WHY WE NEED IT...
Let the aDolus FACT solution handle one of your organization's least understood risks.
To operate safely and efficiently, companies operating in the energy, manufacturing, medical, or aerospace sectors depend on instrumented, interconnected, and intelligent embedded devices. Since a “smart” device is only as good as the firmware or software running on it, companies must rely on their vendors to supply valid, authentic software for system implementation and upgrades.
Of course every equipment vendor does their best to supply safe and reliable software. But the path from device vendor to device user can be complex and open to exploitation.
Unfortunately, events like the Dragonfly attacks make it clear that criminal groups and hostile governments have started to exploit the weaknesses in our firmware distribution processes. They have begun to develop and distribute counterfeit software and firmware for embedded systems.
If your staff installs just one bad file, this Trojanized software can have access to everything in your system. The consequences of this kind of attack can be devastating…
Industry currently lacks a robust solution for protecting organizations — both suppliers and asset owners – from this kind of Trojan software attack. When you examine the upgrade process in large organizations, it’s easy to see the current challenges:
- Most companies use devices sourced from a wide variety of vendors
- Every vendor includes software sub-components sourced from 3rd parties
- Every vendor has its own software distribution and validation process
- Every system has its own upgrade process
- Technical staff obtain software updates from multiple sources, including websites, DVDs, contractors, and distributors
- Intelligent devices need regular updates to stay secure, yet are widely distributed throughout factories and equipment
The concern over counterfeit software and firmware isn’t hypothetical. And the resulting problems from an attack are both life threatening and expensive.