Author's posts

Raised hexagon tiles with the one in focus having the words "penetration test"

Understanding pen testing for IoT/embedded systems

Security penetration testing, or pen testing, can be a useful but often misunderstood security test method, particularly by companies who are new to security, so what is a pen test, is it suitable for IoT/embedded products, and when should it be used?

Read more
Close-up of a microprocessor silicon die

Will custom silicon increase security risk?

Since the 1970’s, the explosion in computing, and our knowledge on how to secure it, has been driven by the mass-market manufacturing of general purpose semiconductor devices - but this is now changing and what will this change mean for security?

Read more
QFP shrinking to WLCSP

Does your package size affect security?

For our electronic devices, such as phones, to shrink, the electronic components used inside them also need to shrink and this has led to “chip-scale packaging” where the chip package is not much larger than the bare silicon die inside it - but how does this affect security?

Read more
raspberry pi board in case

Raspberry Pi Security for IoT Products

We get a lot of companies who ask us to review the security of their product after they’ve designed it and are making plans to put it on to the market, but one of the things that scares us the most is when they ask, “I’ve got an IoT product based on a Rasperry Pi - how do I secure it?

Read more
collection of random numbers

Hardware Random Number Generators

A good source of random numbers is critical for many cryptographic operations including most current cryptographic communications protocols and in this article we’ll look at how they’re generated in modern system-on-chips, best practice for using them and how they can be attacked.

Read more
hand holding security chip

What is an IoT Hardware Secure Element?

Hardware secure elements such as Microchip’s ATECC508A/ATECC608A, STMicroelectronics’s STSAFE-A100, Infineon’s Optiga or NXP’s A71CH are promoted as solutions for IoT security - but what do these devices do, how do they help and what are their limitations?

Read more