For many years, embedded systems have been quietly working behind the scenes of almost all modern technologies, from automobiles to factory floors to space exploration missions. Just as the early networked desktop PCs and servers were unprepared to address the new security implications of network connectivity, today’s embedded systems present a significant new security concern, which must be addressed immediately and systematically. Some of the critical security issues presented by modern embedded systems are: Diverse network-connected embedded systems use combinations of custom and COTS software, the details of which are typically known only to the vendor of each embedded device, making vulnerability assessment, risk analysis, and patch management difficult.