A Timesys Deep Dive Embedded Systems Newsletter
August 2021
Cybersecurity in the News
“It’s Time to Improve Linux Security” — Top Linux developer Kees Cook calls for everyone to push more for securing LinuxKees Cook, a Linux security expert and Google Security Engineer, says that while Linux is more secure than Windows, that’s not enough — it also needs to be able to fail well.
In a recent blog post, Cook wrote, “The Linux kernel runs well: when driving down the highway, you’re not sprayed in the face with oil and gasoline, and you quickly get where you want to go. However, in the face of failure, the car may end up on fire, flying off a cliff.” He suggests: “more focus on upstream code review will help stem the tide of their introduction in the first place, with benefits extending beyond just the immediate bugs caught.” Read more here: https://www.zdnet.com/google-amp/article/a-call-to-improve-linuxs-security/.
But Timesys CTO Akshay Bhat says that’s not the whole story.
Latest Vigiles features: New APIs, plus easily see filtered and fixed CVEs
With the latest Vigiles release, we’ve made major improvements to your vulnerability monitoring and management experience:
-
- Use new API routes to create a custom dashboard for data visualization and cybersecurity summaries, and integrate Vigiles with your SDLC tools
- Compare CVE reports; get manifest info and upload/scan/delete manifests; get CVE report data in JSON format, and more
- Automatically create summary report of the CVE fixes that went into each release
- Easily see CVEs that have been filtered out of your report
- Quickly jump to the fix you need for your specific version of the kernel with links to backported patch
- Improved reporting of tracked packages with additional feeds/sources of CPE
- View side-by-side manifest comparison with searchable manifest and CVE sections
- Use new API routes to create a custom dashboard for data visualization and cybersecurity summaries, and integrate Vigiles with your SDLC tools
Check out these new features and more:
Upcoming Events
Two Embedded Linux Conference talks you don’t want to miss
This year’s Open Source Summit & Embedded Linux Conference will be held in person in Seattle and virtually from September 27-30. Don’t miss these two talks presented by Timesys engineering experts.
Using OP-TEE as
A Cryptography Engine
This Embedded Linux Conference talk will provide an overview of how to integrate platform-specific hardware, such as cryptographic accelerators and hardware random number generators. Then we will discuss building a platform-agnostic key storage system with OP-TEE as a Trusted Application.
Presenter: Gregory Malysa, Timesys
September 27, 2021 • 5:30pm – 6:20pm EDT / 2:30pm – 3:20pm PDT
Board Farm APIs for Automated Testing of Embedded Linux – an update
This Embedded Linux Conference talk presents an update on work to create a standard API between automated tests and board farm hardware and software.
Presenters: Tim Bird, Sony Electronics & Harish Bansal, Timesys
September 28, 2021 • 12:00pm – 12:50pm EDT / 9:00am – 9:50am PDT
Upcoming NXP-Timesys Webinar
Security Standards are Evolving; Is Your Company?
Create Your Own Device Security Roadmap
Join NXP and Timesys for a webinar that explores standards for device security and how you can approach industry regulations and compliance to create your own security roadmap. We’ll discuss:
- New and evolving cybersecurity standards across industries
- What you need and where to start: hardware and software essentials
- How to meet security standards, e.g. software integrity & authenticity, data confidentiality, detecting and containing cybersecurity events, vulnerability monitoring & management, software updates with security fixes
- Creating your product device security framework with support from NXP and Timesys
Have you tried out Timesys’ Vigiles vulnerability monitoring and management tool?
We Want Your FeedbackLeave us a review on Gartner Peer Insights!
- Use this link to create a new account or sign in with your existing Gartner Peer Insights account.
- Once you sign in, you’ll automatically be taken to the Vigiles page where you can leave your review.
- Once completed, click “Submit for Approval.”
Gartner offers a $25 Visa gift card for your honest review!