Icon Labs Solves Embedded OS Flaw

West Des Moines, IA --- Two recent announcements have focused attention on the security of IoT and connected devices, running versions of Wind Rivers’ VxWorks, the most popular embedded operating system used in the world. These announcements describe flaws that can be exploited by remote cyber attackers. In June 2015, and updated in July 2015, the Industrial Control Systems Cyber Emergency Response Team (ICS-CERT) issued an advisory regarding Wind River VxWorks TCP Predictability Vulnerability for Industrial Control Systems. Researches also discovered a remote code execution (RCE) vulnerability in VxWorks.

According to Wind River, VxWorks Version 7 is not susceptible to the RCE vulnerability and there are patches for some older versions of VxWorks. However, there may be millions more devices running older versions of VxWorks that may be vulnerable.

According to Alan Grau, President of Icon Labs, “Our Floodgate Security Framework, for use with VxWorks and many other RTOSs, can block attacks attempting to exploit these vulnerabilities. In addition, our strategy of connection to a management system, such as Intel Security’s ePolicy Orchestrator, can notify customers of attacks and allow the customer to "instantly" change the security policies to block these attacks. Developers can design in security today, and prepare for new attacks in the future by using this flexible approach.”

Icon Labs’ products provide embedded security for IoT and Machine to Machine (M2M) solutions such as aerospace, military and space probes, industrial and medical control devices, medical systems, and consumer electronics products. The Floodgate Security Framework provides a “defense in depth” solution that protects control units and endpoint devices from cyber threats, aids in compliance with regulatory mandates and guidelines, and gathers and reports command, event and device status information for audit requirements.

For more information:
https://ics-cert.us-cert.gov/advisories/ICSA-15-169-01
http://www.networkworld.com/article/2983714/microsoft-subnet/researcher-reveals-remotely-exploitable-flaw-in-world-s-most-widely-used-real-time-os.html
http://www.iconlabs.com
888-235-3443
515-226-3443

Free Monthly Newsletter

Compelling read? Subscribe to FierceEmbeddedTech!

The embedded tech sector runs the market’s trends. FierceEmbeddedTech subscribers rely on our suite of newsletters as their must-read source for the latest news, developments and analysis impacting their world. Sign up today to get news and updates delivered to your inbox and read on the go.

Suggested Articles

IVY could help automakers adapt their vehicles based on data about how sensors see reactions to road hazards and driver behavior

Bosch is collaborating with Cartesiam for software to apply to its XDK dev kit

In June, Su stood out for heartfelt commentary on social injustice after the killing of George Floyd. She challenges industry to do more.