In an increasing number of distributed embedded applications the individual nodes must communicate with each other over insecure channels like e.g. the public Internet or via wireless communication links. Internet connections expose applications to intrusions and malicious attacks. Unfortunately, security techniques developed for enterprise and desktop computing might not satisfy embedded application requirements because of the following reasons which will be explained in detail later. security in one form or another is a requirement for an increasing number of embedded systems, ranging from low-end systems such as PDA's(Personal Digital Assistants), wireless handsets, networked sensors, and smart cards, to high-end systems such as routers, gateways, firewalls, storage servers, and web servers. Technological advances that have spurred the development of these electronic systems have also ushered in seemingly parallel trends in the sophistication of security attacks. It has been observed that the cost of insecurity in electronic systems can be very high.
1) Cost sensitivity
2) Interactive matters
3) Energy constraints
4) Development environment


2 WHAT IS AN EMBEDDED SYSTEM?
Embedded systems cover a large range of computer systems from ultra small computer-based devices to large systems monitoring and controlling complex processes. IEEE has the following definition for embedded systems:
A computer system that is part of a larger system and performs some of the requirements of that system; for example, a computer system used in an aircraft or rapid transit system. (IEEE, 1992).
Most of such embedded systems can also be characterized as real-time systems, (i.e., systems in which the correctness of the system depends not only on the logical result of the computations it performs but also on time factors). Embedded real-time systems contain a computer as a part of a larger system and interact directly with external devices. They must usually meet stringent specifications for safety, reliability, limited hardware capacity etc. The increased complexity of embedded real-time systems leads to increasing demands with respect to requirements engineering, high-level design, early error detection, productivity, integration, verification and maintenance.
In many cases embedded systems are safety or mission critical systems and hence the demands on reliability, robustness, availability and other characteristics of dependable systems are important.

The most important requirements of an embedded system are:
> Real-time properties: The real-time system functions are time-related; a violation of time requirements even of a proper functional response violates the system functionality.
> Dependability: Dependability is defined as an ability of a system to deliver service that can justifiably be trusted and an ability of a system to avoid failures that are more severe and frequent than is acceptable to the users. The main means to attain dependability are related to avoidance of faults. Dependability is characterized by several attributes such as reliability, availability, integrity, safety, confidentiality and maintainability.
> Resource consumption: Many embedded systems have strong requirements for low and controlled consumption of different resources. The reasons may be the size of the systems and/or the demands on lower production costs.
> Life cycle properties: In general embedded systems are tightly coupled with their environment and the absence of their services can have large consequences on the environment. In many domains the embedded systems have very long life time running round the clock year after year. During the lifetime of a system several generations of hardware and software technologies can be used. The long life systems must be able to cope with these changes introduced either into the surrounding environment or into the systems themselves.