PKIÂ certificate standards for IIoT
PKI-based access control has traditionally relied on ITU-T X.509 certificate standards. In this section, we shall evaluate X.509 and also the emerging IEEE 1609.2 standard, specifically in the context of IIoT use cases.
ITU-T X.509
ISO/IEC/ITU-T X.509 is a digital certificate standard widely used in PKI. In 2008, IETF profiled X-509 Version 3 for internet usage in RFC 5280 (RFC2), also referred to as a PKIX certificate. Today, many IIoT trust implementations use the X.509 digital certificate format (see Figure 3.8). It is a highly organized and hierarchical format used to certify the identity of the entity the certificate has been issued to, a validity period, and the associated public key. In many next-generation IIoT devices, the device manufacturer installs the public/private key pair, which is certified and signed by the manufacturer.
The following figure shows the various fields of X.509 certificates:
Figure 3.8: X.509 Certificate layout
Although X.509...
