|
|
|
www.design-reuse-embedded.com |
|
AI, memory safety are real threats to IoT security
Memory safety is one of the big things that will impact IoT security, and latest report shows 76% of consumer IoT companies could fall foul of impending security regulations around the world.
www.embedded.com/, Nov. 07, 2023 –
At the IoT Security Foundation's annual conference in London, U.K., Arm fellow Richard Grisenthwaite reminded the audience in his opening speech of one of the key issues today for IoT security: he said, "70% of common vulnerability and exposures (CVE), are memory related." He added that this will become more of a problem in the future as AI (artificial intelligence) will show bad actors where those vulnerabilities are and hence put the system at risk even faster.
This was emphasized in his opening address by John Moor, managing director and co-founder of the IoT Security Foundation (IoTSF), who said memory safety was a real 'thing' that needs to be addressed. Grisenthwaite added that with more and more AI, we will have to be more secure. He said ML (machine learning) devices can just churn through the millions of lines of codes to find the CVEs, and attack. "Hence we need to use tools like memory tagging extension (MTE) to improve memory safety and reduce software development complexity, and also increase security," Grisenthwaite said.
The theme of the conference this week was "Securing the IoT in the era of AI", and Moor highlighted the key themes and trends in the world of security: the first is 'by design', with aspects like memory safety, zero trust and post-quantum technology; the second key theme is 'resilience in operation', which essentially encompasses continuous assurance, and SBoMs (software bill of materials); and the third theme is AI. In addition, Moor emphasized that zero trust, while many are talking about it, is a concept the industry still needs to embrace.
Back
Contact Us
Partnership Offers