Technical blog articles written by our embedded software experts on embedded Linux, automated testing, cybersecurity, IoT and more.
The Cyber Resilience Act (CRA) classifies products with digital components into three distinct categories: default, important, and critical products. This categorization aims to adapt security measures based on the level of risk and potential impact each product category presents.
Transparent reporting mechanisms are essential for effective cybersecurity governance. Equipment manufacturers must establish clear protocols for reporting cybersecurity incidents, both internally and to relevant stakeholders. This transparent approach enables swift responses to cyber threats, minimizing potential damage and enhancing trust among customers and regulatory authorities.
Before launching a new product on the market, equipment manufacturers must conduct a conformity assessment to validate that the CRA requirements have been met. Discover the steps to follow.
Software Composition Analysis (SCA) involves identifying and managing the various components and dependencies in software applications to ensure security and compliance. SCA tools help detect vulnerabilities and licensing issues in third-party components, providing continuous monitoring and integration with development workflows to enhance the robustness of software projects. Let's dive deep into this systematic approach to fortifying embedded systems.
When starting an IoT project, it's crucial to consider several constraints that will heavily impact hardware and communication medium choices. This article explores these major concerns and how they guide decision-making to select the right hardware for your device.
There are numerous communication channels that you can use to reach the cloud. Choosing the right IoT communication protocol requires reflecting on the following constraints: energy consumption, throughput, latency, range, cost, security, public or private network, coverage, and obsolescence. We will divide them into two categories: short-range and long-range.
Firmware updates are nowadays an essential aspect of our embedded systems management. Whether it's fixing bugs, optimizing performance, introducing new features, or patching security vulnerabilities, firmware updates play a pivotal role in ensuring the longevity and reliability of all types of devices. Let's take a look at how to define your firmware update strategy.
Having a comprehensive understanding of your software's components and dependencies has become vital with the increasing complexity of software applications and the growing concern of supply chain attacks.
On this page, we will guide you through the process of generating, managing, and using SBOM (Software Bill of Materials) to enhance your software development practices. By leveraging SBOM security, you can enhance your software development processes, strengthen supply chain security, and protect your organization against potential threats.
With the upcoming cybersecurity regulations, you will probably be expected to detect, monitor and communicate on the vulnerabilities of your embedded Linux systems. That’s where Linux vulnerability scanners come in handy.
Dive into the strengths and weaknesses of four prominent software composition analysis (SCA) tools to identify and mitigate the vulnerabilities of your embedded Linux systems: cve-check by the Yocto Project, Vigiles by Timesys, Black Duck by Synopsys, and CVE Scan by The Embedded Kit.