Developing secure embedded software - quality doesn’t equal security

Many organizations are only now becoming aware of the need to incorporate security into their software development lifecycle. Raising awareness of common pitfalls is the first step to avoid falling prey to them, but awareness by itself is insufficient. Effectively addressing embedded software security requires a combination of people, process, and technology.  No single tool, technique, or process will ever provide a complete solution. This paper explains why some commonly used approaches to security typically fail and outlines a development strategy for getting security right.

 

 


 


Related


Embedded Software for Safety Critical Applications

Production code generation with Model-Based Design has replaced document-based development and manual coding in various domains in automotive, industrial automation, aerospace and medical. Safety-rela...

Coding safe and secure applications

The debate about safety and security concerns in high integrity software applications is a hot topic of discussion in modern software management. The need to address these concerns is present in e...

Best practices for static analysis tools

This paper reviews a number of the growing complexities that embedded software development teams are facing, including the proliferation of third-party code, increased pressures to develop secure ...


Embedded Systems Safety & Security Survey

Andrew Girson, CEO of Barr Group, shares key findings of their 2017 Embedded Systems Safety & Security Survey. With responses from more than 1,700 qualified engineers worldwide, the independen...

What you say is what you get: an Ada story

Over the past 30+ years, Ada technology has matured into a unique toolset allowing programmers to achieve software reliability at a very affordable cost. It’s available for small microcontro...

Addressing IoT impact on software engineering

Manufacturers need to carefully evaluate the cyber threats and the level of exposure of IoT devices. New levels of software integrity can only be achieved if teams can eliminate both accidental co...

Making things come alive in a secure way

Considering the security of one single business application is not enough anymore. With the IoT, multiple applications across multiple industries can share and exchange data across different types...