Conferences and supporting programme
Techniques for Securing Low-Cost Embedded Devices
There have been many recent advancements in embedded security, with many new devices offering a large number of security features. Many system developers can't make use of these devices due to cost or other considerations such as the existence of a legacy codebase, but that doesn't mean they can't improve the security of their system. This session focuses on techniques that can be applied to devices without special security hardware, such as the bulk of microcontrollers (MCUs) available on the market today. We begin by looking at fundamental limitations of these systems and establishing some boundaries for what can and cannot be done with these systems. Next, we explore general best practices for creating secure systems. We will discuss situations in which we can mitigate side channel attacks against un-hardened Advanced Encryption Standard (AES) implementations. Finally, we will discuss techniques for protecting the integrity of device contents and allowing controlled debug access for diagnosing field failures.
--- Date: 26.02.2019 Time: 10:00 - 10:30 Location: Conference Counter NCC Ost