The Growing Importance of Continuous Observability in the Age of Cyber Resilience

March 20, 2025

Blog

Why Monitoring Matters

The field has seen multiple real-world cases where a lack of software monitoring contributed to major security vulnerabilities and product recalls. One example is the Medtronic insulin pump recall, where security flaws could have allowed unauthorized access to change insulin delivery settings remotely. Another recent case is the XZ backdoor vulnerability, where a critical security issue in a widely used software package went undetected for years. These incidents highlight the urgent need for continuous visibility into the behavior of deployed systems to detect anomalies before they become critical threats.

RTOS Security Risks and the Need for Observability

Recent articles highlighted increasing risks associated with RTOS-based embedded systems. RTOSes are widely used in safety-critical applications, but their security has often been an afterthought. Vulnerabilities in an RTOS could provide an entry point for attackers, compromising the integrity of the entire system.

A key takeaway is that systematic security checks for RTOSes should be a standard practice, but audits alone are not enough. Security must be continuous and automated, especially in the context of compliance with regulations like the EU CRA. This is where Continuous Observability plays a crucial role – it enables real-time detection of anomalies, performance issues, and potential security breaches in RTOS-based systems.

CRA and the Role of Observability

The EU CRA mandates that manufacturers implement security-by-design principles and maintain post-deployment security through active risk management and monitoring. Simply releasing a secure product is no longer enough – you need to measure and react in real time to emerging threats and failures.

Observability is already a well-established practice in cloud computing, where DevOps teams use monitoring tools to detect and fix issues quickly. However, embedded systems have traditionally lacked equivalent solutions due to constraints in computing power, connectivity, and storage. This is now changing with new observability technologies designed specifically for resource-constrained edge devices.

Introducing Percepio Detect and DevAlert

Percepio is pioneering Continuous Observability for embedded systems with two key solutions:

Percepio Detect: An on-premises observability service that provides automated anomaly detection for edge devices in the systematic test phase, making it a natural capability extension to established CI/CT procedures. It continuously tracks critical execution and performance metrics, helping engineers detect performance issues and potential security vulnerabilities before they escalate. In a coming release it will also collect performance fingerprints of expected behavior in a controlled test environment.

Percepio DevAlert: A cloud-based real-time feedback loop that allows development teams to receive alerts and trace diagnostics from field devices, based on the same core technology as Percepio Detect. This enables rapid issue resolution and improves software resilience over time. Performance fingerprints from Percepio Detect can be used with fielded edge devices, helping identify anomalies that could indicate a security intrusion.

The Future of Secure Embedded Systems

As cyber threats evolve, embedded device manufacturers must adopt new strategies to ensure resilience, compliance, and reliability. The risks associated with RTOS vulnerabilities highlight the pressing need for Continuous Observability – not just for meeting compliance, but for safeguarding product integrity.

By embedding Percepio Detect and DevAlert into your systems, you can stay ahead of threats, ensure compliance with regulations like the CRA, and build more resilient products.