Cost reduction
Optimize authorization and authentication processes with edge-managed workflows that remove manual account administration overhead.
Next Gen Authorization & Authentication
The enabler for IT/OT convergence
Over 90% reduced workload and 10× lower exposure to OT security risks do not have to be marketing hype. P3KI orchestrates precise, audit-ready permission chains that keep industrial operations available even when networks are segmented or air-gapped.
Key benefits
Next generation authorization and authentication for IT/OT convergence, inspired by the existing P3KI.com content but rebuilt with modern Jekyll tooling.
Compliance
Fulfill personalized access control requirements for ISO/IEC 62443, GMP, and other regulated environments with contextual policies.
Easier risk management
Model precise, auditable permission chains that surface accountability for every action across IT and OT assets.
Business continuity
Keep operations running during disconnects thanks to our decentralized, fully offline-capable authorization technology.
Hardened distributed systems
Apply Zero Trust principles end-to-end, even across segmented industrial networks and air-gapped plants.
Faster incident response
Use traceable delegation graphs to identify root causes quickly and apply targeted remediation.
What is P3KI?
P3KI works like a personalized mandate you carry across devices and services. Instead of juggling shared accounts, every delegated capability is bound to a verified identity and context.
-
Delegate precise permissions
Create scoped authorizations that describe exactly what can be done, when, and under which context.
-
Offline by design
Grant new or modify existing permissions everywhere, even while being offline and behind air gaps!
-
Fully personalized and traceable
Every authorization artifact is cryptographically bound to a person or role, enabling instant audits.
-
Standards-aligned
Align with ISO/IEC 62443 and Good Manufacturing Practice while staying adaptable to local regulations.
-
Built for partners
Empower contractors, suppliers, and operators to self-manage working delegations without losing oversight.
Showcase projects & scenarios
Examples that highlight how delegable authorization translates into measurable outcomes.
BASF
Cross-Airgap Self-Service Account Provisioning
Built a proof of concept for BASF that lets employees and contractors create temporary, personalized Active Directory accounts for SCADA control systems even when the production network is air-gapped.
Why P3KI fits: Asset Manager create workorders, contractors are granted permission in a self-service process while maintaining identifiability and traceability in line with ISO/IEC 62443 and GMP. Mobile devices transport permission proofs securely and extend to physical access.
SCADAICSair-gapself-service accounts
Maritime Connectivity Platform Consortium (MCP)
Global Trust System for Maritime Shipping
Implements a trust backbone for verifying documents, data exchanges, and authorization of aids-to-navigation messages across international waters.
Why P3KI fits: Flexible policy language enables precise geo-fenced and accreditation-based trust expressions, so stakeholders only grant the authority that matches their jurisdiction.
maritimeshippingglobal trustaids-to-navigation
Confidential industrial partner
Field Device Bootstrap & Update Handling
Models customer-centric device bootstrap, ownership handover, and secure maintenance workflows across complex ecosystems.
Why P3KI fits: Delegation semantics adapt to each customer's handover model without forcing re-architecture, enabling frictionless provisioning and updates.
SCADAembeddedlifecycleconfiguration
Resources
Downloadable material and ongoing conversations.
Pitfalls of Adapting Security Solutions for OT
Whitepaper
Practical lessons learned while bridging IT security tooling into regulated OT networks.
Enabling Secure Identity and Access Control in Industrial OT
Whitepaper
Reduce access admin workload across plants with automated delegation chains.
P3KI Physical Access Control System
Product
Reduce access admin workload across plants with automated delegation chains.
P3KI Core Framework (DE)
Product
Überblick des P3KI Core Frameworks und seiner Bausteine
Company
P3KI GmbH engineers highly resilient authorization infrastructures that allow people, devices, and services to trust each other without sharing passwords. We provide tailor-made solutions for regulated and safety-critical environments where accountability matters.
History
Founded by veterans of industrial security and cryptography, we're providing solutions to the chemical industry, maritime sector, and defence.
Values
- Combining resilience, flexibility, and security: We design our solutions to work when it really matters: when everything else doesn't.
- Delegation-first thinking: We model human processes before writing policy code so that workflows remain natural.
- Zero Trust pragmatism: We assume compromise and failure of systems but still deliver viable, performant solutions for plant operators.