Skip links
DEMO
Login
  • Overview
    Overview

    KEYNOA leverages unique identities to ensure secure and efficient device onboarding. Discover our concept.

    Test now
    Eval Kit

    Experience the benefits of digital identities for your value chain free of charge for four weeks and streamline your processes.

    KEYNOA Engine

    Discover the KEYNOA Engine and create devices with unique identities to enhance IT security, ensuring reliable and secure operations.

    KEYNOA Features

    KEYNOA helps you integrate and manage devices while adhering to the latest IT security standards across diverse infrastructures.

    Knowledge

    Learn about key topics like Security by Design, PKI, and digital identities. Discover how these concepts can enhance Your IT security.

    Blog

    Get the latest insights on Industrial IoT security and digital identities. Practical perspectives on architecture, integration, and operations.

  • Manufacturer
    Overview

    KEYNOA uses unique identities to make the commissioning of devices secure and efficient. Get to know our concept.

    Test now
    Eval kit

    Test the benefits of digital identities for your value chain for four weeks free of charge.

    Use for Device Manufacturers

    With a focus on state-of-the-art technology, we support device manufacturers in meeting the necessary safety standards.

    Consulting Device Manufacturers

    Consulting expertise for comprehensive device security and smooth onboarding.

    Article: SPS Magazine

    Find out in our article in SPS magazine how components can be prepared for the digital age with KEYNOA.

    Podcast: IPH

    In the podcast "Praxisnah" from the Institut für Integrierte Produktion Hannover we talk about how companies can use the "Internet of Things" securely.

  • Users
    Overview

    KEYNOA uses unique identities to make the commissioning of devices secure and efficient. Get to know our concept.

    Compatible devices

    Order devices that are compatible with KEYNOA and start scaling your projects today.

    Users

    Automate repetitive tasks when configuring devices and deliver confidence across the entire value chain.

    Consulting Integrators

    Consulting Operators

    Article: IT&Production

    Find out in IT&Production magazine how KEYNOA can be used to integrate many IoT devices quickly and securely.

    Article: Industrial automation

    In the "5 questions for..." section, Sven Uthe (CTO DEVITY) explains why digital identities are the driver for hyper-automated infrastructures.

  • Services
    Demo

    Practical insights: Discover our demo for an immediate impression of KEYNOA.

    Test now
    Eval kit

    Test the benefits of digital identities for your value chain for four weeks free of charge.

    Services

    With a team of experts, DEVITY supports and advises you in the scaling of large-scale projects.

    Consulting

    We are experts in IT security in the IoT. You too can benefit from our many years of experience in research and industry.

    CyberRiskCheck

    Not sure whether your IT infrastructure is adequately protected? Do the cyber risk check with DEVITY now.

    Knowledge

    Gain knowledge on various topics such as security by design, PKI and digital identities.

    Article: MaschinenMarkt

    Find out why digital identities are a key element of IT security and help protect against cyber attacks.

    Blog

    Get the latest insights on Industrial IoT security and digital identities. Practical perspectives on architecture, integration, and operations.

  • About Us
    References & Partners

    Partnerships and success stories: Our daily collaboration for a secure networked world.

    Trade fairs & events

    Get an insight into our presence at important trade fairs and events.

    Demo

    Practical insights: Discover our demo for an immediate impression of KEYNOA.

    About us

    Find out more about what drives DEVITY and what our vision and mission are.

    Career

    You share our passion for IT security and the latest technologies. Get started with us now!

    Contact us

    Would you like to find out more? Contact us for inquiries and further information.

    Knowledge

    Gain knowledge on various topics such as security by design, PKI and digital identities.

    Blog

    Get the latest insights on Industrial IoT security and digital identities. Practical perspectives on architecture, integration, and operations.

Published in: IT security

Challenges in Implementing Digital Identities in the Industrial IoT​

Challenges in Implementing Digital Identities in the Industrial IoT

Challenges in Implementing Digital Identities in the Industrial IoT

The introduction of digital identities in the Industrial IoT often fails not because of technology — but because of implementation.
What appears clear and structured in theory meets legacy systems, heterogeneous environments, and a lack of automation in practice.
This is where the real challenge begins.

Why Implementation in the Industrial IoT Is Particularly Challenging

Industrial environments are rarely uniform. Most have evolved over many years.
Digital identities must be integrated into existing plants and systems that were never designed to support automated security mechanisms or end-to-end certificate management.
As a result, IT concepts cannot simply be transferred. Implementation becomes significantly more complex.
Projects take longer because solutions must be adapted to existing infrastructure. At the same time, coordination between IT and production increases, and security gaps often persist longer than planned.

Challenge 1: Building and operating a PKI in the industrial IoT

For a device to have a trustworthy digital identity, it needs a digital certificate.

This certificate is issued by a Public Key Infrastructure (PKI), the central trust authority in the Industrial IoT.

The technology itself is well established. The real challenge lies in integration.

In practice, this includes:

Building a scalable certification infrastructure

Integrating it into existing systems and processes

Ensuring availability and trust

The effort rarely lies in the PKI itself, but in embedding it into existing workflows.

Responsibilities for issuing, renewing, and monitoring certificates are often unclear — and this is where operational gaps emerge.

This leads to increased coordination between IT and OT and raises the risk of misconfigurations during operation.

Challenge 2: Certificate rollout and distribution

The biggest hurdle often arises at the very first step: How does the digital identity get onto the device?

In many industrial environments, automated processes are missing.

As a result, certificates have to be uploaded to devices manually.

Each device must be configured individually

The process is time-consuming and error-prone

Scaling across many devices becomes difficult

Certificates are installed one by one — a process that can take days or even weeks in larger deployments with hundreds of devices.

In typical projects, this step alone can significantly delay rollout, especially when production downtime must be avoided.

For many industrial components, such as sensors or PLCs, the technical foundation for automation is simply not in place.

Challenge 3: Heterogeneous systems and lack of standardization

Industrial environments are rarely standardized.
Instead, machines of different generations coexist — with different operating systems, vendors, and interfaces.
Typical examples include:

A machine running an outdated Linux version

Another using a proprietary system

A third based on Windows

Many of these systems are not centrally managed and rely on different communication protocols.
As a result, security mechanisms cannot be defined once and deployed consistently.
Instead, they must be adapted individually for each system — increasing effort and making consistent implementation nearly impossible.
This not only increases complexity but also leads to higher operational costs and makes scaling across multiple sites significantly more difficult.

Challenge 4: Operation and lifecycle management

Digital identities must not only be deployed — they must be continuously managed.
A device does not simply receive a certificate once and remain secure.
Certificates expire, need to be renewed, and must be revoked if compromised.
In practice, this means:

Continuously checking certificate validity

Detecting and revoking compromised devices quickly

Maintaining full traceability of changes and processes

This effort is often underestimated.
Without automation, certificates expire or are renewed too late.
The consequences are immediate: Devices may suddenly stop communicating, leading to unplanned downtime.
At the same time, security issues may remain undetected, causing significant follow-up costs.

How these challenges reinforce each other

These challenges rarely occur in isolation.
A lack of automation in rollout leads to manual certificate management. At the same time, heterogeneous systems prevent consistent implementation.
As a result, the challenges reinforce each other, turning individual issues into a complex overall process.
Immediate impact on:

High time expenditure

Slow implementation

Increasing risks

What is required for successful implementation

Successfully implementing digital identities in the Industrial IoT requires more than technical understanding.
What matters is that implementation works in practice.
This includes:

Automated processes for deploying and renewing certificates

Clearly defined responsibilities for issuance, operation, and monitoring

Integration that works with existing systems and heterogeneous environments

Solutions that do not require individual customization for each device

Only then does complexity become manageable, and digital identities can be reliably used in operation.

Conclusion

Digital identities are not an unsolved technical problem. The challenge lies in execution.
Legacy systems, heterogeneous environments, and a lack of automation turn a clear security concept into a complex, manual process.
The solution is not more technology — but consistent implementation.
Only when identities are automatically deployed, integrated across systems, and reliably managed in operation does implementation become scalable.
Without these prerequisites, digital identity in the Industrial IoT remains a strong concept — but not a solution that works in practice.
WordPress Cookie Notice by Real Cookie Banner