Categories

Editor's Choice
Tech Jobs Network
News & Events
Access Control & Identity Management
AI & Data Analytics
Asset Management
Associations
Conferences & Events
Facilities & Building Management
Fire & Safety
Information Security
Infrastructure
Integrated Solutions
IoT & Automation
Perimeter Security, Alarms & Intruder Detection
Power Management
Products & Solutions
Security Services & Risk Management
Smart Home Automation 
Surveillance
Training & Education
Videos
Security by Industry Sector ▾








Print this page printer friendly version

Security and privacy: Is one without the other possible?

Issue 3 2025 IoT & Automation, Industrial (Industry)

By Tyler Baker, VP, engineering (Qualcomm Innovation Center, Inc.)

The contrasting urgency and importance of security and privacy in the consumer and industrial world can be shown in the simple example of an automobile with advanced assisted driving capabilities. Inadequate protection for user privacy could mean that an unauthorised third party could snoop on a log of the car's journeys as the data is in transit between the vehicle and, for example, the driver’s insurer. This might feel intrusive, but usually it will have no important consequences for the driver.

Inadequate security protection, on the other hand, could allow a malicious actor to take over or corrupt the vehicle’s driver assistance system, compromising the driver’s ability to maintain safe operation. The conclusion seems cut-and-dried: privacy protection is a nice-to-have, but security protection is a must-have.

Except this is not really true, for at least two reasons.

First, just because an instance of a breach of privacy might not have important safety consequences does not mean it is not harmful. If a consumer, when buying a car, does not have a clear and explicit understanding that personal data, such as the routes and times of their journeys, their driving style and so on, risk falling into the wrong hands, then the car maker should be under a duty to keep them private. The same should go for any other connected device. After all, no one likes the feeling that they are being spied on.

Secondly, a breach of privacy in settings other than a consumer’s car can have extremely serious consequences. This is even truer for industrial or commercial systems than for consumer products. For example, the control system of an energy generation plant could send data about its spare generation capacity over the energy company’s network. This private information could be commercially valuable to competitors. Malicious actors could even use it to time a cyberattack on a nation’s power grid to cause maximum harm or inconvenience.

The value of data sanitation

So, OEMs have at least a moral duty to protect privacy as much as security. In fact, the basic principles of data privacy are straightforward. If security protection is about keeping people out of an embedded device, privacy protection safeguards the data inside the device. This means:

• Collecting and storing no more data than is necessary for the device to perform its functions.

• Anonymising the data collected or stored.

• Encrypting data at rest and before transmission.

This can be thought of as data sanitation: cleaning up data stores and eliminating the accumulation of ‘waste’, or unnecessary data, to reduce the size of the attack surface open to malicious actors.

Privacy protection built into the FoundriesFactory platform

OEMs could be forgiven for feeling weary about the concept of privacy. After all, is it not just one more thing to implement, besides security, which is already a big enough task?

Privacy protection features add surprisingly little overhead for users of the FoundriesFactory platform, who already benefit from a set of features that support security best practices and the latest regulations, such as the European Union’s Cyber Resilience Act. Secure boot, CVE readiness, security-focused over-the-air updates, and more are integral parts of the FoundriesFactory development and device management flow.

Activating specific privacy features in the platform alongside the security-focused features is straightforward. For example, the Linux microPlatform (LmP) operating system, which underpins the FoundriesFactory platform, can be configured to implement memory randomisation in the Linux kernel.

If a hostile actor were to breach a device’s security protection, the easiest way to inspect the data on the device would be to study the processor’s memory. The LmP uses features in the Linux kernel to break up sequences of data stored in this memory into chunks, and then to randomise the locations in which the chunks are stored, making it difficult for a third party to recombine the data into their original sequence.

Other features supported in the FoundriesFactory system provide additional privacy protections: customer support engineers can provide comprehensive information to customers and training on how to take advantage of it.

So, the takeaway for customers is that if security is important, so is privacy, and tools that support privacy protection are present in the same FoundriesFactory platform that enables management of embedded device security.




Share this article:
Share via emailShare via LinkedInPrint this page


Further reading:

South African counter-drone system completes trials
Products & Solutions Perimeter Security, Alarms & Intruder Detection IoT & Automation
Pretoria-based military engineering company Centauri Technologies has announced that its TriAD counter-drone system successfully completed integrated, multi-layered C-UAS (counter-unmanned aerial system) capability trials in a vehicle-mounted configuration.

Read more...
Managing access for devices, bots, and systems
Securex South Africa IoT & Automation
South African access control environments are becoming more complex. It is no longer only people who need identities; machines, IoT devices, service accounts, and even AI tools now require secure authentication.

Read more...
CAA-compliant ground drone outsourcing
Surveillance IoT & Automation
South African mines, estates, utility companies, independent power producers, ports, municipalities and others can now own and operate a CAA-compliant drone dock ground station in just six to eight weeks.

Read more...
Top five AIoT trends in 2026
IoT & Automation AI & Data Analytics
As we enter 2026, the convergence of artificial intelligence (AI) and IoT infrastructure is reshaping industries, unlocking unprecedented opportunities to optimise operations, enhance security, and improve sustainability.

Read more...
From digital transformation to digital sovereignty
Security Services & Risk Management IoT & Automation
As cyberthreats grow, data regulations tighten, and AI becomes central to economic competitiveness, countries are recognising the need to control and protect their own digital assets.

Read more...
The IoT is a criminal’s worst nightmare
IoT & Automation
For South Africans who want to stay here and build a better country for our kids, grandkids, friends, and others, the Internet of Things gets us really excited because it enables ‘edge processing’.

Read more...
Factories, grids, and finance: Critical infrastructure cyber lessons of 2025
Asset Management Information Security Industrial (Industry)
Africa has seen an accelerated, large-scale digitisation of our overall industrial base, and this rapid convergence of IT and OT is happening on a foundation that, in essence, was not designed to be cybersecure.

Read more...
Dahua showcases smart city solutions
AI & Data Analytics Fire & Safety IoT & Automation
Dahua showcased its smart city solutions at the Smart City Expo World Congress in Barcelona, Spain, which brought together experts, innovators, and city leaders from around the globe to explore the future of urban transformation.

Read more...
Securing the smart fleet
Information Security Transport (Industry) Logistics (Industry) IoT & Automation
Contributing around 10 to 12% of South Africa’s GDP, the transport and logistics sector supports almost every part of the country’s economic activity. The stakes for keeping these systems secure are higher than ever before.

Read more...
Making drone security more accessible
Editor's Choice Integrated Solutions Residential Estate (Industry) AI & Data Analytics IoT & Automation
Michael Lever discusses advances in drone technology, focusing on cost reductions and the implementation of automated services, including beyond line of sight capabilities, for residential estates with SMART Security Solutions.

Read more...











SMART Security Business Directory


While every effort has been made to ensure the accuracy of the information contained herein, the publisher and its agents cannot be held responsible for any errors contained, or any loss incurred as a result. Articles published do not necessarily reflect the views of the publishers. The editor reserves the right to alter or cut copy. Articles submitted are deemed to have been cleared for publication. Advertisements and company contact details are published as provided by the advertiser. Technews Publishing (Pty) Ltd cannot be held responsible for the accuracy or veracity of supplied material.

Published by Technews

»  Dataweek Electronics & Communications Technology
»  Electronics Buyers' Guide (EBG)

»  SMART Security Solutions
»  SMART Security Business Directory

»  Motion Control in Southern Africa
»  Motion Control Buyers' Guide (MCBG)

»  South African Instrumentation & Control
»  South African Instrumentation & Control Buyers' Guide (IBG)



© Technews Publishing (Pty) Ltd. | All Rights Reserved.