What companies should consider when it comes to the cyber security of embedded systems

by | Mar 5, 2025 | News, News and Events, Our Blogs, Swissbit

In my latest blog post, I focus on the cyber security of embedded systems and the associated special requirements. In addition, there are the risks arising from the increasing networking of embedded systems. Finally, I present solutions that improve the security of networks.

Special requirements for the security of embedded systems

  1. Long operating times: Many embedded systems are designed to function for years or even decades. This leads to a high need for risk mitigation efforts like retrofitting security controls and maintenance, as cybersecurity threats are constantly increasing.
  2. Headless systems: As many embedded systems have no user interface, they are often difficult to diagnose and maintain. Security updates require special care here.
  3. Networking: With the Internet of Things (IoT) and the Industrial Internet of Things (IIoT), the number of networked devices is increasing rapidly. This leads to a larger attack surface and more complex security requirements.
  4. Safety and security: In safety-critical areas such as medical technology, safety (operational safety) and security (cyber security) must be guaranteed simultaneously. A security incident can even endanger lives under certain circumstances.

New risks due to ever greater networking

Trends such as edge computing or software from the cloud, as well as ever closer links between information technology (IT) and production technology (OT), are also leading to ever greater networking of existing legacy systems. However, these were and are not designed to meet the requirements of current systems, which were designed for networking from the outset. The connection and operation of remote maintenance systems, which usually allow access to all system and machine functions, and the installation of updates that can corrupt the integrity of data and systems are particularly risky.

Typical problems with the cybersecurity of embedded systems

  • Retrofitting during operation: Many systems need to be updated without interrupting operation. This is a particular challenge in industries such as medical technology and network technology.
  • High availability: Failures can not only be costly, but also dangerous. Systems must therefore be operational around the clock.
  • Exotic and customized systems: Many embedded systems are custom-built, which makes it difficult to integrate security measures.
  • Compatibility: Security solutions must be seamlessly compatible with existing technologies and standards.

Industries with high safety and reliability requirements are particularly affected

In terms of product and operational security, these are primarily applications in medical technology and industrial plants, especially if the industrial plants are critical infrastructure facilities such as utility companies. When it comes to cyber security and data integrity, access and security technology as well as banking and billing systems are particularly at risk. Digital attacks here can cause high financial losses.

What could be possible solutions?

  1. Division into security classes: Not every system has to meet the same high security standard. A clear classification helps to use resources efficiently.
  2. Securing boot processes and file systems: Secure boot processes and encrypted file systems are essential to prevent tampering.
  3. Hardware-based security solutions: Security modules such as Secure Elements or Trusted Platform Modules (TPMs) can protect critical cryptographic keys.
  4. Network security measures: Segmentation, firewalls and intrusion detection systems can provide additional protection for networked embedded systems.
  5. Reference to Swissbit solutions: we offer innovative storage and security solutions with industrial grade that are specifically tailored to the requirements of embedded systems.

Conclusion

Securing embedded systems is a complex but essential task. In view of the long life cycles, increasing networking and the specific requirements of these systems, customized security concepts are required. With the right combination of hardware and software solutions, embedded systems can be effectively protected against cyber attacks. There are two crucial factors to consider: solution expertise and a product that meets these requirements. At Swissbit, we have over 20 years of expertise in securing data and digital identities. In the area of embedded security, one of our products meets the formulated requirements particularly well. The new Security Upgrade Kit offers maximum flexibility and effective data protection as a retrofit solution on a microSD basis.

Convince yourself of our solution expertise and contact me directly by email at roland.marx@swissbit.com to discuss your next steps.

By the way: a community forum is available for all interested parties, where we provide additional information and promote the direct exchange of experiences.

Does that sound interesting to you? Convince yourself of our expertise and contact us

Disclaimer: This article is sourced from the official Swissbit website. As official partners of Swissbit, we have obtained permission to utilize both articles & resources for further updates with regards to Swissbit’s products.