Barr Survey Reveals An Internet of Insecure Things

(Barr Group)

Barr Group will release the final analysis of its 2018 Embedded Systems Safety & Security Survey on February 27, 2018. Preliminary results reveal startling news regarding the state of security for Internet of Things (IoT) devices. Of the embedded systems developers working on internet-connected or IoT projects, 22 percent do not list security as a product requirement for their current project. With the growing number of hacks and cyberattacks threatening internet-connected devices, this statistic serves as a warning that security breaches and attacks will continue to plague the embedded system industry in the short-term future.


Completed by more than 1,700 qualified respondents, the survey was designed to gauge the state of product development practices of embedded systems engineers from around the world (46 percent from North America, 33 percent from Europe, 10 percent from Asia, and 11 percent from other geographies). Based on survey data from 2018 as well as results from prior years, the embedded industry is showing modest improvement when it comes to making security a design consideration during product development, rising six percentage points from 2016 to today’s 67 percent. However, with 33 percent of all embedded engineers and 22 percent of engineers designing internet-connected devices still neglecting to focus on security during product design, the IoT continues to be an “Internet of Insecure Things.”

Free Monthly Newsletter

Compelling read? Subscribe to FierceEmbeddedTech!

The embedded tech sector runs the market’s trends. FierceEmbeddedTech subscribers rely on our suite of newsletters as their must-read source for the latest news, developments and analysis impacting their world. Sign up today to get news and updates delivered to your inbox and read on the go.


Further compromising the state of IoT security, survey results reveal that engineers developing IoT devices are still neglecting to implement industry-recommended design practices known to raise security levels of embedded systems. Of the engineers designing internet-connected devices:

  • 54% lack regular code reviews
  • 49% fail to perform static analysis
  • 33% lack a written coding standard
  • 17% lack a bug database


In addition, the survey found that fewer than half of all embedded engineers designing for the IoT encrypt their data.

For more information, visit the Barr Group.

Suggested Articles

IVY could help automakers adapt their vehicles based on data about how sensors see reactions to road hazards and driver behavior

Bosch is collaborating with Cartesiam for software to apply to its XDK dev kit

In June, Su stood out for heartfelt commentary on social injustice after the killing of George Floyd. She challenges industry to do more.