Icon Labs Solves Embedded OS Flaw

IoT Device Developers Can Protect their VxWorks Based Designs, Sensors and Solutions against Cyber Attack by Using Icon Labs’ Floodgate Security Framwork

West Des Moines, Iowa - Sept 17, 2015 Two recent announcements have focused attention on the security of IoT and connected devices, running versions of Wind Rivers' VxWorks, the most popular embedded operating system used in the world. These announcements describe flaws that can be exploited by remote cyber attackers. In June 2015, and updated in July 2015, the Industrial Control Systems Cyber Emergency Response Team (ICS-CERT) issued an advisory regarding Wind River VxWorks TCP Predictability Vulnerability for Industrial Control Systems. Researches also discovered a remote code execution (RCE) vulnerability in VxWorks.


According to Wind River, VxWorks Version 7 is not susceptible to the RCE vulnerability and there are patches for some older versions of VxWorks. However, there may be millions more devices running older versions of VxWorks that may be vulnerable.

According to Alan Grau, President of Icon Labs, "Our Floodgate Security Framework, for use with VxWorks and many other RTOSs, can block attacks attempting to exploit these vulnerabilities. In addition, our strategy of connection to a management system, such as Intel Security's ePolicy Orchestrator, can notify customers of attacks and allow the customer to "instantly" change the security policies to block these attacks. Developers can design in security today, and prepare for new attacks in the future by using this flexible approach."

Icon Labs' products provide embedded security for IoT and Machine to Machine (M2M) solutions such as aerospace, military and space probes, industrial and medical control devices, medical systems, and consumer electronics products. The Floodgate Security Framework provides a "defense in depth" solution that protects control units and endpoint devices from cyber threats, aids in compliance with regulatory mandates and guidelines, and gathers and reports command, event and device status information for audit requirements.

About Icon Laboratories, Inc.
Icon Labs, a 2014 Gartner "Cool Vendor" and 2015 Gartner "Select Vendor", is a leading provider of embedded software for device security, device protection and networking management, including the award winning Floodgate Defender and Floodgate Security Framework. Founded in 1992, Icon Labs is headquartered in West Des Moines, Iowa. For more information, visit www.iconlabs.com, send email to info@iconlabs.com, or call 1.888.235.3443 (U.S. and Canada) or 515.226.3443 (International).

Featured Product

PureLink - HCE III TX/RX: 4K HDR over HDBaseT Extension System w/ Control and Bi-Directional PoE

PureLink - HCE III TX/RX: 4K HDR over HDBaseT Extension System w/ Control and Bi-Directional PoE

The HCE III Tx/Rx HDBaseT™ extension system offers full HDMI 2.0 compliance supporting HDR (High Dynamic Range) and 4K@60Hz with 4:4:4 chroma sampling. Featuring PureLink's proprietary Prcis codec, a light compression technology, the HCE III can transport Ultra HD/4K, multi-channel audio, and High Dynamic Range (10 bits support) content over a single CATx cable. The HCE III provides HDMI extension up to 130 feet (40 meters) at Ultra HD/4K and up to 230 ft. (70 meters) at 1080p over category cable with embedded multi-channel audio, CEC pass-through, bi-directional RS-232 and IR control, and PoE - all with zero loss and zero noise. The HCE III Tx/Rx also supports Dolby TrueHD, Dolby Digital Plus and DTS-HD Master Audio plus LCPM (up to 192 kHz). Additionally, the low profile "slim box" enclosure design make the HCE III ideal for limited space installation environments, such as behind flat panel displays and video walls.