LinuxLink Login   |   1.866.392.4897 |   sales@timesys.com

Embedded devices have unique security needs ranging from IP protection, anti-cloning / anti-counterfeit capability, device software integrity, user data protection, securing network communication, device authentication and ability to run only trusted applications. A wide range of open source technologies are available that can help implement the aforementioned security requirements. However, it is not always apparent which mechanisms are best suited for a given use case, resulting in a steep learning curve. This blog series aims at giving a high-level overview of the different methods to secure your product and help accelerate your trusted software deployment.

Implementing device security can be broadly classified as follows:

  • Design phase
    • Deploying authorized software
      • Secure / Verified Boot
      • Secure firmware update
    • Data / Intellectual Property protection mechanisms
      • Encrypted file and key storage
      • Trusted Execution Environment (TEE)
      • Trusted Platform Module (TPM)
      • IoT network security
    • Access control and system hardening
      • SELinux, AppArmor, grsecurity
  • Ongoing product life cycle phase
    • Monitoring software vulnerabilities and patching
    • Security audit and scanning

The first post in this series explores secure boot and encrypted file storage. You can read it here.

Akshay Bhat is a Senior Embedded Software Engineer at Timesys. Akshay’s experience with embedded systems spans a broad range of industries with a focus on board bringup, driver development and software security. Akshay received his MS in Electrical Engineering from NYU Polytechnic University.

Share this