White Papers

10 Properties of Secure Embedded Systems

Issue link: https://resources.windriver.com/i/1294222

Contents of this Issue


Page 12 of 12

12 No One Property to Rule Them All 500 Wind River Way, Alameda, CA 94501, USA Toll-free: 800-545-9463 10 Properties of Secure Intelligent Edge Systems Data-at-rest protection Authenticated and/or secure boot Hardware resource partitioning Containerization and isolation Attack surface reduction Least privilege and man- datory access control Implicit distrust and secure communications Data input validation Secure development, build options, and OS config Integrity monitoring and auditing Unfortunately, there is no one security property to rule them all. There's no single tip or trick or technology or technique that can imme- diately and permanently prevent an attacker from compromising your system. It takes a combination of many techniques to do that. Start with these 10 properties in order to build security into the design, implementation, and operation of your intelligent edge system: 1. Encrypt sensitive applications and data. 2. Ensure that your firmware, OS, and config settings are authentic before use. 3. Separate system functions into distinct enclaves. 4. Sandbox exploits and prevent attackers from expanding their reach. 5. Reduce the amount of code and interfaces that an attacker will have the opportunity to exploit. 6. Ensure that software components can only do what they were intended to do, and nothing more. 7. Secure data in transit and expressly deny external communication unless authenticated. 8. Do not implicitly trust data received from untrusted sources. 9. Ensure that software applications are compiled and configured with all available security options enabled and enforced. 10. Detect and take action that protects the system against relevant security events. If all of these properties are in place, implemented properly on your system, you'll have a fighting chance against any attacker who seeks to exploit your system, steal your IP, or impact your brand reputation. Contact us if you are interested in learning how these 10 properties can be applied to your use case and what technologies Star Lab (a Wind River company) can bring to quickly and easily meet your security requirements and protect your system against the full spectrum of reverse engineering and cyberattacks. Appendix

Articles in this issue

view archives of White Papers - 10 Properties of Secure Embedded Systems