The growing threat of cyberinfrastructure intrusions from hostile actors is leading to the creation of new security testing mechanisms for the Internet of Things (IoT) software and hardware. That will allow embedded system developers to comply with the new guidelines published by the White House amid recent high-profile cyber-attacks.
On the software front, a new application security test mathematically guarantees bug-free code in embedded designs. The automated source code analysis technique launched by cybersecurity software firm TrustInSoft employs formal methods to speed up the test process by producing a mathematical twin of C/C++ source code and thus substantiates the absence of source code bugs for any input (Figure 1).
The traditional static and dynamic analysis methods slow the IoT design deployment because testing is replicated for each process. The new embedded IoT test, based on TrustInSoft’s Analyzer tool, employs formal methods to provide the equivalent of static and dynamic analysis of C/C++ source code and thus guarantee the absence of undefined source code behaviors.
TrustInSoft claims that the new test tool reduces the IoT device rollout time by up to 40x and code verification time by up to 4x. According to Fabrice Derepas, founder and CEO of TrustInSoft, a bug found after product release can cost up to 640 times more than when discovered during the development phase. “Life is never error-free, but your source code can be.”
On the hardware front, Arm offers an IoT test chip and development board that enables developers to evaluate security credentials in their embedded designs (Figure 2). Arm has released the Musca-S1 IoT test chip and development board in collaboration with Samsung Foundry, Cadence, and IC design services company Sondrel.
Figure 2: The Musca-S1 embedded security test platform provides more choices to IoT chip designers. Source: Arm
The IoT test solution is based on a 28-nm fully-depleted silicon-on-insulator (FD-SOI) embedded MagnetoResistive Random Access Memory (eMRAM) chip. It offers advantages over traditional embedded flash (eFlash) memory technology to scale below 40-nm process technology.
The above hardware and software test solutions allow IoT developers to prototype their designs for end-to-end security and bring IoT devices to market quickly while complying with the essential cybersecurity guidelines.
>> This article was originally published on our sister site, EDN.
- Security-as-a-service embedded software protects IoT data in motion
- An introduction to confidential edge computing for IoT security
- Zero-trust security counters multiple cyberthreats
- A little early effort in security can return a huge payoff
- Software testing is crucial for embedded system safety and security
For more Embedded, subscribe to Embedded’s weekly email newsletter.