Embedded designers not paying enough attention

The survey generated 2000 responses from engineers around the world, with 52% coming from the US and Canada and 27% from Europe. Once qualification filters were applied, the survey was compiled from 1726 responses from engineers with an average design career of 17 years.

According to Barr Group CEO Andrew Girson, 19% of respondents were involved in industrial automation, with 11% in consumer electronics and 10% developing medical devices.

Asked what was the worst thing that could happen if their product failed, 28% said that could result in death or injury. Of those, 34% admitted they were either not designing to meet relevant safety standards or simply didn’t know. According to Girson: “That result should say that 100% of respondents design to safety standards.”

Looking more closely, the survey found that 17% of the subset didn’t use coding standards, 25% didn’t use code reviews – with a further 16% replying ‘maybe’ – and 32% didn’t use static analysis (see image). “Products that could kill or injure should be designed to the appropriate safety integrity level (SIL),” Gerson asserted. “Best practices are ignored by way too many developers of safety-critical systems,” he added.

The report found that ‘safety practices are not clearly better in the automotive industry than in the medical device industry, even though many more lives are at risk with automotive failures’.

Examing the security aspect of design, the survey asked whether the respondent’s product required security. There were 1014 appropriate responses and 60% of those said their product would be online ‘always’ or ‘sometime’, with half of the designs in progress having one or more wireless interfaces. Of the 1014, more than half admitted their design needed to be more secure than previously. Yet, while more than half of the 1014 respondents said they were concerned about product tampering, only 25% were worried that poor security in their product could cause death.

“The highest-ranked security concerns were more likely to relate to the company that designed the product than to the users of the product”, the report found. “Designers of a remarkably large number of potentially dangerous embedded systems are ignoring security, even as they connect their products to the Internet.”

Another finding – ‘disturbing’, said Barr Group – was that 22% of those designing safety-critical systems that would be connected to the Internet said security was not a ‘design requirement’ at all on their project.

“What horrifying deadly disaster need occur before designers of Internet-connected products will begin to take security seriously?,” the report asks.

From the survey’s results, the Barr Group identified what it calls a ‘sizeable subset of respondents’ designing products that were both potentially injurious and on the Internet. This has moved Barr Group to coin the phrase ‘the Internet of Dangerous Things, or IoDT’.

Girson noted: “As an industry, we need to do better. Security is challenging,” he accepted, “with multicore processors and different operating systems. But, while it might be hard, companies are still not paying attention.

“Time to market appears to be more important than safety and security,” he concluded, “but fewer bugs and defects will make products safer and more secure.”