By Bill Graham
Security is constantly evolving as threats change over time. As a device becomes popular (Stuxnet targeted the market-leading PLC) or exists in the market longer, it becomes more susceptible to attack. Many devices in the past were not designed to be field programmable or accept updates without significant modifications. Those days are gone. Devices today must be field upgradeable to not only change and improve functionality, but to deal with bugs and security issues. Including security planning in the life cycle management of your device is critical. Moreover, it’s important that your organization deal with security vulnerabilities as they arise with high priority and rapid response times. Equally important is that you can rely on your COTS vendors to do the same; these components are an integral part of the lifecycle support plan.