Oyster with pearl

Deeply Embedded and Nevertheless Secure? System Hardening

Our customer sells systems that can be configured through a web browser. The system was developed as a deeply embedded system on a microcontroller (Cortex-M) purely functional, without considering data security. Now his customer required a "security hardening", i.e. that the cyber security has to be increased. This was to be done with the smallest possible software changes and without hardware changes.

After a security/ threat analysis, the new requirements were clear. The most important change was the upgrade to SNMP v3. Since the existing software platform did not support this, we re-evaluated the combination of operating system, communication stacks and libraries. These components were then used to implement the system and integrate the components with the application. For this, in Python an automated test suite was built, especially for the communication tests. Finally, our implementation was subjected to an in-depth security analysis by a partner, including performing penetration tests.

Project Scope

Expertise and Technologies

In this project, based on a Cortex-M we used a whole range of web technologies: embedded WebServer, HTTP/ HTTPS, DHCP, NTP, REST API, TLS and of course SNMP v3. The processor ran a real-time operating system (RTOS) with a Flash file system that supported the desired SNMP libraries.

Contact us to harden your system, too!

These References might Interest You

Consulting for Functional Safety

Functional Safety/ Machinery Directive - What does this mean? Which solution is the most efficient? What exactly do we have to do?

Internet of Things for Home Automation

How have increased the comfort for tenants with an IoT (Internet of Things) system?

Project Recovery

Project Breakdown: How to get the development moving, productive and on schedule again?

Let us discuss your idea/ your project