Posted by bboyes
on July 8, 2005 at 1:28 PM PDT
This interesting article came across my (virtual) desk today and it seems worth passing along.
This online article by by Mukesh Lulla, TeamF1 is a pretty good overview of the top 10 misconceptions about embedded security. It's worth mentioning here for a couple of reasons. One: embedded security is increasingly important as more embedded products are provided with a network connection to the outside world. Two: it's generally accepted that the various Java security packages are "better" than your average vendor-specific offering. A decent overview of Java security appears in this 2000 JavaWorld 5-part series By Raghavan N. Srinivas.
I'm particularly interested in all this since my company is about to engage in development of a hardware/software product to make certain SCADA communications secure. We will be running all code on native-execution J2ME/CLDC hardware similar to JStamp .
So I'm interested in feedback from those of you who have recent experience in securing embedded systems.