The most significant and critical infrastructures, such as the electricity utilities, clean water facilities, nuclear plants and manufacturing industries are controlled and supervised by the industrial control systems. These systems undergo through a metamorphosis as a result of the Industry 4.0 revolution, which emphasises enhanced connectivity and flexibility with the Internet of Things (IoT) and cloud computing technologies. As the data is transferred across the Internet, Industry 4.0 communication can be easily attacked by launching different potential attacks. As a consequence, we attempt to propose a novel certificate-based access control and key establishment scheme for securing Industry 4.0 communication, called ACKS-IA. It offers access control and key establishment between smart industrial devices, as well as between a smart device and its associated cloud server. A formal security analysis of ACKS-IA through the broadly-accepted Burrows–Abadi– Needham (BAN) logic is provided. It confirms that ACKS-IA is secured and provides secure mutual authentication among the communication entities. The detailed informal security analysis and comparative study with the existing related schemes reveal that the proposed ACKS-IA is secured and efficient in terms of communication cost, computation cost, and security and functionality features including anonymity and untraceability as compared to other competing schemes. Finally, a real testbed implementation of ACKS-IA is provided to measure its effect on important performance attributes.