Mocana Corporation, a leading provider of mission-critical IoT security solutions for the emerging digital industrial ecosystem, today announced the availability of the Mocana IoT Security Platform, a comprehensive full-stack security solution to protect industrial IoT devices, industrial clouds and device-to-cloud communications.
Mocana also announced new capabilities giving industrial manufacturers the power to leverage hardware-based security technologies and automated digital certificate management to harden devices and effectively enable scalable IoT deployments.
Hundreds of companies, including Schneider Electric, Wind River, Intel, Infineon Technologies AG, DDC-I and GE have integrated Mocana’s effective cybersecurity software into industrial control systems, programmable logic controllers (PLCs), cloud platforms, remote terminal units (RTUs), intelligent electronic devices (IEDs), device gateways and controllers. With the new platform, customers and partners are further protecting IoT devices and industrial clouds against sophisticated cyberattacks that are shutting down power grids, forcing massive segments of the Internet offline and threatening the safety of critical infrastructures.
“When it comes to mission-critical IoT security, there is no middle-ground or acceptable margin for error. Hackers have demonstrated their ability to get behind firewalls and take over IoT devices. Once a hacker has control of an IoT device or controller behind a firewall, they can wreak havoc by manipulating flow controls, valves, compressors, power systems and engine controls that result in loss of critical services and loss of life,” said William Diotte, CEO of Mocana. “The Mocana IoT Security Platform is the most comprehensive IoT security solution for industrial manufacturers that are concerned about cyberattacks on embedded systems, IoT devices and industrial cloud systems.”
The Mocana platform provides a full-stack solution for securing IoT systems from the endpoint, to the gateway, to the cloud and back again. The platform includes a unique, inside-out hardening approach that ensures endpoint and gateway trustworthiness, data and device integrity, authentication and confidentiality. The new Mocana IoT Security Platform provides software capabilities, a set of simple APIs and a path to utilize Mocana’s planned management and analytics capabilities.
The new Mocana IoT Security Platform builds upon the Mocana Security of Things Platform and includes significant innovations:
- Mocana Trust Engine: A vendor-agnostic trust abstraction layer that allows device manufacturers to take advantage of the latest security chip technologies, such as the Infineon OPTIGA® Trusted Platform Module (TPM), ARM TrustZone, Intel SGX and Intel EPID.
- Automated Certificate Management: Support for automated certificate management using Enrollment over Secure Transport (EST) and trust chaining to ensure a lifecycle of trust for secure boot, secure firmware updates and trusted operations.
- Full Stack Platform: The full-stack architecture and strong cryptographic engine ensure authentication, integrity, confidentiality, visibility and control for devices, gateways and cloud applications.
- Simple API: The software abstracts the underlying hardware, enabling applications to call cryptographic functions through a single API. OpenSSL-compatibility interface allows customers to replace OpenSSL with a lightweight defense-grade crypto library.
Mocana is trusted by more than 200 manufacturers and IoT companies, and its software is integrated with over 70 chipsets, 30 operating systems and supports networking environments such as SSL, SSH, multicast, IPsec and wireless. Mocana plans to introduce management and analytics capabilities later this year to provide a new level of visibility and control into IoT devices.
Industry analysts and leaders have validated Mocana’s comprehensive approach to IoT security: “It has never been a better time to address security in IoT devices at the earliest stages of their development, because attackers are quickly learning that the systems supporting our critical infrastructure are increasingly interconnected,” said Rob Westervelt, research manager, IDC.
“The tools provided by Mocana are rooted in its long history of equipping engineers with the ability to harden devices that perform mission-critical operations. Manufacturers can now be equipped to leverage the power of the embedded chips in their products to support the security and privacy requirements of these emerging data-driven IoT ecosystems.
“The need for end-to-end security has never been greater, particularly as legacy infrastructure and industrial systems are upgraded for greater connectivity,” notes Steve Hoffenberg, director of IoT & embedded technology at industry analyst firm VDC Research. “Industrial IoT engineers must take it for granted that their systems will be under attack, and structure their defenses in a layered approach assuming that hackers may gain entry to the network. Paranoia is warranted.
“As the IoT continues to grow, an increasing number of backdoors and vulnerabilities are discovered every day,” said Joerg Borchert, VP of Chip Card Security of Infineon Technologies. “If enterprise-grade companies expect their users to trust in the inherent safety of their technology, they must ensure that advanced security is embedded directly into the device. Our partnership with Mocana focuses on this type of comprehensive security as we work toward providing customers with an easy and effective way to harden their operational technologies.
“Mocana’s new IoT software brings trusted, military-grade security, and cloud-based communications to safety-critical applications like connected commercial and military aircraft,” said Greg Rose, vice president of marketing and product management at DDC-I. “We are excited to be working with Mocana and our joint customers to provide an integrated platform for safety-critical avionics applications that combines key pieces of their IoT software with our best-in-class DO-178 real-time operating system.”
To find out more about how Mocana hardens IoT devices and ensures trust in mission-critical infrastructure, visit www.mocana.com.