For organizations able to move quickly past the basics, however,
these same methods can prove invaluable in addressing equally
critical aspects of IoT design. For example, systems used in
machine control loops typically face associated mission-critical
requirements for functional safety. In these systems, security and
functional safety are so intertwined that suitable threat models
for these systems will likely need to include scenarios where
weakness in security or safety can equally lead to physical risks.
In the same way, security and privacy overlap in many respects,
yet weaknesses in either area can lead to the same result of a
disclosure of personally identifiable information.
| 4 | | 27 |
Headline
Headline
Learn More
4
Learn More
4
• 64kB DataFlash to Store Data
in EEPROM
• USB 2.0 Full Speed / USB
High Speed
• Ethernet Controller with DMA
• Evaluate the features of the
RA6M3 32-Bit Microcontroller Group
• includes a 4.3" 480 x 272 TFT LCD
capacitive touchscreen display
• Touchscreen display demonstrates
the graphics manipulation
capabilities
RA6M3 32-Bit Microcontroller Group
EK-RA6M3G Graphics Evaluation Kit
for the RA6M3
The effective application of threat modeling and risk
assessments in complex systems goes well beyond
any simple list of available options and techniques. Like
each specific system, each development organization
deals with its own unique constraints and capabilities.
The requirements for one system or organization might
completely miss the mark for another. What might be
the only common requirement is the need to perform
threat and risk assessments in the first place. Even so,
should an enterprise attempt to create a complete threat
model and risk assessment? The answer is no. In fact, an
attempt to do so would fall short of this perfect objective.
It is not possible to perfectly predict outcomes.
Naturally, chaotic processes in the world and the
ebb and flow between system mitigations and
hacker exploits ultimately derail any attempts toward
perfection. At the same time, without building the
kind of security roadmap that a threat model and risk
assessment provide, it is equally impossible to avoid
at least some of the pitfalls and detours that lead to
inevitable security breaches.
Conclusion
