A Timesys Deep Dive Embedded Systems Newsletter

June 2023

Cybersecurity in the News: "Number of CVEs Surged by 25% in 2022"

With the surge in CVEs by 25% and the number of newly discovered vulnerabilities reaching an all-time high for the sixth consecutive year, it is evident that organizations and individuals must prioritize their cybersecurity efforts. As highlighted by Infosecurity Magazine, the staggering increase in CVEs in 2022, the largest since 2017, has brought the total number of published CVEs over the past decade to over 192,000.

How do you sift through this massive volume of vulnerabilities to identify the ones that affect your devices?

Vigiles, our best-in-class Vulnerability Monitoring, SBOM Management, and Remediation tool, can help. Vigiles offers a comprehensive solution by combining a curated CVE database, continuous security feed based on your SBOM (Software Bill of Materials), powerful filtering capabilities, and easy triage tools. By leveraging Vigiles, you can proactively stay informed about the latest vulnerabilities and potential threats without being blindsided.

The curated CVE database ensures that only relevant and impactful vulnerabilities are presented, saving valuable time and resources.

Cut through the CVE noise with Vigiles

PSA Certified

Overcome IoT Security Challenges with VigiShield Secure by Design

The ever-evolving landscape of IoT presents significant challenges, including a lack of security expertise, the need for a unified approach, and future-proofing beyond device shipping.

With VigiShield Secure by Design, these obstacles are addressed head-on. Leveraging our deep knowledge in embedded devices, we provide you with a solution that implements core security features seamlessly. The easy-to-understand, maintainable Yocto security layer, certified by PSA, empowers you to configure your device to meet current customer and regulatory requirements, such as NISTIR 8259A and ETSI EN 303.

With VigiShield, you can confidently navigate the complexities of IoT security, ensuring your devices are protected from threats and enabling you to focus on delivering exceptional user experiences.

The 4-day crash course will begin on Tuesday, March 7th. If you miss a day, no worries! We’ll be sending daily recordings of the sessions to anyone that registers along with bonus materials.

You can find out more details about the series and save your free seat below:

Timesys: globally connected

Hello from Chennai, India!

Hello from our Chennai, India team! Pictured above, our remote team member, Manojkumar Kulanthaivelu, caught up with colleagues from our local office in Chennai, India. As the company with the largest number of hardware partners worldwide, from SoC to SoM and SBC manufacturers and distributors, our global presence spans across continents. With development teams in the US and India, and sales and support extending to North America, EMEA, Japan, and Asia, we are proud to foster collaboration that knows no boundaries.

At Timesys, we cherish these moments that strengthen our bonds and keep us connected. Stay connected, just like our amazing team in Chennai!

Timesys Newsletter

Share this newsletter with your colleagues and team!

You can share this newsletter by clicking the button below:

Learn with Timesys

Securing Your AWS IoT Connection: A Guide to Using PKCS#11 on i.MX93 EVK

Following up on the blog PKCS#11 with OP-TEE, this blog dives deeper with a hands-on example of using PKCS#11 on an NXP i.MX93 EVK running Yocto based Linux to securely connect/provision the device on the AWS IoT platform. While we have selected i.MX93 EVK as an example, the steps should work for all i.MX processors that support OP-TEE


Events Around the World You Don’t Want to Miss

Strengthening IoT Security on i.MX9: Unveiling the Power of Secure Boot, Chain of Trust, and IP Protection on Linux-based Devices

Timesys & NXP Live Webinar

July 13 

As Linux-based IoT devices become increasingly prevalent in various industries, ensuring robust security measures has become paramount. In this webinar, we will explore the trifecta of secure boot, chain of trust, and intellectual property (IP) protection on Linux-based IoT devices, providing you with the knowledge and tools to safeguard your IoT deployments.

Join us as we delve into the intricacies of secure boot, chain of trust, and IP protection, and learn how to leverage i.MX9 hardware capabilities to achieve the same.

Can Software Bills of Materials (SBOMs) Protect Your Devices?

Timesys & Microchip Live Webinar

July 13 

With President Biden’s EO 14028, the White House’s new National Cybersecurity Strategy, the FDA’s new guidance for cybersecurity in medical devices and the EU Cyber Resilience Act, the world of SBOMs has changed rapidly. SBOMs and a strong cybersecurity plan for new and existing devices are no longer optional. But where do you start? What standards and compliance requirements should you be aware of? What are the security risks and Common Vulnerabilities and Exposures (CVEs) lurking in your products? How do you use SBOMs to mitigate risk as part of DevSecOps? How can knowing what’s in your software prepare you to stay protected from the next cyberattack? Join Timesys and Microchip for an enlightening discussion on the best practices for leveraging SBOMs to help keep your device secure throughout the entire product lifecycle.

Vulnerability Management for Embedded

Tools & Techniques to Monitor and Remediate Vulnerabilities in Your SBOM

July 20 @ 12 PM EDT / 9 AM PT

In this monthly live webinar and Q&A session, you’ll learn essential ways to avoid a five-figure mistake along with:

– Why you need to manage your open-source software risks
– How to generate an accurate SBOM (Software Bills of Materials) and why it matters
– Tools and techniques to monitor and remediate vulnerabilities in your SBOM
– And much more!

Subscribe to our newsletter so you don’t miss a thing.