Ask any two executives in the semiconductor industry about security threats and there is a good chance you will get two totally different answers. The disturbing part is they both may be right.
In markets where there is no physical danger to people, security always has been viewed a risk versus profit equation. At conferences over the past year, numerous executives have touted the Transport Layer Security (TLS) as a sufficient safeguard, for example, despite the fact that it has done little to stem the rising number of breaches in markets where it was deployed.
Where lives are at stake, such as the automotive, medical and aerospace markets, attitudes about security are different. From initial architecture through manufacturing and into post-silicon testing, supply chain tracking, and over-the-air updates, security is being taken very seriously.
Adhering to industry best practices always has been a good legal defense. But with breaches involving connected, driver-assisted vehicles, there is no legal precedent. And with an estimated 60 million new cars sold each year, all of them using varying levels of connectivity using technology that is still evolving, risk is significantly higher. Also at issue is damage to a corporation’s image, such as the controversial hack of a Jeep. In light of that, chipmakers and IP vendors say Tier-one and Tier-two automotive suppliers are very focused on improving security and reliability of software and hardware components, as well as internally and externally developed IP blocks that contain both.Read more here
Article from Ed Sperling, Semiconductor Engineering