Hackers, Crackers, and Pirates: How to Protect Embedded Devices in the Internet of Things
By Daniela Previtali/Wibu-Systems and Emeka Nwafor & Michael Weinstein/Wind River
As devices and technologies continue to evolve and become more intertwined and connected, the embedded market is experiencing a rebirth. The Internet of Things (IoT) is transforming production facilities into smart factories, energy transmission and distribution systems into smart grids, and homes and offices into smart buildings. This shift, in turn, results in new products and services for customers and new revenue streams and business models for device, system, and service providers. The pervasive connectivity of IoT that makes it all possible, however, exposes devices and systems to more security risks than ever before.
As a result, the importance of embedded systems being impermeable to cyber-attacks, acts of industrial sabotage, and data theft has become paramount. Just in 2014, multiple data breaches at JPMorgan Chase, Home Depot, Albertsons and others compromised in excess of 150 million accounts in the US alone. In his May, 2014 Statement before the Senate Judiciary Committee, Randall C. Coleman, Assistant Director, Counterintelligence Division, FBI, emphasized the threats of economic espionage and trade secret theft. Here is what he had to say about the mounting cyber intrusions and cyber theft: “Long gone are the days when a spy needed physical access to a document to steal it, copy it, or photograph it, where modern technology now enables global access and transmission instantaneously.”
Piracy and reverse-engineering of embedded devices and software also remain a big issue that costs embedded device vendor billions in lost revenues. A German Engineering Federation (VDMA) study indicates that 9 in 10 companies with over 500 employees are affected by piracy that caused €7.9 billion in losses for the German economy in 2013 alone. In 51% of the cases, the complete machine was subject to plagiarism!
Leveraging their deep embedded market and security expertise, Wind River® and Wibu-Systems® have partnered to offer manufacturers of embedded systems all-encompassing security capabilities to protect their connected devices. As a result, Wibu-Systems’ technology has been integrated into Security Profile for VxWorks®, the Wind River flagship real-time operating system (RTOS). Security Profile extends VxWorks with a full set of software-based security features that can be further enhanced with Wibu-Systems’ CodeMeter® hardware-based security to enable a comprehensive solution for security-sensitive applications. With software and hardware components as well as activation-based licensing, the solution delivers an optimal way to protect devices, data, and IP in IoT.
Join the Wind River and Wibu-Systems web seminar on October 21, 2014 at 11:00AM PDT / 2:00 PM EDT to learn about security threats embedded devices face in applications with various levels of security criticality and how modern security solutions featuring a combination of software- and hardware-based security help address them. Click here to register.