Mocana, Xilinx, Avnet, Infineon and Microsoft Join Forces to Secure Industrial Control and IoT Devices

Industry Leaders to Introduce an Integrated, High-Assurance Industrial Edge-to-Cloud System

Avnet UltraZed-EGTM SOM
Mocana, Xilinx, Avnet, Infineon and Microsoft Join Forces to Secure Industrial Control and IoT Devices

Mocana, the leading provider of IoT security solutions for industrial control systems (ICS) and the Internet of Things (IoT), announced a partnership with Avnet, Xilinx, Infineon Technologies and Microsoft to introduce an integrated, high-assurance industrial IoT system that meets the latest cybersecurity standards. The system is comprised of advanced hardware and software built on the Avnet UltraZed-EG system-on-module (SOM), designed to be flexible and rugged for industrial IoT and small-form-factor IoT devices. The hardware plus software combination includes Mocana’s security software operating on the Xilinx Zynq Ultrascale+ MPSoC, leveraging the capabilities of Infineon’s OPTIGA TPM (Trusted Platform Module) 2.0 security chip. The integrated system interoperates with the Microsoft Azure cloud and is the first of its kind solution that makes it easier and more accessible for large and small companies to bring IoT devices and services to market that are secure and compliant with industrial cybersecurity standards.

“Securing our connected world is of critical importance,” said Srinivas Kumar, vice president of engineering at Mocana. “A major challenge for developers of IoT edge products is their lack of familiarity with cybersecurity standards. Our partnership with industry leaders Avnet, Xilinx, Infineon and Microsoft intends to ease this burden by providing a robust hardware plus software cybersecurity design that can be replicated or modified by system designers to fit their application needs.”

By 2020, analysts predict that there will be more than 20 billion connected devices, including automobiles, industrial equipment, public/private infrastructure, transportation systems and medical devices. Ensuring that IoT devices are secure is critical to the safety and reliability of systems. Furthermore, device manufacturers must meet stringent cybersecurity standards, such as IEC 62443-3-3, FIPS 140-2 and NERC CIP 003-3. Device designers and developers need a robust platform that includes both hardware and software for IIoT.

“Industrial IoT cybersecurity is both difficult and essential,” said Christoph Fritsch, director, industrial IoT, scientific and medical at Xilinx. “These industry leaders share a vision to remove barriers to IIoT adoption by reducing risk, cost and speeding time to market for any customer that wants to innovate and move their business forward but has been searching for the best approach to protecting against evolving cybersecurity threats from the edge to the cloud.”

The joint solution is comprised of a comprehensive suite of secure hardware and software technologies that can be embedded into IoT and IIoT devices, including:

  • Avnet UltraZed-EG system on module (SOM): High-performance board-level circuit that integrates a system function in a single module.
  • Xilinx Zynq Ultrascale+ MPSoC: Heterogeneous, multi-core ARM processing system with programmable logic for scalable and comprehensive IIoT edge platforms.
  • Infineon OPTIGA TPM 2.0 PMOD: Peripheral module comprised of a secure chip that generates hardware and software keys based on Trusted Computing Group (TCG) standards.
  • Mocana IoT Security Platform: Comprehensive cybersecurity software solution that integrates with embedded applications to handle authentication, certificate management, device and data integrity, confidentiality, and encryption and control.
  • Microsoft Azure IoT Device SDK and Azure IoT Edge runtime: Software that facilitates building secure cloud and intelligent edge applications.

The integrated solution will allow developers to leverage the following capabilities:

  • High-performance SOM integrated with a TPM PMOD.
  • FIPS 140-2 compliant cryptographic engine.
  • Scalable X.509 PKI-based certificate management, authentication and device enrollment using OCSP, SCEP, EST (RFC 7030) or IKE.
  • Secure, encrypted transport using SSL, SSH, wireless (802.11) and IPSec.
  • Hardware Root of Trust Boot and Measured Boot signed by a TPM with remote attestation.
  • Secure client to enforce cryptographically signed firmware updates.
  • Support for IoT messaging and network protocols AMQP, DDS, MQTT, OPC UA and TSN.
  • Ability to bring the power of the cloud to the edge through the Microsoft Azure IoT Edge.
  • Ability to connect to the Microsoft Azure IoT Hub to securely process and analyze industrial IoT data.

“In partnering with industry leaders Xilinx, Infineon, Microsoft and Mocana, Avnet is now able to deliver industrial-grade security to IIoT targeted applications,” said Jim Beneke, vice president, engineering and technology at Avnet. “The pre-integrated solution ties together the various hardware and software security elements in a proven platform, so designers can get to market quicker without risking the security of their IIoT system.”

“IoT architecture is complex, and an IoT system is only as secure as its weakest link,” said Joerg Borchert, vice president of the chip card and security division at Infineon Technologies Americas. “For this reason, care must be taken at every level from the chip up to the cloud to securely control applications, data and systems. In order to help customers design and deploy secure systems, Infineon has teamed with other trusted expert leaders in the ecosystem to provide comprehensive reference implementations that leverage best practices to address security from the ground up.”

Customers interested in learning more about the solution or purchasing the integrated system should visit