Subscribe to Digital Engineering
Webcasts · Downloads · Archives
Companies · Glossary · Podcasts

How IoT Is Making Security Imperative for All Embedded Software

Devices for the Internet of Things require secure embedded software. Here's what you can do to improve your code's security while reducing costs and cycle times.

Features News

Latest Resource

Features Resources

Latest News

Rackspace Technology Unveils On-Demand GPU as a Service

GIGAPRIZE 2024 Up and Running

UCSD Runs New AI Supercomputer from @Xi

FREE WEBINAR NOV. 14: How Machine Learning and AI are Affecting Design and Simulation Tools

Making and Breaking Things for Fun

Formnext Postpones 2025 North American Event

All posts

By Anthony J. Lockwood

October 11, 2016

Dear DE Reader:

A subhead in the paper from today’s Check it Out link grabbed me: Security is a process, not a feature. Let me explain.

Basically, the Internet of Things (IoT) means everything is enlivened with digital smarts and communications links: Power grids, cars, appliances, smartphones, factory systems, pacemakers, etc. Most devices operate and communicate with other devices autonomously.

The ubiquity of embedded code will continue to grow exponentially, and all that code is vulnerable to bugs and hackers alike. “How IoT Is Making Security Imperative for All Embedded Software,” a paper from Programming Research Ltd. (PRQA), lays out the security weaknesses in embedded code development processes and how you can minimize software defects that can spell trouble if not disaster.

Two main points carry this paper. First, the press of deadlines and, frankly, the old way of developing embedded code has left IoT devices open to embarrassing and expensive bugs; and not just bugs exploitable by hackers.

We’re talking about bugs leading to field failures and plagues of lawyers, scrap and redesign. Plus bugs sneaking by during mind-numbing manual reviews of millions of lines of code. Bugs that violate the very coding standards and guidelines meant to improve the security of embedded software such as the CWE (Common Weakness Enumeration) database project and the CERT C coding standard.

Second, security must be incorporated in your software development processes early and often. The paper argues that a type of analytical software tool called Static Analysis holds the key to achieve that end.

The paper “How IoT Is Making Security Imperative for All Embedded Software” looks at the challenges of embedded code development and how to change processes with analytic tools that can improve code security cost-effectively and efficiently. Image courtesy of Programming Research Ltd. (PRQA).

Static Analysis software is intended to help you identify and squash bugs as well as fix standards violations that can make embedded code insecure. Like integrated mechanical design analysis tools, it works from your earliest development stages and integrates into your workflows without fuss. Before you compile or test code and lock-in expensive late-cycle or aftermarket repair costs, it can detect vital security issues and vulnerabilities as well as provide the feedback you need to make corrections. By enabling such functionalities, Static Analysis can help reduce development costs and quicken development cycles.

“How IoT Is Making Security Imperative for All Embedded Software” is a sober yet ultimately hopeful read. If your outfit has anything to do with embedded code development or incorporating pre-coded systems into your IoT products, it’s a must read. Hit today’s Check it Out link and download your complimentary copy.

Thanks, Pal. – Lockwood

Anthony J. Lockwood

Editor at Large, DE