Embedded systems are still computers with an operating system and applications like desktop and server systems. Therefore embedded systems have the same vulnerabilities and may be compromised in the same way.

In contrast to normal desktops and servers embedded systems like building automation, industrial control or video conferencing systems are often deployed for a much longer time.

Updates may only be provided for a comparable short amount of time. If the vendor hardens the embedded system using SELinux, AppArmor or similar mandatory access control systems the possible damage of such vulnerabilities much reduced.

We have extensive experience in supporting vendors in the embedded field in the adoption of both SELinux and AppArmor in their build environment and the development of the required SELinux/AppArmor policies.