More about Embedded Security

For your convenience, collected here the mostrecent How-To and Technical Insight articles onEmbedded.com on designing security into embedded devices and howto implement security in a variety of embdded designs in networks,industrial control and automotive applications. We are constantlyupdating this list, so check back occasionally to see what's new:

2008
Whatyou need to know about embedded systems security
Ten questions you need to ask about embedded systems security, why youneed to ask them and some answers.
Implementsecure data transfer in portable handheld embedded devices
A three part tutorial provides and overview of the hardware andsoftware security requirements in an embedded devices involved insecure digital data tranffer and how to prevent a variety of possibleattacks.
Part1: Security needs for data transfer
Part2: Security needs within the device 
Part3: Proprietary technologies for securing data transfer

Usingthe 802.1X standard to secure nextgen multimedia VoIP phones
How to use the 802.1x extensible authentication protocol toprotect  advanced IP-based multimedia smarphones from hackersusing network authentication before any regulr traffic data ocurs.
Implementationof the AES algorithm on a deeply pipelined DSP/RISC CPU
A more efficient Advanced Encryption Standard algorithm on a deeplypipelined  RSIC/DSP engine reduces pipeline stalls before itsexecution.
Planningyour secure shell (SSH) implementation
A step by step guide to why and how to integrate SSH into your designand how to use it for tunneling and port forwarding over securechannels as well as for secure FTP file operations.
Howto select an AES solution
To achieve higher data throughput, designers can use an ASIC or FPGAplatform to provide hardware encryption/decryption acceleration.
Accelerationof symmetric key algorithms in software
A tutorial on symmetric key algorithms and some guidelines as to when,where and how to use software rather than hardware acceleration,
Hackersbite the (static analysis) dust: Part 2
Hackersbite the (static analysis) dust: Part 1
Described are common embedde system security vulnerabilities and howstatic analyzers can be use to detect and prevent some, but not all,common hacker tricks.
Staticanalysis stops on bugs
Static code analysis tools are becoming powerful tools for indenifyingflaws and security breaches in complex code bases.
Safety,security set to drive embedded apps
There may be as many ways to implement safety and security in embeddedapps as there are engineers working on the challenge as fail safe andsecure technologies migrate to a wide range of designs beyondautomotive and aerospace/mliitary.
Underthe hood: SecureID fob – single chip safety net
Computer security. These words mask the complexity of a modern dayissue important to both computer users and makers.
Virtualizing(and securing) embedded Linux
The system virtual machine can be used to make Linux based apps fasterand more responsive and more secure.
Securitygoes embedded
As more embedded apps use the Internet Protocol, the need for securityusing encryptiondecription and authentication is trickling down toembedded devices.
2007
Waveletdata hiding using Achterbahn-128
Therole of security in trusted execution environments
Decipheringthe disk drive security conundrum
Howto write secure C/C++ application code: Part 5
Howto write secure C/C++ application code: Part 4
Securingwireless ad hoc networks: Part 3 – Bluetooth security modes
Howto write secure C/C++ application code: Part 3
Securingwireless ad hoc networks: Part 2 – key establishment/suthentication
Howto write secure C/C++ application code: Part 2
Employa secure flavor of Linux
Securingwireless ad hoc networks: Part 1 – single/multihop
Howto write secure C/C++ application code: Part 1
Embeddedsystems security has moved to theforefront.
Stateof security technology: embedded to enterprise
Implementingsolid security on a Bluetooth product
Securiingmobile and embedded devices: encryption is not security
Lockingdown intellectual property in embedded systems
Smartsecurity improves battery life
Guidelinesfor designing secure PCI PED EFT terminals
Overcomingsecurity issues in embedded systems
SecurityAND safety
Informationsecurity guidelines released
SoCscan hold key to system security
Tripleplay – how FPGAs can tackle the challenges of network security
Theimpact of digital rights managment on network security design – Part 1
Theimpact of digital rights managment on network security design – Part 2
Howto improve design-level security with low cost non-volatile FPGAs
Protectingcontactless microcontrollers from physical breaches
Fuzzing- a technique for finding security vulnerabilities
VoIPsecurity: scenarios, challenges and countermeasures – Part 1
Testingsecurity and association for certified wireless USB

2006

Howto establish mobile security
IPSec,a tutorial – Part 1
Howto implement high security in low cost FPGAs
Ensuringstrong security for mobile transactions
Usinghardware accelerators to improve VoIP WoWAN security
TheSymbian OS security model
Buildingmiddleware for security and safety-critical applications
Securingan 802.11 network
Securityconsiderations for embedded operating systems
Howto protect data in an IP world
Raisingthe bar in file system availability and data consistency
Removevulnerabilties from SIP-based VoIP networks – Part 1
Removevulnerabilties from SIP-based VoIP networks – Part  2
Diversityprotects embedded systems
Aproactive strategy for eliminating embedded system softwarevulnerabilities :Part 3
Aproactive strategy for eliminating embedded system softwarevulnerabilities :Part 2
Aproactive strategy for eliminating embedded system softwarevulnerabilities :Part 1
Buildborderless networks you trust
Automotivenetwork security without compromise
Attacklike a hacker – find and fix security holes
Securingad hoc embedded wireless networks with public-key cryptography
Securityevent correlation – raw network security data to real time action
Understandingelliptic curve cryptography
Howto make 802.11 systems combine security with affordability

2005
Backto the basics: security for VoIP
Designsecure network products to meet FIPS 140-2 and Common Criteria
Securingembedded systems for networks
Aframework for considering security in embedded systems
Securingwireless MCUs is changing embedded systems design
Usingperipheral DMA to boost networked 32 bit security
Calculatingthe exploitability of your embedded software
Badassumptions lead to bad security
Aframework for considering security in embedded systems
Ensuringstrong security for mobile transactions

2006
Howto establish mobile security
IPSec,a tutorial – Part 1
Howto implement high security in low cost FPGAs
Ensuringstrong security for mobile transactions
Usinghardware accelerators to improve VoIP WoWAN security
TheSymbian OS security model
Buildingmiddleware for security and safety-critical applications
Securingan 802.11 network
Securityconsiderations for embedded operating systems
Howto protect data in an IP world
Raisingthe bar in file system availability and data consistency
Removevulnerabilties from SIP-based VoIP networks – Part 1
Removevulnerabilties from SIP-based VoIP networks – Part  2
Diversityprotects embedded systems
Aproactive strategy for eliminating embedded system softwarevulnerabilities :Part 3
Aproactive strategy for eliminating embedded system softwarevulnerabilities :Part 2
Aproactive strategy for eliminating embedded system softwarevulnerabilities :Part 1
Buildborderless networks you trust
Automotivenetwork security without compromise
Attacklike a hacker – find and fix security holes
Securingad hoc embedded wireless networks with public-key cryptography
Securityevent correlation – raw network security data to real time action
Understandingelliptic curve cryptography
Howto make 802.11 systems combine security with affordability

2005
Backto the basics: security for VoIP
Designsecure network products to meet FIPS 140-2 and Common Criteria
Securingembedded systems for networks
Aframework for considering security in embedded systems
Securingwireless MCUs is changing embedded systems design
Usingperipheral DMA to boost networked 32 bit security
Calculatingthe exploitability of your embedded software
Badassumptions lead to bad security
Aframework for considering security in embedded systems
Ensuringstrong security for mobile transactions

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.