Conferences and supporting programme
The LTS Kernel is a Barrier to Building a Global Secure IoT Platform
Embedded product developers are familiar with the kernel.org LTS kernels. Designed to provide long term support and maintenance for selected versions of the Linux kernel, products have been developed based on LTS for over 20 years. However, in the world of Spectre, Meltdown, Foreshadow, and nation state hacking of industrial networks, LTS kernels present a barrier to building a global, secure, IoT. This paper describes a typical embedded product development workflow using LTS and SoC vendor BSP using Open Embedded/Yocto. It discusses options for firmware, kernel and user space updates in end-to-end sensor to cloud consumer and industrial applications over 'use cases at scale' and compares the embedded development process with enterprise datacenter product development. Our traditional methodology is breaking down in a world where security exploits must be managed on devices at scale, and where security patches are first applied to the latest software. The architecture of a scalable open source platform for IoT will be discussed in the context of upstream software, security & root of trust, and over the air updates of all device software from secure boot firmware to user space. The session will call upon all participants in the ecosystem to join together to work upstream across architectures, including Arm, Intel & RISC-V, to solve the problem of global IoT platform fragmentation.
--- Date: 28.02.2019 Time: 9:30 - 10:00 Location: Conference Counter NCC Ost