Why this is now the time to invest in security : Page 4 of 5

May 27, 2015 //By Alan Grau, Icon Labs
Researchers from Kaspersky Labs, at their annual Security Analyst Summit (SAS), presented detailed findings of pervasive malware and embedded surveillance tools that have largely gone undetected for over a decade. The report implies that the surveillance tools were developed and deployed by the US National Security Agency.
While there is no one one-size fits all security solution for embedded devices, solutions are available that provide a framework for OEMs. Icon Labs Floodgate Security framework provides OEMs with the core security capabilities required for securing their devices. This provides the flexibility needed to customize the solution to the specific requirements of their device, while ensuring that critical security capabilities are included.

Figure 1: A comprehensive security framework can provide critical security capabilities for embedded devices.

Implementing security within the device

Not only must a security solution for embedded devices ensure the device firmware has not been tampered with, it also needs to secure the data stored by the device, secure the communication between the device and the network, and it protect the device from cyber-attacks. This can only be achieved by including security in the early stages of design.

Unfortunately, there is no one one-size fits all security solution for embedded devices. Security requirements must take into consideration the cost of a security failure (economic, environmental, social, etc.), the risk of attack, available attack vectors, and the cost of implementing a security solution.

Any security framework should provide the security features as shown in table 1 below.

Click image to enlarge.

Design category: