This section categorizes security levels for embedded systems as follows: Critical, High,
Elevated, and Guarded. While this list can help set expectations for what different
levels of security might look like, it is not a comprehensive or exhaustive set of
system requirements.
Note: The QNX Neutrino RTOS has been qualified to various standards and certifications in
the areas of safety and security. If you are building a safety-related system, refer to
the QNX OS for Safety documentation for your release. To learn more, visit
www.qnx.com.
Critical Security
The following table summarizes the Critical level of embedded security:
Consequences of compromise |
Examples |
Recommendations |
- Loss of life
- Devasting financial and reputation losses
|
- Autonomous driving systems
- Heart defibrillator
- Cryptographic key storage system
- Train navigation system
- Car braking and airbag systems
|
- Include all mechanisms recommended for High, Elevated, and Guarded levels of system security.
- Follow best practices
in line with the threat level.
- Securely boot with hardware key storage
- Establish mandatory access controls
- Integrity management
|
High Security
The following table summarizes the High level of embedded security:
Consequences of compromise |
Examples |
Recommendations |
- Risk to human safety
- Risk to important, sensitive data
- Large financial losses
|
- Car infotainment systems
- Physical security systems
- Medical monitoring devices
- Industrial router firmware
- Subsea systems
|
- Include all mechanisms recommended for Elevated, and Guarded levels of system security.
- Follow best practices in line with the threat level.
- Use an adaptive partition scheduler (APS) to ensure critical
processes have the resources they need.
- Use a high availability manager (HAM) to ensure system
availability.
|
Elevated Security
The following table summarizes the Elevated level of embedded security:
Consequences of compromise |
Examples |
Recommendations |
- Increased costs
- Moderate loss of business, data or reputation
|
- Home networking systems
- Lighting systems
- Home automation systems
|
- Include all aspects of the Guarded level of system security.
- Follow best practices in line with the threat level.
- Make extensive use of POSIX permissions and access control lists (ACLs).
- Sign and verify boot image and critical system files at runtime.
- Make remote access available through port-knocking.
|
Guarded Security
The following table summarizes the Guarded level of embedded security:
Consequences of compromise |
Examples |
Recommendations |
- Negligible costs
- Mostly a nuisance
|
- Bowling score terminal
- Hydroponic garden control system
- Stereo system
- School projects
|
- Follow best practices in line with the threat level.
- Enable logging.
- Open only necessary network ports.
- Disable all debug and console ports if they are unnecessary to the system.
|