Specialized Architecture Models (Domain 3)
In this episode, we’re exploring specialized architecture models—systems that sit outside traditional computing platforms but play a growing role in enterprise environments. These include Internet of Things devices, industrial control systems, supervisory control and data acquisition platforms, real-time operating systems, and embedded hardware. Each of these architectures introduces unique security challenges that require purpose-built defenses.
Let’s begin with the Internet of Things, or IoT. These devices include everything from smart thermostats and surveillance cameras to medical sensors, building automation controllers, and industrial sensors. They are often small, purpose-built devices with minimal processing power, limited interfaces, and specialized firmware. Because they’re designed for functionality and low cost, security is often an afterthought.
IoT devices commonly present several risks. First, they often lack update mechanisms—or rely on manual firmware updates that administrators forget or delay. This means known vulnerabilities remain unpatched for months or even years. Second, many IoT devices ship with default credentials—such as admin accounts with simple passwords—that are never changed. If attackers discover these credentials, they can compromise the device quickly and quietly.
To secure IoT deployments, organizations must start with network isolation. IoT devices should be placed in their own segmented networks—separated from critical systems, user workstations, and internet-facing services. This limits the damage if one device is compromised. Strong authentication and encrypted communication should be enforced whenever possible. Device discovery tools can help maintain visibility, while vulnerability scanning identifies risks. Firmware should be updated regularly, and any device that lacks update support should be considered high risk and isolated accordingly.
Next, let’s examine industrial control systems and supervisory control and data acquisition environments—often referred to as ICS and SCADA. These systems control critical infrastructure, including power generation, water treatment, oil pipelines, and manufacturing lines. Unlike traditional IT systems, ICS platforms often run legacy hardware and software designed for uptime, not security.
One of the biggest challenges in securing ICS environments is that many of these systems were designed decades ago. They weren’t built to resist modern cyber threats, and they may not support encryption, authentication, or logging. In many cases, patching is difficult or even impossible—because restarting the system for an update could disrupt critical operations.
Because of these limitations, securing ICS and SCADA environments requires a different mindset. The first and most important step is segmentation. Operational technology systems should be completely separated from IT networks using firewalls, data diodes, or air gaps. Only specific, controlled communication paths should be permitted—and all traffic should be monitored for anomalies.
Monitoring plays a major role in ICS security. Specialized intrusion detection systems are available that can analyze operational traffic without interfering with real-time functions. These tools detect abnormal activity that may indicate an insider threat, a malware infection, or lateral movement from the corporate network.
In some cases, organizations may choose to use virtual patching—where network tools are configured to block known exploit attempts, even if the system itself can’t be patched. Strict access controls, physical security, and change management are also essential to ensure that unauthorized modifications aren’t made to critical systems.
Now let’s turn to real-time operating systems and embedded systems. A real-time operating system, or RTOS, is a lightweight platform designed to process tasks with extremely predictable timing. These are used in everything from medical devices and automotive control systems to avionics and industrial robotics. An embedded system is a computing device that performs a fixed function—often using an RTOS or simplified operating environment.
The security risks associated with RTOS platforms and embedded devices are serious. These systems are often deployed for long lifecycles—ten years or more—and may lack standard security controls like file permissions, process isolation, or encryption. They are often difficult to monitor and rarely receive patches. Attackers who compromise embedded systems can gain persistent, low-level access to environments that are difficult to detect or remediate.
To mitigate these risks, organizations should implement secure boot processes. Secure boot ensures that only trusted, signed firmware and operating system images are allowed to run at startup. If a file has been altered or tampered with, the system will refuse to launch. Hardware trust anchors—such as trusted platform modules or embedded cryptographic chips—can also be used to verify system integrity and protect encryption keys.
Code signing is another essential control. All firmware and software running on the embedded system should be cryptographically signed by the vendor or the internal development team. If an attacker attempts to install unauthorized code, the system will block it unless the signature is valid.
Physical security also plays a role. Embedded systems are often deployed in remote or uncontrolled environments—so tamper-proof enclosures, secure device interfaces, and alerting mechanisms should be used to detect physical interference.
As you prepare for the Security Plus exam, be ready to compare and contrast the risks and defenses associated with IoT, ICS, and embedded systems. Know how to reduce attack surfaces through segmentation, how to compensate for systems that can’t be patched, and how to implement hardware-rooted protections like secure boot and trust anchors. You may be asked to select the right mitigation for a smart device, or to recognize why ICS environments pose unique monitoring challenges.
