Skip navigation
Run-time Provisioning of IoT Endpoints with Cloud Credentials

Run-time Provisioning of IoT Endpoints with Cloud Credentials

Date: Thursday, October 24, 2019
Time: 2:00 PM Eastern Daylight Time
Sponsor: Texas Instruments and Amazon Web Services
Duration: 30 Minutes

Register Today!


For both commercial and security reasons, IoT device vendors cannot allow arbitrary endpoint devices to connect to their IoT services. This requires the IoT service to authenticate any endpoint attempting to join their network through use of security credentials, such as certificates. This in turn requires the IoT endpoint to have an appropriate certificate installed on it, which can be done during manufacturing through many different approaches. Here are a few to spike out:

  • Option 1: The IoT device vendor can purchase dedicated Trusted Platform Modules (TPMs) that already contain certificates, although this adds cost to the BoM. 
  • Option 2: The IoT device vendor can also use a secure manufacturing location with dedicated equipment such as a Hardware Security Module (HSM) to manage the keys and certificate generation. However, such an approach may be incompatible with using a low-cost contract manufacturer. 
  • Option 3: The IoT device vendor can provision the certificates at run-time, enabling the manufacturing process to be non-secure and lower cost. 

During our time today, we will examine a run-time provisioning implementation based on SimpleLink Wi-Fi microcontrollers and AWS  cloud services. This utilizes the unique identity and public/private key pair available on a SimpleLink Wi-Fi device to generate a Certificate Signing Request (CSR) to a provisioning service hosted on AWS. The CSR request can be made at any time, such as during system test at the IoT device vendor’s facility or during installation by the end-user.

By attending our webinar, you will learn:

  • How to eliminate the cost of injecting client certificates during manufacturing by creating a run-time provisioning service
  • An understanding of the different cloud-side and embedded components required to create a run-time provisioning service
  • The specific AWS services and TI embedded SDK libraries used to implement a run-time provisioning service


Nick Lethaby, IoT Ecosystem Manager, Texas Instruments

Nick Lethaby works on IoT ecosystem solutions in TI's Connected MCU Organization. He has over 25 years of experience in embedded systems software, including Linux and real-time operating systems, for microcontrollers and microprocessors. He has a BS in Computer Science at the University of London.

Richard Elberger, Global Partner Solutions Architect- IoT, Amazon Web Services

Richard Elberger is a Global Partner Solutions Architect in IoT at Amazon Web Services. In his role, he works with hardware partners worldwide to ensure customers can build amazing and innovative IoT solutions on AWS. Richard has worked in the software and service industry for over 20 years and holds an MBA from the University of Massachusetts Amherst.





TAGS: IoT Webcasts