Right-Sized Security


Security is a key design consideration of any connected product. Nefarious parties can and will attempt to exploit security flaws in order to capture sensitive data, gain device control, or for a myriad of other reasons. When considering security needs and implementation in their systems, Device OEMs must balance a number of factors. Security is obviously a very important factor; however, de... » read more

Securing IoT Edge Devices


It certainly isn’t any secret that the industry continues to be challenged when it comes to adopting and implementing practical IoT security solutions. However, it is important to understand that IoT edge devices typically only have basic resources, such as reduced CPU processing power and a minimal amount of RAM and flash memory. This means there are limited compute capabilities available fo... » read more

Evaluating Side-Channel Vulnerabilities


By Bart Stevens and Gary Kenworthy In a book chapter titled “Security of Crypto IP Core: Issues and Countermeasures,” authors Debapriya Basu Roy and Debdeep Mukhopadhyay recently explored various side-channel vulnerabilities that can be exploited by an attacker. “An adversary can observe the power consumption, timing performance, electromagnetic radiation or even acoustic behavior o... » read more

Bypassing Encryption With Side-Channel Attacks


Devices and systems that implement robust encryption/decryption algorithms using cryptographic keys were historically considered secure. Nevertheless, there is a category of attacks that simply ignore the mathematic properties of a cryptographic system – and instead focuses on its physical implementation in hardware. This vector is known as side-channel attacks, which are commonly referred... » read more

Thwarting Side-Channel Attacks With DPA-Protected Software Libraries


All physical electronic systems routinely leak information about the internal process of computing via fluctuating levels of power consumption and electro-magnetic emissions. Much like the early days of safecracking, electronic side-channel attacks (SCA) eschew a brute force approach to extracting keys and other secret information from a device or system. Moreover, SCA conducted against elec... » read more

Securing Automotive Over-The-Air (SOTA) Updates


Modern vehicles are essentially a network of networks – equipped with a range of embedded communication methods and capabilities. Consequently, there is broad industry consensus that vehicle cyber security should rank as a top priority for the automotive sector. In this context, automotive OEMs have begun to provide secure over-the-air (SOTA) updates for various systems. Recently, the non-... » read more

Automotive Cyber Security: From OTA Updates To Anti-Counterfeiting


The National Highway Traffic Administration (NHTSA) defines automotive cyber security as the protection of vehicular electronic systems, communication networks, control algorithms, software, users and underlying data from malicious attacks, damage, unauthorized access, or manipulation. From our perspective, automotive cyber security is one primary concern the industry must immediately addres... » read more

Let’s Talk About Securing The Industrial Internet of Things


What is the IIoT? Objects, sensors, actuators and controllers that were once designed for stand-alone operation are now increasingly connected by means of intelligent software and networks – forming the basis of the Industrial Internet of Things (IIoT). To be sure, GE defines the IIoT as “a network of a multitude of devices connected by communications technologies that results in systems t... » read more

Let’s Talk About Securing Smart Homes


The global smart home market is expected to reach at least $40 billion in value by 2020. Perhaps not surprisingly, OEMs are inadvertently creating major security risks in their rush to market by shipping smart home products with inadequate security and unpatched vulnerabilities. As ABI Research Analyst Dimitrios Pavlakis notes, ignoring cybersecurity at the design level provides a wide-open doo... » read more

IoT Security Challenged By Evolving Threat Landscape


Many IoT devices on the market today lack effective security, making them vulnerable to attackers and easily compromised. This is problematic, because an unsecured IoT ecosystem introduces real-world risks that include malicious actors manipulating the flow of information to and from network connected devices or tampering with the devices themselves. This salient lack of IoT security was ill... » read more

← Older posts