Secure Zero-Touch Provisioning (SZTP): Automating Trust for AI & Edge Networks

March 20, 2026 Rachel Kim – Technology Editor Technology

A new standard for securing digital infrastructure, dubbed Secure Zero-Touch Provisioning (SZTP), is gaining traction as organizations grapple with escalating cybersecurity threats and the proliferation of AI-driven devices. Defined in RFC 8572, SZTP aims to automate trust in a landscape spanning cloud nodes, edge systems, and the Internet of Things, moving beyond the limitations of traditional methods like Dynamic Host Configuration Protocol (DHCP).

DHCP, introduced in the late 1990s, revolutionized network connectivity by automating IP address assignment, replacing manual configuration and enabling the widespread adoption of Wi-Fi and mobile internet. However, according to Juha Holkkola of FusionLayer Group, DHCP alone is insufficient to address the security challenges of modern digital environments. “Just as DHCP revolutionized connectivity, we are primed for a transformation of equal magnitude concerning digital trust,” Holkkola stated. SZTP is positioned as that transformation.

SZTP focuses on enabling devices to autonomously verify their needs – self-authentication, receiving verified firmware, installing credentials, and joining orchestrated environments – without human intervention. This is particularly critical in environments like AI data centers, where Data Processing Units (DPUs) and Infrastructure Processing Units (IPUs) are increasingly used to offload networking and security tasks from GPUs. SZTP allows for the provisioning and securing of these environments at scale, aligning with standards promoted by the Linux Foundation’s Open Programmable Infrastructure (OPI) project.

The rise of edge computing, driven by the demand for lower latency in AI applications, further underscores the demand for SZTP. Deploying and securing applications across tens of thousands of edge locations becomes feasible and efficient with automated provisioning. This supports applications ranging from autonomous vehicles to immersive virtual reality experiences.

SZTP represents a shift from simply establishing network connectivity – answering the question “Where are you on the network?” as DHCP did – to verifying identity and role: “Who are you?” and “What role do you play?” This emphasis on identity verification is a core component of a secure-by-default infrastructure. SZTP achieves this through hardware attestation, verified boot processes, secure image delivery, and cryptographic credential injection.

Beyond basic provisioning, SZTP can deliver a complete software stack, defining device roles across various domains, including extended reality (XR) workloads and IoT pipelines. The system can even simulate workloads pre-deployment to ensure readiness and optimal performance. Industry adoption is being accelerated by the availability of open-source SZTP clients under permissive licenses, mirroring the widespread adoption of DHCP.

FusionLayer, formerly known as Nixu Software, has been involved in the DNS, DHCP, and IP Address Management (DDI) space since the early 1990s, supporting thousands of server instances and hundreds of production environments globally. The company’s FusionLayer 2 Series DHCP Server is a software appliance designed to function as a DHCP server in installations utilizing standard RFCs, and options.

As digital networks expand, securing them is paramount. SZTP is presented as a solution that, through open standards and automation, aims to develop trust as effortless as connectivity once was. The development of open client ecosystems is seen as crucial to realizing this vision and defining secure, automated infrastructure in an AI-enabled world.