Securing an IoT System from the Ground Up
Hacks involving IoT devices are now familiar headline news. DDoS attacks on major websites, remote control of cars and medical devices, surveillance using devices in homes, and more are increasingly c …
| Talk Title | Securing an IoT System from the Ground Up |
| Speakers | Marti Bolivar (Senior Software Engineer, Linaro, Ltd) |
| Conference | Open Source Summit North America |
| Conf Tag | |
| Location | Los Angeles, CA, United States |
| Date | Sep 10-14, 2017 |
| URL | Talk Page |
| Slides | Talk Slides |
| Video | |
Hacks involving IoT devices are now familiar headline news. DDoS attacks on major websites, remote control of cars and medical devices, surveillance using devices in homes, and more are increasingly common. Public and government expectations for IoT device security are growing ever higher. In response, product makers are attempting to build secure devices. However, teams too often reach for solutions without good understanding of the risks and consequences their products face. Such efforts are often wasted, either failing to achieve their goals or achieving the wrong ones. This talk is a case study of securing an IoT system. We review best practices management and engineering can apply to build more secure IoT devices. Topics include requirements engineering, threat modeling of the system, security aspects of the development process, and reacting to security events in production.
