Head-to-head – penetration testing vs. vulnerability scan Security Testing for Embedded Systems
In the area of Embedded system Security by Design secure Software development are of particular importance. This is due to Security Testing throughout the life cycle, this paper deals with the Pen Testing and Vulnerability Scans on the other side.
If you want to bring embedded devices with a reasonable level of safety on the market, it’s impossible not to you as a provider to integrate a security check in the software development process. In the ideal case, that is, security considerations in all phases of the life cycle of an embedded device to include.
This is true of the initial product architecture and product design, through implementation and testing, to the use and Monitoring of the actual use. And all the way back in the direction of the Design – at least, if you want to wear the ever-changing threat landscape, as well as the requirements of the market and all the problems that occur during real-world use of the devices.
At this point, we focus on the actual Mode within the security process. Similar to the Phase within the development process, in which the functional implementation is checked, ensure this is the part that safety features have been implemented correctly.
The finding is part of known vulnerabilities as well as the examination of their Exploitability, the identification of potential security vulnerabilities, and the overall picture of the safety profile of a product. This applies to both the product as a Whole, as well as the individual components. Regardless of whether these components have been completely developed in-house, using the Open Source Code created or third-party related.
The same obligations shall apply regardless of whether you happen to be the provider of a particular product on the market, an Integrator for the product or a OEM vendor or service provider that uses a standard product under the own brand name. If a networked product safety problems occur, then all of the parties listed in the liability.
For those who just want to buy an Internet-enabled product, it is not easy to assess how safe (or less secure) it actually is. Manufacturer of the statements alone are not always helpful. Just less well-known manufacturers tend to the safety of their products excessively high estimate. But even seasoned providers are Far from infallible.
Regularly experts found serious safety problems in well-known products (D-Link, Linksys, Android and MikroTik, to name just a few). A process that assesses the security status of a product and provide concrete evidence that examine the safety information of the manufacturer and substantiate (or disprove) that helps all parties involved.
Different paths lead to the goal. Traditional approaches rely during the development and verification phase on the internal quality assurance and penetration testing, and certification by independent external agencies. Newer approaches, by contrast focus on automated testing and vulnerability scanning. Each of these methods has its advantages and disadvantages. If you want to solve all the relevant issues, not-to-be to combine avoid some or all of the methods.
Quality assurance for safety-related functions
The quality assurance (QA) is a in the development process-established Phase, which is normally maintained by an in-house Team. Depending on the organizational structure, the person responsible for quality assurance are part of the development team, or is it a separate Team. Possibly even under a separate line, which ensures a certain degree of independence.
As a QA Team is structured, has a direct impact on his approach, how it from the Input on the part of the developers will be affected, and, last but not least, what are the Tests to be used in the practice. A good QA Team followed when Testing an approach that corresponds to the potential opponent. It is about trying to crack the code of a product, or to bring him to Failure (negative tests). An approach that is the possible attackers or Pen-testers are very similar.
QA Teams to test, but far more frequently, whether the product code meets the desired function as expected (positive tests). To give an example: When testing of a Software Update mechanism, verify the positive test how robust the Code is and if it applies valid Updates correctly. Negative tests to check whether it is invalid Update content, false signatures or invalid certificate chains.
These negative cases are popping up with a higher probability of an attack scenario. In this example, it is much easier, the positive Tests are exhaustive list, instead of all the negative edge cases. The easily fill up a whole page, if you want to discuss all of the possibilities, such as a certificate validation may fail.
For similar reasons, and QA Teams in case of heavy workload or Overload (the usual Situation) tend to focus on the positive Tests. Because they are absolutely necessary in order to bring a product to market. In turn, this often leads to the QS dispensed with negative tests. And that’s exactly necessary to check how safe a product is.
Security functions properly run QS need Teams of dedicated resources and should be sufficient on the subject of security specialized. So, you should refrain from further security experts in the company on a regular basis to include. You should lead the QA Team on test plan work.
The main difficulty lies in the fact that this process is resource-intensive, and the (necessary!) The concentration of QS on functional Tests that can distract. That is why, many companies hesitate to take the necessary QA resources for a secure, Internet-enabled products, to dig. Instead, most opt for external penetration tests to determine the safety status of the product.