Mocana’s Comprehensive Integration with TPM 2.0 Enables Customers to Secure IoT Device Storage, Communications, Applications, Updates and Containers

SAN FRANCISCO – July 25, 2018 – Mocana Corporation (Mocana), the leading provider of mission-critical security solutions for industrial control systems and the Internet of Things (IoT), today announced support for Trusted Platform Module (TPM) 2.0 to enable device manufacturers to more easily build products that meet the highest standards for cybersecurity. Used to secure billions of computer hardware and financial systems, TPM technology uses a unique secret key embedded into a microchip or firmware. With Mocana, IoT device manufacturers can more easily secure storage, communications, firmware updates and containerized applications.

“As the pace of cyber attacks on IoT and industrial systems increases, there is a critical need for stronger security on IoT devices,” said Srinivas Kumar, vice president of engineering, Mocana. “TPM technology has been used broadly to prove the identity of a computer or financial transaction device. We are now enabling the latest TPM 2.0 feature set on IoT devices, which will significantly reduce the effort for our customers to leverage the technology and avoid reading the more than 3,000 pages of TPM technical documentation.”

TPM is an international standard for a secure cryptoprocessor, a dedicated microcontroller designed to secure hardware through integrated cryptographic keys. TPM was conceived by the Trusted Computing Group (TCG), a computer industry consortium, and was later standardized by International Organization for Standardization (ISO) and International Electrotechnical Commission (IEC) in 2009 as ISO/IEC 11889.

Key features and benefits of Mocana’s support of TPM 2.0 for IoT and industrial devices include:

• Advanced Ciphers Support: Support for advanced ciphers including Elliptic Curve Cryptography (ECC), and 256 and 512-bit Secure Hash Algorithms (SHA) 2.
• Multiple Ownership of Keys: Separates owners for the TPM Endorsement Key (EK) for signing/attestation from the Storage Root Key (SRK) with support for Endorsement Hierarchies (EH) and Storage Hierarchies (SH).
• Better seeding for entropy: Seeding and reseeding of a non-deterministic pseudorandom number generator with an entropy source internal to the TPM’s cryptographic boundary to ensure a high degree of randomness for key generation.
• Support for Windows and Linux: Solution is optimized for embedded systems running Windows or Linux-based operating systems.
• Pre-integrated support: Multi-vendor support for TCG TPM 1.2 and 2.0 specification from Infineon, Nuvoton, and STMicro.
• Compliance with cybersecurity standards: Only solution to meet the requirements for US NIST 800-63B AAL3, the highest level of authentication assurance, and support Proof of Possession of a secret for both Certificate Management over CMS (CMC) and the Enrollment of Secure Transport (EST).
• Secure storage: Support for use of certified TPM keys for the encryption of data at rest.
• Secure communications: Support for use of TPM keys for both asymmetric and symmetric key generation for SSL/TLS and IPsec.
• Secure firmware updates: Support for use of TPM keys to ensure devices are trusted before firmware is updated.
• Secure containerized applications: Ensures the trustworthiness of containerized applications using remote attestation.

Mocana’s implementation of the TPM 2.0 standard has garnered broad industry support.

“Mocana is making it easier to implement to TCG’s TPM 2.0 specification so that IoT applications and devices can be secured using a strong form of authentication assurance,” said Thorsten Stremlau, marketing co-chair of Trusted Computing Group (TCG). “Billions of devices use hardware-based TPMs for enterprise systems and financial systems. We are thrilled that Mocana is making it easier for developers to leverage the benefits of TPM to secure IoT devices.”

“Cyber security is becoming a critical and mandatory component in  industrial IoT. Given ABB’s breadth of offerings in the market, we were looking for a security stack which could address requirements across a diverse landscape of end points. Mocana TrustPoint addresses these needs seamlessly while keeping us Industrial Internet Consortium (IIC) endpoint security compliant” said Satish Gannu, chief security officer, ABB. “Mocana helped us to use TPMs for identity proofing for authentication and to enhance the security of storage, communications, and containerized applications.”

“Mocana’s implementation of the TPM 2.0 specification enables industrial and IoT device manufacturers to leverage the many features of TPM 2.0 to ensure devices are trustworthy,” said Steve Hanna, senior principal, Infineon. “Infineon and Mocana are committed to making it easier to incorporate TPMs into industrial and IoT devices to improve safety and reliability.”

To learn more about Mocana’s TPM 2.0 support, please visit www.mocana.com/tpm2-0.

About Mocana Corporation
Mocana provides comprehensive and compliant cybersecurity solutions to protect more than 100 million mission-critical IoT devices and industrial supply chains. Our solutions simplify the integration of security with an easy-to-use development framework that operates across complex, multi-vendor environments where reliability and security are mission-critical. Mocana is trusted by the largest aerospace, industrial, transportation, energy, healthcare, and communications companies. www.mocana.com.