Jarvis Wenger has an interesting article in Electronic Design, listing misconceptions about hw/fw security, list below, read the article for all the details!
11 Myths About Platform Security: Greater system complexity means more areas are vulnerable to security breaches. This article examines the role hardware and software play in ensuring a secure computing platform.
1. When buying a product, such as a hypervisor, the software takes care of all additional security concerns in virtualization.
2. Security is only a concern for the OS/hypervisor/application.
3. I have taken care of my hypervisor, OS, application, and boot process, so my system is as secure as it can be.
4. A secure system is also a safe system.
5. My system isn’t connected to the outside world, so it’s secure.
6. My computer is isolated from the outside world, so I don’t need to run updates for the OS/Hypervisor/Application.
7. Only my most trusted employees have physical access, which means my system is secure.
8. My system is relatively secure and physically inaccessible, so it should be safe.
9. I’m using the latest up-to-date containers, therefore my application is safe.
10. The data on my device is encrypted, making it inaccessible.
11. Security is only a concern externally to a device.