62 posts categorized "Vertical Markets + Industries"


Automotive Privacy Protection Principles Don't Go Far Enough

The Association of Global Automakers and the Alliance of Automobile Manufacturers jointly announced on November 13, 2014 a set of voluntary “Consumer Privacy Protection Principles.” (See the press release here, and download the principles PDF document here.)

The document is written in quasi-legalese, but in essence, it’s a pledge by automakers, beginning with the 2017 model year, to among other things:  ConsumerPrivacyProtectionPrinciples

  • inform consumers about how data collected from their vehicles will be used
  • obtain “affirmative consent” for certain ways that data might be used
  • anonymize aspects of the data under some circumstances

VDC applauds the auto industry for recognizing the importance to consumers of privacy for data collected by electronic and digital technologies, which are growing by leaps and bounds in new vehicles. However, the principles don't go far enough in several respects:

Security – The document states that participating members must “implement reasonable measures to protect Covered Information against loss and unauthorized access or use,” then says that “reasonable measures include standard industry practices.” The word reasonable is too wishy-washy in this context, so those statements in the privacy principles don’t inspire confidence that automakers and their partners will go the extra mile for data security. (Why don't the principles say the members must "implement strong measures" to protect the data?) Without defining any minimum security measures or committing to create or adhere to an ISO standard, it comes across as a nice way of saying, “We’ll make a good effort at security, but don't expect us to guarantee the data won't get breached.” In addition, security issues apply for data within vehicles' internal systems, for data during communications from vehicles to infrastructure, and for the databases where the manufacturers will aggregate and store the data. Security policies should specify minimum requirements for how data will be secured at each of these levels, as well as how authorized third parties with data access will be required to secure the data.

Consent – The document states that automakers need to obtain consent to “a clear, meaningful, and prominent notice disclosing the collection, use, and sharing of Covered Information.” However, the document includes no provision for a vehicle owner to deny such consent or revoke it afterwards. Why would that be important? Because the consent form is likely to be presented to consumers among a stack of numerous papers that they sign in a perfunctory manner when buying a car. In addition, consent ideally would provide vehicle owners with the ability to agree or not to agree to each type of data collected, rather than any blanket statement of consent to collection of all data. We’ll see how this plays out when the first consent forms hit the market.

Data Access – The document says that consumers will have “reasonable means to review and correct Personal Subscriber Information.” Such information may include name, address, telephone number, email address, and even credit card number. It’s fine that automakers will give consumers the right to access the data that they themselves provided in the first place, but what the document misses entirely is the basic principle that consumers should have the right to access data produced by their own vehicles. Although this isn't a data privacy issue, it is a data rights issue that automakers need to address. In VDC’s opinion, vehicle owners should have, for example, the ability to take diagnostic data to an independent mechanic, rather than manufacturers only providing such data to its dealers or third parties that have paid to access it. That concern is partly mitigated by "right to repair" laws, which are already in effect in the European Union and slated to take effect in the U.S. in the 2018 model year, although full data access would go beyond such laws. Vehicle owners also should have the ability to access geolocation and nearly all other data generated by their own vehicles. Certain types of data may need to be kept confidential, but the default should be to provide consumers access to data from their own vehicles unless there’s a legitimate safety reason not to make it available to the people whose vehicles generated it.

For further discussion of data rights issues related to the automotive industry and the Internet of Things, see the recent VDC View article entitled, Beyond "Who Owns the Data?" 


Android to Transform Medical Device Market

In an increasingly mobile environment infused with continual technological innovation, OEMs are considering new platforms to develop embedded systems. While there are various platforms to choose from, Android has emerged as the foundation of many new embedded systems. It boasts natural advantages compared to other operating systems – iOS, Blackberry, and Windows to name a few – such as its robust open source user-interface, integrated connectivity, and royalty-free licensing, which can minimize cost and provide OEMs flexibility as they try to fit technology to specific industry needs.

Emerging tools in the medical space mark the potential innovation Android can bring to health care. New diagnostic methods and software systems in mHealth (mobile health) help medical care become more accessible to consumers. Android provides a flexible environment for developers and integrated connectivity between devices, making it a preferable tool in mHealth. Android-based applications can perform various functions, from simple tasks such as keeping track of medication schedules to more advanced measurement capabilities. Consumers can attach different add-ons to their Android devices and track vitals in real-time, from blood pressure and glucose level assessments to even ultrasound imaging.

OEMs can further streamline healthcare by creating embedded systems that perform multiple functions. Rather than switch between individual add-ons to test blood pressure and glucose level, doctors would be able to use a single device and even track results that can be shared to all of the user’s Android devices. Android systems provide great user interfaces and connectivity, two key parameters OEMs are considering in developing new medical devices. Although smartphones and tablets comprise of most of the current Android market share, medical devices exhibit the highest predicted growth at 71.7% annually.

While medical devices are a prime use-case for Android, the market is still in its infancy. OEMs remain reluctant to redesign systems to run Android (or any new OS) as it often requires considerable customization. Decisions by Google and other key market participants will also hold an influence and shape the growth of Android as a software solution.

Beyond the medical space, Android OS is expanding into other markets such as connected car systems and situational awareness systems. To better understand more specific drivers of Android adoption in the medical space and others, please read through the report's executive brief. The full report, Android in the Embedded Systems Market, discusses global market trends, device class forecasts, and important insights about ecosystem participants and end-users.

by Howard Wei


Controlling In-Vehicle Innovation with IVI Design

Automotive differentiation is no longer driven by gears and grease. Electronic systems now control most aspects of a vehicle’s operation and the software within those systems has risen to account for an increasing share of their functionality and differentiation. Today, software content growth in the automotive industry continues to outpace most other embedded device classes. In no automotive sector is this trend more acute than in IVI.

Ivi ibm

The culture of conservatism, rooted in automotive’s safety-critical requirements, that has traditionally characterized the domain must adapt. The recent financial crisis imposed an unparalleled catalyst for such change. Entire supply chains followed the OEM leads into bankruptcy. The remaining engineering organizations, many of which lacked the level of development resources they had prior to the financial crisis, are being forced to reevaluate their incumbent development processes and tools in an effort to keep pace with the unabated growth in consumer expectations. In many cases, OEMs must be prepared to adopt new software development solutions to adequately address the complexities of UI design and consumer device integration.

VDC will be conducting a live webcast with IBM and Jaguar Land Rover on June 27th to discuss this emerging trend. Attendees will learn:

  • How open source technologies will impact tomorrow's automotive ecosystem
  • Why OEMs need to revisit their supply-chain strategies to promote new levels of collaboration  and innovation
  • What new development solutions should be considered to adapt

When: June 27th, 11:00am ET / 2:00pm PT

Register: http://bit.ly/136NjqJ


Hardware-in-the-Loop: Not Just for Auto & Aerospace

Hardware-in-the-loop (HIL) is a simulation technique that allows for the rapid development and testing of intricate, real-time control systems.  Since such testing can be done without the creation of a physical prototype, HIL reduces product-related development costs and time-to-market, while increasing the overall quality and reliability of embedded control systems.  Given the relative complexity of developing a HIL platform, this technology has traditionally been relegated to the development of capital-intensive equipment in the automotive and aerospace industries.  However, the energy industry has recently taken notice of the benefits of HIL.

With global concerns stemming from the pollution emitted by coal burning power plants, wind power has quickly become an attractive alternative to traditional energy production.  State and federal governments have recently increased their efforts in assisting energy companies research more efficient ways of developing new wind turbines.  Enter – hardware-in-the-loop technology.  Producers of wind power have begun utilizing HIL to test their turbine control systems in real-time.  In fact, National Instruments, a leading supplier of test, measurement, and control systems, is currently partnering with Siemens Wind Power, a world-renowned wind turbine manufacturer.  Siemens is leveraging National Instruments’ LabVIEW, an HIL application platform, to develop its own HIL simulator for the testing of turbine control system software.

Using LabVIEW, Siemens can test and simulate mechanical (wind speed, blade pitch) and electrical (voltage, current) variables, among others, on its control systems.  Performing these kinds of simulations during the development stage offers design engineers the ability to tweak and optimize the control system software.  Engineers can then apply the same code used in the HIL simulation process towards the development of the control units of the actual turbine.

With the increasing emphasis on wind energy expected in the near future, the ability of HIL technology to reduce time-to-market while increasing dependability will be a boon to wind turbine manufacturers worldwide.

More insight

For further investigation and discussion about the emerging trends in the HIL landscape, and other important shifts in systems lifecycle management, please see our 2012 Software & Systems Lifecycle Management Tools Market Intelligence Service. 


Guest authored by Dan McGowan, Research Assistant at VDC Research


Your Health… There’s an App for That

The advent of the smartphone has inexplicably changed the way we live – including how we take care of our physical selves at home. Such technology is making a number of traditionally hospital-only services and extended their availability to the general public at an affordable cost. Smartphones, combined with a peripheral sensor and mobile application, are capable of measuring temperature, heart rate, blood pressure, and other vital parameters. Such solutions make the smartphone a chief contributor to the rising adoption of telehealth systems and away-from-hospital services.

Scandu, a relatively new personalized health electronics company, has developed a product targeted towards fitness enthusiasts, dieters, and data lovers that measures six physiological parameters in about 10 seconds. The Scandu Scout, available in late 2013 and selling for less than $150, takes readings with one small sensor-studded device that transmits data to the smartphone app via Bluetooth. This device is part of a new generation of consumer health tools that enable users to make informed decisions about their health and whether they should see a doctor – further decentralizing medical services.

Another health electronics manufacturer, Zeo Inc., provides consumers with a sleep management solution that records and graphs users’ sleep patterns throughout the night. The Zeo Sleep Manager transmits data via Bluetooth to a nearby iPhone or Android smartphone through three sensors on a headband detecting electrical activity in the skin of the forehead. By knowing how much restorative REM and deep sleep users actually get, they can better manage their health and overall wellness without conducting a professional sleep study.

The smartphone is a flexible medium in which consumers are familiar with and comfortable using. With different connectivity options, growing computing power, and extensive developer communities, smartphone devices will continue to be ideal for consumer health manufacturers in centralizing their solutions. It’s a win-win for end users and manufacturers alike – manufacturers have a steady platform to work off of and end users live healthier lives.

And with our last blog for 2012, VDC would like to wish everyone a safe and happy New Years!

Embedded Security: The Bark is Bigger than the Bite, Part 2

In part one of this blog, we discussed findings showing the limited security actions taken to date in the Industrial Automation and Energy/Power industries. Unfortunately, the gap between stated interest in security and the actions taken to address these concerns is not limited to this vertical. For example, 29% of engineers in military/aerospace and almost 38% of automotive engineers reported their current project involves no security actions.

Google has received a great deal of press about their progress in this area, developing their self-driving car. Aaron Robinson, a columnist with Car and Driver magazine wrote about security issues, as they relate to this notion of an autonomous car.

“But one thing is certain: Throughout human history, safety has typically lagged invention. The wheel came before the brake, the car came before the seatbelt. Likewise, the internet’s innovation continues to outpace its protections” – Aaron Robinson

Now I love many of the advances information technologies have enabled in even just the last few years. But turning over my keys to the IT department of Google or some other tech company, especially since I’ve seen lack of security measures? Suddenly “kernel panic” or the “blue screen of death” take on much more literal meanings.  

Eliminating the security interest-action gap will be one of the primary challenges facing OEMs across several verticals. Embedded solution providers should align their marketing and services initiatives. There is a large opportunity awaiting the vendor(s) able to encourage and then help navigate when OEMs take these important steps to address security.



Also in the next couple of weeks, the Embedded Software team here at VDC Research finishes publication of a series of vertical market reports. These studies examine embedded developers’ demand and requirements for commercial OSs and software development tools within key vertical markets.

Volume 1, covering embedded software technologies in the Automotive vertical is available now. Volume 2, available later this week, looks into the Industrial Automation and Control (IAC) and Energy / Power industries. Volumes covering medical devices, military/aerospace, and mobile phones will follow shortly.

Coming in 2013:

VDC’s Voice of the Customer Series: Security & The Internet of Things will give you the information you need to formulate and implement a best-in-class security strategy. From cars to smart-phones to the factory floor, security is becoming an increasingly critical consideration for enterprises, consumers, and the OEMs who provide them with a rapidly expanding range of Internet-enabled devices. This service will help you understand how organizations are approaching the big decisions of security risk management, technology and vendor selection, device deployment, and more. Learn about consumer awareness and perceptions regarding security across a range of device classes. This service is based on extensive primary research of engineering organization, enterprise and consumer behavior.


Software Takes the Wheel

While embedded software and connectivity proves to be a massive challenge for automotive manufacturers, it also plays an increasingly vital role in providing a safer, more fuel-efficient, and differentiated user driving experience. Automakers are working closely with software developers and solutions providers to expand and improve upon both under-the-hood and in-vehicle applications. Consumer digitization has hit the automobile, and automotive OEMs must look forward with software in mind.

Embedded software continues to enhance the safety and performance of modern vehicles. The steady, widespread adoption of Advanced Driver Assistance Systems (ADAS), each of which controlled by complex real-time embedded systems, bestows consumers such safety functions as adaptive cruise control, blind spot detection, emergency brake assist and more. Also, coinciding with the rapid adoption of hybrid electric vehicles (HEVs) and their inherent increased amount of electronic components, software is steadily becoming a more critical  way to achieve higher fuel economy, lower emissions, and improved performance through powertrain optimization and intelligent engine management. Environmental regulations and volatile oil prices will continue to drive the use of software algorithms in engine control.

In-Vehicle Infotainment (IVI) systems are redefining the driving experience and simultaneously providing a new landscape for OEM differentiation. A number of automotive manufacturers, including Ford, GM, Toyota, and Nissan, have deployed IVI systems in mid- to high- grade models to capitalize on this rising trend. Automobile Magazine’s ‘2012 Car of the Year’ winner, the Tesla Model S, features a 17-inch touchscreen running a Linux-based OS that integrates navigation, communications, cabin controls and vehicle data while providing Wi-Fi or mobile connectivity. IVI systems today may include such functions as GPS/navigation, mobile phone integration, climate control, social networking, DVD playback and more.

VDC investigated the growing value and rate of change of software in automotive technology in our recently published Automotive/Rail/Transportation report from our research service, Strategic Insights 2012: Embedded Software & Tools Market.

Please contact us for more information.


VDC’s Top 12 of 2012 – Part 2

In case you missed it, I unveiled the first half of our list on Monday. A brief review (see Monday’s post for more details), and then on to the top 6!

12. GrammaTech introduces architecture visualization system for CodeSonar (March 27th)

11. LDRA forms LDRA Certification Services (March 26th)

10. Enea joins the embedded Linux party (March 27th)

8 and 9. Siemens and PTC expand their lifecycle management coverage through acquisitions (Siemens/LMS International: November 8th, PTC/Servigistics: August 8th)

7. General Dynamics acquires OK Labs (September 11th)

6. Thales acquires SYSGO (November 15th)

SYSGO joins the list of leading embedded/real-time operating systems vendors (Wind River, MontaVista Software, and QNX Software Systems) that has been acquired since the middle of 2009. As SYSGO’s VP of Marketing Jacques Brygier told our blog earlier this month, “SYSGO remains the same with just more financial backup to move forward. The company keeps its identity, management team, full staff, and offices. It is Thales’ willingness to let SYSGO decide its own growth strategy, including the choice of market segments Thales is not involved with.” We are not sure that Wind River and Green Hills Software are worried just yet, but if Thales holds true to this strategy for its new subsidiary, the competition could start heating up.

5. IBM announces Rational Engineering Lifecycle Manager (September 5th)

As software continues to play a greater role in providing product differentiation and innovation, the convergence of ALM and PLM has become a particularly hot topic and an important business opportunity. RELM is the key element of IBM’s cross-domain integration strategy, and is designed to help engineering teams visualize, analyze, and organize engineering data and their relationships.

4. Coverity launches the Coverity Security Research Laboratory (January 24th)

If I had to pick one main theme that best defined 2012, it would be security. The Internet of Things phenomenon has pushed the concept of security to the forefront of consumers’ minds, and as a result the engineering community has become increasingly focused on building security into their devices. To that end, Coverity launched its Security Research Laboratory (SRL), which is dedicated to vulnerability research and the discovery of new and existing defects in software code. SRL includes a wide range of security experts from industry and academia.

3. Oracle releases two new Java Embedded products (September 25th)

As I wrote in September, survey data over the last several years has uncovered a surge in the use of Java in embedded designs. Oracle’s release of Java ME Embedded 3.2 and Java Embedded Suite 7.0 is indicative of the company’s recognition of this trend and its intent to aggressively target embedded developers. Also considering the momentum behind the Java-based Android platform, it certainly seems that 2013 may be the year of Java in embedded.

2. Microsoft unveils Windows Embedded roadmap (November 14th)

The release of Windows 8, new Windows phones, and the Surface tablet brought with it a great deal of speculation around the future of Microsoft’s various Windows Embedded platforms. In mid-November, Microsoft finally revealed their plans, which, not surprisingly, included yet another naming convention change. A few highlights:

  • Windows Embedded Standard 7 will become Windows Embedded 8 Standard (GA: March)
  • Windows Embedded Enterprise will become Windows Embedded 8 Professional (GA: March)
  • Windows Embedded POSReady will become Windows Embedded 8 Industry (CTP: January)
  • Windows Embedded Compact 7 will become Windows Embedded Compact 2013 (GA: Q2 '13)
  • More details on Windows Embedded 8 Handheld and Windows Embedded 8 Automotive are expected to be released early next year.

1. Intel rolls out the Intelligent Systems Framework (September 11th)

Intel continued its heavy push into embedded at the Intel Developer Forum this past September, when it announced the Intelligent Systems Framework (ISF). Another announcement driven by the Internet of Things phenomenon, ISF is a broad specification for intelligent devices in a wide range of industries, from medical and industrial to digital signage and home automation. The framework is “designed to address connecting, managing, and securing devices and data in a consistent and scalable manner,” and includes hardware, operating systems, tools, and other software components.

There are two key reasons ISF earned the top spot in our rankings. First is the impressive list of companies that have pledged their support, which includes Advantech, Arrow Electronics, Avnet, Dell, Digi International, Eurotech, Kontron, and of course Intel subsidiaries McAfee and Wind River. The second – and perhaps more important – reason is simply the attention it has received. People are talking about it. People want to know more about it. In the short time since its release, we have fielded numerous calls from various industry participants looking to discuss ISF and how it may impact the industry moving forward. For those reasons, we believe Intel’s Intelligent Systems Framework was the most significant/noteworthy embedded software announcement of 2012.

- - - - - - - -


So that’s our list. And though we checked it twice, I am sure you all might have seen things a little bit differently in 2012. So if you’d like to dispute our rankings, point out something that didn’t make the list at all, or even shower us with praise, we would love to hear from you in the comments section.

Here’s looking forward to even more game-changing innovations for embedded in 2013 and beyond!


The Embedded Software Beat

A Q&A with Jacques Brygier, VP of Marketing, SYSGO

This interview is the fifth in a series that we have conducted with embedded software solution providers to share their views on their company, products, and state of the market.

VDC: SYSGO has been in the embedded software business for over 20 years; can you briefly introduce the company to our readers?

LogoBrygier: SYSGO has been providing software solutions for the embedded market since its foundation in 1991. The company, headquartered in Mainz, Germany, has developed skills and expertise over the years into two areas, actually very complementary: industrial embedded Linux and safety and security certified RTOS. SYSGO has been quite innovative in addressing the needs of the applications requiring the highest levels of safety and security: the company was the first to introduce to the market a certified embedded virtualization solution that is both a full RTOS and a type 1 hypervisor. SYSGO is primarily addressing the A&D, industrial, transportation, medical and automotive markets, but the combination of Linux/Android, safety and security functionality of its offering attracts new customers in industry sectors like smart energy, high range mobile and even consumers.

VDC: SYSGO recently announced it was acquired by Thales. What does this mean for SYSGO and its customers?

Brygier: This is great news for SYSGO! SYSGO remains the same with just more financial backup to move forward. The company keeps its identity, management team, full staff, and offices. It is Thales’ willingness to let SYSGO decide its own growth strategy, including the choice of market segments Thales is not involved with. We of course have to remain the technology innovator we are in the key sectors of A&D, transportation, and security, in order to provide to Thales (and others) the best-of-breed products they need to be successful. But we are free to continue to address the other markets such as automotive, medical, industrial, or even consumers when it makes sense. Thales’ investment is based on the long term. The requirements they have in terms of product features for their own benefits were part of our roadmap anyway: we just have more means to speed up their implementation.

VDC: What are the challenges engineers face today in designing and developing embedded devices and how are embedded software suppliers responding?

Brygier: More than ever, the embedded systems developers have to manage a tremendous increase of functionality requirements but keep a high level of quality at reasonable cost! New software environments like Linux, Java or Android give access to a wide range of graphics, peripherals, and networking capabilities. However, even as the hardware platforms become more and more powerful (thanks to a growing usage of SoCs, multi-core, specialized built-in devices, etc.), the usual requirement for performance is now combined with a growing need for more safety and, maybe more importantly for most of the markets, security. To say it differently, engineers need new ways of implementing software. That’s probably the reason why we see a growing interest in our safe and secure virtualization RTOS: having the ability on the same hardware (I mean processor) to mix real-time and non-real-time, critical and non-critical applications, legacy and brand new code is very attractive!

VDC: SYSGO’s flagship product, PikeOS, is a combination of an RTOS and virtualization platform; Can you explain the concept of PikeOS, and tell our readers what sets this platform apart from the competition?

Brygier: In the early 2000s, SYSGO decided to develop its own operating system approach based on the embedded virtualization concept. After having evaluated different approaches, SYSGO realized that the existing concepts couldn’t support the highest levels of safety and security requirements SYSGO’s customers were asking for. The result of this internal development is the PikeOS microkernel, which today is part of SYSGO’s product portfolio. The target markets are A&D, industrial automation, automotive, transportation, medical, smart energy, part of consumer electronics and all sectors requiring a high level of security. PikeOS enables multiple operating system interfaces to work on separate sets of resources within a single machine. Because of the resource separation enforced by the PikeOS microkernel, multiple applications with different safety and security requirements are able to co-exist in a single machine. Thus, PikeOS can be regarded as a MILS separation kernel as well as a hypervisor. Currently, PikeOS can host about ten different operating system APIs. Among them are ARINC-653, POSIX, certified POSIX, AUTOSAR, different Java virtual machines, Ada and several popular RTOSes such as Linux (SYSGO’s ELinOS is a natural choice), Android, RTEMS or iTRON. PikeOS is certifiable to safety standards like DO-178B/C, IEC 61508, EN 50128, or ISO 26262, and is currently involved in various security standard CC EAL certification projects.

What makes PikeOS different, besides the fact it has no legacy baggage (making it easy to use), is that it is a) truly processor agnostic, supporting a very wide range of processors and not relying on any specific hardware feature but able to use it if needed (I’m thinking about the use of hardware virtualization to manage multicore, for example), b) built on a single set of core components (no derived version or specific flavor depending on the nature of the application such as non certified or certified, safety oriented or security oriented, cost sensitive, resources constrained or large and complex systems), c) offering the widest range of Personalities of the market (12), and d) the first “hypervisor” certified DO-178B, IEC61508 and EN50128!

VDC: You recently released the latest version of your industrial grade Linux platform, ELinOS; How would you describe the state of the embedded Linux market today?

Brygier: We see an increasing demand for Linux functionality in almost all markets. There is a low but steady rate of growth. Our focus is industrial Linux, a distribution that minimizes the side effect of open source software (potential issues of liability, lack of control, roadmap visibility, documentation, etc…) and offers a ready to use, qualified and well-packaged solution. I don’t know if this gives you an idea of the Linux market but I can tell you that almost half of our PikeOS users are using the Linux Personality. Our understanding is that we cannot make Linux safe and secure but thanks to PikeOS we can make its usage in a system safe and secure.

VDC: SYSGO also provides support for safety & security certifications, two areas that have begun to converge in recent years; what is the relationship between safety and security, and what are some of the challenges engineers face as they pursue these certifications?

Brygier: In terms of objectives, safety is quite different from security: one aims at removing any bugs while the other one tries to prevent any hostile attack. But they share in common the fact that they are required in a growing number of systems, increasingly in a jointly manner. There are some features/attributes PikeOS offers that apply to both areas: strict partitioning, controlled communications, availability of system resources, etc. If you combine the rigorous development process of DO-178B Level A and the formal verification of the microkernel, you tend to have a pretty good piece of software. But, even if they share some aspects of the evidence to be provided to comply with their respective standards, the certification process is quite different in spirit and in ways to assess the compliancy. For safety certification, engineers have a set of guidelines that are now quite familiar and easier to handle when you have some experience. A security certification requires first identifying your assets, the threats you envision and the adverse actions the threats can use to harm your assets. In a sense, the objectives must be very specific. The way for the accredited lab to challenge your equipment depends of course on your security objectives but is mostly not known by you. This explains why the timeline of a high level of security validation is usually more difficult to estimate.

VDC: Thank you, Jacques.

Interested in participating in VDC’s “The Embedded Software Beat” series of interviews? Please reach out and let us know.

BrygierJacques Brygier has spent more than 20 years in the business of high technology and computer science where he has acquired a deep knowledge of the software industry, its evolution and its main application fields. He has been more specifically involved in the development of mission-critical and safety critical software solutions. His primary focus has been embedded and real-time applications. Jacques obtained his Ph.D. in Computer Science in University of Lille, France and then joined Alsys to work on Ada compilers and produce the first Ada products available on the market. After working in different technical positions, he obtained his degree in International Marketing and Business in Minneapolis, USA. As the Marketing Director for Aonix, Jacques spent 5 years in San Diego, USA, developing and promoting software development tools before returning to France where he took the position of VP Sales for 3 years. He then became VP Marketing with worldwide responsibility for product strategy, product management and marketing communication. Jacques joined SYSGO in February 2007 to initiate and lead Product Management and Strategy. As VP Marketing he is in charge of all global marketing activities. His main task is to develop the SYSGO portfolio that includes the safe and secure virtualization RTOS platform PikeOS and the Industrial Grade Embedded Linux ELinOS.


Huge Opportunity for Security Solutions Vendors

With Black Hat 2012 in Las Vegas wrapping up late last week, security has been top-of-mind for many within the embedded systems industry and beyond. As we’ve discussed in several recent blog entries, the growing connectivity/interconnectivity requirements of embedded devices have begun to raise the awareness of OEMs with regard to the need for improved security. However, they often remain unsure of how best to address these requirements, and in many cases fail to address them at all.

Preliminary data from our 2012 Embedded Engineering Survey not only reinforces this reality, but also sheds some additional light onto this phenomenon as it pertains to specific vertical markets. According to our data, the greatest disparity between importance and action exists in mobile phones and automotive applications – two areas which have only somewhat recently become the targets of malicious attacks and other security breaches. While the security of mobile phones has been increasingly addressed in BYOD environments by enterprise IT departments, the automotive industry has been slower to change, with the performance of automotive ECUs from a safety-critical perspective often taking precedence over security concerns. While the gap is smaller for military/aerospace and medical devices (heavily regulated industries that are somewhat predisposed to managing security concerns), there is still a significant portion of engineers in these areas who recognize the importance of security but have yet to do anything about it.

VDC believes these disparities represent a significant business opportunity for vendors of embedded security solutions – as well as for enterprise/IT security solutions vendors looking to expand into the embedded space – as the momentum behind security drives engineering organizations to more aggressively combat security issues. This of course includes vendors such as Icon Labs, McAfee, Mocana, Qualsys, Symantec, Valid Edge, and many others. Furthermore, we also believe there exists a similar opportunity for traditional embedded software suppliers – Coverity, GrammaTech, Green Hills Software, Klocwork, LynuxWorks, SYSGO, Wind River, etc. – whose products are particularly focused on addressing security concerns.

Over the next several quarters, VDC will be exploring these security trends and potential business opportunities as part of our new Voice of the Customer research program: Security & The Internet of Things. This program will provide OEMs, IT managers, and operators alike with the information they need to develop and implement robust security strategies to address the challenges posed by today’s Internet of Things. Please contact us for further information.

My Photo