Common security mistakes still made today by chip and device vendors.
Since 2001, Riscure has been helping chip vendors and device manufacturers improve the security of their products. Over the years, the security scenario has changed a lot. The attacker profile evolved from individuals motivated by curiosity, with very limited resources and attack potential, to well-funded and organized adversaries with dark motivations and the capacity to execute very sophisticated attacks. At the same time, security awareness also increased significantly. While designers and developers nowadays are more educated and prepared than ever to protect their products against security threats, we still see many avoidable mistakes repeated over and over.
Over the last 20 years, Riscure’s security analysts have seen every kind of embedded system, device, and chip imaginable. We have seen vulnerabilities ranging from simple mistakes to uncovering major new issues. Ultimately, the root problem for each of these issues is often the lack of knowledge or information. We asked our world class group of analysts and in this paper we present the most common issues, categorized by knowledge areas, and recommendations that can help mitigate these issues. Although the collected issues and recommendations are focused on the chip and embedded systems market, most of them are applicable to any other industry.
Click here to read more.
 |
 |
 |
 |
 |
 |
 |
Leave a Reply