A colleague and I have been looking at the problem a bit, in the context of
need for survivability in safety-critical systems. Below is an extract of the
paper Software Survivability: Where Safety and Security Converge authored by
Larry Feldman, Ph.D., and myself, and presented by our colleague
I spent a fair bit of time doing stuff relating to voting systems,
which all have embedded systems. (I am not one of the experts who
pulls them apart, lest anyone think I'm claiming credit for them.)
They are supposedly closed systems, but every time someone competent
has tried to attack them,
Thank you for all the info you guys have sent, it has been very
informative... :)
It is harder to steal the source (you need more electronical knowledge
and expensive debuggers and stuff) but it is possible... Do you guys
know some pages with security tips for embedded systems?
From: sc-l-boun...@securecoding.org [sc-l-boun...@securecoding.org] On Behalf
Of Jeremy Epstein [jeremy.j.epst...@gmail.com]
Sent: Thursday, August 20, 2009 5:39 PM
To: Arian J. Evans
Cc: Secure Coding List
Subject: Re: [SC-L] embedded systems security
Rafael -- to clarify concretely:
There are quite a few researchers that attack/exploit embedded
systems. Some google searches will probably provide you with names.
None of the folks I know of that actively work on exploiting embedded
systems are on this listbut I figure if I know a handful