www.design-reuse-embedded.com
SEARCH SOLUTIONS   
    • Categories
    • RISC-V
    • Embedded Processing
    • 5G, 3GPP LTE SoCs
    • IoT SoCs
    • Artificial Intelligence SoCs
    • Automotive SoCs
    • Space and Avionics
    • Security Solutions & SoCs
    • Audio & Video SoCs
    • Design Platforms
    • Monitoring and Verification
    • SoC Design Services
    • Find your best SoC design partner
Partner Videos D&R Events
    • IP-SoC Days 2024
    • IP-SoC Days 2023
    • IP-SoC Days 2022
    • IP-SoC Days 2021
    • IP-SoC Days 2020
    • IP-SoC 2023
    • IP-SoC 2022
    • IP-SoC 2021
    • IP-SoC 2020
On Demand Webinars NEWS
Find Top SoC Solutions
for AI, Automotive, IoT, Security, Audio & Video...

Securing Low-Cost Embedded IoT Devices

Many simple techniques and best practices can be applied to low-cost or older embedded devices to make end products and systems more secure, often without requiring advanced or costly security hardware.

electronicdesign.com, Feb. 18, 2020 – 

Securing embedded devices for both IoT and non-IoT applications is an increasingly important concern. In response, device manufactures are building embedded processors and microcontrollers with a wealth of integrated security features.

Unfortunately, security comes at a cost both in the price of these new devices and in the effort required to redesign and requalify hardware to make use of new ICs. The good news is that much can be done on low-cost or older hardware to enhance system security. Let's explore the techniques we can use to improve security on these systems.

General Steps to Improving Security

Many simple techniques are available to greatly improve the security of low-cost systems. The first and easiest is to ensure that hardware and firmware details aren't readily available. It's common to see exploits presented in academic papers that begin with finding the firmware or schematics for a product on a website or FTP server. Schematics, source code, and binaries should all be access-controlled. In addition, firmware updates should be encrypted to prevent code from being easily extracted from an update. It's also possible to take more extreme measures such as requesting custom-marked ICs to obfuscate what hardware is being used.

Limiting information in this way is simply obfuscation and not true security. It does increase the difficulty of an attack and improves the system's security. However, limiting access to key information makes it less likely for researchers and other "white-hat" actors to analyze your product and alert you to security vulnerabilities.

One way to mitigate this is to engage with third parties who conduct code reviews and penetration testing, and provide this information under NDA. In addition, consider making information available under NDA for researchers or academic groups who wish to analyze and attack your product.

Click here to read more...

 Back

Partner with us

Contact Us
Partnership Offers

List your Products

Suppliers, list and add your products for free.

List your Products

More about D&R Privacy Policy

© 2024 Design And Reuse

All Rights Reserved.

No portion of this site may be copied, retransmitted, reposted, duplicated or otherwise used without the express written permission of Design And Reuse.