LinuxLink Login   |   1.866.392.4897 |   sales@timesys.com        English Japanese German French Korean Chinese (Simplified) Chinese (Traditional)
Monitoring and managing vulnerabilities for embedded systems built with Yocto

Monitoring and managing vulnerabilities for embedded systems built with Yocto

The Yocto Project is well known for enabling product developers to quickly and easily customize Linux for Internet of Things (IoT) devices and other embedded systems. But today’s environment is marked by heightened security concerns, skyrocketing vulnerability reports, and high-profile security breaches.

Getting your embedded system product to market fast is important. But getting to market fast without a secure design and a plan for managing future vulnerabilities is a huge mistake. If you design, build and support products with embedded Linux using Yocto, it’s important to evaluate security of your system from the point of view of the end customer who will deploy it.

Continue reading “Monitoring and managing vulnerabilities for embedded systems built with Yocto” »

Security vulnerabilities and medical devices: when the software update itself is the problem

Security vulnerabilities and medical devices: when the software update itself is the problem

A classic security breach vector involves exploiting weak authentication. As security researchers like to point out, failing to change default passwords for administrative access remains the top security issue for all types of IT systems.

But a related — and perhaps more devious — attack vector involves exploiting a weakness in a process that is supposed to help ensure device security in the first place: the remote system update.

Continue reading “Security vulnerabilities and medical devices: when the software update itself is the problem” »