My latest article on embedded.com has been published here. I am looking at a possible vulnerability in embedded software data and how it might be protected. Here are the details:
Are text strings a vulnerability in embedded software?
For many years, the security of desktop computers has been a concern. Once a machine is connected to the Internet, there is intrinsically a possibility for some kind of attack. Such infiltrations might be to steal data, damage the system or change its operation in some way. Means of protection are well known and widely applied. Embedded systems always seemed to be immune from such problems, as they were rarely networked, and their code was normally in ROM of some kind. Things have changed. A large proportion of modern system are connected to the Internet and it is common practice for code to be copied into RAM and executed from there. This means that security is now an important embedded software design consideration.