Adversarial Testing to Increase the Overall Security of Embedded Systems
Abstract:
In the evolving world of the Internet of Things, the security of any piece of electronic equipment can easily come into question. Traditional electronics are being replaced with upgraded “smart” alternatives that are deployed worldwide as embedded systems in connected cars, autonomous aircraft, wireless medical devices, and control systems. The desire to maintain a constant connection to these systems and share data, monitor operation, and diagnose and resolve performance issues has driven designers and developers to adopt new technologies to support the task. Each of these pieces of technology, whether just the next wirelessenabled gadget or mission critical equipment, offers an attack surface that may be taken advantage of and successfully exploited.
Conclusion:
The solutions developed as part of the HACMS program have greatly increased the level of effort associated with the discovery of vulnerabilities within embedded devices and control systems supporting autonomous or unmanned vehicles. This effort has proven that the adoption of an adversarial testing component, whether a third-party source, such as Assured Information Security, Inc., or an internal team resource, increases the overall quality of the resulting product and system security. It should be noted that, although including adversarial analysis in the design and development phases increases the overall awareness of the threats posed to a system, no system is immune to failures of some form, be they adversarial or incidental in nature. Security comes from an understanding of the costs and benefits inherent in design decisions and operational expectations of systems.