Building Security Into the Firmware SDLC

Security bolted on at the end is expensive and incomplete. Here is how to build it into the firmware development lifecycle from the start.

Code Review Patterns for Embedded C

Embedded C is powerful and unforgiving. Here are the recurring vulnerability patterns to look for when reviewing embedded firmware code.

A Pre-Production Hardware Security Checklist

Before a connected product ships, a security checklist catches the issues that are expensive to fix later. Here is the pre-production checklist I use.

Threat Modeling Before the First Board Spin

The cheapest time to fix a security flaw is before the board exists. Here is why threat modeling belongs in the design phase, not after.

Writing a Security Requirements Doc for Hardware

Security that is not written down does not get built. Here is how to turn a threat model into requirements engineers can implement and test.