Poor security of Internet of Things has led the US Federal Government to (again) consider legislation to force makers of IoT devices to improve security.
And the proposed bill comes on the heels of industry concern that IoT attacks against the US power grid are increasingly common and threaten public safety.
This week a bipartisan group of four US senators introduced the “Internet of Things (IoT) Cybersecurity Improvement Act of 2019.” An earlier version of an IoT security bill, introduced in 2017, went basically nowhere.
Continue reading “Here comes the ‘stick’ for IoT security … or can we self-police?” »
Security is becoming a critical differentiator in embedded system products across a wide range of applications.
And the tools are now available to ensure products can be more secure without sacrificing time-to-market and, in some cases, even accelerating development.
Those are key takeaways from this year’s Embedded World Exhibition and Conference that took place in Germany last week.
Continue reading “Embedded World Highlights: Build it faster & with stronger security” »
Effective product security starts with good product management.
And a good product manager recognizes that product security does not stop with secure design.
Effective security demands monitoring, tracking and acting on vulnerabilities on an ongoing basis throughout the product lifecycle.
A dedicated product management approach to vulnerability management is really the only way to ensure that your end customers are not exposed to breach risk over time.
Continue reading “Is vulnerability management a regular part of your product management? (Spoiler alert: It better be.)” »
System quality requirements have never been higher. But time-to-market pressures have also never been greater. How do you meet one without sacrificing the other?
Embedded systems users expect bug free, responsive and stable applications that provide the best user experience.
The consequence of failing to meet user expectations can result in more than just application abandonment. With the power of social media, it also can quickly lead to a tarnished brand, resulting in lost revenue opportunities from both current and future users.
At the same time, increasing competition and security issues are leading to shorter development and delivery schedules, and quicker deployment of product updates and security fixes. So application failure or releasing a product with major bugs is not an option.
Continue reading “Continuous Testing Delivers Quality with Faster Time-to-Market” »
The world of embedded systems has gone through a massive transformation in recent years.
The rise of smart devices, the Internet of Things, mobile computing platforms, connected devices and a range of other innovations have driven embedded system deployments through the roof. Industry observers estimate IoT deployments alone account for 23 billion device deployments in 2018, up from 15 million in 2015. And that number is projected to triple in the next six years.
The explosion in demand has had a major impact on the makers of embedded systems and the products containing them.
Continue reading “Build it fast, and build it secure: see the latest at Embedded World” »
The deployment modes and functionality of embedded systems have evolved rapidly in recent years, thanks to widespread connectivity of Internet of Things devices and associated systems.
Yet the common security practices for most embedded systems remain largely unchanged from the days when they were isolated, air-gapped systems.
The shortfall in embedded system security is leading to sharply escalating risk of cyberbreaches. The trend is leading industry experts to advise embedded system developers to make security a top priority in design practices and product development.
Continue reading “Tracking and Maintaining the Security of Embedded Systems” »
Some product management decisions are hard. Product managers are constantly weighing trade-offs among time-to-market, functionality, competitive differentiation, development costs and other factors.
But some product decisions seem like no-brainers. Would you bring an IT product to market that puts customers at significantly increased risk of security breaches, privacy violations, potentially massive fines, and lawsuits?
“Of course not. That would be lunacy,” you can imagine the typical product manager as saying. Yet companies are shipping products every day that introduce this sort of risk into customer environments.
Continue reading “The Risks of a ‘Stale, Abandoned’ Product” »
In the past few years, there has been an explosive growth in the use of various types of mobile and IoT devices and use of open source based operating systems like Linux and Android. These use cases have forced application developers to test their applications against a rising number of devices with their current and legacy versions of operating systems.
This trend has resulted in the remote access board farm concept becoming an effective and efficient tool for solving these expanding test challenges, especially if configured as a cloud.
Continue reading “Remote Debugging Using a Board Farm” »
The motivation of hackers sometimes can be plain as day. Other times, not so much.
As attacks on Internet of Things (IoT) devices and deployments escalate, it is important to understand what these attackers are trying to accomplish. Understanding these motives, after all, can help us to pinpoint why a security vulnerability represents a risk, to prioritize mitigation and defenses, and to focus responses to attacks.
Continue reading “Who is attacking IoT? What do they want?” »
This week we announced a new release of our TimeStorm Integrated Development Environment (IDE). TimeStorm 5.3.2 IDE is designed to streamline, simplify and accelerate the development of secure Internet of Things (IoT) and embedded Linux applications.
In an era of heightened awareness of embedded software security and device security risks, product developers need to be able to adopt security best practices without delaying the development and release of new products.
Continue reading “New IDE version produces shorter time-to-market for secure IoT devices and embedded Linux applications” »