How taint analysis can reveal vulnerable code and protect IoT devices from cyber attack

November 10, 2016 OpenSystems Media

Unfamiliar with taint analysis? It’s the practice of discovering vulnerabilities in application code and system firmware that could be exploited by hackers in a cyber attack, and applying that information to harden and secure devices, including those connected to the Internet of Things (IoT).

On Tuesday, November 15 at 11 a.m. ET, a three-part Embedded University series kicks off with a class covering the topic, “Use Proper Taint Analysis, Especially in the Internet of Things (IoT).” The class, led by Charles J. Lord, PE, President and Chief Trainer at Blue Ridge Advanced Design and Automation, will teach software developers, testers, and analysts how they can leverage taint analysis to identify entry points in IoT systems, including how to evaluate purposely-modified data that could open lateral pathways to other systems and devices within an externally “secure” network. Citing examples such as web forms or data packets sent across an automotive CAN bus, Lord will then address how to maximize security against threats such as SQL injections and buffer overflows, as well as how to maintain efficient data flow within or between systems through the proper application of taint analysis.

Still unfamiliar? Learn more in the brief video from Sponsor GrammaTech below, or register for the class at

Brandon Lewis, Technology Editor
Previous Article
Top ten articles of October 2016

The audience has spoken. From AI to audio processing to the Internet of Things, these were your top ten fav...

Next Article
How to mitigate software supply-chain risk

Previously trusted legacy code, commercial third-party code, and open-source code is often leveraged in the...