Podcast Summary: Secure Communications in Embedded Systems with Ismael Valenzuela and John Wall

Software Engineering Daily hosted an insightful episode titled "Secure Communications in Embedded Systems with Ismael Valenzuela and John Wall," released on February 6, 2025. The discussion delved deep into BlackBerry's evolution from a smartphone pioneer to a cybersecurity powerhouse, focusing on secure communications and embedded systems underpinning modern automotive and other mission-critical industries.

1. Guest Introductions and Backgrounds

John Wall, Senior Vice President and Head of BlackBerry QNX, shared his extensive history with QNX, highlighting his journey since 1993. Ismael Valenzuela, Vice President of Threat Research and Intelligence at BlackBerry, provided insights into his role overseeing threat research, intelligence, and defensive innovation.

2. Evolution of BlackBerry and QNX

John Wall recounted QNX's transformation from a private company specializing in embedded software for industrial automation and medical devices to becoming integral to BlackBerry's automotive ventures:

John Wall [02:17]: "In 2010 we got sold to BlackBerry... I kind of stayed back and said, no, I want to continue this automotive thing that we're doing."

Initially focused on infotainment systems, QNX dominated the market with over 60% share from 2004 to 2012, powering systems in brands like Audi, BMW, and GM. The acquisition by BlackBerry aimed to leverage QNX for the BB10 phone, but QNX pivoted to become essential for automotive safety and autonomous driving technologies as BlackBerry's handset division waned.

3. QNX in the Automotive Industry and Beyond

Gregor Vand inquired about QNX's applications, to which John Wall elaborated on its pervasive presence:

John Wall [07:29]: "Any safety based system that requires a high level operating system that is running on a high performance compute is running QNX."

QNX's robust platform supports advanced driver-assistance systems (ADAS) in over 24 of 25 electric vehicles (EVs) and is integral to Nvidia's Drive and Qualcomm's Ride systems. Beyond automotive, QNX extends to medical devices, aerospace, defense, and rail industries, ensuring secure and reliable operations in mission-critical environments.

4. Microkernel Architecture Explained

A significant portion of the discussion focused on QNX's microkernel architecture:

John Wall [11:32]: "In a microkernel architecture, it means that everything runs in user space... This gives us a big advantage on reliability."

Unlike monolithic kernels like Linux or Windows, QNX's microkernel ensures that drivers and applications run in separate user spaces, enhancing system reliability and simplifying safety certifications. This architecture allows for self-healing capabilities, where individual components can restart without affecting the entire system.

5. QNX Accelerate and Cloud Integration

John Wall introduced QNX Accelerate, emphasizing BlackBerry's cloud-first approach:

John Wall [14:36]: "We take very seriously the idea of standardizations that separate hardware from software."

QNX Accelerate abstracts hardware dependencies, allowing developers to build and test in cloud environments seamlessly. This standardization facilitates global collaboration, ensuring synchronized development across diverse teams and geographies.

6. Advancements in QNX 8.0

Responding to evolving hardware demands, John Wall highlighted the monumental overhaul in QNX 8.0:

John Wall [17:41]: "We redeveloped our kernel for the first time in 20 years... match Linux on performance."

QNX 8.0 introduces scalability to handle multi-core processors efficiently, matching Linux's performance while retaining superior safety, security, and real-time capabilities. This update positions QNX to support the next decade of software-defined, mission-critical applications.

7. Security Enhancements in QNX 8.0

Security remains paramount, with QNX 8.0 aligning with contemporary security standards:

John Wall [19:47]: "We're now certified for security the same way we're certified for safety."

Beyond incorporating enhanced security mechanisms, BlackBerry has instituted rigorous processes treating security with the same importance as safety, ensuring robust defenses against emerging threats.

8. Ismael Valenzuela on Threat Intelligence

Transitioning to Ismael Valenzuela, the conversation shifted to BlackBerry's expansive cybersecurity initiatives. Ismael detailed his role in threat research and intelligence:

Ismael Valenzuela [22:32]: "We continue to protect mobile phones as well... secure communications with military-grade encryption."

BlackBerry's security portfolio encompasses Unified Endpoint Management (UEM), secure communications, and managed detection and response (MDR). Ismael emphasized the integration of AI and machine learning to enhance threat detection and response capabilities:

Ismael Valenzuela [25:31]: "There's no way to do this when attackers are throwing at us, you know, a lot of malware per second... AI is going to help us to scale much better."

9. Secure Communications at BlackBerry

The legacy of BlackBerry's secure communication roots was a focal point:

Ismael Valenzuela [29:07]: "Secure communications are now essential for government, corporate, and critical event management."

BlackBerry offers end-to-end encryption solutions that manage both data and metadata securely, addressing vulnerabilities inherent in widely-used applications like WhatsApp. This approach ensures comprehensive privacy and security for sensitive communications across various sectors.

10. AI's Role in Enhancing Security

Both guests concurred on AI's transformative impact on cybersecurity:

Ismael Valenzuela [41:01]: "Defenders are also using AI... we can anticipate more, we can secure more by design."

AI and machine learning empower BlackBerry to preemptively address threats, automating vulnerability detection, and enhancing the scalability of defense mechanisms to outpace adversaries.

11. Threats to Embedded Systems

The discussion highlighted the critical nature of securing embedded systems:

John Wall [34:11]: "OEMs are very, very focused on security."

From automotive to medical devices, embedded systems are prime targets for cyberattacks, potentially leading to severe consequences like vehicle control breaches or compromised medical equipment. BlackBerry provides the foundational software and security mechanisms, leaving OEMs to implement additional safeguards tailored to their specific applications.

12. Future Outlooks and Closing Thoughts

Looking ahead, both John and Ismael expressed optimism about the expanding role of software-defined systems and the continuous evolution of cybersecurity:

John Wall [39:50]: "Everything is becoming more software defined... a safe and secure platform for different verticals."

Ismael Valenzuela [41:49]: "AI is going to help us to scale much better and faster than attackers."

They underscored the importance of integrating security into the cultural fabric of organizations, advocating for proactive and design-centric security practices.

Closing Advice:

• Ismael Valenzuela: Encouraged broadening horizons and embracing limitless professional growth.

Ismael Valenzuela [43:35]: "There is no limits to what we can achieve... solve problems that affect people's lives."

• John Wall: Reflected on the value of enjoying one's work and remaining in a perpetual learning state.

John Wall [44:56]: "I've enjoyed my work... I'm still in learning mode and I'm still really enjoying it."

Conclusion

This episode of Software Engineering Daily offered a comprehensive exploration of BlackBerry's pivotal role in secure communications and embedded systems. Through the expertise of John Wall and Ismael Valenzuela, listeners gained valuable insights into the technical advancements, security strategies, and future directions shaping the landscape of mission-critical software and cybersecurity.