Bar Group Security

Barr Group has released preliminary results from its 2017 Embedded Systems Safety & Security Survey highlighting concerning statistics regarding design trends for Internet of Things (IoT) devices. This year’s survey has exposed that many development teams for IoT applications are not following industry best practices for designing safe and secure embedded systems, putting all mobile applications and the entire IoT infrastructure at risk.

“Embedded systems devices serve as a doorway into the Internet,” states Michael Barr, CTO of Barr Group. “There are a number of simple-to-perform, well-known software development best practices, such as version control, code reviews, static analysis, and coding standards, that have been proven to result in safer and more secure embedded systems for all devices – including IoT applications. These techniques are essential to minimizing the risk of tampering or malfunction of any embedded system.”

Barr Group’s 2017 Embedded Systems Safety & Security Survey has revealed the following statistics:

  • 9 percent of IoT designers don’t keep their source code in a version control system
  • 56 percent don’t perform regular source code reviews for bugs and security holes
  • 60 percent don’t use a static analysis tool to check the source code
  • 25 percent don’t have a bug database or other system to track known issues
  • 37 percent don’t utilize a written coding standard, and others don’t enforce one consistently

“This lack of due diligence during the design process is extremely concerning. It puts not only the individual IoT device at risk of tampering, but also jeopardizes the integrity of the entire network,” continued Barr. “As proven by the Dyn DDoS cyberattack in 2016, any device that is connected to the Internet is vulnerable to tampering unless properly designed for maximum security.”