Login   |   1.866.392.4897 |   sales@timesys.com English Japanese German French Korean Chinese (Simplified) Chinese (Traditional)
Who is attacking IoT? What do they want?

Who is attacking IoT? What do they want?

The motivation of hackers sometimes can be plain as day. Other times, not so much.

As attacks on Internet of Things (IoT) devices and deployments escalate, it is important to understand what these attackers are trying to accomplish. Understanding these motives, after all, can help us to pinpoint why a security vulnerability represents a risk, to prioritize mitigation and defenses, and to focus responses to attacks.

(more…)

New IDE version produces shorter time-to-market for secure IoT devices and embedded Linux applications

New IDE version produces shorter time-to-market for secure IoT devices and embedded Linux applications

This week we announced a new release of our TimeStorm Integrated Development Environment (IDE). TimeStorm 5.3.2 IDE is designed to streamline, simplify and accelerate the development of secure Internet of Things (IoT) and embedded Linux applications.

In an era of heightened awareness of embedded software security and device security risks, product developers need to be able to adopt security best practices without delaying the development and release of new products.

(more…)

Progress toward IoT security … a little less conversation, a little more action please

Progress toward IoT security … a little less conversation, a little more action please

Research, reporting and commentary about Internet of Things security has made a flurry of technology headlines over the past several years. And industry observers are commenting that IoT security may finally be gaining the attention it deserves among technology decision makers.

So will 2019 be a milestone year for IoT security?

Or will more IoT security failures lead to more industry regulation, more vendor criticism and more conversation, not enough action?

(more…)

Another Record Year for Vulnerabilities … Time to Join the CIA?

Another Record Year for Vulnerabilities … Time to Join the CIA?

 

 

This blog post is published as a guest post on Embedded Computing Design.

In mid-November, the total count of vulnerabilities reported in 2018 surpassed the total for 2017, setting a new record for vulnerabilities with six weeks left in the calendar year.

At this pace, we are on track to see the count of Common Vulnerabilities & Exposures (CVEs), the authoritative index of confirmed IT system vulnerabilities, reach 16,000 or more vulnerabilities for this year, according to tracking site CVE Details.

(more…)

The new focus on ‘Security by Design’

The new focus on ‘Security by Design’

As the flood of vulnerabilities continues to rise, attention is turning to how embedded system products can be made more secure.

Almost 20 years ago, the concept of security by design was a popular new trend in software development. The focus on baking in security at product design stages was driven by the massive rise in on-line applications, e-commerce features and other Internet-connected, web-enabled software.

As these systems and applications were deployed and became widespread, the expanding attack surface made them attractive targets for attackers looking to steal user information and financial data. So naturally the industry’s response was to rethink and reinvent security in the new threat environment. That meant defining best practices for creating more secure applications at the design stage.

(more…)

Vulnerabilities keep piling up … time to make security a product differentiator?

Vulnerabilities keep piling up … time to make security a product differentiator?

Is your product the “Volvo” of embedded system products? For decades, carmaker Volvo has been known as a maker of safe vehicles.

While all makes of cars are generally much safer than in decades past, and some observers rank some other brands’ models higher in safety, there is no dispute that Volvo has made safety a cornerstone of its brand. Like other car brands have focused on qualities like luxury, reliability or the driving experience, Volvo has emphasized safety as a chief value of its products.

Perhaps soon we will see a Volvo-style strategy emerging from the makers of embedded system devices and the Internet of Things (IoT). In fact, with the volume of security vulnerabilities reaching an all-time high, there’s a prime opportunity for a device maker to become known market-wide as a “security first” product developer whose customers are more protected from cyberattack.

(more…)

Will more embedded device makers fix security before massive fines force them to do it?

Will more embedded device makers fix security before massive fines force them to do it?

Security of smart devices is getting worse, says a penetration testing expert, who blames suppliers of connected devices that ignore security and privacy issue notifications.

Is the answer more security regulations and laws, or is it better product strategy?

Computer Weekly reported this week on security expert Ken Munro’s comments in a conference presentation in which he blasted many embedded system suppliers for not seeming to care about securing their products.

(more…)