Last Year's Agenda - MT (Mexican Pacific Time, GMT-07:00)
With so many headlines on IoT safety and security, and new attacks happening every week it can be difficult to know where to start. If you’ve ever asked any of the following questions, then this talk is for you:
- Where do I start with IoT security?
- How do I look at security and safety together?
- I’m on a project and what can I do to build secure devices?
This talk will walk through Synopsys’ approach to threat modeling IoT systems and will answer the above questions while also demonstrating how to tie security and safety together with a systems approach.
- Understand the security complications introduced by trends like 5G edge computing and private LTE/5G networking in order to stay protected
- Discover how to apply new cybersecurity frameworks such as homomorphic encryption: Why is this the next big thing?
- Leave this session with hacker vision: Gain the ability to see your networks from the perspective of a hacker
- Best practices in the field of IoT to establish zero-trust systems and networks (for any type of multi-tenant compute or network, not just mobile)
What are the consequences of leaving security as an afterthought when building a product? During this session, Exset Labs’ Security Researcher & Analyst, Diogo Pimentel, will speak about:
1- The current trends within the IoT industry and why you should care
2- The challenges and risks of not taking security seriously
3- What role do legislation and security standards play in ensuring secure products?
4- Types of threats and real world hacking cases/scenarios and what companies like yours can learn from this
5- Solutions to how you can protect your assets
Safety certification is one of the essential requirements for software to be used in highly regulated industries. Besides technical and compliance issues (such as ISO 26262 vs IEC 61508,) transitioning an existing project to become more easily safety certifiable requires significant changes to development practices within an open source project. In this session, we will lay out some challenges of making safety certification achievable in open source. We will be offering an in-depth review of how Xen Project is approaching these challenges and try to derive lessons for other projects and contributors.
- Understand the process of the Xen Project Special Interest Group (SIG)'s journey toward safety certifications so far and lessons learned along the way
- Discover documentation, requirements generation, static code analysis, and contribution processes that need to be improved to make progress
The IoT landscape is rapidly expanding and there's an urgent need for standardized, interoperable and proven end-point security. Years away, right?
Wrong.
Introducing IoTopia
In this presentation GlobalPlatform, a non-profit industry association will deliver insights into its new initiative, IoTopia. The initiative:
• Proposes a common framework to standardize the design, certification, deployment and management of IoT devices.
• Aims to be testable and meet vertical requirements by building on four foundational pillars: secure by design; device intent; autonomous, scalable and secure onboarding; and device life-cycle management.
• Will be a simple but executable framework that is standards-based, industry-wide and able to evolve as security capabilities and requirements change.
• Will provide the opportunity to support tiers of security as well as certification in desired verticals.