Freescale Enhances MQX Security with Mocana's NanoSSL and NanoSSH

By JDavis | 10/13/10 6:28 AM

AUSTIN, Texas – Oct. 13, 2010 – Freescale Semiconductor announced today it is offering expanded security capabilities for its MQX™ real-time operating system (RTOS) by integrating source code versions of Mocana’s NanoSSL™ and NanoSSH™ software. Freescale customers can download and unlock special MQX-optimized versions of Mocana’s code for just $199 (USD) through Freescale and redistribute an unlimited number of binary copies in their own solutions, royalty-free.

Through this offering, embedded developers will have access to fully supported commercial cryptography solutions with instant online access to source-code versions of the NanoSSL and NanoSSH client software products. Integrated into Freescale’s Processor Expert configuration tool, NanoSSL and NanoSSH allow easy implementation and customization through embedded components and do not require crypto expertise on the part of the developer.

Read More >

IP is the glue

By JDavis | 6/15/09 7:09 PM

As we move towards the Internet of things (IOT), it's clear that we need something to be the glue holding this evolved Internet together.

Read More >

Buggy Breathalyzer Bounces Boozers

By JDavis | 5/31/09 7:01 PM

DUI defendants are asking courts to mandate source code reviews on the software that runs breathalyzer devices to determine if bugs or malware is present. While it’s easy to see how this tactic would be employed in attempts to get charges reduced or dropped, the more serious issue could be the device failing to detect when a person is under the influence, thus sending them back on the road. Two independent reviews weigh in, according to an Ars Technica article.

The reviews differ in scope and offer different conclusions, but they both agree that the code falls below industry-standard best practices and that it contains bugs. The [Base One] report identifies 24 major defects and points to a wide range of troubling issues. The analysts discovered that the embedded software disables safeguard features built into the device's processor that are intended to detect and prevent the execution of invalid or corrupt instructions. The researchers contend that this circumvention can lead to unpredictable results in the event of fatal errors.

In his blog, security expert Bruce Schneier further notes:

Read More >

Free! Watch EETimes' NEW "Fundamentals of Embedded Systems Security" Course

By JDavis | 5/14/09 6:32 PM

Designed for engineers and developers, this free, 60-minute course provides an introduction to embedded systems security including what could happen if your security is compromised and methods to prevent this from happening. Don't miss it! Content includes:

Read More >