The most secure system in the world is powered off, embedded in concrete, and mined with tamper-sensitive explosives. Unfortunately, it is also the most useless system in the world. In order for a system to be useful, it needs to interact with the environment and provide some level of functionality. Historically, embedded systems were mostly islands – that is, they provided their functionality in a stand-alone manner, and weren’t connected, or had limited connectivity to other systems. With these kinds of systems, it was relatively easy to analyze their security – the number of ways of getting in and compromising the operation was extremely limited. Systems today are more connected. A lot of these protocols and connections are incorporated into modern devices as a matter of course, without enough thought given to their security implications.
We also recommend:
This week on the Embedded Insiders, Brandon and Rich discuss an age-old controversy: What’s more secure? Proprietary or open-source software?
The Trusted Computing group (TCG) released its TPM 2.0 Library specification Revision 1.59.
The Ada language abstracts most direct interaction with memory onto compilers, transitioning things like memory checks from a manual human operation to automatic. Get ready to save tons of debug time.
Crystal Display Systems are helping to ensure security and safety as the world attempts to resume back to normal working life.
The number of crimes related to the unauthorized use of personal data on the Internet is increasing. Cybersecurity Ventures predicted that cybercrime will cost the world $6 trillion annually.
The Internet of Secure Things Alliance (IoXT) is pushing a common (and obvious) goal for our industry. They want to keep all of our connected devices secure.
Adding more cloud compute won’t solve the problem of managing exponentially growing quantities of data for IoT devices. We need to shift much of the “thinking” from the cloud to endpoint devices...
This paper highlights why a software approach to IoT security implementation can no longer meet acceptable levels of assurance and protection and explains the reasons why a hardware-based approach...
IAR Systems released its newest version the functional safety edition of IAR Embedded Workbench for Renesas’ RX Family of microcontrollers (MCUs).
VARTA Microbattery's trade fair presentation focused on Nickel-Metal Hydride cells, Lithium coin cells, and Lithium-Ion coin cells (microbatteries) as energy supply for applications in the IoT.
NXP is excited to bring you the NXP eXperience – an online and interactive destination for all our news, content and training as it was originally planned for the show.
In this week's Embedded Executives, Rich Nass is joined by Mike Nicholson, Embedded Software/Systems Architect, MultiTech.
Computers, servers and the people that operate them used to be the primary target of attackers. Today, because of increasing connectivity and dependence on networks, network equipment has become...
This paper describes how static analysis plays a key role in risk management of medical device software development.
This paper discusses how static analysis tools provide an ideal (and automated) companion to code reviews by supporting the process and increasing the defect removal rate.
This paper takes a look at the role of static application security testing tools (SAST) and in particular GrammaTech CodeSonar and how it can be used in DevSecOps and continuous development pipelines
IoT Security Top 20 Design Principles
IAR Systems launched a new version of its security development tool C-Trust.
With accelerating technology innovation, medical devices are becoming more sophisticated and more connected. Consequently, as in most mission-critical systems, safety and security are two...
Radar technology is an excellent contender to PIR, as it offers added capabilities. PIR has certain limitations that are not desirable in the security market for which radar detection can overcome.