Embedded Systems at Risk

There is a real threat to the security of embedded computer systems, including some mission-critical systems, but there are several things the Air Force can do to make the systems less vulnerable, Werner Dahm, chairman of the Air Force Scientific Advisory Board, told reporters Monday. The SAB is in the process of briefing the results of its Fiscal 2015 studies to Air Force leadership and may release some unclassified results early next year, he said. The board this year examined a range of embedded systems and found that while the Air Force can apply some of the lessons learned by the automotive and aviation industries in its use of embedded computers, that is not enough. Dahm said there are about 70 individual things that can be done to beef up security, but even just six or seven would make a significant difference. For example, he said, requiring digital signatures, limiting access to other systems, protecting design and development information, cyber hygiene, and developing situational awareness hardware and analysis tools could all help reduce cyber vulnerability. (See also Scientific Advisory Board Launches RPA Study, Others.)