Embedded systems are becoming increasingly complex. Industry has made huge strides, from highly specialized microcontroller-based components to complex interconnected solutions built on third-party SoC platforms with real-time or Linux-based operating systems communicating with each other via dozens of different protocols. This kind of rapid evolution brings tremendous versatility, but it also comes at a price: the introduction of common computing platforms in embedded systems has brought its inherent threat landscape with it.
Kaspersky Lab offers a set of proactive security assessment services for vendors of embedded systems who want to enhance their security operations and take a pre-emptive approach against advanced threats.
Security-level evaluation of the hardware and software components of embedded devices to identify potential vulnerabilities, misconfigurations and design issues that could be used by malefactors to compromise normal operation of the platform
Detailed security analysis of applications used to control and monitor the operation of embedded systems, including static and dynamic analysis of the application’s source code and architecture
Analysis of the security of IT infrastructure that enables the operation of embedded systems, attempting to bypass security controls on behalf of various types of intruders aiming to obtain maximum possible privileges in important systems
A summary report detailing all discovered vulnerabilities and security flaws, with actionable recommendations for immediate resolution
As a result of the penetration testing, the following vulnerabilities (among others) may be identified: