Electronicdesign 9295 99151promo
Electronicdesign 9295 99151promo
Electronicdesign 9295 99151promo
Electronicdesign 9295 99151promo
Electronicdesign 9295 99151promo

Security Emerges At The International CES

Dec. 20, 2013
Get ready for the annual International CES in Las Vegas. Connectivity is the name of the game but will all those devices be secure?

Get ready for the annual International CES in Las Vegas. The glitz and glitter will surround the latest 4K Ultra HD HDTVs, smart phones, tablets, cars, and intelligent household appliances. Connectivity is the name of the game with all of these products.

Download this article in .PDF format
This file type includes high resolution graphics and schematics when applicable.

Thanks to the Internet of Things (IoT), connectivity will enable devices to access other devices. Smart TVs can stream content from the Internet and, if they have a built-in camera like Samsung’s UN55F9000 3K Ultra HD, host video conferences (Fig. 1). Of course, connectivity also enables companies to sell more services. Companies can watch how consumers use these electronics too, whether the consumers know it or not.

Figure 1. Samsung’s 120-Hz, 55-in., UN55F9000 4K Ultra HD display has a built-in camera. It supports gesture controls and streaming media.



Unfortunately, this type of connectivity exposes devices to third parties. Security is now on the minds of most developers. Many standards such as ZigBee incorporate encryption and authentication. These devices will be more difficult to compromise, but not impossible. If the device can load an app or receive a remote update, then it is susceptible to attack.

Related Articles

Securing Mobile Devices

A secured device is a good thing, and it security is easier if the functionality is locked down. Unfortunately for developers, many devices like smart phones, tablets, and HDTVs are user-programmable, as apps can be installed at the user’s discretion. I have almost a hundred apps on my smart phone and use at least a quarter of them on a regular basis.

Apps can be isolated by sandboxing them, but most implementations can be bypassed, often through bugs exploited by nefarious software. That’s one reason why enterprise devices like smart phones are often locked down so no new apps can be loaded. It isn’t just an issue of whether the device could be compromised. Rather, it may provide a vector of attack on the enterprise network through the linkage that the smart phone may have to that network, possibly through a virtual private network (VPN).

Operating systems like Android and iOS have security built into them, but not isolation on the order of what a hypervisor will provide. It is easier to verify that a separation-kernel hypervisor with hardware support can isolate two operating systems from each versus isolating apps running on the same operating system.  

A Smart Solution

Green Hills Software and ViaSat partnered to deliver military-grade security for Android smart phones and tablets (Fig. 2). ViaSat Secured is built on the Green Hills Integrity Multivisor separation-kernel hypervisor (see “Embedded Devices Gird Up Against Cyber Threats” on electronicdesign.com). It targets dual-use smart phones and tablets in the enterprise. It would turn my wife’s two smart phones into one device.
Figure 2. Green Hills Software and ViaSat are delivering military-grade security for Android smart phones and tablets. A little red lock indicates the locked apps in the secured version of Android. Tapping them runs them in the unsecured version of Android.

The enterprise manager has control of the hypervisor and one of the partitions that runs the enterprise version of Android populated with approved applications. The other partition runs Android as well. Switching is just a button-click away with the status LED color indicating which partition is active.

Green Hills also added a feature whereby an icon for an app that runs on the user’s Android partition can appear on the secured side. This status is noted via a red lock on part of the icon. Tapping the icon runs the application as expected, but it switches to the user’s partition to do so. There is not a matching mechanism for switching to apps on the secured side.

I would like a version of this where I could provide an enterprise partition that could be managed remotely. Bring-your-own-device (BYOD) will work likely work this way in the future. I will not have to worry if the enterprise wants to reconfigure or trash its partition since it will not affect mine. 

Sponsored Recommendations

Article: Meeting the challenges of power conversion in e-bikes

March 18, 2024
Managing electrical noise in a compact and lightweight vehicle is a perpetual obstacle

Power modules provide high-efficiency conversion between 400V and 800V systems for electric vehicles

March 18, 2024
Porsche, Hyundai and GMC all are converting 400 – 800V today in very different ways. Learn more about how power modules stack up to these discrete designs.

Bidirectional power for EVs: The practical and creative opportunities using power modules

March 18, 2024
Bidirectional power modules enable vehicle-to-grid energy flow and other imaginative power opportunities. Learn more about Vicor power modules for EVs

Article: Tesla commits to 48V automotive electrics

March 18, 2024
48V is soon to be the new 12V according to Tesla. Size and weight reduction and enhanced power efficiency are a few of the benefits.

Comments

To join the conversation, and become an exclusive member of Electronic Design, create an account today!