This post is also available in: heעברית (Hebrew)

The Internet of Things (IoT) revolution – connected devices at home, industry and military – has been accompanied by evolving security challenges. The vast majority of commercial IoT devices contain embedded Linux, Android, or other Open Source Software, a strategy that enables device developers to bring products to market faster. But these same pressures for faster time-to-market can mean that IoT security is not adequately addressed in design or in planning for product maintenance after release.

At the same time, device developers face the daunting task of sifting through thousands of Common Vulnerabilities and Exposures (CVE) notifications every year, to determine which ones apply to their devices in production and require patching to mitigate.

Now, Timesys Corporation offers a new solution that enables device developers to design more secure products using embedded Linux and Open Source Software to ensure stronger security throughout the product life cycle.

The Threat Resistance Security Technology (TRST) Product Protection solutions for IoT security enable developers of IoT, IIoT, ICS, and other smart devices to reduce the attack surface of their products, harden devices, and maintain security at IoT scale.

The new TRST offering enables device developers to bring products to market faster without compromising security and to maintain stronger security in production deployment, the company website says.

“Security is at the forefront of today’s IoT issues as the discovery of new vulnerabilities and the rate of attacks continue to escalate,” said Roy Murdock of analysis firm VDC Research. “Improving security is becoming especially critical for IoT and IIoT devices because of the rapid expansion of deployments combined with the rise in botnet, bricking and other attacks against these smart devices.

The solution incorporates products and services that enable device developers to “Secure by Design” and “Stay Secure” — maintain the target security posture over time with vulnerability monitoring and patching services.