Onboard™ EdgeHSM

Cloud defines. Hardware executes.

EdgeHSM is the edge carrier of OnBoard™ Secure Infrastructure (OBSI). Built on CC EAL 5+ certified hardware, it runs PKI, KMS, and SEMS with the same Workspace, authorization, and audit semantics as the Cloud HSM carrier — wherever the cloud cannot reach, from factory floors to fully on-premises stacks. Every cryptographic operation completes inside the hardware boundary.

Book a Demo
Factory Edge

What EdgeHSM does on the factory floor.

Cloud-based PKI, KMS, and SEMS define the provisioning workflows. EdgeHSM executes them on the production line — locally, without per-device cloud round-trips.

Key injection

Symmetric and asymmetric keys injected into device chips — MCU, MPU, or SE — through secure channels. Supports key diversification algorithms and adapts to different chip security architectures. Keys travel from HSM to device chip without any plaintext exposure.

Certificate issuance at the edge

Following the CA hierarchy and certificate templates defined by cloud-based PKI, EdgeHSM issues device certificates on the production line. CSR verification and signing happen locally — no round-trip to the cloud for every certificate.

SE pre-personalization

Following the SE Profile defined by cloud-based SEMS, EdgeHSM writes security domain structures, applets, and credentials into each device's SE chip in a single pass.
Policy authority stays in the cloud. Execution trust lives in hardware. Separated by design.
Trust Model

EdgeHSM does not trust its environment.

When the cloud control plane issues an authorization to EdgeHSM — say, 'issue 10,000 certificates, valid for 72 hours, for this production batch only' — those constraints are written into hardware. Not software configuration.

Production quota

Every certificate issued decrements a hardware counter. When it reaches zero, issuance stops. No override from outside.

Authorization expiry

Hardware clock enforces validity. When time expires, authorization is void. No extension without a new grant from the cloud.

Operation scope

Each operator, each key, each operation type is independently authorized. No blanket permissions.

Tamper response

Physical attack detection triggers automatic key erasure. Key material cannot be extracted from the hardware boundary.
Even if the edge environment is fully compromised — the network, the operators, the software running outside EdgeHSM — the rules inside the hardware cannot be bypassed.
Get Started

See the anchor that fits your edge.

A 30-minute demo covers EdgeHSM in factory deployment and its trust model across environments.

Book a Demo
Contact Us
Digital trust infrastructure for connected devices and credentials. Built on 13 years in digital credentials and cryptographic infrastructure.
IoT Security
OverviewSecure Build & ReleaseFactory ProvisioningSBOM & VulnerabilitySecure Update & OTACompliance & DisclosureGoogle CastMatter
Mobile Credentials
OverviewTransitAccessDigital Car Key
Resources
OverviewBlogWhitepapersCase Study
Company
About UsPartners
Privacy PolicyTerms Of ServiceCookie Policy
© 2026 Snowball Technology. All rights reserved.
EN
|
ZH