Briefs

Cybersecurity Executive Brief

Issue link: https://resources.windriver.com/i/1199823

Contents of this Issue

Navigation

Page 1 of 1

Sponsored by members of your development team, or even suppliers. Simics uses virtual hardware to conduct full system simulations, which is oen the only way to detect cybersecurity threats that originate with one component attacking others. The advantages of this approach are: 1. You can conduct tests not possible on physical hardware, such as spoofing malware to trigger a response that expos- es its existence. 2. Developers can test defense-in-depth strategies, such as flagging a suspect component as inoperable, isolating it from the system. 3. Simics can act as a cybersecurity "sandbox", safely con- taining suspect malware for forensic analysis. Simics goes beyond simulating processors and boards; it assem- bles complete networked systems running the full production soware stack runs. As noted earlier, these are unmodified binaries, including BIOS, firmware, operating systems, and applications. Recent Simics releases improve multicore and parallel core support. Fully parallel simulation is on the horizon, and today Simics provides support for distributing complex, multi-core simulations across available host resources. The only restriction on the complexity of the system or its performance requirements is the capacity of the simulation host network. And despite its simulation focus, you can still use pass-through technology to connect physical hardware via standard interfac- es, such as Ethernet, I2C, PCI, SCSI, serial, and USB. Regression testing is an important part of verifying security fixes. Simics isn't new to the full-system regression testing role. It's been successfully employed by the largest system integrators to ensure platform reliability. For example, NASA's Independent Test Capability Team uses Simics in its NASA Operational Simu- lator (NOS), which models complete spacecra missions in real time to verify flight-ready soware and hardware. 5 Make Simics Your Next Step in Cybersecurity Defense With cybersecurity threats exploding for embedded systems, now is the time to begin pen testing your mixed-criticality systems. Because Simics can simulate systems from tiny small standalone modules up through complete systems running complex mis- sions, it should be part of your security testing toolkit. About Sean Evoy As the product manager for Wind River Simics and the Wind River Workbench, Sean is responsible for bringing new product and solution innovation to market to assist customers with their most complex development lifecycle problems. The tools portfolio addresses customers across all Wind River's market segments, including Aerospace and Defence, Cybersecurity, Industrial Automation, Utilities, and Transportation. Before managing Simics and Workbench, Sean was responsible for Wind River's Industrial Internet of Things offering. Sean has a Bachelor of Computer Science degree from Carleton University, and a Bachelor of Arts degree with a major in history from the University of Ottawa. Ask the Expert: Sean Evoy 1 https://blog.cloudflare.com/inside-mirai-the-infamous-iot-botnet-a-retrospective-analysis/ 2 https://www.cbsnews.com/news/homeland-security-hacked-boeing-757-jetliner/ 3 https://aviationweek.com/awincommercial/dhs-warns-hacking-vulnerability-aircra-avionics 4 https://www.cbronline.com/opinion/automotive-soware-governance 5 https://www.youtube.com/watch?v=BEiP2YjknvE

Articles in this issue

Links on this page

view archives of Briefs - Cybersecurity Executive Brief