The deployment modes and functionality of embedded systems have evolved rapidly in recent years, thanks to widespread connectivity of Internet of Things devices and associated systems.
Yet the common security practices for most embedded systems remain largely unchanged from the days when they were isolated, air-gapped systems.
The shortfall in embedded system security is leading to sharply escalating risk of cyberbreaches. The trend is leading industry experts to advise embedded system developers to make security a top priority in design practices and product development.
At Embedded World 2019, our Technical Director of Security, Akshay Bhat, will deliver a presentation on key security considerations for embedded system development: Secure Boot, Chain of Trust, and Data Protection.
Timesys will also be demonstrating our security technologies for embedded systems with our partner STMicroelectronics at Hall 4A, Booth 138.
While an initially secure design is critical to ensuring lower risk of security issues in a customer deployment, it is also essential to make sure that your embedded system products remain secure for the entire deployment lifecycle and the full product lifetime.
A “Stay Secure” strategy for continued security of released and deployed products has three main areas of focus:
While it’s obvious that any system in development should be evaluated with respect to reported vulnerabilities for the systems they contain, it’s equally as important to continue to monitor newly reported vulnerabilities for products already released.
The Common Vulnerabilities and Exposures (CVE) list hosted by MITRE publishes regular updates as new vulnerabilities are reported. Last year, there were more than 300 CVEs reported every week, meaning a truly comprehensive product management process would involve reviewing and analyzing CVEs on a continuous basis.
Monitoring for CVEs that affect your systems is of course only part of the requirement. The potential security issues presented by a CVE must also be analyzed and evaluated, starting with gauging the severity of CVEs such as with the Common Vulnerability Scoring System (CVSS) score.
The immediate term outcome of an effective CVE monitoring program is for a product management and customer support team to warn customers, or affected partners, of a vulnerability that poses significant risk, and advise them of any immediate mitigation steps that are required. These steps might include suspending a certain function on the device, such as remote access or automated updates, or even taking the device entirely offline if the risk is high enough.
Our TRST product protection solutions include advanced vulnerability and CVE monitoring that streamline and simplify your vulnerability monitoring program.
Today’s products may incorporate hundreds of subsystems and modules including many sourced from other developers or the open source community. Patches for security updates and other updates are released with regularity across all these sources and so must be continuously monitored.
But patch management can become immensely complex as the number of components in your products increases. Tracking which updates are available and assessing the suitability of an update for your particular product implementation — and understanding the impact that update may have on the product or other components — becomes a major undertaking.
Our Patch Notification Service can streamline the process, helping you to quickly pinpoint applicable patches as they become available so you can evaluate how they apply to your products.
3. Evaluating Impact & Trade-offs
Evaluating the impact of security vulnerabilities and potentially applied patches is the third essential component of a “Stay Secure” program. The assessment should include a thorough evaluation of how vulnerabilities and patches will affect the product and its components and also the suitability for the deployment environment.
For example, the Spectre and Meltdown vulnerabilities were widely publicized last year. But as the developers using affected embedded systems took steps to fix their products, reports emerged that the patches to mitigate the vulnerabilities were affecting system performance.
As we advise developers using our systems for Security Vulnerability and Patch Notification, a comprehensive assessment of a vulnerability and patch should consider both the system itself and the production use cases.
In the case of Spectre and Meltdown, these vulnerabilities would affect only those systems running third party code or web applications. As a result, the majority of typical embedded systems were not likely put at risk of an exploit and so patching them in response to these vulnerabilities would unnecessarily affect performance.
Contact us today to learn more about the industry’s best practices for monitoring vulnerabilities and managing patches throughout the product lifecycle.
Our Threat Resistance Security Technology (TRST) Product Protection Solutions enable your products to stay secure via our Security Vulnerability and Patch Notification service.
Visit www.timesys.com to learn more.
Timesys has extensive experience with embedded system development and lifecycle management. Timesys has been instrumental in working with global leader semiconductor manufacturers with smart, quick and quality solutions for highly complex systems with accelerated product innovation and multiple product variants.