Feature: Memory
Protecting data from cyberattacks By Jason Chien, Product Marketing Director, Silicon Motion G
rowing network, infrastructure and system complexity requires a greater number and variety of connections, which can easily become targets of
cyberattacks. T e increasing sophistication of threats
and poor threat detection and protection make it hard to keep track of all the security problems, needs and solutions. Today, pervasive and always-on network
connectivity and the mobile nature of emerging applications like connected vehicles leave system and user data kept in mass storage media like a hard disk drive (HDD) or solid-state disk (SSD) vulnerable to attack. Data-centre servers, connected vehicles,
medical devices, commercial gaming systems, retail technology and industrial computing such as factory controllers and surveillance systems, are just a few of the systems that need protection from cyberattacks. Data stored in their
memory can reveal information about organisations, users and customers, which can be extremely damaging in the wrong hands. Hacker motives may vary – from stealing fi nancial information and intellectual property, to discovering confidential corporate data and users’ personal information like medical records or financial data, or even sabotaging equipment and operations – so, protection is a must. However, keeping hackers out and valuable data safe is a continuously evolving challenge. One key precaution is to ensure that
the hardware remains impervious to hacking or other unauthorised access, to prevent theft or misuse. Among the solutions are Silicon Motion’s FerriSSD drives, which combine hardware-based security that meets the latest industry standards with several additional protective measures, including digitally- signed firmware and tamper responses, which range from alerts to erasing all content on the disk.
36 February 2024
www.electronicsworld.co.uk
Protective measures A variety of protective measures are needed to prevent unauthorised access to data and guard against theÅ¿t and misuse. To ensure that these are both fi t for purpose and properly implemented, industry and regulatory bodies are establishing frameworks that place cybersecurity at the heart of new product developments. One example is the automotive industry standard, ISO/SAE 21434:2021, called “Road vehicles — Cybersecurity engineering”. It is closely related to the UN Economic Commission for Europe (UNECE) regulation UN 155, which requires for product developers to put in place an accredited cybersecurity management system. T e scope of ISO/SAE 21434 covers
the entire product lifecycle, from design to end of life, and includes provisions for analysing vulnerabilities and putting safeguards in place, to ensure the strongest possible cybersecurity. Required actions include risk assessment, identifying and
Page 1 |
Page 2 |
Page 3 |
Page 4 |
Page 5 |
Page 6 |
Page 7 |
Page 8 |
Page 9 |
Page 10 |
Page 11 |
Page 12 |
Page 13 |
Page 14 |
Page 15 |
Page 16 |
Page 17 |
Page 18 |
Page 19 |
Page 20 |
Page 21 |
Page 22 |
Page 23 |
Page 24 |
Page 25 |
Page 26 |
Page 27 |
Page 28 |
Page 29 |
Page 30 |
Page 31 |
Page 32 |
Page 33 |
Page 34 |
Page 35 |
Page 36 |
Page 37 |
Page 38 |
Page 39 |
Page 40 |
Page 41 |
Page 42 |
Page 43 |
Page 44
