Posts tagged Secure Boot
10 Properties of Secure Embedded Systems

It's not fair.

When attacking an embedded system, it takes only one vulnerability to lead to an exploit.

This means, when tasked with securing an embedded system, the defender must think through and be prepared to protect against every possible vulnerability. Overlook just one opening and the attacker may find it, take control, steal your secrets, and create an exploit for others to use anytime, anywhere.

Worse yet, that same attacker may use an initial compromised device to pivot from one exploited subsystem to another, causing further damage to your network, mission, and reputation.

In this blog post, we present the Top 10 properties of highly-secure embedded systems – insight that is based upon decades of experience engineering security solutions across a number of high-value military and commercial platforms.

Read More
The Most Secure Linux for Embedded Systems – Hint, It’s Not Enterprise Linux

Don’t get upset.

We fully acknowledge that the hard-working people who make enterprise type Linux distributions want to help their customers achieve secure systems and they strive to improve the security posture of their distributions all the time.

However, there are two major areas where these developers run up against a nearly insurmountable wall.

First, they use a different threat model. An enterprise distribution of Linux is designed with a threat model suited to datacenter/cloud deployments, but embedded and cyber-physical systems face a wider array of threats including situations where the attacker may have physical access to the system.

Second…

Read More
Protecting Linux-Based Systems from Russian Cyber-Espionage Malware, Drovorub

On August 13th, 2020, The National Security Agency and Federal Bureau of Investigations released a cybersecurity advisory that warned anyone deploying or maintaining a Linux system about a new Russian (and now worldwide) cyber espionage threat named Drovorub. Of course, this isn't the first time a government-sponsored cyber threat has found its way into the wild. But its newsworthiness lies not in its origin, novelty, or effectiveness, but in the fact that it can be completely prevented to begin with.

Read More