Oyster with pearl

Deeply Embedded and Nevertheless Secure? System Hardening

Our customer sells systems that can be configured through a web browser. The system was developed as a deeply embedded system on a microcontroller (Cortex-M) purely functional, without considering data security. Now his customer required a "security hardening", i.e. that the cyber security has to be increased. This was to be done with the smallest possible software changes and without hardware changes.

After a security/ threat analysis, the new requirements were clear. The most important change was the upgrade to SNMP v3. Since the existing software platform did not support this, we re-evaluated the combination of operating system, communication stacks and libraries. These components were then used to implement the system and integrate the components with the application. For this, in Python an automated test suite was built, especially for the communication tests. Finally, our implementation was subjected to an in-depth security analysis by a partner, including performing penetration tests.

Project Scope

Expertise and Technologies

In this project, based on a Cortex-M we used a whole range of web technologies: embedded WebServer, HTTP/ HTTPS, DHCP, NTP, REST API, TLS and of course SNMP v3. The processor ran a real-time operating system (RTOS) with a Flash file system that supported the desired SNMP libraries.

Contact us to harden your system, too!

These References might Interest You

Complex Software - Simple Coffee Brewing

How did we develop a complex control system at low unit cost for a Franke professional coffee machine?

Excitation & Processing for Sensors

How did we optimize electronics and software for sensors with digital signal processing and make it ready for series production?

Rugged Tablet for Visualization

How did we support the customer to find the optimum solution for his visualization task, this time even without us?

Let us discuss your idea/ your project