Secure Embedded Systems Need Microkernels continued

For example, a compromised mobile phone handset could be turned into a jammer, disabling all communication of a particular carrier within aradius of potentially several kilometers. If a large number of compromised handsets launched a concerted attack, a country’s wireless communication infrastructure could be disabled within minutes–a disaster which would be very difficult to recover from. Such an attack is not out of the question. The Kabir cell-phone virus, which spreads via Bluetooth, is estimated to have infected millions of phones already.

2 Protecting Embedded-Systems Security

The key to preventing such disasters is to equip mobile devices with software that is secure by design. As the experience of the PC world shows, this is not easy — clearly, the standard of mobile device security must be much higher than what we are used to from the PC world. The problem is that the software driving mobile devices is becoming as complex as that of PCs, owing to the dramatic increase in functionality of such devices. Top-of-theline cell phones already run software that is composed of millions of lines of code (LOC), and top-of-the-line cars contain in excess of a gigabyte of software.

Such large systems are impossible to make faultfree. Experience shows that even well-engineered software averages at least one fault every few thousand lines of code (and well-engineered software is rare). This is made worse by the traditional approach to embedded-systems software, which tends to be built on top of a real-time executive without memory protection. In such a system every bug in any part of the system can cause a security violation.

Download complete White Paper

More White Papers and Publications

▲ Back to Top