Embedded Application Security Best Practices
  • Embedded Application Security Best Practices
  • What are Embedded Systems?
  • Buffer and Stack Overflow Protection
  • Injection Prevention
  • Firmware Updates and Cryptographic Signatures
  • Securing Sensitive Information
  • Identity Management
  • Embedded Framework and C-Based Toolchain Hardening
  • Usage of Debugging Code and Interfaces
  • Transport Layer Security
  • Usage of Data Collection and Storage - Privacy
  • Third Party Code and Components
  • Threat Modeling
  • About OWASP
Powered by GitBook
On this page
  • Hardware:
  • Bootloaders:
  • Common CPU architectures:
  • Common operating system platforms:
  • Commonly used programming languages:
  • Lifespan:

Was this helpful?

What are Embedded Systems?

The term embedded or embedded systems can be interpreted in several ways depending on your background, knowledge, and exposure to embedded technology. For the purpose of this document, firmware is defined as the software layer between the underlying hardware and the operating system (OS). The main purpose of firmware is to initialize and abstract enough hardware so operating systems drivers and components can further configure the hardware according to its functionality. In addition to firmware, embedded systems can be defined as having the characteristics described below.

Hardware:

  • Limited resources

    • 16KB - 1GB RAM

    • 32MB - 4GB Flash storage

  • System-on-chip (SoC)

  • System-on-module (SoM)

  • Microcontroller (MCU)

Bootloaders:

  • Das U-boot

  • RedBoot

  • CoreBoot

  • Grub

  • Little Kernel

  • and more

Common CPU architectures:

  • Word lengths from 8-bit, 16-bit, 32-bit, and 64-bit

  • ARM

  • MIPS

  • AVR

  • PowerPC

  • x86

Common operating system platforms:

  • Embedded Linux

    • OpenWrt variants

  • Android

  • Ubuntu Core

  • RTOS (Microkernel)

    • FreeRTOS

    • Mbed OS

    • QNX

    • AUTOSAR

    • INTEGRITY

  • BareMetal

  • Windows

    • Windows Compact 2016

    • Windows Compact 7

    • Windows 10 IoT

Commonly used programming languages:

  • Assembly

  • C / C++

  • Python

  • Classic ASP

  • PHP

  • Perl

  • Lua

  • Golang (Go)

  • Rust

Lifespan:

  • Sometimes immortal 😉

    • *Some flash chips use a disclaimer of 20 years data retention*

  • "Trustworthy" systems

  • Vehicles ~7-15 years

PreviousEmbedded Application Security Best PracticesNextBuffer and Stack Overflow Protection

Last updated 5 years ago

Was this helpful?