PORTLAND, Ore. Freescale Semiconductor Inc. is bundling its Power Architecture-based integrated communications controller (PowerQuicc) embedded microprocessors with Mocana Corp.'s Device Security Framework software. The move is being announced Tuesday (June 26) at the Freescale Technology Forum in Orlando, Fla.
Freescale's PowerQuicc -II, -II Pro and -III series microprocessors already have an on-chip encryption/decryption engine, but until now application engineers had to program it themselves. With the Freescale-Mocana bundle, designers working with PowerQuicc will have access to preprogrammed security services that execute asynchronously without loading the main core.
"Security services are getting more and more complicated, and the number of engineers that really understand security is much smaller than the need," said Tony Massimini, an analyst at Semico Research Corp. (Phoenix, Ariz.). "Now customers will be able to get everything they need to use all the PowerQuicc security features from Freescale, since its application engineers will be trained by Mocana in the use of Mocana's security software."
Freescale estimates that only about 12 percent of today's networks are secure. But in the wake of well-publicized security breaches such as the TJX data theft, where hackers stole information from 45 million credit and debit card users, there is an increasing emphasis on securing every network node.
"The challenge is that even though the security hardware is there on our PowerQuicc processors, you need a staff of security engineers to make use of it," said Richard Schnur, IP services marketing manager at Freescale. "This deal with Mocana gives PowerQuicc customers a low-cost entry that is free to try, is operating system independent and is so efficient that you can run it even on very simple devices that don't even have an operating system."
Even with dedicated hardware performing the sometimes complicated encryption, decryption and certification tasks, network security is only as good as the security software implementation. The skill of the programmer also comes into play, since the software must do its job without introducing data stream delays that disrupt the continuity of applications like voice-over-Internet Protocol (VoIP). Indeed, today VoIP is often not secured at all, posing a security risk that has prompted many enterprises to build parallel networks that don't expose their corporate data.
"The impact of a security breach can be tremendous, so enterprise customers and service providers are demanding that security be built into every device on their networks," said Adrian Turner, chief executive officer at Mocana. "But they also can't tolerate any latency being introduced."
In tests, Freescale's PowerQuicc processors running Mocana's security algorithms are reported to have achieved throughput of more than 500 Mbits/second.
The Mocana Device Security Framework bundle for Freescale includes a Secure Sockets Layer (SSL-Server and -Client) for securing remote management tasks, for example from a Web browser to a PowerQuicc-based device; a Secure Shell (SSH-Server and -Client) for managing nodes with the TelNet protocol; Internet Protocol Security (IPsec); Internet key exchange (IKE) of security codes; and a certificate management system that verifies the identity of every device on a network. Mocana's algorithms have been proved out by companies that have already standardized on its security framework, including Philips, Dell, Cisco, Avaya, Nortel Networks, Harris, Honeywell, Symbol, Net.com and Radvision.
Mocana claims to have a device security framework for Freescale that includes all requisite software modules and protocols, designed from the ground up for connected devices. The binary code supports 15 operating systems, according to Mocana, and support for other OSes can be developed in a matter of hours.
The companies expect third-quarter availability for Mocana software running on Freescale's security engine.