The Mocana Factor

By Srinivas Kumar
Chief Technology & Product Officer at Mocana Corporation

blog-critical-thinking-problem-solving-solutions
 

The engineering team at Mocana enables rapid innovation for device and data protection to help IIoT/IoT/OT equipment manufacturers harden their products and achieve compliance – on spec, on budget, on time – by providing one-stop solutions engineering as a professional service.

 

The Mocana team of subject matter experts includes a diverse talent pool of technical leads, architects, and engineers, with decades of experience in embedded systems design, resource-constrained cryptography, hardware-based acceleration techniques, integration with secure elements for key protection, certificate lifecycle management, and the internals of secure transport protocol stacks.

The challenge for line-of-business application developers across industries (telecom, networking, printing, healthcare, retail, aviation, transportation, and utilities) is keeping pace with fast emerging technologies from silicon vendors to cloud platform services. For product security architects, release cycles and compliance objectives are a delicate balancing act. For chief security officers and engineering development managers it is a painful cost-benefit analysis and tradeoff (sometimes kicking the can down the road). The Mocana innovation team helps reduce both the cost and complexity of this difficult endeavor.

Why Team Mocana

The Mocana TrustCore development platform and the Mocana TrustCenter operations platform enables device transformation without impacting the software bill of materials (BOM) for device vendors and helps them offer value-added services to their customers – transforming a cost center into a revenue center.

Mocana solution architects and engineers assist with requirements analysis, gap analysis, solution templates/proposals, and API level integration required to harden devices and edge gateways, achieve RFC specifications-based interoperability, and standards-based compliance objectives.

Implementing security controls – such as key protection using a root-of-trust anchor (with a TPM, SIM or MCU); hardware acceleration using cryptographic primitives supported by the secure element; integration of secure transport protocol stacks (TLS, SSH, IPsec, IKE) with protected keys; data protection on a device without a secure element, and X.509 certificate-based authentication variants – require specialized skill sets to implement abstraction layers for cross-platform application security by design.

The global fragmented market for device manufacturers demands strict compliance with export and import restrictions on cryptographic functions and an abstraction platform to plugin third-party or proprietary engines. The diversity of silicon-integrated secure elements and embedded general-purpose processors requires an abstraction platform for root-of-trust anchors so that full-stack application developers can utilize the underlying security capabilities effectively.

The plurality of micro-kernel and real time operating system (OS) platforms requires both a system-level abstraction layer and knowledge of device drivers, kernel headers, and OS internals for integration. The Mocana solutions engineering team has delivered turnkey innovations and training sessions to top-tier device vendors for over a decade and through the difficult pandemic period.

Why Mocana Platforms

Though a cloud platform vendor or open-source software may offer IoT edge and hub platforms with APIs and protocols for messaging and connectivity, on-device protection for cyber resilience requires planning and implementation – to build a horizontal platform for embedded trust and a cryptographic supply chain for tamper resistance. This requires modernization with on-device protection controls on brownfield and greenfield devices connected over Ethernet and non-Ethernet device networks, that cloud platforms vendors simply do not provide for device vendors/owners/operators to modernize their operational technology infrastructure elements.

The solutions that cloud platform vendors offer for device registration do not require trusted and immutable identity based on a local root-of-trust on the device for zero-trust provisioning. Further, these solutions merely provide APIs for content distribution as a cloud-based service, without supply chain protection and a cryptographic trust chain for tamper-resistance. At Mocana, the solutions engineering team helps build smart devices to register and subscribe to cloud-based services for key and certificate management, device identification with immutable identity, device authentication, trusted data with signing and/or encryption, trusted content distribution with supply chain tamper-resistance for updates, and condition-based remote maintenance to reduce provisioning and operational expenses.

The build versus buy economics for original equipment manufacturers in turnkey digital transformation projects boils down to building their line of business applications with solutions engineering as a service for application hardening and buying the foundational elements of platform protection for device hardening – without increasing BOM costs or stretching R&D budgets and product release cycles.

Bridging the Adoption Challenge

Mocana helps device operators bridge the adoption challenge between device vendors and service providers and enables digital transformation with the emerging software defined edge (SD-Edge), 5G multi-access edge computing (MEC), and connected brownfield/greenfield devices. The company protects the content delivery supply chain and device lifecycle for tamper-resistance from womb-to-tomb, with root-of-trust and chain-of-trust anchors.

Mocana measures the device for persisted integrity and for trustworthiness of operations and data to power AI/ML analytics. The company’s team of security professionals work with semiconductor vendors and certificate authorities to integrate with emerging technologies to comply with data privacy and protection standards. The goal of cyber protection as a service is to eliminate the initial cost of modernization for device vendors and empower service providers to offer subscription-based services for effective and efficient digital transformation of things.

Mocana’s core technology protects more than 100 million devices and is trusted by over 200 of the largest industrial manufacturing, aerospace, defense, utility, energy, medical and transportation companies globally.

Download This Blog