Scope
An embedded system is a system in which the software is running over a non (or less) generic hardware, unlike a non-embedded system in which the hardware is a generic hardware, i.e., PC, laptop, server.
Embedded systems are commonly found in the following industries/markets/applications: automotive, smart home, smart city, drones, medical devices, medical equipment, smart grids, telecommunications, industry 4.0, critical infrastructure, aerospace and military.
Usually, an embedded system is designed to do a specific task rather than a general purpose computer for multiple tasks. Many perform mission-critical or safety-critical functions vital to a system’s intended function. Some require real-time performance, others have low or no performance requirements allowing a more simplified hardware to reduce costs.
The software that is written for embedded systems is referred to as firmware, and is stored in read-only memory or flash memory chips. They run with limited computer hardware resources: little memory, small or non-existent keyboard or screen.
Embedded systems are not always standalone devices. Many embedded systems consist of small parts within a larger system that serves a more general purpose, e.g., an Engine Control Module (ECM) within a vehicle.
Modern embedded systems are interconnected by the Internet of Things (IoT) and are managed remotely from a central location usually located across the web.
All of the above create substantial new cyber attack vectors on embedded systems.
The value of data and intellectual property, the serious harm that can be done to mission-critical systems and the interoperability and connectivity of embedded systems, all make embedded systems popular targets.
Cyber attacks on embedded systems range from hostile control on a moving vehicle, eavesdropping on drone snapshots, attacking people’s implantable medical devices, manipulating data or impersonating to abuse resources.
Attacks can come from open web interfaces, neighboring vulnerable embedded systems, hostile users, storage and maintenance, and supply chain.
Cyberattacks on embedded systems create an urgent need for identifying vulnerabilities, developing short term cyber-security controls, and setting long term cyber-security design that will enable secure operation across a wide range of embedded systems that incorporate and communicate with each other.
Process
Risk assessment for embedded systems requires the architect to pursue a multidisciplinary process starting from the hardware level, through drivers and kernel, all the way to the operating system scheduler and apps. Across the entire life cycle of the embedded system – R&D, manufacturing, supply, operation, maintenance and storage, until end of life.
In each stage there should be a detailed analysis of the sensitivity of the system and the access level to the system.
Risk assessment process is an iterative process that runs in parallel to the development and operation of the embedded system.
It starts with threat risk analysis on the embedded system, followed by cyber security controls to mitigate these threats, followed by integrating these controls back into the embedded system, then to repeat the process with the next level of threats, and the next stage of the embedded system.