Open Source Summit + ELC North America 2019

Security is often mentioned as a top concern by people who build–or are looking at building–IoT solutions. Hardware, connectivity, cloud infrastructure, integration with 3rd party applications… securing an IoT application end-to-end can indeed sound complex and intimidating. In this talk, we will be discussing the seven key properties of a secure IoT device–hardware-based root of trust, small trusted computing base, defense in depth, compartmentalization, certificate-based authentication, security renewal, and failure reporting–and their implications at the hardware and software level. We will use an off-the-shelf MCU with an on-chip security coprocessor as an example of how these properties can be realized in practice for IoT devices

This talk is an opportunity to have a "non-hand-waving”/non-FUD discussion about IoT security needs in terms of important properties. Even if you are not a security expert, join the session to hear about some guidelines and best practices so that you can make informed decisions when it comes to your hardware and software security choices.