The three major challenges facing cybersecurity and embedded defense systems
Cybersecurity is not a new concept in the defense world, but in recent years, the issue has taken on another dimension. With an increase in the means of exchange and communication, the data transmission security has been seriously challenged. Once highly compartmentalized, defense systems are changing and must increasingly interface with each other to improve information richness, collaboration and command decision-making.
Emerging technologies in defense: what is transforming the field?
New technologies such as Internet of things (IoT), artificial intelligence and digital applications are redefining the scope of cybersecurity by expanding the vulnerable surfaces and angles of attack. Almost always connected, critical embedded systems are now undoubtedly part of this. However, each of them should be dealt with separately.
With the corresponding rise in cyber threats and the need for intra and inter-system collaboration, the challenge is to find the optimum compromise between security, performance and operational availability. In the same way that too much armor can be disabling and counterproductive, too much security can render any system inoperable and unusable.
Under these conditions, how can we guarantee the security of data exchanged in the age of combat and collaborative systems? How can we guarantee the required confidentiality, integrity and availability (the three pillars of information security) while meeting the specific constraints of critical defense platform environments?
Developing secure embedded systems
The news never fails to remind us that cyber risks are evolving at a prodigious speed. As a result, it seems impossible to determine all the security requirements at the specification stage. How can we anticipate the threats that could affect these long-lived systems, which may be designed as much as a decade before they are put into operation?
Security maintenance clauses are now becoming widespread, in the same way that it is customary to provide contracts for operational maintenance. They require the development of systems with the capacity to evolve and adapt to technological and security changes. This raises an important question: When do I integrate security requirements into embedded systems, and should I consider them only when the hardware and software development have been completed?
Considering computing power constraints
At the same time, we must also take into account the rapid evolution of technologies and the performance that embedded systems must produce. For example, in order to meet the current cyber security standards, it is imperative to maintain computing activity throughout the system. This requires higher onboard computing power, which has repercussions on the system, its dimensions and its environment, which is known to be extremely demanding (weight, volume, heat, humidity, etc.).
Also, the SSI requires an implementation of a third-party antivirus, one that has not been developed by the manufacturer of the embedded systems. However, by constantly scanning the onboard system, this antivirus mobilizes computing capacity, affecting the real-time processing of information. Under these conditions, how can we balance computing power with the cybersecurity of embedded systems?
The challenge of availability and interoperability
Finally, the performance and computing power requirements are extremely high today, because combat and collaborative systems are key defense issues to achieve operational superiority in the age of digitalization and information sharing. At the heart of complex systems, embedded solutions must communicate and coexist with different levels of criticality and classification, and with an increasing number of protection devices. Under the weight of these constraints, isn’t the security of embedded systems becoming an obstacle to their interoperability and operational availability?
Through a series of three articles, Atos experts will review these important issues and present their vision of how we can develop embedded systems that are empowered to face long-term cyber threats without compromising their operational capabilities.
About Atos Air-Land-Sea electronics
Atos delivers products and solutions to secure intelligence for digital transformation, with extreme trust for our customers. As a system integrator, we ensure mission in critical environments by preserving human life, the availability of systems and ensuring the mission in the field of Marine, Aero & Defense and Land by offering turnkey equipment designer and manufacturer as well as off-the-shelf product manufacturer. Discover our range of air land sea electronics:
- Secured computing
- Multi-level gateway
- Network communication (mobile multifunction platform, mechanical multifunctional calculators)
- Onboard Recorder for Data, Audio & Video
- Single Boards (Digital Tactical Bus)
Instrumentation and Telemetry
About the authors
Norbert Di Costanzo
Chief Operating Officer and senior member of the Scientific Community
Norbert is Chief Operating Officer for Atos Air Land Sea electronics solutions since 2012. Norbert is part of the Atos Scientific community specialized in the Advanced Computing and Hard/firmware.
Aeronautic project director
Aeronautics Project Manager for Atos’ Air Land Sea electronics operations since 2017, Francis is an expert in aeronautics embedded systems project management and DO178/254 development methodology
Interested in next publications?
Register to our newsletter and receive a notification when there are new articles.