Collaborate Disseminate
A lot of work has been done on: how to ensure a secure boot for FPGAs. However, as far as I know, it seems that it is applied to the SRAM based FPGAs.
I wonder, is there such concern about the Non-Volatile-Memory based FPGA… Continue reading Does NVM based FPGA require a secure boot process?
The whole idea about using Secure Boot in Embedded Systems to boot an operating system is new to me. I’ve never paid much attention to it previously. I just know that it prevents the loading at start-up of code which has bad credentials wh… Continue reading using secure boot in embedded systems
I’m looking to add encryption to an embedded data logger and I’d really appreciate some advice to make sure that my approach is reasonable/secure.
The user will load a GPG public key onto the device. Sensor data will come i… Continue reading GPG – Use case for embedded system
On my embedded Linux product, I have done the following:
Disable root
Remove SSH from the final product
Normally, a non-root user (used for development) can do lots of damaging stuff, such as editing bootup scripts and ov… Continue reading Embedded Linux: Is removing SSH alone good enough to ensure security of file system?
I’m trying to run a directory traversal against the EdgeOS web server. I started the OWASP ZAP proxy with Firefox and tried to login with an incorrect username and password to look at the POST request. I am trying to modify t… Continue reading Running Directory Traversal Against POST Request Headers
At Kaspersky Lab we analyze the technologies available on cybersecurity market and this time we decided to look at what OS developers are offering for embedded systems (or, in other words, the internet of things). Our primary interest is how and to what degree these OSs can solve cybersecurity-related issues. Continue reading Modern OSs for embedded systems
I’ve started learning about cryptography used for DRM solutions, and curious to know if this is a valid solution for a custom embedded system running purchased software assets.
ECDSA public / private key is generated before … Continue reading DRM using embedded private key
I know Azure Sphere is new, and to my understanding Microsoft is targeting the embedded IOT market, but how is Azure Sphere more secure than other embedded RTOS systems like VxWorks or Integrity? Don’t many of the embedded se… Continue reading Security Advantages of Azure Sphere vs other embedded OS
I am looking for best practices regarding TLS private key storage for small single chip embedded systems, such as Cortex-M MCUs, with monolithic firmware stored in internal flash. Most recommendations seem to be very PC-centric, and in mos… Continue reading TLS private key storage for embedded systems. Are there any best practices?
I remember this being legal at some point and it uses to be more expensive then. Now with ICs it has become cheaper being able to buy IC cards online, at a dollar a piece it’s cheaper getting it replaced if one is damaged plu… Continue reading Is it legal to clone your own debit/credit cards? [on hold]