Open Source Embedded Software Development and Security Blog

Can products be developed quickly and be secure at the same time?

Can products be developed quickly and be secure at the same time?

It’s perhaps the longest standing myth in IT:

You can deploy IT quickly, or you can deploy it securely. But you can’t do both.

This supposed trade-off touches virtually every aspect of IT, from product development, to market release, to customer deployment, production product maintenance, and all associated stages.

Of course, like many myths, there is a bit of truth to the trade-off. Viewed in the extreme, you could spend
 

read more
What’s with the new focus on ‘Security by Design’?

What’s with the new focus on ‘Security by Design’?

As the flood of vulnerabilities continues to rise and with the new National Cybersecurity Strategy announced in the US, attention is turning to how embedded system products can be made more secure.

Almost 20 years ago, the concept of security by design was a popular new trend in software development. The focus on baking in security at product design stages was driven by the massive rise in on-line applications, e-commerce features and other Internet-connected, web-enabled software.

As these systems and applications were deployed and became widespread, the expanding attack surface made
 

read more