February 23, 2020

229 words 2 mins read

An Agile Approach to Threat Modeling for Securing Open Source Project EdgeX Foundry

An Agile Approach to Threat Modeling for Securing Open Source Project EdgeX Foundry

Evaluating security risks and conducting threat modeling are challenging for open source project contributors and adopters. There are rarely enough people, or people with experience, to tackle these t …
Talk Title An Agile Approach to Threat Modeling for Securing Open Source Project EdgeX Foundry
Speakers Tingyu Zeng (Senior Principal Software Engineer, Security Lead, DELL Technologies)
Conference Open Source Summit + ELC North America
Conf Tag
Location San Diego, CA, USA
Date Aug 19-23, 2019
URL Talk Page
Slides Talk Slides
Video

Evaluating security risks and conducting threat modeling are challenging for open source project contributors and adopters. There are rarely enough people, or people with experience, to tackle these tasks properly. In this session, come learn about a practical, agile approach to threat modeling with STRIDE model for open source projects, using EdgeX Foundry as an example, regardless whether you are going to contribute to an open source project or are going to evaluate and include some open source libraries into your next project. We will share our experience on security threat modeling and risk assessment during the development of EdgeX Foundry - a vendor-neutral, open source, hardware and OS agnostic Linux Foundation project to create a common open platform for IoT edge computing systems. After the presentation the audience will be familiar with general steps of threat modeling and how to apply them on their next project.

threat open platform security edgex edge computing agile open source iot hardware
comments powered by Disqus
How Secure is Your Edge with EdgeX?

How Secure is Your Edge with EdgeX?

January 8, 2020

IoT presents a large attack surface, stemming from the number of connected components, physical distribution, and bugs in hardware and software. In this talk we focus on the Edge, systems close to the …
Easy as a pi: EdgeX on Raspberry Pi for Automotive IoT

Easy as a pi: EdgeX on Raspberry Pi for Automotive IoT

February 7, 2020

EdgeX is an open source hardware-agnostic framework for IoT and Edge Computing. It is composed of a series of docker containers acting as micro-services that allow developers to plug and play from the …
Panel Discussion: Innovators Assemble! The IoT Edge Computing League Shares the Endgame

Panel Discussion: Innovators Assemble! The IoT Edge Computing League Shares the Endgame

February 4, 2020

Edge devices are slated to exceed 20 billion by 2020. For IoT to succeed in these devices, the currently fragmented edge market needs to be able to work together to identify and protect against proble …
From API to CLI. Designing and Building a CLI for EdgeX

From API to CLI. Designing and Building a CLI for EdgeX

February 2, 2020

EdgeX is an open source hardware-agnostic framework for IoT and Edge Computing. It is composed of a series microservices that allow developers to plug and play from the growing ecosystem of third-part …
An Overview of EdgeXFoundry and Where We Stand

An Overview of EdgeXFoundry and Where We Stand

January 13, 2020

EdgeX FoundryTM is a vendor-neutral open source project hosted by The Linux Foundation building a common open framework for IoT edge computing. At the heart of the project is an interoperability frame …
Building an Open Source Framework for the Edge

Building an Open Source Framework for the Edge

January 9, 2020

The problem: Widespread fragmentation and the complexity of the current IoT landscape are stalling the growth of the Industrial IoT market and making it difficult for partners to work together. The ov …