Join the 40,000+ candidates in over 58 countries that have found a faster, better way to pass their certification exam.
Comprehensive practice exam engine!
All features in the FREE plan, plus:
Welcome to our Vulnerabilities in Embedded Devices and Cyber Physical Systems Module. The Internet of Things and embedded devices are becoming much more popular. And embedded systems now have a lot more processing capability and storage than they did previously. Many computer devices are now networked as part of the Internet of Things, or they could also be standalone devices.
The Internet of Things was designed for connectivity, but was not really designed with security in mind, and embedded computers now account for 94 to 98% of the total computers in the world. These devices do not have much security, and therefore are very popular targets because of the quantity and lack of security, and also because of the types of systems that these devices can control.
Malicious attacks continue to grow as the number of these systems increases, and power and complexity can increase the number of flaws, and flaws can be exploited to breach these systems. Flow control systems and physical security systems are major concerns, because if attackers can gain control of these systems, they can create destruction in the physical world, not just in the online world.
We should strive to create a proper balance between performance, security, and usability. And we should make sure that we have physical and logical controls in place to protect these systems. Cyber physical systems have the ability to collect data and gather information from physical regions, and then provide that data to embedded processing devices for analysis and decision making.
This is very popular with the Internet of Things, and is also used commonly in industrial Internet, smart grid, smart cities, and pretty much smart anything, from homes, to hospitals, to cars, and appliances. As an example, we are seeing embedded chips being used to analyze patient data and send alerts in health monitoring systems.
Obviously there's a very large concern if an attacker can gain control of these systems, because they may be able to injure patients. Often the embedded operating system in these devices is based on Windows XP, which is problematic because that operating system is end of life, and no longer receives security updates.
If you have cyber physical systems in your organization, you should be very concerned with the security of these systems. You should perform a risk assessment for the security and privacy and trust of these devices as well as the Internet of Things. You should make sure that you have a budget in place to minimize any physical damages, and you should especially be concerned about securing these devices in any type of critical infrastructures, such as nuclear power plants, the power grid, water control systems, traffic control systems. If these critical systems fail, what will happen? Could there be a power plant explosion? There could be cities that are flooded, cities without power. We need to really work on securing these devices to prevent these disasters from occurring. We should still remember that with these systems, we need physical controls, firewall systems, intrusion protection systems, intrusion detection systems, and other security controls in order to protect the systems.
When designing these systems, we should architect them for survivability and resiliency, to make sure that we have a power distribution network that can withstand attacks, and also to make sure that we're not storing unnecessary data that an attacker can then steal. We should make sure that we are only collecting the minimum amount of data in order for the system to function properly.
This concludes our Vulnerabilities in Embedded Devices and Cyber Physical Systems Module. Thank you for watching.
Classified by skill and ranked by difficulty. Choose to answer questions in STUDY MODE to review and you go.
Know when you’re ready for the high-stakes exam. Have the confidence that you will pass on your first attempt.
Don’t forget what you’ve just studied! Use the intelligent reinforcement questions to stay fresh.
THANK YOU! Just bloody thank you! I’m doing the CEH minor at my college and well...I’ve learned more from this site in a few hours than I’ve learned from my school in 9 weeks about the subject. Keep up the good work!
Skillset’s Exam Engine continuously assesses your knowledge and determines when you are ready take and pass your exam. When Skillset learns that there is a gap between your knowledge and what you need to know to pass, we present you with a focused training module that gets you up to speed quickly. No fluff! Find your knowledge gaps and fill them.
Skillset is confident that we can help anyone pass their exam. If you reach 100% readiness, and you do not pass your exam, we will refund you plus pay for a replacement exam voucher. That’s how powerful our learning system is, we can offer this guarantee and stand behind our products with this no risk to you guarantee. See terms and conditions.
Don’t waste time studying concepts you have already mastered. Focus on what you need to know to pass. The Skillset Competency Diagnostic aligns our Exam Engine and Learning Plan to your baseline knowledge. This saves an average of 31% of the time required to prep for a professional certification exam.
More PRO benefits are being built all the time!