Dangerous flaws found in safety-critical device design

09 March 2017

Barr Group uncovered alarming information about embedded systems design in its 2017 Embedded Systems Safety & Security Survey.

This survey revealed that a significant percentage of embedded systems designers of potentially injurious products are failing to place emphasis on the security of their designs – even though they are Internet-connected.

Approximately 28 percent of the more than 1,700 qualified respondents (50 percent from North America, 27 percent from Europe, 14 percent from Asia, and 9 percent from other geographies) indicated that the products they are designing now are capable of causing injury or death to one or more people (i.e., in the event of a malfunction). Of such products, respondents anticipated that nearly half will always or sometimes be connected to the Internet.

It is widely known that any computer connected to the Internet – including a medical device or other embedded system – can be remotely attacked through hacking. Despite this, 22 percent of embedded systems engineers working on safety-critical products that would be online said security was not even on their requirements list for the product. “This is dangerously inadequate planning that puts all of us at greater risk,” said Michael Barr, Barr Group CTO.

Survey findings also revealed that of the designers working on safety-critical projects that will be connected to the Internet, 19 percent follow no coding standards, 36 percent use no static analysis tools, and 42 percent conduct only occasional code reviews or none at all.

March 23 Webinar to Provide Detailed Analysis of Survey Results
Barr Group will host a free webinar on Thursday, March 23, 2017 at 1PM ET to discuss the findings from the 2017 Barr Group Embedded Systems Safety & Security Survey. To register for the event, go to http://barrgroup.webinato.com/registration/pid=52571487866632.

Contact Details and Archive...

Print this page | E-mail this page