(linked from http://breakingembeddedsoftware.com,   Jon D. Hagar)

Mobile and Smart Phone Concepts

The book defines attacks that are applicable for mobile and smart phone devices.

It is important to note that most people upon seeing the word “mobile” think it is synonymous with Smart phones, but mobile includes more than just smart phones, for example:

Somewhat arbitrary, we draw a distinction between mobile and embedded systems particularly mobile devices which tend to have a more sophisticated User Interface (UI) or Graphical UI (GUI). This characterization is not clean and is why we see mobile and embedded as part of a continuum. The tester must decide where their specific context places them.

Certainly Smart phones and other devices (now tablets) are in a space between personal computers and embedded systems. Smart phones are mobile. They have sensors (or can have). The limitations such as battery or power, screen sizes, network connections, memory limitations, storage issues, and others are often solved in the PC world by a simple upgrade or add-on. Not so for these little gizmos.

List of applicable attacks from "Software Test Attacks to Break Mobile and Embedded Systems" for mobile and smart phone devices 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 32, 33

Mobile-Smart Phone Blog