Results 1 to 3 of 3
  1. #1
    Join Date
    Aug 2010
    Post Likes

    Security threats of ' embedded systems ' used in controls are some serious stuff

    This one describes how the vulnerability in off the shelf commercial micro controller often used in embedded systems can be tampered with. They say that malware can be injected into the firmware into HP printers through ordinary print command which can add backdoor to the printer that can steal data that is sent to printers, infect other devices in network and create a work-around to firewalls.

    I can see this becoming the future...
    Malware gets on a tech's computer, which then infects the firmware on his flash memory, that can then infect the thermostat's firmware. The thermostat has access to home's WiFi, so the malware can then transfer over to computer.

    There's no doubt computerized, communicating controls enable a lot of stuff. Many HVACR controls are designed as so called " embedded systems " which means much of controls' functions are controlled by software residing within devices.

    In the past, computer viruses were used as malicious sabotage that was generally not gainful for perpetrators. In modern days, the major concerns is theft of data. There is significant interest by criminals to obtain data which is a real motive.

    Many of us had to have our credit cards reissued following the Target attack, an attack that involved " embedded systems " , a questionable technology that is double edged sword. In the yesteryears, equipment service usually required use of special wire harness and physical connection and they lack data transmission ability. Unfortunately, the digitally writable features of microcontroller chip is a breeding incubator for malware. With many devices now having outbound traffic capabilities, it creates a major threat when authorized or trusted devices are able to execute codes.

    The common features in these embedded systems is a flash memory that can hold a substantial amounts of data and rewritable for firmware updates and configurations. Sometimes, even have "poisoned supply chain" where disreputable vendors bug the devices. So... using those China sourced controls might not be a good idea.

  2. #2
    Join Date
    Mar 2013
    Billington Heights, NY
    Post Likes
    too bad no one is writing a Chernobyl for the Nest...
    Experience - knowing when to get the hell out of the way and plug your ears. "Don't be a sissy. Turn it on!"

    Glennac - Failed my biology test today: They asked, "What is commonly found in cells?" Apparently "BL*** people" wasn't the correct answer.
    Poodle Head Mikey - "the world is well populated with the unknowing and the uncaring and the stupid."

  3. #3
    Join Date
    Aug 2009
    Prattville, Alabama
    Post Likes
    That you know of....

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts

Related Forums

Plumbing Talks | Contractor MagazineThe place where Electrical professionals meet.