Dan Smith: Embedded Systems and Cyber Security

My guest today is Dan Smith (  / dan1smith  )

He's an independent consultant who focuses on:

• Providing technical training for embedded systems, specializing in cyber security.
• Expert Witness services: IP infringement and product malfunction/liability in high-consequence embedded systems
• Technical consulting in the area of system and firmware architecture.

In this friendly, technical discussion, Dan answered the following questions:

• Is there anything special about securing embedded systems vs. securing general purpose computing systems? [time 2:22]
• What are some of the most common security design/coding mistakes you observed? [time 6:00]
• What realistically can be detected in practice by using static analysis tools? [time 9:16]
• What are some of the best practices to bake security in the system from the start? [time 14:35]
• When you start looking into a new embedded system to look for safety and security flaws, what are the some of the things you immediately review? [time 19:46]

Learn more about securing embedded systems software by applying CERT coding standard: .
https://www.parasoft.com/secure-your-...

HUNGRY FOR MORE?
From expert insights to training and support, find your software testing resources here: https://www.parasoft.com/resources/

Get the latest software testing news and resources delivered to your inbox.
Subscribe to our Blog: https://www.parasoft.com/blog/