion detection, and protection mechanisms to disable access to external communication interfaces are essential to the security of the final product. These security features make it difficult - or sometimes impossible - to develop and debug the software on the device.
A cryptographically secure solution is essential to open the ECUs to perform extended tests, and security tokens provide precisely that.
Saul Dickinson: What are the specific use cases for these tokens?
Gunaseelan Sivanandam: There are two critical use cases:
- Testing & Debugging: Even with security features active, testers require controlled access to extended logging and debugging functionalities.
- Field Return Unit Analysis: Returned ECUs from the field often need detailed analysis, even if they no longer boot normally.
Saul Dickinson: How crucial is security here?
Gunaseelan Sivanandam: Tokens must be provided only to authorized personnel who are permitted to debug and perform special tests on ECUs. Since tokens can disable essential security features, protecting against unauthorized access by hackers and malicious actors is paramount. Consequently, securing the token generation infrastructure (PKI infrastructure) with rigorous security controls is crucial.
Saul Dickinson: What measures do we take to secure the infrastructure?
Gunaseelan Sivanandam: Our state-of-the-art security practices ensure robust protection of our infrastructure and stay compliant with industry regulations. In addition to many other internal safeguards, here are some of the key security measures we actively implement
- Continuous verification and audit of PKI infrastructure.
- Regular penetration tests and vulnerability assessments.
- Secure physical and logical access control.
- Comprehensive monitoring and incident response capabilities.
- Detailed logging and traceability for all token generation activities.
These practices are not one-time efforts—they are embedded in our operational culture, continuously refined, and reviewed to meet the demands of a rapidly evolving threat landscape.
The process: From challenge to solution
Saul Dickinson: How was this process handled before your solution?
Gunaseelan Sivanandam: Previously, tokens were manually generated and distributed via email, a cumbersome process fraught with delays, inefficiency, and opacity. Tracking which tokens were created, who created them, their intended ECUs, and other critical metadata was error-prone and unreliable.
Saul Dickinson: What approach did you take to solve this problem?
Gunaseelan Sivanandam: Leveraging our established PKI vision, we implemented a token generation and signing web service with state-of-the-art security infrastructure, comprising:
- Secure PKI Infrastructure: Integrating physical and cloud-based Hardware Security Modules (HSMs).
- Backend System: Efficiently generating and cryptographically signing security tokens.
- Comprehensive User Management: Implementing strict role-based access controls and permissions.
- Above and Beyond Standard Security Measures: Introducing mutual authentication to reinforce security.
- Reliable Support & Maintenance: Ensuring high availability, seamless onboarding, and responsive real-time issue resolution.
- Logging and Traceability: Complete transparency with logs and end-to-end traceability.
Saul Dickinson: How does the daily use of the system work today?
Gunaseelan Sivanandam: Today's seamless experience works like this:
- Clients request user onboarding, specifying roles and access duration.
- User is issued an individual authentication certificate
- Authorized users securely log into the service to generate necessary tokens on demand.
- Comprehensive logs provide complete transparency, clearly documenting token generation activities, including who, when, what, and for which ECUs.
- On-call technical support to resolve user issues
The achievements and future outlook
Saul Dickinson: What measurable successes have you achieved with this solution?
Gunaseelan Sivanandam: Our achievements to date:
- Instant, frictionless token generation across all organizational levels, enabling users to accomplish more, faster.
- Trusted and used by OEMs and Tier 1 suppliers globally (Germany, USA, China, Czech Republic, and Italy)
- Over 20,000 tokens generated, eliminating thousands of manual emails and significantly accelerating processes.
- Successfully scaled the solution to support multiple ECU types.
Saul Dickinson: What are the next steps in evolving this solution?
Gunaseelan Sivanandam: With our foundational PKI infrastructure now firmly in place, we are actively scaling to support additional PKI services such as software signing, boot image signing, and encrypted Over-the-Air (OTA) update packages, further advancing our client's cybersecurity capabilities and operational efficiency.