MATLAB, Simulink, and Polyspace help to protect your systems and data from adverse external events. You can use these products for your cybersecurity practices to prevent operational, financial, safety, and privacy attacks from impacting system users.
With MATLAB, Simulink, and Polyspace you can design and maintain secure embedded systems. These products enable you to:
- Build security into your system
- Verify the effectiveness of your security architecture
- Identify potential vulnerabilities early in the software development life cycle
- Use analytic methods to increase the confidence in your design
- Detect attacks on your system
- Develop updates in response to new threats
Building Secure Systems with MATLAB, Simulink, and Polyspace
Manage Cybersecurity Goals with Full Traceability
Capture your system-level security architecture, and allocate your security goals. Author and manage requirements together with your architecture, designs, generated code, and test artifacts. The digital thread lets you keep your design consistent, identify implementation or testing gaps (22:25), and achieve full traceability (15:42) from high-level requirements to implementation. Quickly understand the impact of a design change and generate verification and validation reports for audits.
Secure Modeling and Code Generation
Run early checks on your model to avoid blocks that conflict with security goals and set up the code generator for maximum compliance levels. Find and fix vulnerabilities early with formal methods, before code is generated. Deploy and update your implementation with efficient and secure code generation.
Analyze Your Code for Vulnerabilities and Compliance Issues
Assess the security of your C/C++ source code without relying on human experts and code reviews. With Static Application Security Testing (SAST), developers can check compliance to the latest secure coding standards (CERT® C and CERT C++) and avoid weak patterns (CWEs) early during the software development life cycle. Extended security checks can spot tainted data, incorrect use of cryptographic libraries, and confidentiality issues. Analyze the robustness of your software and prove the absence of critical vulnerabilities with code analysis based on formal methods.
Identify and Assess Vulnerabilities
Model and simulate attacks on your system without requiring the hardware. Combine reinforcement learning and digital twins to generate attacks on your system and identify vulnerabilities (19:35). Identify impacted functionalities with Model Slicer. Run automatic hardware-in-the-loop (HIL) tests to observe the effects of specific inputs on your system.
Detect Attacks on Your Embedded System
Learn how to apply machine learning to implement an intrusion detection system (IDS) against spoofing. Protect your control loops against replay attacks and man-in-the-middle attacks with distributed watermarking. Identify and deflect network attacks with linear algebra and machine learning.
Prevent and mitigate remaining weaknesses with robust design, state-of-the-art detection mechanisms, and security controls. Implement secure state estimation (12:37) to add resilience against spoofing attacks on your system inputs. Leverage neural networks to enhance the robustness of image classification algorithms against adversarial attacks.
Compliance with Industry Standards
Automate verification of models and code to fulfill requirements from cybersecurity standards such as ISO/SAE 21434, IEC 62443, and DO-326. The IEC Certification Kit provides an overview of how to apply MATLAB, Simulink, Polyspace, and add-on products to ISO/SAE 21434, in addition to functional safety standards (ISO26262, IEC 61508). The kit helps you to build and qualify your development process for safe and secure embedded systems.
Automate Security Checks
Automate your processes to ensure consistent and efficient security checks throughout development and operations. Set up a CI pipeline for your models to automatically test changes and generate secure code. Frequently scan your code base for vulnerabilities, on every commit (15:32), and generate compliance reports.