For the Internet of Things

The Toughest Security Challenge Yet: The Internet of Things

There are twice as many things connected to the internet than there are people on this planet. Because this technology is constantly changing and advancing, security can be a challenge. Our expertise has always been at the forefront of software security and we constantly evolve to build our core strengths and methodologies to address the complexities of traditional and embedded platforms.

Whether the challenge is a connected video, critical infrastructure, intelligent cities, or voting machines we have the breadth and depth of skills to take a structured and holistic approach to the threats, vulnerabilities and remediation alternatives.

Our Approach to IoT includes:

  • Understanding the environment and architecture of the system or systems under test
  • Secure Development Lifecycle Gap Analyses
  • The Security Innovation Threat Model Analysis (TMA) for advanced threat assessments and triage
  • Embedded security computer systems

Our Experience with IoT includes:

  • Development of our own IoT security products such as TCG Middleware, ARM7/ARM9 libraries and Aerolink V2X security libraries
  • Communication security design for IEEE 802.15.3 ultra wide-band networking
  • Biometric matching weakness evaluation for large organization
  • Secure replication design for leading provider of mobile databases
  • Government kiosk security
  • Voting machine hardening
  • Securing critical components of the intelligent grid for multiple enterprise customers
  • Assessment of hardware security module for a large automotive supplier

Our Expertise is Delivered through:

  • Secure embedded design services including the capture of requirements, usage models and performance requirements and the selecting the appropriate protocols and algorithms and support policies.
  • Software and code testing for source code, run-time or black-box
  • Customized, proprietary or standard analysis tools and manual penetration testing
  • Vulnerability assessments based on unintended application behavior
  • Secure Development Lifecycle Gap Analyses
  • The Security Innovation Threat Model Analysis (TMA)
  • Crypto implementation consultation and remediation services
  • Embedded security Instructor-led and CBT classes