Issue link: https://resources.mouser.com/i/1506851
Certainly, adding connectivity to embedded devices offers many advantages, but a number of associated security challenges arise. On a high level, connected products are more susceptible to security threats because connecting to a network potentially creates a new channel for adversaries to access the device. Whereas adversaries need physical access to a device for nonconnected products, a connected product can be accessed by anyone on a network. Because of the attack vectors associated with connected devices, the concept of trusted operations has become particularly important in this field. For trusted operations in connected devices, three key functions must be accounted for: a platform of trust, secure communication, and secure storage of information. To enable a platform of trust, you want to make sure before you connect equipment to a network infrastructure that the equipment is trustable—meaning it will not reduce the security of your network and be an entry door to malware or viruses. An important way to enable a platform of trust is to ensure the secure boot of a system. Secure boot is a technique in which the device checks that its firmware is from a trusted origin and unmodified (not infected with malware) through the use of a digital signature to verify authenticity. In many cases, verifying these signatures in a reasonable amount of time requires powerful microcontrollers. Secure communication refers to ensuring the authenticity and authorization of endpoints on a network when a device exchanges data across the network. For example, in a medical device, patient data must be shared only between the doctor C h a p t e r 2 | Tr u s t e d O p e r a t i o n s f o r C o n n e c t e d P r o d u c t s Trusted operations ensure that devices operate and store/transmit user/ customer information securely at all times, including when the device is being updated, patched, or serviced. Devices must be provisioned with firmware updates and recovery mechanisms that secure data in the event of any failures or vulnerabilities in operational procedures." Venkata Kishore Kajuluri Senior Hardware Security Engineer, Oracle Cloud Infrastructure 11 Embedded Security: Keeping Edge Data Safe