A Timesys Deep Dive Embedded Systems Newsletter

May 2022

Cybersecurity in the News: Unpatched DNS Bug Affects Millions of Routers and IoT Devices

According to Bleeping Computer: “A vulnerability in the domain name system (DNS) component of a popular C standard library that is present in a wide range of IoT products may put millions of devices at DNS poisoning attack risk. A threat actor can use DNS poisoning or DNS spoofing to redirect the victim to a malicious website hosted at an IP address on a server controlled by the attacker instead of the legitimate location.”

Need more info on these vulnerabilities?

Want to stay ahead of threats? Lucky you: we launched the Timesys CVE Dashboard updated weekly with details on the dangerous security vulnerabilities that could be affecting your device.

Take me to the CVE Dashboard
IoT Security Simplified with VigiShield Secure by Design

Security, simplified.

In today’s heightened cyber threat environment, connected embedded systems for industrial controls, transportation, navigation, communications, aerospace, military applications, healthcare devices, logistics systems, and many others require uncompromising security at deployment and throughout their product lifecycles.

What’s the key to managing device security? Implement security early in its design.

With VigiShield Secure by Design, we can ensure your device is not running tampered software by verifying its authenticity before execution, protect IP and sensitive user information by encrypting data/software, help you determine how to update/deploy software securely and deny unauthorized software installs, and much more.

Avoid production delays by securing your software supply chain.

Avoid the rework and cost overruns that come with deploying security too late in design. Leverage detailed SBOMs and an end-to-end framework to ensure the integrity of your software supply chain.

For more information about what VigiShield Secure by Design can do, read our VigiShield Secure By Design for Yocto article in our blog library.

Introducing Vigiles Enterprise

Take advantage of our purpose-built vulnerability management tool, Vigiles

This best-in-class vulnerability monitoring and remediation tool combines a curated CVE database, continuous security feed based on your SBOM, powerful filtering, and easy triage tools so you don’t get blindsided by vulnerabilities.

Single sign-on (SSO)
Companies that use identity management systems can leverage SSO and have employees sign in to Vigiles using their corporate identity. This facilitates easy provisioning of Vigiles to users. Vigles Enterprise (Beta) currently supports Azure AD as the Identity Provider (IdP) for SAML SSO.

Groups functionality
The Groups feature makes it easier for you to collaborate within teams (internal and external) while allowing you to restrict access on a need basis. The group structure is as follows:

  • Organization: the highest level of grouping; for example, the entire company (and/or external clients you work with)
  • Groups: the second highest level of grouping; for example, your division
  • Sub-Group: the third level of grouping; for example, your project/product team
  • Folders: Organize/manage SBOMs within folders; for example, a product release folder

Members of the organization can be added to multiple groups or subgroups based on the desired level of visibility and access.

Role-based access control
Vigiles Enterprise provides four different types of members/users:

  • Admin can manage Vigiles instance, organizations, and add/remove members to organization (+ all of maintainer permissions)
  • Maintainer can create/manage groups and add/remove members to groups (+ all of developer permissions)
  • Developer can upload/manage SBOM’s and CVE reports, integrations (+ all of guest permissions)
  • Guest access to SBOMs and CVE reports

Learn with Timesys

Read up on embedded security with our two latest blogs

DM-Verity Without an Initramfs

Learn how you can implement file system verification on your embedded system without the use of an initramfs. This can significantly save boot time and storage requirements in many situations.

Securing U-Boot: A Guide to Mitigating Common Attack Vectors

Learn about ways in which you can protect and secure U-Boot implementations on your embedded systems. This involves signed FIT images, environment protections, and serial console disablement methods.

Upcoming Events

Conferences Around the World You Don’t Want to Miss

NXP Tech Day Minneapolis

Global Training Program

June 2, Minneapolis, MN

Join us for an insightful presentation: 5 Things You Need to Know About Cybersecurity for Industrial Control Systems & Medical Devices: Mitigate Risk with Proactive Security Processes.

Embedded Technology Convention USA 2022

Embedded Technologies & Systems Showcase

June 8-9, Las Vegas, NV

Join us at the Embedded Tech Convention with 5000 of our closest friends! Discover the latest technological innovations and trends, expand your industry knowledge and extend your global professional network.

Embedded World 2022

Exhibition & Conference

June 21-23, Nuremberg

Will you be at Embedded World this year? We’re excited to showcase our latest security solutions as a featured partner with our friends at STMicroelectronics.

Embedded Linux
Conference (ELC) 2022

Even More Board Farm Goodness

June 21-24, Austin, Texas + Virtual

Join us for an update on work to create a standard API between automated tests and board farm hardware and software! Part of Open Source Summit, ELC is for companies and developers using Linux in embedded products. It gathers the technical experts working on embedded systems and applications for education and collaboration, paving the way for transformation in these important and far reaching areas.

Security Vulnerability Management 101

Tool & Techniques to Monitor and Remediate Vulnerabilities in Your SBOM
June 30 @ 12 PM ET / 9 AM PT

In this monthly live webinar and Q&A session, you’ll learn:

– Why you need to manage your open-source software risks 
– How to generate an accurate SBOM (Software Bills of Materials) and why it matters
– Tools and techniques to monitor and remediate vulnerabilities in your SBOM
– And much more!

Yes! I want to register for the live webinar and Q&A

Subscribe to our newsletter so you don’t miss a thing.