Public Key Infrastructures as the basis for reliable applications and operating processes

In order to ensure secure communication in highly networked systems, reliable authentication of employees and components is required, as are the signing and encryption of data. A Public Key Infrastructure (PKI) is a secure solution for the generation and administration of the required certificates.

TÜVIT supports industrial and energy companies in the conceptual development and expansion of standard-compliant PKIs: from the planning and project implementation, through to testing and certification. TÜVIT has implemented over 500 PKI projects of different sizes, some of them spanning across all of Europe.

 

Our approach

TÜVIT supports companies in the standard-compliant development and operation of their PKIs, with the aid of a dynamic and flexible approach, i.e. an agile approach. This has positive effects, for example, on the development process for new services that utilize a PKI.

At the end of each project phase, you have the opportunity to get in contact with our experts, e.g. after the completion of a rough or detailed plan, or before ordering technical components. The earlier our independent security experts come on board, the lower the project costs turn out, because they can uncover vulnerabilities or process errors at an early stage. This also results in a faster rollout of new services.

Our services at a glance

  • conduct of workshops, one-day or multi-day
    • overview of test requirements and joint evaluation of the sub-requirements relevant to you
    • coordination of your detailed questions on standard requirements, on tests and certifications
  • project support
    • review of the PKI concept
    • gap analysis of documents or processes implemented
  • pre-audits
    • review of your documentation to ensure it fulfils standard requirements
    • review of your service implementation onsite
    • documentation of any outstanding issues
  • audit on-site to review the processes and technical systems implemented
    • assessment of organizational, technical, physical or structural security measures
  • issue of an audit report (e.g. conformity assessment report under eIDAS, ETSI, or the Technical Guidelines of the BSI (Federal Office for Information Security)
  • if all criteria are fulfilled, a certificate is issued and published on the TÜVIT website

Your benefits at a glance

  • minimizing unprofitable investments through agile approach
  • cost reduction through gap analysis
    • targeted project implementation regarding your budget, schedule and standard specifications
  • conformity assessment report
    • as a prerequisite for the approval of your product or service, and
    • for presentation to the responsible regulatory body
  • verification that legislation and legal requirements are fulfilled, where these derive from the corresponding requirements
  • verification that your security measures are applied in a targeted, effective and sustainable manner
  • auditing and certification by the market leader: e.g. TÜVIT has issued over 350 certificates under the German Digital Signature Act and eIDAS, and 150 for PKIs using other criteria, e.g. ETSI
  • we are active internationally
  • we test and certify your PKI independently of your location