Security is becoming a critical differentiator in embedded system products across a wide range of applications.
And the tools are now available to ensure products can be more secure without sacrificing time-to-market and, in some cases, even accelerating development.
Those are key takeaways from this year’s Embedded World Exhibition and Conference that took place in Germany last week.
Continue reading “Embedded World Highlights: Build it faster & with stronger security” »
This week we announced a new release of our TimeStorm Integrated Development Environment (IDE). TimeStorm 5.3.2 IDE is designed to streamline, simplify and accelerate the development of secure Internet of Things (IoT) and embedded Linux applications.
In an era of heightened awareness of embedded software security and device security risks, product developers need to be able to adopt security best practices without delaying the development and release of new products.
Continue reading “New IDE version produces shorter time-to-market for secure IoT devices and embedded Linux applications” »
A classic security breach vector involves exploiting weak authentication. As security researchers like to point out, failing to change default passwords for administrative access remains the top security issue for all types of IT systems.
But a related — and perhaps more devious — attack vector involves exploiting a weakness in a process that is supposed to help ensure device security in the first place: the remote system update.
Continue reading “Security vulnerabilities and medical devices: when the software update itself is the problem” »
The content of this blog has been recently updated to reflect features and functionality that have been added to Timesys’ Vigiles Vulnerability Monitoring and Management.
Security Is Important
No matter what industry you’re in, maintaining the security of your software is vital. It may be obvious that medical devices need to protect patients and their privacy, but a range of consumer gadgets fueling the IoT have also been targeted and used to cause real damage.
When security is an afterthought and products are near release, and especially when they are already in the field, addressing vulnerability issues becomes a lot riskier and much more costly. This is one reason that we advocate for designing with security in mind from the beginning. Since most open source vulnerabilities are fixed by upgrading to a new version or applying a patch, it’s important to make scanning for Common Vulnerabilities and Exposures (CVEs) and applying their fixes a regular part of the development process.
Continue reading “Managing vulnerabilities: The importance of security notification and how to leverage Timesys’ solution” »