Software security assurance for embedded software is a big challenge. This article on embedded systems and automobile security summarizes it nicely:
White hats are increasingly looking beyond PCs and data centres for security vulnerabilities that have plagued the computer industry for decades and focusing on products like cars, medical devices and electricity meters that run on tiny computers embedded in those products.
For embedded software teams to become the target of hackers is a big change. While website owners and developers of cloud applications or PC software are used to all this attention from hackers, most embedded software teams are not. The same Globe & Mail article outlines the challenges for automotive manufacturers quite clearly.
Cars also use the same wireless technologies that power cell phones and Bluetooth headsets, which makes them vulnerable to remote attacks that are widely known to criminal hackers.
One organization, the Center for Automotive Embedded Systems Security, actually hacked some vehicles and demonstrated that, while it’s not as prevalent a target as other systems yet, it is very possible to expose a vehicle to malware.
In addition to designing viruses to harm passengers in infected vehicles, the academics were able to remotely eavesdrop on conversations inside cars, a technique that could be of use to corporate and government spies.
To top it all off, while automotive software developers are still getting used to being targets for hackers, at the same time the amount of software in cars growing at a rapid pace.
Even low-end cars now have 30 to 50 ECUs [Electronic Control Units] embedded in the body, doors, dash, roof, trunk, seats, and just about anywhere else the car’s designers can think to put them. That means that most new cars are executing tens of millions of lines of software code, controlling everything from your brakes to the volume of your radio.
That amount of software complexity means more risk, since the attack surface area is becoming quite large in cars, especially as they become more network connected. Tens of millions of lines of code is a lot of software, and presents significant challenges for automotive OEMs and their supply chains to balance risk mitigation with normal business pressures around time-to-market and the need for more functionality.
This is one of the reasons automotive companies are rapidly looking to enhance how they address software security and quality. There are ways source code analysis helps automotive companies, but in many ways the challenges are very similar to any large embedded system, whether it’s military, aerospace, medical device, or a smartphone.
As an additional resource, here’s a short webinar on software threat modeling with our partner Security Innovation that outlines how embedded systems developers can take steps to mitigate these risks.