The use of CVE -related databases in improving the cybersecurity of embedded systems

Abstract

Cybersecurity is an important core concept for all information systems currently being used. It is a subject that has become more relevant with each passing year as information systems become more and more prevalent in our everyday use. It is also often a very poorly understood concept by the general public, which contributes to the fact that the most severe cybersecurity threats most information system face are directly or indirectly caused by negligence by non-malicious humans, i.e. mistakes due to poorly understood practices and concepts. The subject of cybersecurity is heavily research, but there is always room for more research especially concerning more specific parts of information systems, like the embedded systems. This study focuses on embedded systems and their cybersecurity trends through the lens of CVE -entries. Embedded systems are generally defined as small and simple, but also critical, parts of larger systems, that are responsible for certain dedicated functions, which also contributes to their specific cybersecurity vulnerabilities.