SAN FRANCISCO, May 14, 2019 (GLOBE NEWSWIRE) -- Mocana Corporation (Mocana), the leading provider of integrated device security solutions for IoT and control systems, today announced the availability of a cyber protection solution for massive IoT, smart cities and distributed intelligence networks. The solution is based on new device admission control capabilities for Mocana’s TrustPoint™ on-device security software solution. Used by major industrial and IoT device manufacturers, TrustPoint™ is protecting more than 100 million devices today. The new controls allow TrustPoint™-enabled devices with limited memory and processing power, such as process sensors and IoT devices, to use certificate-based authentication and network filtering embedded into the device’s software to defend against network-based cyber attacks. These new capabilities are especially important for securing smart city, smart lighting, industrial and massive IoT applications.
Mocana’s new capabilities are used in conjunction with the comprehensive features of Mocana TrustPoint™ and TrustCenter™ to protect and manage the device security lifecycle. Mocana TrustPoint™ includes a FIPS 140-2 validated cryptographic engine and software to make devices tamper-resistant while securing device storage, communications and applications. Mocana TrustCenter™ enables zero-touch, automated device enrollment and in-field provisioning of credentials and authenticated updates on headless devices.
“Cyber attacks on control systems are on the rise,” said Joe Weiss, managing partner at Applied Control Solutions. “Compromised networks can spread malware to attack other vulnerable devices, such as process sensors, industrial control equipment, and IoT devices. With the Stuxnet and Triton attacks, it was shown that malware can jump over segmented networks and air gaps. Mocana’s device security solutions will help to protect Level 0/1 devices that are among the most critical and vulnerable assets in control systems and commercial/industrial IoT systems.”
Network access control (NAC) technologies are used extensively on servers, laptops and smart devices. Implementing access controls on IoT devices has proven to be more difficult because of the limited memory and processing power of such devices. Mocana has solved this problem with the introduction of its new device admission controls.
An advantage of Mocana’s solution is that it authenticates or validates the identity of the device before it is allowed to communicate with the rest of the network. Unlike insecure network access methods such as unauthenticated Dynamic Host Configuration Protocol (DHCP) that provision network access before requiring authentication, Mocana’s solution provides a secure method to use certificate-based, mutual machine-to-machine authentication.
Mocana’s device admission control capabilities enable sensors and IoT devices to defend against a number of attack scenarios, including:
- Dictionary attacks that determine a user’s password.
- DHCP denial of service (DOS) attacks in which a device attempts to lease all available DHCP IP addresses.
- Replay attacks in which a device appears to be functioning correctly when it has been compromised; and
- Spoofing attacks in which a device attempts to impersonate another device by using a false MAC address or IP address.
Mocana’s device admission control capabilities also include an on-device software client that allows TrustPoint™-enabled devices to filter network traffic using allow and deny rules based on source/destination MAC address, IP address, port number, network interface type, and domain. Mocana’s TrustCenter™ device security management platform provides an easy-to-use web portal for setting up and delivering the access control policies to TrustPoint™ clients. TrustCenter™ uses tamper-resistant supply chain provenance to deliver configuration updates to devices.
“Ensuring the safety and reliability of systems is of paramount importance for mission critical systems,” said Dean Weber, CTO at Mocana. “In order to defend against modern network-based cyber attacks, companies need to ensure that their IoT devices are trusted and have not been compromised. Our on-device security controls are designed to operate within a tiny software footprint to enable the smallest of devices to protect themselves.”
To learn more about the Mocana’s device admission control technologies, please visit https://www.mocana.com/dac.
About Mocana Corporation (Mocana)
Founded in 2002, Mocana provides comprehensive and compliant IoT device security solutions to protect critical infrastructure. Mocana TrustCenter™ and TrustPoint™ automate and simplify the management of the IoT security lifecycle. Our proven cybersecurity software development tools simplify the integration of mission-critical security. Mocana protects more than 100 million devices and is trusted by the largest aerospace, industrial, energy, healthcare, and communications companies. www.mocana.com
Contact:
Michelle Schafer
(703) 390-1525
schafer@merrittgrp.com