TESA Logo

TESIoT Platform

Enterprise-grade Security for AIoT

Empowering AIoT with
Zero‑Trust Cybersecurity

Build, secure, and scale IoT & Edge AI workloads — from device identity and TLS 1.3 to streaming analytics and data pipelines. Designed for regulated industries and mission‑critical systems.

TLS 1.3 • PKI • Vault
Zero‑copy Edge
4‑Tier PKI
Low‑latency MQTTs

AIoT Foundation Platform

Security by Design
ETSI EN 303 645 Cybersecurity Compliance
Secure AIoT Connectivity
MQTTs & HTTPs (Server-TLS & mTLS)
Smart Data Schema & Industrial Domains
Validation and Live Telemetry
ETL for Edge AI
Data Labelling for Edge AI Inference
Digital Twin
AI Agents and Real-time Product Design & Development
Live Telemetry
Auth. & IoTS Chip
Cyber-Physical Systems
CLS-Ready IoT Product

Who Benefits from TESIoT Platform?

Accelerating Thailand's IoT ecosystem to meet global markets and cybersecurity standards

IoT Product Designers

  • Skip 3-6 months of security implementation
  • Pre-integrated PKI, mTLS, and device management
  • Focus on product innovation, not infrastructure

Platform Providers

  • White-label ready for industry verticals
  • Proven architecture handling millions of devices
  • Healthcare, Smart City, Industry 4.0 templates

Investors & VCs

  • De-risked IoT investments with proven tech
  • 70% faster time-to-market for portfolio companies
  • Built-in compliance for global expansion

Cybersecurity Policy Makers

  • ETSI EN 303 645 & ISO 27402 compliant
  • National IoT security framework ready
  • Zero-Trust architecture as standard

Engineering Students

  • Learn production-grade IoT architecture
  • Free tier for academic projects
  • TESA certification pathway included

Startups & Enterprises

  • From MVP to scale without re-architecting
  • Enterprise SLAs and 24/7 support
  • Multi-tenant ready with cost optimization

Key Capabilities & Architectural Strengths

Security‑first foundation, analytics by default — built for production AIoT.

Security‑First Design

PKI with automated certificates, HSM integration, and zero‑trust model.

Compliance‑Ready

RBAC, GDPR/PDPA flows, and comprehensive audit trails.

High‑Performance Edge

Rust‑based gateways, zero‑copy IO, real‑time analytics.

Scalable Provisioning

Automated onboarding + batch provisioning for enterprise rollouts.

Integration Benefits

  • Seamless interoperability across pillars ensures consistent security & performance.
  • Unified management UI reduces operational complexity and training effort.
  • Future‑ready architecture for emerging IoT standards & large‑scale growth.

Vault PKI

Certificate Authority & security foundation.

Device Mgmt

Lifecycle & edge processing.

RBAC & GDPR

Access control & privacy compliance.

Provisioning

Automated onboarding & configuration.

API Gateway

Multi‑protocol unified gateway for connectivity.

AI/ML & Analytics

Rust‑powered engine; C/C++ accelerated.

TESIoT Architecture

Zero Trust Security Flow

End-to-end security with mTLS, PKI, and encrypted data pipelines

Zero Trust Security

mTLS authentication, encrypted channels, and certificate-based identity

Edge AI Ready

Digital twin support, real-time analytics, and ML pipeline integration

High Performance

Low-latency MQTT, optimized data pipelines, and scalable architecture

Use Cases

Smart City, Industry 4.0, Health, Energy.

Smart City

  • AI traffic analytics
  • Secure telemetry
  • Low‑latency alerts

Industry 4.0

  • Predictive maintenance
  • Digital twins
  • OT segmentation

Healthcare IoT

  • Continuous monitoring
  • GDPR/PDPA ready
  • Signed OTA

EV & Energy

  • Smart grid
  • Edge forecasting
  • Anomaly detection

Security & Compliance with Advanced PKI

Certificate‑based identity, encrypted data paths, RBAC, and auditable operations. Supports ISO 27001, ETSI EN 303 645, GDPR/PDPA.

ISO 27001ETSI EN 303 645GDPR / PDPAmTLS / TLS 1.3

TESAIoT PKI Architecture

PKI Architecture

Root CA (offline, 10–20 yrs), Intermediate CA (Vault‑managed, ~5–10 yrs), Device certs (auto‑issued, 90‑day rotation).

Security Features

HSM integration, CRL/OCSP responders, automated lifecycle & renewal notifications.

Operational Workflows

Secure bootstrap enrollment, mutual TLS auth, audit logging & compliance reporting.

Key Innovation: 4‑Tier PKI Strategy

Tier 1 (Battery)
ECC P‑256
Sensors <1 mW – optimize for 10‑year battery life.
Tier 2 (Controllers)
ECC P‑384
<100 mW controllers – enhanced security.
Tier 3 (Gateways)
RSA 3072
>100 mW gateways – HW acceleration ready.
Tier 4 (Critical)
RSA 4096
Critical infrastructure – maximum protection.

Certificates sized by tier balance cryptographic strength, packet overhead, and device power budgets.

Join the Future of Secure AIoT

Provision identities, stream data securely, and unlock AI at the edge with TESAIoT.