Security for everyone
| By |
|
Have you ever experienced a security breach – something stolen from your home, car, or office? Has your network or computer crashed due to viruses and other malware attacks? Or have you faced one of the most feared security violations – identity theft? Having something of value stolen or damaged can be a difficult and emotional situation. We go to great lengths to safeguard our homes and offices, lock our cars, chain up our bikes, store our valuables, and protect our identities.
If something is secure, it means that it’s not vulnerable to danger or harm, that it’s safe from infiltration or interception by unauthorized persons. It also means that it’s dependable, firmly established, and not liable to failure.
When it comes to embedded computing, security is an escalating issue that has become more critical with the explosion of connected devices. The combination of intelligence and connectivity in many of our electronic devices makes them prime targets for intrusions of all kinds. These devices contain and provide access to valuable information that often is unprotected from those who want to inflict damage, such as hackers. Despite all the potential breaches that these intelligent, connected devices can facilitate, many are not designed with security as a consideration.
The obvious need for security begs the question: Is it even possible to make all devices completely secure? Just as embedded designers use their creativity to come up with new devices and functionality, the bad guys likewise exploit their imaginations to find new ways of putting these devices to malicious uses. Total security is probably not achievable, given the resourceful nature of humans to take on the challenge of obtaining things that are not theirs. Hackers love the adrenaline rush, and thieves are always looking for ways to make a quick buck. But we should expect devices to be equipped with at least a rudimentary level of security and have the ability to upgrade to higher levels as the need dictates.
Technology plays a key role in providing security that makes it more difficult and less rewarding for those trying to infiltrate our systems. Security should be intertwined with every aspect of the embedded system. The interaction between hardware and software must be carefully planned so that the entire system’s security is strengthened.
Security also should be designed in and not added later. It must be easy to use without hindering device or system operation or functionality. If it is too complicated to figure out how to operate the device, then users will be apt to bypass, disable, or ignore the security features. The most secure devices are worthless if users find them too challenging to use.
I’ve noticed that most devices require a fairly technical background to ensure that security features are properly and fully enabled. My favorite example is the typical home Wi-Fi router. Out of the box, some level of security is enabled, but many other options can be implemented if desired. Choosing the right settings requires skills that the typical user does not possess. To make it even more challenging, product suppliers don’t give users instructions on easy and reliable ways to ensure that routers are secure. Users all over the world believe their home networks are safe but have no way of verifying the level of security because they lack the necessary computer expertise. While retailers provide plenty of advice on how to set up the network, they do not explain the process of checking if it’s secure.
Everything that has intelligence and connectivity needs to be protected. Every day, new devices are added to this list. With the potential for hacking and malicious attacks increasing exponentially, it is imperative that designers build security into these devices and that product manufacturers provide users with ways to set up and verify security features to meet their needs.
Jerry Gipper
Editorial Director
