27. Februar - 1. März 2018 // Nürnberg, Germany

Konferenzen und Rahmenprogramm

Zurück zur Tagesansicht
Session 02 - Hacking

You've Been Hacked! Now What? Vortragssprache Englisch

You've seen the headlines. Whether it';s bots infecting home networks, the destruction of industrial systems, or the ability to take remote control of automobiles, the horror stories around Internet of Things security are starting to mount, like bodies in a bad movie. The bad guys will keep coming with malicious intent. The attacks on connected devices will only get worse and more sophisticated. Hardware, software, communications and communications protocol, device commissioning, applications layers and other systems considerations are just some of the many entry points that could impact security of a device, fall victim to malware, and lead to data breaches or weaponization. Boundary protection can be too porous. Systems that may seem secure today may have weaknesses that will lead to future failure, which is almost an inevitability. Privacy, corporate reputations...and even lives can depend on the ability to ensure a device's security. So it's time to face reality: There's a good chance your device will get hacked. What are you going to do about it? How will you recover? What can you do to prepare? This presentation focuses on what you need to do in the aftermath of an IoT compromise and how you get back to a trusted system. Key points to understand: Identifying a breach -- Your device may seem to be functioning properly, but that doesn't mean it hasn't been hacked. Often there isn't even awareness that a device has been attacked or it is being used for a malicious purpose. How do you spot if something nefarious is present in the memory system? How do you ensure every piece of the core is encrypted? What are the steps to identify security concerns with a device? Recovering from a breach -- The best chance of recovery starts with a Secure Boot Manager (SBM), which is injected into microcontrollers, alongside the provisioning of secure keys and certificates, to provide a robust root-of-trust. Having this in place in critical to an effective recovery. Remediating a breach -- How do you develop a patching strategy? This involves downloading a known, good component and patching it in. Restarting -- The Secure Boot Manager also enables a secure software update process. The customer application will download the software update to a separate memory location and will make a software update API call to the SBM. The SBM will reset the MCU, and after reset, it will process the requested update by verifying it and programming the flash with the software update. Managing the lifecycle of a device -- Increasingly, the ability to securely update a product's firmware in the field over the lifecycle of the product is crucial. If devices need updating and patching, how do you ensure your device has that secure functionality? The best defense enables a cradle-to-grave solution for compromises. This presentation will look at everything you need to know to create a root-of-trust and secure framework, identify a breach, and prepare for and recover from an attack.

--- Datum: 27.02.2018 Uhrzeit: 16:30 Uhr - 17:00 Uhr Ort: Conference Counter NCC Ost

Sprecher

man

Haydn Povey

/ Secure Thingz

top

Der gewählte Eintrag wurde auf Ihre Merkliste gesetzt!

Wenn Sie sich registrieren, sichern Sie Ihre Merkliste dauerhaft und können alle Einträge selbst unterwegs via Laptop oder Tablett abrufen.

Hier registrieren Sie sich, um Daten der Aussteller- und Produkt-Plattform sowie des Rahmenprogramms dauerhaft zu speichern. Die Registrierung gilt nicht für den Ticket- und Aussteller-Shop.

Jetzt registrieren

Ihre Vorteile auf einen Blick

  • Vorteil Sichern Sie Ihre Merkliste dauerhaft. Nutzen Sie den sofortigen Zugriff auf gespeicherte Aussteller oder Produkte: egal wann und wo - inkl. Notizfunktion.
  • Vorteil Erhalten Sie auf Wunsch via Newsletter regelmäßig aktuelle Informationen zu neuen Ausstellern und Produkten - abgestimmt auf Ihre Interessen.
  • Vorteil Rufen Sie Ihre Merkliste auch mobil ab: Einfach einloggen und jederzeit darauf zugreifen.