Consideration of security for the next generation of industrial systems is still slow, says a new report.
GrammaTech commissioned the report from VDC detailing the growing concerns in cyber-physical manufacturing systems within today’s smart factories. The report, “Industry 4.0: Secure by Design,” summarizes the results from surveying over 500 engineers to find that for Industry 4.0 to succeed, smart factories must be made secure by design, meaning security concerns should guide decisions from the earliest stages and through the full system development lifecycle.
According to 46% of developers surveyed by VDC, cyber security concerns are very or extremely important on their current project, up from 37% two years ago.
IoT is opening up a broad range of new business opportunities and solutions like the smart factory. Unfortunately, the introduction of connectivity can unearth new vulnerabilities and magnify any existing software quality issues.
IoT is opening up a broad range of new business opportunities and solutions like the smart factory. Unfortunately, the introduction of connectivity can unearth new vulnerabilities and magnify any existing software quality issues.
One of VDC’s recommendations is a testing regimen including dynamic testing and static analysis to provide greater assurance that vulnerabilities are discovered and fixed. This can help embedded development teams secure their devices and accelerate their time-to-market in industry 4.0, as well as industries such as medical devices, aerospace, and transportation where software capabilities are key drivers of innovation and competitive advantage.
“Based on our research, action to prevent or mitigate vulnerabilities is not rising in parallel with the increasing awareness of the impact of security failures,” said AndrĂ© Girard, Senior Analyst at VDC. “Embedded engineers surveyed report that over 24% of their projects have no security actions taken.”
"The results found by VDC agree with what we see with our customers,” said Mark Hermeling, Senior Director of Product Marketing at GrammaTech. “GrammaTech has been promoting a security-first design approach that leverages automated software tools as much as possible. Advanced static analysis, for example, plays an important role in a secure design lifecycle.”
“Increasing the use of automated testing tools, starting in the early stages of software design can help their engineering teams prevent many common coding errors and security weaknesses,” said Girard. “The low existing use-rates of static analysis and binary analysis — tools that can help in the code acceptance process — suggests many Industrial Automation & Control engineering teams are not yet following best practices for third-party code use.”
“Based on our research, action to prevent or mitigate vulnerabilities is not rising in parallel with the increasing awareness of the impact of security failures,” said AndrĂ© Girard, Senior Analyst at VDC. “Embedded engineers surveyed report that over 24% of their projects have no security actions taken.”
"The results found by VDC agree with what we see with our customers,” said Mark Hermeling, Senior Director of Product Marketing at GrammaTech. “GrammaTech has been promoting a security-first design approach that leverages automated software tools as much as possible. Advanced static analysis, for example, plays an important role in a secure design lifecycle.”
“Increasing the use of automated testing tools, starting in the early stages of software design can help their engineering teams prevent many common coding errors and security weaknesses,” said Girard. “The low existing use-rates of static analysis and binary analysis — tools that can help in the code acceptance process — suggests many Industrial Automation & Control engineering teams are not yet following best practices for third-party code use.”
You can download the report at http://go.grammatech.com/whitepapers/vdc-industry-secure-by-design/
Related stories:
- Using Static Analysis to Improve IIoT Device Security
- MRAM opens up low power IoT applications
- Moving IoT analytics to the network edge
- Synopsys launches ARC core to protect against IoT threats ...
- Infineon teams with Mocana for network security
- Maxim launches reference design for IoT node security...
- Two factor security IP designed into IoT microcontrollers ...
- Cybersecurity researchers design a chip that checks itself...
No comments:
Post a Comment