Process Automation


The major risks to process control and automation stems from three factors. The first factor is the diversity of communications methods and industrial protocols that are fundamentally open and insecure, because they were designed to operate within an implicitly secure silo. The second factor is the network firewalls and intrusion detection systems retrofitted into an interconnected and layered ecosystem they were not purpose-designed or intended for operations technology (OT). The third factor is that unlike the IT approach of quarantining infected user workstations (endpoints) with virtual LAN (VLAN) based network segmentation, process control systems in OT are live and quarantining devices in an interconnected system disrupts service and causes undesirable outage. Reactive approaches based on network-based anomaly detection and deep-packet inspection of application protocols will be challenged eventually by the onset of encrypted network traffic (without application reengineering) in the years ahead.


The strategy will require at least

  • securing the integrity of signaling between systems
  • managing the digital secrets that offer such security countermeasures – passwords and keys
  • rotating the digital secrets using X.509 certificates for trusted delivery as a mitigation strategy for recovery on compromise
  • tamper-resistant content delivery through the supply chain
  • remote device recovery on compromise with trusted software and configuration updates, and automated key renewal
  • auditability for visibility and measurement of compliance posture

Process Automation Workflow


Industrial automation manufacturers and discrete manufacturers must ensure compliance with cybersecurity standards such as NIST 800-53, Revision 4, IEC 62443-3-3, and FIPS 140-2. Keeping up with these standards as well as emerging standards from the Industrial Internet Consortium (IIC) and Industrie 4.0 is challenging. New regulations such as GDPR in Europe raise the stakes for non-compliance to more than €20 million per incident. 


More than €20 million is at stake per incident of noncompliance.


Industrial automation manufacturers and critical infrastructure operators must ensure compliance with cybersecurity standards such as NIST 800-53, IEC 62443-3-3, and FIPS 140-2. Furthermore, certain industries must comply with additional standards such as NERC CIP 003 for electric utilities and DO-178 for avionics. Keeping up with these standards as well as emerging standards from the Industrial Internet Consortium (IIC) and Industrie 4.0 is challenging. Older protocols such as Modbus, DNP3 and BacNet can be difficult to secure.

A Cybersecurity System Tailored for Process Automation


Used by more than 200 OEMs to protect more than 100 million devices

Mocana’s end-to-end security system is an FIPS 140-2 validated embedded cybersecurity software solution that ensures device trustworthiness and secure communications by giving industrial automation manufacturers, OEMs and critical infrastructure operators an easy way to harden electronic control units and controllers with multi-factor authentication and trust chaining, as well  secure boot to validate the firmware, OS and applications.

Download Industry Brief

Learn More About Mocana Solutions


Mocana TrustCenter™

Services platform for automated security lifecycle management

Mocana TrustEdge™

Comprehensive IoT endpoint security that simplifies integration

Mocana TrustCore™

Proven, differentiated and compliant system of cybersecurity
  • background-blue.jpg

    Connected devices are being deployed at a rapid pace, and security can no longer be optional. This is a shared industry responsibility, which is why Arm is working with partners including Mocana to shift the economics of security by providing a common framework for building more secure connected devices through PSA."

    Paul Williamson

    Vice President and General Manager, IoT Device IP, Arm

  • background-blue.jpg

    Mocana’s IoT Security Platform ensures that IoT devices can be trusted and communicate securely to the public and industrial cloud platforms. Their verification of the interoperability and integration of their cloud to AWS, Microsoft Azure IoT, VMWare-based clouds, and GE Predix is a significant benefit for companies working with Mocana."

    Vikrant Ghandhi

    Industry Director, Digital Transformation, Frost & Sullivan of Frost & Sullivan

  • background-blue.jpg

    We are excited to work with Mocana in implementing their comprehensive software solution across our divisions. With Mocana’s Security of Things Platform, we are able to maintain consistency in our security approaches, across any type of device or sensor, addressing the variance of real-time operating systems (RTOS), controllers and CPUs. Mocana brings strong FIPS-140 proven cryptography to our embedded devices all the way up to the cloud, enabling a safer path to IoT transformation for our connected business strategy."

    George Wrenn

    VP of Global Cybersecurity for Schneider Electric

  • background-blue.jpg

    The Mocana IoT Security Platform provides a comprehensive security solution for industrial IoT devices and industrial clouds, delivering deep cybersecurity to protect IoT implementations. We congratulate Mocana for their well-deserved industry recognition and look forward to seeing their continued product innovation in the IoT security market throughout 2018 and beyond."

    James Johnson

    Managing Director, IoT Breakthrough

  • background-blue.jpg

    The tools provided by Mocana are rooted in its long history of equipping engineers with the ability to harden devices that perform mission-critical operations. Manufacturers can now be equipped to leverage the power of the embedded chips in their products to support the security and privacy requirements of these emerging data-driven IoT ecosystems."

    Rob Westervelt

    Research Manager, IDC

  • background-blue.jpg

    Mocana TrustCenter automated security integrated with Intel SDO dramatically reduces the onboarding and digital certificate provisioning time to drive scale."

    Lorie Wigle

    VP Product Management, Platform Security Division, Intel

Find the process automation industry solutions that meet your needs

Request a demo


The latest thoughts on cybersecurity

Solution Briefs

Learn More

White Papers

Learn More


Learn More




Learn More

Case Studies

Learn More