Embedding security into servers
Embedded systems control much of the world's critical infrastructure, which makes them a prime target for attack by everyone from hackers to terrorists. Embedded systems, however, have at their disposal an impressive set of defenses, mechanisms and procedures that are in common use for operations other than security, but that result in security mechanisms that prove stronger in some cases than traditional enterprise systems like Windows or Linux.
In the early days of my career as an embedded-systems developer, I worked on critical communications systems. Every aspect of the software and hardware had to be perfect-any failure could prove disastrous. Couple this with the fact that updating software sometimes involved climbing hurricaneproof towers in the Everglades, brushing aside various lizards and insects, then manually plugging in PROMs, and you had a team of people highly motivated to get it right the first time.
[ Read more ]