The announcement focussed on the lack of security being implemented in IoT devices. Fully 22% of embedded systems developers that are working on IoT projects, or projects that connect to the Internet, do not list security as a product requirement. That figure is concerning at a time when there is a growing number of cyberattacks on connected devices and will probably ensure that the issue will continue to plague the industry.
The Barr Group survey was completed by over 1,700 qualified respondents that are located around the world - 46% North America, 33% Europe, 10% Asia, and 11% other geographies. The annual survey is intended to look at the development practices of those engineers. According to previous data, security as a concern has shown a small improvement this year. Those designs where security is a concern have risen 6% to 67%, but 33% of engineers and 22% of those designing Internet-connected devices still neglect security during the product development phase. This is a concern when the same survey shows that 25% of developers of IoT products are currently working on devices that could potentially kill or harm humans if hacked.
When the survey goes into detail, it shows that developers of IoT devices are still not following industry-recommended design practices that raise security levels. The survey shows 54% lack regular code reviews, 49% fail to perform static analysis, 33% lack a written coding standard, 17% lack a bug database and under half of the engineers developing an Internet-connected product encrypt their data.
Barr Group will host two special presentations at Embedded World in Nuremburg, Germany, February 27–March 1, 2018 highlighting more detailed results from the 2018 Embedded Systems Safety & Security Survey. Barr Group CTO, Michael Barr will be at the Open Systems Media Embedded Pavilion in Hall 3A, Stand 507 to present:
February 27, 2018 (11:00AM–11:30AM CET): 2018 Embedded Systems Safety Survey Results
February 28, 2018 (11:00AM–11:30AM CET): 2018