...

We observed various devices with wireless data capabilities embedded within a larger system yet little or no ability to patch the fielded systems except within very sparse service windows. Instances where physical contact with the device is required in order to update it can be especially problematic once vulnerabilities are discovered . (See Dan Geer's talk at the Security of Things Forum for more on the "long-lived and not reachable" problem [2]).)

New Interfaces Bring New Threats

...