The only system that’s safe from cyberthreats is one that’s never powered on. While this is an overstatement meant to highlight the seriousness of security threats that surround things like our computers and phones, it’s something to be considered as threats to embedded systems evolve. Today more than ever, ubiquitous connectivity, consolidation of functions and automation each play a major role in enabling new capabilities of software-driven devices, while introducing new threats. And while you can’t stop progress, there are things you can do to limit the vulnerabilities that come with new and evolving systems.
A recent article in SecureWorld highlighted the challenge of ubiquitous connectivity, noting that the Information Security Forum (ISF) has forecasted that through 2022 “new technologies will further invade every element of daily life with sensors, cameras and other devices embedded in homes, offices, factories and public spaces.” The ISF also predicted that “a constant stream of data will flow between the digital and physical worlds, with attacks on the digital world directly impacting the physical and creating dire consequences for privacy, well-being and personal safety.” Gone are the days when embedded systems were generally isolated and hardware-driven, and exposing vulnerabilities was limited to the realm of academic experimentation or internal malfunction. Many of today’s embedded systems are vulnerable to attacks, particularly when manufacturers have not designed their system to be resilient to attacks or lack a product strategy for cybersecurity management. And this is what keeps manufacturing leaders up at night.