HINT: They Don't Work In Your Organization:
In general code security often gets overlooked and when it comes to embedded software, code security has long taken a back seat to code quality. But there are plenty of people who do care about code security and are testing the security of your code. Unfortunately, most of them don’t have your interests in mind.
Code security is based on secure coding practices and writing applications that are resistant to attack by malicious or mischievous people or applications. Secure coding helps protect a user’s data from theft or corruption. Also, an insecure application will allow an attacker to take direct control of a device or provide an access path to another device, resulting in anything from a denial of service to a single user to the compromise of secrets, loss of service, or damage to the systems of thousands of users.
Secure coding is important for all software; whether you write code that runs on mobile devices, personal computers, servers or embedded devices, you should become familiar with the techniques and tools to support this practice.