Embedded systems and IoT security technical article

I wrote a technical article on embedded systems and IoT security to Uusiteknologia.fi magazine:

Designing modern electronics+ information security

With the latest smart electronics and embedded microprocessors, devices connected to the network can be implemented even better, but even better care must be taken of their data security and protections.

This Designing modern electronics article gives information for the information security protection of modern electronics. Embedded systems are prone to various information security risks, which in the worst case can cause serious consequences for both users and the environment.

That is why information security should be taken into account from the outset, from the design phase of the device or system to the maintenance phase and decommissioning at the end of the solution’s life cycle.

An insecure Internet of Things can pose a significant risk to the entire digital operating environment. And since the Internet is already ubiquitous, every IoT device is vulnerable to attack.

Although the goal should always be to achieve sustainable security, information security operations must be functional already when the product leaves the factory and must be maintained with software updates.

Designers of embedded systems must adopt a security-first approach to ensure that the systems they design are protected from security risks. Therefore, network security, software security and physical security are important in IoT devices.

This article has provided a basic understanding of information security in embedded systems and provides a guide for designers to create reliable and secure systems that are safe for both users and the environment.

Here you can my article in Finnish:

Nykyelektroniikan suunnittelukoulu Plus, osa 5: Sulautettujen ja IoT-ratkaisujen tietoturva

If you want to get idea of the article content in English, try Google translation of the article.


  1. Tomi Engdahl says:

    Onko älylaitteiden tietoturva kunnossa? “Sähkökatkokin voi olla kyberturvauhka”

  2. Tomi Engdahl says:

    The next step is to secure your edge devices, which are often the most vulnerable and exposed to cyber attacks. You need to apply the principle of least privilege, which means granting only the minimum access and permissions necessary for each device to perform its function. You also need to encrypt your data at rest and in transit, using strong and updated algorithms and protocols. Additionally, you need to implement authentication and authorization mechanisms, such as passwords, certificates, or tokens, to verify the identity and legitimacy of your devices.

  3. Tomi Engdahl says:

    You need to align your policies with your business objectives, regulatory requirements, and industry standards, such as the NIST Cybersecurity Framework, the ISO/IEC 27000 series, or the Cloud Security Alliance Edge Computing Security Framework. You also need to communicate and enforce your policies across your organization, and review and revise them regularly to reflect any changes or improvements.


Leave a Comment

Your email address will not be published. Required fields are marked *