Definition

embedded system security

Contributor(s): Matthew Haughn

Embedded system security is the reduction of vulnerabilities and protection against threats in software running on embedded devices.

Like security in most IT fields, embedded system security involves a conscientious approach to hardware design and coding as well as added security software, an adherence to best practices and consultation with experts.

In the past, the large number of embedded operating systems and the fact that these systems did not typically have direct Internet communication provided some degree of security, both through obscurity and the fact that they were not convenient targets.

Traditionally, many of the hardware and hardware systems controlled by embedded software have not been easily interfaced with as they had little need to be exposed. Trends like machine-to-machine (M2M) communication, the Internet of Things and remotely-controlled industrial systems, however, have increased the number of connected devices and simultaneously made these devices targets.

The similarities between embedded OSes and live firmware updating in conjunction with the increased number of communication points create a large increase in the attack surface:  Each communication point is a potential point of entry for hackers. A device’s firmware may be hacked to spy on and take control of everything from Internet and wireless access points, USB accessories, IP cameras and security systems to pace makers, drones and industrial control systems.

While trends like BYOD, the IoT and automation speed ahead, the security of embedded systems often lags. As attacks on embedded systems and firmware become more common, however, it becomes increasingly crucial to protect these ubiquitous devices.

This was last updated in February 2015

Continue Reading About embedded system security

Dig Deeper on Internet of Things (IoT) Security Strategy

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.

-ADS BY GOOGLE

File Extensions and File Formats

SearchCIO

SearchSecurity

SearchNetworking

SearchDataCenter

  • How do I size a UPS unit?

    Your data center UPS sizing needs are dependent on a variety of factors. Develop configurations and determine the estimated UPS ...

  • How to enhance FTP server security

    If you still use FTP servers in your organization, use IP address whitelists, login restrictions and data encryption -- and just ...

  • 3 ways to approach cloud bursting

    With different cloud bursting techniques and tools from Amazon, Zerto, VMware and Oracle, admins can bolster cloud connections ...

SearchDataManagement

Close