How IoT Is Making Security Imperative for All Embedded Software

Devices for the Internet of Things require secure embedded software. Here's what you can do to improve your code's security while reducing costs and cycle times.

Sponsored ContentDear DE Reader:

A subhead in the paper from today’s Check it Out link grabbed me: Security is a process, not a feature. Let me explain.

Basically, the Internet of Things (IoT) means everything is enlivened with digital smarts and communications links: Power grids, cars, appliances, smartphones, factory systems, pacemakers, etc. Most devices operate and communicate with other devices autonomously.

The ubiquity of embedded code will continue to grow exponentially, and all that code is vulnerable to bugs and hackers alike. “How IoT Is Making Security Imperative for All Embedded Software,” a paper from Programming Research Ltd. (PRQA), lays out the security weaknesses in embedded code development processes and how you can minimize software defects that can spell trouble if not disaster.

Two main points carry this paper. First, the press of deadlines and, frankly, the old way of developing embedded code has left IoT devices open to embarrassing and expensive bugs; and not just bugs exploitable by hackers.

We’re talking about bugs leading to field failures and plagues of lawyers, scrap and redesign. Plus bugs sneaking by during mind-numbing manual reviews of millions of lines of code. Bugs that violate the very coding standards and guidelines meant to improve the security of embedded software such as the CWE (Common Weakness Enumeration) database project and the CERT C coding standard.

Second, security must be incorporated in your software development processes early and often. The paper argues that a type of analytical software tool called Static Analysis holds the key to achieve that end.

The paper “How IoT Is Making Security Imperative for All Embedded Software” looks at the challenges of embedded code development and how to change processes with analytic tools that can improve code security cost-effectively and efficiently. Image courtesy of Programming Research Ltd. (PRQA). The paper “How IoT Is Making Security Imperative for All Embedded Software” looks at the challenges of embedded code development and how to change processes with analytic tools that can improve code security cost-effectively and efficiently. Image courtesy of Programming Research Ltd. (PRQA).

Static Analysis software is intended to help you identify and squash bugs as well as fix standards violations that can make embedded code insecure. Like integrated mechanical design analysis tools, it works from your earliest development stages and integrates into your workflows without fuss. Before you compile or test code and lock-in expensive late-cycle or aftermarket repair costs, it can detect vital security issues and vulnerabilities as well as provide the feedback you need to make corrections. By enabling such functionalities, Static Analysis can help reduce development costs and quicken development cycles.

“How IoT Is Making Security Imperative for All Embedded Software” is a sober yet ultimately hopeful read. If your outfit has anything to do with embedded code development or incorporating pre-coded systems into your IoT products, it’s a must read. Hit today’s Check it Out link and download your complimentary copy.

Thanks, Pal. – Lockwood

Anthony J. Lockwood

Editor at Large, DE

Share This Article

Subscribe to our FREE magazine, FREE email newsletters or both!

Join over 90,000 engineering professionals who get fresh engineering news as soon as it is published.


About the Author

Anthony J. Lockwood's avatar
Anthony J. Lockwood

Anthony J. Lockwood is Digital Engineering’s founding editor. He is now retired. Contact him via [email protected].

Follow DE
#15783