In the latest episode of IoT Unplugged, Toby Wilmington, Chief Executive and Co-Founder of Periphery, outlined how his company is tackling one of the most pressing and least visible challenges in cybersecurity: securing the growing web of embedded and connected devices that underpin modern critical infrastructure.
Founded by a team of former NATO and UK Ministry of Defence cybersecurity engineers, Periphery operates from the north of England with a mission to protect the expanding universe of “machines that matter” — from defence systems to autonomous vehicles and energy networks.
Critical infrastructure has long been a target for sophisticated cyberattacks, Wilmington noted, recalling examples such as the Stuxnet worm that crippled Iranian nuclear facilities. What has changed, however, is the attack surface. Over the past five years, the number of connected devices in operational environments — from transport systems to nuclear sites — has surged. Automated gates, remote sensors, and drone systems have replaced human operators, creating networks of interconnected devices that are often designed for functionality, not resilience.
The threats to embedded systems — the small, dedicated computers running everything from drones to traffic control units — are not hypothetical. Wilmington compared today’s situation to enterprise security a decade ago, when many questioned why attackers would target corporate networks until major breaches made complacency untenable. “The assumption must now be that every device is vulnerable,” he warned. The challenge lies not in initial design, where many manufacturers do follow best practices, but in maintaining security once devices are deployed. Limited computing resources and power constraints mean traditional endpoint protection cannot be applied to embedded hardware.
The consequences of neglecting these systems could be profound. In sectors such as transport, autonomous vehicles, and defence, an exploited device could cause physical harm or even loss of life. Wilmington pointed to the rapid development of driverless technology as an example. Although automotive safety is highly regulated, he argued that the ecosystem is evolving faster than regulators can adapt. Software companies now design the “brains” of vehicles, he said, introducing new dependencies and risks. “We’re probably three to five years away from mass deployment, but it’s coming — and AI is driving that adoption.”
Periphery’s answer is a micro-software agent designed to embed within constrained devices, providing real-time monitoring and protection without draining power or processing capacity. “We add roughly 1% CPU utilisation,” Wilmington said, emphasising the importance of efficiency. The agent, written in Rust, is compatible with a range of operating systems, from embedded Linux to RTOS, and consumes only a few megabytes of memory.
At the heart of the platform is a suite of AI models built from Periphery’s extensive honeypot network — simulated devices intentionally exposed to attacks. These honeypots are compromised up to 100,000 times a day, providing rich behavioural data on how adversaries target embedded technologies. “We don’t rely on signatures or rules,” Wilmington explained. “We look at behaviour — how malware acts once it’s inside. That’s why we can detect threats with such high fidelity.”
To hear more about what Arcidiaco had to say about building with Raspberry Pi, listen on Spotify, Apple Podcasts, and at the link below.
There’s plenty of other editorial on our sister site, Electronic Specifier! Or you can always join in the conversation by visiting our LinkedIn page.
