Securing the Internet of Things
For better or worse the Internet of Things is real and here to stay. While these devices are often trivialised (think Internet-connected dishwashers) there has been a trend to more “serious” IoT devices (think industrial IoT) and a genuine consideration for how these devices can be used effectively in both the commercial and consumer spaces. Unfortunately, the security of these devices is almost universally poor, increasing the attack surface of the connected network significantly.
This presentation outlines a number of security issues commonly found in Internet of Things devices and how to securely develop Internet of Things devices and associated services and applications. Specifically the talk will cover common vulnerabilities and secure development issues across multiple IoT domains including firmware/embedded OS security, transport security, hardware security and application security.
Outline/structure of the Session
- Overview of IoT Security Issues
- IoT Threat Modelling
- Secure Design and Development Principles
- Firmware and Embedded OS Security
- Transport Security
- Hardware Security
- Application Security
- Summary and Wrap Up
The outcome of this presentation is to provide attendees with a better understanding of common security issues related to IoT devices and associated technologies and how to address these issues.
Developers of IoT devices and related technology and infrastructure as well as anyone interested in the security of IoT devices.
The session will assume a baseline understanding of common IoT technologies and protocols and will not cover that ground again due to time however most attendees with a development or technical background should be able to follow.