Mocana Automation Hero Image

Digital Trust for
Process Automation

What are industry risks related to process automation?

The major risks to process control and automation stems from three factors. The first factor is the diversity of communications methods and industrial protocols that are fundamentally open and insecure, because they were designed to operate within an implicitly secure silo. The second factor is the network firewalls and intrusion detection systems retrofitted into an interconnected and layered ecosystem they were not purpose-designed or intended for operations technology (OT). The third factor is that unlike the IT approach of quarantining infected user workstations (endpoints) with virtual LAN (VLAN) based network segmentation, process control systems in OT are live and quarantining devices in an interconnected system disrupts service and causes undesirable outage. Reactive approaches based on network-based anomaly detection and deep-packet inspection of application protocols will be challenged eventually by the onset of encrypted network traffic (without application reengineering) in the years ahead.

What is a Digital Trust Strategy for Process Automation?

A strong process automation strategy requires the following actions:

  • Securing the integrity of signaling between systems
  • Managing the digital secrets that offer such security countermeasures—passwords and keys
  • Rotating the digital secrets using X.509 certificates for trusted delivery as a mitigation strategy for recovery on compromise
  • Tamper-resistant content delivery through the supply chain
  • Remote device recovery on compromise with trusted software and configuration updates, and automated key renewal
  • Auditability for visibility and measurement of compliance posture

What is a process automation workflow?

Process Automation Chart 1

What security standards relate to process automation?

Industrial automation manufacturers and critical infrastructure operators must ensure compliance with cybersecurity standards such as NIST 800-53, IEC 62443-3-3, and FIPS 140-3. Furthermore, certain industries must comply with additional standards such as NERC CIP 003 for electric utilities and DO-178 for avionics. Keeping up with these standards as well as emerging standards from the Industrial Internet Consortium (IIC) and Industrie 4.0 is challenging. Older protocols such as Modbus, DNP3 and BacNet can be difficult to secure.

Process Automation Image Still

What is the cost of process automation non-compliance?

Keeping up with these standards as well as emerging standards from the Industrial Internet Consortium (IIC) and Industrie 4.0 is challenging. New regulations such as GDPR in Europe raise the stakes for non-compliance to more than €20 million per incident.

How does DigiCert + Mocana enable process automation?

Used by more than 200 OEMs to protect more than 100 million devices.

Mocana’s end-to-end security system is an FIPS 140-3 validated embedded cybersecurity software solution that ensures device trustworthiness and secure communications by giving industrial automation manufacturers, OEMs and critical infrastructure operators an easy way to harden electronic control units and controllers with multi-factor authentication and trust chaining, as well secure boot to validate the firmware, OS and applications.

 

Industrial Control Systems Present Many Surfaces of Attack

Process Automation Chart 2

Learn more about DigiCert + Mocana solutions

TrustCenter™

Control center for managing devices in the field

LEARN MORE

TrustEdge™

Plug-and-play on-device clients that secure operations

Learn More

TrustCore™

SDK that simplifies business application development

LEARN MORE

Find the process automation industry
solutions that meet your needs

By clicking Submit you agree to DigiCert, Inc. or its affiliates processing your data in accordance with DigiCert's Privacy Policy.

"Mocana has been helping industrial manufacturing and automation companies to secure industrial control systems, SCADA networks, avionics subsystems and IoT devices since 2002. Mocana’s IoT Security Platform is solving operational technology and IoT security challenges by tackling one of the toughest industry problems—making industrial controllers and IoT endpoints more secure and trustworthy."

Michael Dolbec
Managing Director, GE Ventures



"The tools provided by Mocana are rooted in its long history of equipping engineers with the ability to harden devices that perform mission-critical operations. Manufacturers can now be equipped to leverage the power of the embedded chips in their products to support the security and privacy requirements of these emerging data-driven IoT ecosystems."

Rob Westervelt
Research Manager, IDC

 

"Industrial IoT cybersecurity is both difficult and essential. Xilinx and Mocana share a vision to remove barriers to IIoT adoption by reducing risk, cost and speeding time to market for any customer that wants to innovate and move their business forward."

Christoph Fritsch
Director, Industrial IoT, Scientific and Medical, Xilinx




"Ensuring the safety, security, and reliability of control systems is critical. Mocana’s IoT Trust Platform can simplify the implementation of security across modern control and safety systems."

Joe Weiss
Managing Partner of Applied Control Solutions, LLC