It may be among the most geeky of geekdom's topics, but embedded systems are becoming more prominent in more places. Device design and function is often a sub-world overlooked: Those chips, operating systems, middleware, and applications that are not in your PC or server, but do fly airplanes, steer smart bombs, make your car use oxygen better, and run the robots that produce our appliances. There are many more millions of these embedded gizmos running the world than what we typically think of when we hear "silicon."
One of the larger trends in the embedded space, and this is an arena under more change than in decades, is the need for the devices to be connected, often wirelessly and often now using good old TCP/IP. The once untouchable, clamped-down embedded device is morphing into a remotely programmable and up-dateable edge point. This brings in a lot of neat attributes, such as application improvements via updates, and two-way data communications (ala RFID), but it also rears up a potentially ugly underside: security vulnerabilities, from anywhere on the Internet.
It's one thing to get a virus attached to an email, but what if your car got one -- and it decided to execute a funny little routine while you're cruising at 70 mph? Or perhaps a code vulnerability was tapped by a network crawler on a device that was operating heavy machinery in a coal mine where your second-cousin's husband works? Or perhaps terrorists would prefer to hijack airplanes from under the rocks where they live?
The military has long understood the dual-edged sword of connected smart devices. There has been an explosion of edge devices in military supply chains, communications networks, and in battlefield operations. This makes for smart operations, and real-time data-rich views into what is going on across much wider theatres of activity. But at the same time, it makes the entire system vulnerable if the devices at the edge are vulnerable. The military and its contractors have been working to solve this problem for a long time: How to get the most from networked technology without allowing it to get back to you.
So is there a connection between the military's perseverance and your iPod? Could well be. Many of the same technological and architectural barriers designed to protect devices in the most sensitive applications are being diverted for use in commercial, transportation, entertainment, manufacturing, and automotive uses. This week Green Hills Software announced that the U.S. Government's National Information Assurance Partnership is going to evaluate for high security certification its INTEGRITY‑178B operating system.
Now, the highest security-level device might not be right for your toaster oven, but I sure like the idea of them in my car, as well as in my enterprise firewall and network hardware.