Security of Embedded Systems Using “ISO 27002” Standards

Embedded Systems are electronic products that contain one or more than one microprocessor and software either programmable or fixed in capability, designed to perform some dedicated function within a large entity. Embedded Systems are increasingly employed in critical sectors such as in Life Critical Systems, Financial Infrastructure, Information Systems, Transportation Systems, Consumer Products and Avionics etc. Their inadvertent and malicious failures can cause dreadful consequences. The situation has become more critical due to rapid change in functional requirements of Embedded Systems particularly in terms of communication and interconnection. High interconnectivity between public networks such as internet and Embedded Devices has become a massive security challenge by which Embedded Systems can be directly attacked. This paper examines the security dimensions of Embedded Systems by means of baseline security intents of Embedded Systems and Information Security standard ISO/IEC 27002 which are basically safeguards to avoid and counteract security risks related to computer software or personal property. It is an Internationally-recognized standard which is cogently designed around a group of interrelated security controls, presented as a proposed solution in this paper to address the aforementioned difficulties of Embedded Systems. This standard is explicitly concerned with the security of all forms of information and equally beneficial for all types and sizes of organizations that handles and be contingent on information.