Levels of Security for Embedded Systems

This section categorizes security levels for embedded systems as follows: Critical, High, Elevated, and Guarded. While this list can help set expectations for what different levels of security might look like, it is not a comprehensive or exhaustive set of system requirements.

Note: The QNX Neutrino RTOS has been qualified to various standards and certifications in the areas of safety and security. If you are building a safety-related system, refer to the QNX OS for Safety documentation for your release. To learn more, visit www.qnx.com.

Critical Security

The following table summarizes the Critical level of embedded security:

Consequences of compromise Examples Recommendations
  • Loss of life
  • Devasting financial and reputation losses
  • Autonomous driving systems
  • Heart defibrillator
  • Cryptographic key storage system
  • Train navigation system
  • Car braking and airbag systems
  • Include all mechanisms recommended for High, Elevated, and Guarded levels of system security.
  • Follow best practices in line with the threat level.
  • Securely boot with hardware key storage
  • Establish mandatory access controls
  • Integrity management

High Security

The following table summarizes the High level of embedded security:

Consequences of compromise Examples Recommendations
  • Risk to human safety
  • Risk to important, sensitive data
  • Large financial losses
  • Car infotainment systems
  • Physical security systems
  • Medical monitoring devices
  • Industrial router firmware
  • Subsea systems
  • Include all mechanisms recommended for Elevated, and Guarded levels of system security.
  • Follow best practices in line with the threat level.
  • Use an adaptive partition scheduler (APS) to ensure critical processes have the resources they need.
  • Use a high availability manager (HAM) to ensure system availability.

Elevated Security

The following table summarizes the Elevated level of embedded security:

Consequences of compromise Examples Recommendations
  • Increased costs
  • Moderate loss of business, data or reputation
  • Home networking systems
  • Lighting systems
  • Home automation systems
  • Include all aspects of the Guarded level of system security.
  • Follow best practices in line with the threat level.
  • Make extensive use of POSIX permissions and access control lists (ACLs).
  • Sign and verify boot image and critical system files at runtime.
  • Make remote access available through port-knocking.

Guarded Security

The following table summarizes the Guarded level of embedded security:

Consequences of compromise Examples Recommendations
  • Negligible costs
  • Mostly a nuisance
  • Bowling score terminal
  • Hydroponic garden control system
  • Stereo system
  • School projects
  • Follow best practices in line with the threat level.
  • Enable logging.
  • Open only necessary network ports.
  • Disable all debug and console ports if they are unnecessary to the system.