tools

3 articles

The Role of Tools in Improving Embedded Software Security / Part 3: Mapping the Tools to Activities

By Bill Graham In the previous posts in this series, Part 1: Automation is the Key and Part 2: Security Improvement and the Software Development Lifecycle, I talked about the connection between the typical embedded device development process and the 5+1 improvement framework for embedded security.  Figure 1 is an illustration of this connection (and discussed in more detail in…

The Role of Tools in Improving Embedded Software Security / Part 2: Security Improvement and the Software Development Lifecycle

By Bill Graham In many of my previous posts, I’ve discussed Wind River's 5+1 step improvement framework for embedded device security. By design, it’s meant to complement the software development lifecycle (SDLC) that our customers are using – the stages or phases how they define them and the processes they follow. It’s important for a discussion on tools to put them in…

The Role of Tools in Improving Embedded Software Security / Part 1: Automation is the Key

By Bill Graham Security Vulnerabilities are Expensive Shipping security vulnerabilities in a finished product and having them discovered or worse, exploited, is a very expensive proposition for embedded device vendors. As I’ve discussed in an earlier post, security defects are much more expensive to patch and fix the later they are discovered. If you’re lucky to catch a vulnerability during…