克服安全问题的嵌入式系统.docVIP

附录A Overcome security issues in embedded systems By Gary Drossel Embedded Systems Design (06/12/07, 12:15:00 H EDT) Traditional security techniques may not suffice anymore. Embedded systems are getting more complex and hackers are getting smarter. Embedded systems traditionally have had very limited security options. Indeed, fitting a robust set of security features into such a small mechanical footprint can be challenging. Storage components, processing power, battery life, time-to-market, and overall cost concerns have prevented most security features from being implemented. Overcoming these design challenges has become crucial to embedded systems designers in light of the growing threat of security breaches as more systems are shared or attached to networks and new regulations are adopted that make security mandatory. The security industry has focused largely on portable storage devices for the consumer electronics industry. The basic premise here is that users want security capabilities to travel with the device, such as with a USB thumb drive. This approach lets users protect their data on any system, whether its on an office or home PC, an Internet kiosk, or a public computer. Software applications and data are password-protected using industry-defined security protocols, which often are targeted by Internet hackers. Portable data devices are also highly susceptible to theft. Once stolen and the security encryption defeated, the fully intact data can be accessed, loaded onto a PC or the Internet, sold, or worse. On the other hand, embedded systems applications for the enterprise OEM market face their own unique challenges. These OEMs (original equipment manufacturers) targeting the netcom, military, industrial, interactive kiosk, and medical markets typically provide infrastructure equipment to their customers by supplying everything from network routers and voting machines to medical diagnostic equipment and data recorders. The key requirement is that data mu