Software Integrity

Archive for the 'Embedded Software Testing' Category

 

Are there ever legitimate reasons for hacking a car?

Before the public sessions kick off at Black Hat on Wednesday and Thursday, there are four days of training courses. The course I took part in this year was a two-day, hands-on car hacking course. My instructor, Robert Leale, is the founder and coordinator for the car hacking village at DEF CON. Both the weekend […]

Continue Reading...

Posted in Application Security, Automotive Security, Embedded Software Testing | Comments Off on Are there ever legitimate reasons for hacking a car?

 

Fault Injection Podcast .004: Driving automotive software security

Fault Injection is a podcast from Synopsys that digs into software quality and security issues. This week, hosts Robert Vamosi, CISSP and Security Strategist at Synopsys, and Chris Clark, Principal Security Engineer at Synopsys, go into detail about automotive software security and the future of connected cars. You can always join the discussion by sending […]

Continue Reading...

Posted in Automotive Security, Embedded Software Testing, Internet of Things, Security Standards and Compliance | Comments Off on Fault Injection Podcast .004: Driving automotive software security

 

Fault Injection Podcast .003: Top Gun

Fault Injection is a podcast from Synopsys that digs into software quality and security issues. This week, hosts Robert Vamosi, CISSP and Security Strategist at Synopsys, and Chris Clark, Principal Security Engineer at Synopsys, go into detail about a new report produced with VDC Research entitled “Skyrocketing Costs of Aerospace & Defense Systems Failure Fuel […]

Continue Reading...

Posted in Embedded Software Testing, Software Architecture and Design, Software Security Testing | Comments Off on Fault Injection Podcast .003: Top Gun

 

Sobering thoughts when a connected medical device is connected to you

Originally posted on SecurityWeek.  I recently had reason to spend an overnight visit in the hospital. When friends and family left me late in the evening I was confronted with a subject that I had considered professionally but never had to face personally: the connected medical device. When software security gets personal The device that […]

Continue Reading...

Posted in Embedded Software Testing, Healthcare Security, Medical Device Security | Comments Off on Sobering thoughts when a connected medical device is connected to you

 

Automotive security goes beyond the car

There’s been a fair share of attention paid to the security inside the connected car. There’s also been a significant uptick in new devices and apps that communicate with the vehicle from afar. These devices and apps use traditional means of communication (e.g., Bluetooth, Wi-Fi, etc.). They also make some very common software mistakes. For instance, […]

Continue Reading...

Posted in Automotive Security, Embedded Software Testing, Mobile Application Security | Comments Off on Automotive security goes beyond the car

 

Secure automotive software at any speed

The features that drive new car sales today are increasingly based on software. Drivers want their own music. They want to stay connected with their digital world. They want digital assistants to help park or even drive autonomously. While auto makers (i.e., the OEMs) have mostly mastered their physical world, with stable supply chains able […]

Continue Reading...

Posted in Automotive Security, Embedded Software Testing | Comments Off on Secure automotive software at any speed

 

Zeroing in on zero day vulnerabilities

Earlier this month WikiLeaks announced it had in its possession a cache of zero days allegedly from the Central Intelligence Agency. These unpatched vulnerabilities, it said, could affect Apple and Android devices (including TVs). It is suspected that exploitation of these vulnerabilities could allow the spy agency – or anyone else who knows about them […]

Continue Reading...

Posted in Code Review, Embedded Software Testing, Fuzz Testing, Network Security, Software Security Testing, Static Analysis (SAST) | Comments Off on Zeroing in on zero day vulnerabilities

 

Embedded World and CodenomiCON Europe 2017 will kick your IoT security into high gear

Each year the Embedded World Exhibition and Conference in Nuremberg offers the embedded community an opportunity to gather information about new products and innovations, and to develop valuable contacts with others in the industry. An estimated 930 exhibitors will be presenting state-of-the-art embedded technologies at this year’s event. Embedded World Conference 2017 Join us in […]

Continue Reading...

Posted in Embedded Software Testing, Internet of Things, Security Conference or Event | Comments Off on Embedded World and CodenomiCON Europe 2017 will kick your IoT security into high gear

 

Software glitch causes FAA to order Boeing 787s powered down

Until Boeing provides a permanent software fix, airlines with 787 Dreamliners in their fleet will have to power down the planes once every 22 days. A software glitch that could result in the loss of controllability for the 787s manifests itself after several hours of continuous use. The FAA says “all three flight control modules […]

Continue Reading...

Posted in Embedded Software Testing, Security Standards and Compliance | Comments Off on Software glitch causes FAA to order Boeing 787s powered down

 

The latest must-have car accessory: Security

Originally posted on SecurityWeek Fall is a great time of year. The kids go back to school. The weather begins to cool and the leaves change. Lord Football returns to his autumnal throne. Television shows return for a new season. Fall is also the traditional time when the automakers release their model year vehicles. Amid […]

Continue Reading...

Posted in Embedded Software Testing, Internet of Things, Software Security Testing | Comments Off on The latest must-have car accessory: Security