2 posts tagged with "certificates"

Industrial security used to mean padlocking the control room and keeping the plant network air-gapped. Those days ended the moment someone plugged a cellular gateway into the PLC cabinet. Now every edge device streaming telemetry to the cloud is an attack surface — and the cryptominer that quietly hijacked your VM last month was the gentle reminder.

This guide covers the practical security mechanisms you need to protect industrial data in transit — MQTT over TLS, certificate management for OPC-UA and cloud brokers, SAS token lifecycle, network segmentation patterns, and what zero-trust actually means when your "users" are PLC gateways running on ARM processors with 256MB of RAM.

If you've ever deployed OPC-UA in a production environment, you've hit the certificate wall. Everything works beautifully in development with self-signed certs and None security — then the IT security team shows up, and suddenly your perfectly functioning SCADA bridge is a compliance nightmare.

This guide cuts through the confusion. We'll cover how OPC-UA security actually works at the protocol level, what the security policies mean in practice, and how to manage certificates across a fleet of industrial devices without losing your mind.