Oyster with pearl

Deeply Embedded and Nevertheless Secure? System Hardening

Our customer sells systems that can be configured through a web browser. The system was developed as a deeply embedded system on a microcontroller (Cortex-M) purely functional, without considering data security. Now his customer required a "security hardening", i.e. that the cyber security has to be increased. This was to be done with the smallest possible software changes and without hardware changes.

After a security/ threat analysis, the new requirements were clear. The most important change was the upgrade to SNMP v3. Since the existing software platform did not support this, we re-evaluated the combination of operating system, communication stacks and libraries. These components were then used to implement the system and integrate the components with the application. For this, in Python an automated test suite was built, especially for the communication tests. Finally, our implementation was subjected to an in-depth security analysis by a partner, including performing penetration tests.

Project Scope

Expertise and Technologies

In this project, based on a Cortex-M we used a whole range of web technologies: embedded WebServer, HTTP/ HTTPS, DHCP, NTP, REST API, TLS and of course SNMP v3. The processor ran a real-time operating system (RTOS) with a Flash file system that supported the desired SNMP libraries.

Contact us to harden your system, too!

These References might Interest You

Key stays in the Pocket - Door Opens

How did we bring technology of capacitive transmission to market maturity as a convenient key for Kaba?

Strategy Development

How did we help to find a common goal? For small and large organizations.

Tank Sensor for Aviation

How did we develop an exact tank gauge according aviation standards for the new helicopter of Marenco Swiss Helicopter?

Let us discuss your idea/ your project