Welcome to my first blog posting on Embedded Systems Security.
I will be using this forum to discuss in detail how to secure embedded electronic products and the systems they connect to. Especially the medical device market segment.
This series of posting will be scaled to work on small CPUs/MCUs, not the usual rack mount solutions that most InfoSec blogs talk about. But that doesn’t mean I won’t contrast and compare “big solutions” to what works for the embedded world. Likewise, process is important and the documentation that goes with it, so some coverage of that will likely occur. Finally, I intend to use this blog as a “bully pulpit” to spear some of the misconceptions; hype; and falsehoods so present in the InfoSec community.
I have always been a hacker, I was the ‘elementary school kid’ who wanted to be the “bike rack monitor”, that way I got plenty of time to hone my abilities picking bicycle locks. By age 6 I was soldering and had a fairly decent toolbox. I grew up wondering how something worked and satisfied that curiosity by reverse engineering it (this got me in never-ending hot water with the parents. Over the years, I have hacked many different systems and devices, sometimes I even get paid to do it! Life is fantastic!
My “day job” for over 40 years has been creating new medical devices from companies both as an employee and as a consultant. Mostly this has been medical devices but a few commercial products snuck in there as well.
So, protecting medical devices is a natural fit for me. I was born for this!