Browse Books

Reviewer: Janusz Zalewski

Security is defined in this book as "the ability of an entity to protect resources for which it bears protection responsibility." This definition is as good as any other, although I would put more emphasis on the degree to which this protection is ensured. The scope of this book is limited to the security of microprocessor-based systems, leaving out microcontrollers and field-programmable gate arrays (FPGAs), which are a significant part of the embedded market. Also, contrary to the title, it does not really discuss safety issues in embedded systems; this topic would truly require writing another book. The book is composed of six chapters: a typical introduction; four core chapters on various aspects of embedded systems security; and a chapter on emerging applications. The book's general objective is to educate embedded systems developers on security issues. It is written at the intermediate level and targets various additional audiences, including professionals involved in quality assurance; managers responsible for security; instructors and students; and professionals in non-computing disciplines who are involved in building embedded systems. The chapter on systems software sets the stage for the discussion of embedded systems security, focusing on the role an operating system kernel plays in the design of critical systems. A good overview of real-time kernel security issues is given, including discussions of microkernels versus monolithic kernels; access control and capabilities; and hypervisors and virtualization. At more than 100 pages, the next chapter, "Secure Embedded Software Development," is the longest in the book, but it could be safely shortened by dropping the section on model-driven design (MDD). Although MDD is important in embedded systems development, the way it has been presented here does not justify its inclusion in a book on security. There is simply not enough relevance. In addition to that topic, this chapter discusses several issues related to programming languages, among them C and C++ standards and static and dynamic code analysis. The chapter on cryptography is extremely important and covers essential theoretical topics, including cryptographic modes, block ciphers, public key cryptography, key authentication, and cryptographic hashes. The chapter is very well written, with examples and illustrations that help the reader understand related issues. This chapter alone would be a good introduction to security in general, not only for embedded systems developers. The most interesting chapter to me is "Data Protection Protocols for Embedded Systems," especially the part on data-in-motion protocols. The authors deliver essential information on security protocols at specific components of the Open Systems Interconnection (OSI) reference model, in particular, Internet protocol security (IPsec) at the IP layer, and secure sockets layer (SSL) and transport layer security (TLS) at the transport layer. All issues discussed here are very relevant to the design of secure embedded systems. While commending the authors and editors for the job done, I would like to point to a couple of editorial flaws. It is a fundamental law of writing that a section must have more than one subsection; it does not make sense otherwise. Dividing a work into sections means having at least two of them. This book has at least nine sections with a single subsection, which is a bit annoying. Also, having five levels of subtitles does not meet another standard of technical writing, which normally allows only three such levels. On the positive side, the illustrations are a very strong part of this book. They are well conceived, always to the point, and in color. One interesting editorial feature is the so-called "Key Points," boxes that interrupt the text with a framed statement emphasizing a single important aspect. In addition, the book has very good bibliographical notes, which are extremely rare in this type of publication. Each chapter is followed by an extensive list of relevant citations, often with accompanying explanations. One content issue bothers me a bit and it's my obligation as a reviewer to point it out. Early in the book, the authors are quick to name the VxWorks real-time kernel as a source of significant vulnerability in a critical application (p. 22). However, when several pages later (p. 80) they talk about remote management, which saved the Mars Pathfinder mission in 1997, they fail to add that it was VxWorks that successfully accomplished this. Similar comments have been made about Linux security, to which Victor Yodaiken of FSMLabs wrote a rebuttal, which is available on the Internet [1]. When I looked at this even closer, it looks like the publisher forgot to mention the authors' affiliation with Green Hills Software, the developer of INTEGRITY, a competitive real-time kernel. I wish this book looked a little more fair. Overall, the book is very enlightening and engineers can learn a lot from it. I certainly did. Online Computing Reviews Service