My talk on DIDM at OpenDaylight Summit 2015.
To watch the slides with animation, download the PPT from here: https://www.dropbox.com/s/hyo708cpjybmgrh/DIDM-ODL-SUMMIT-15.pptx?dl=0
10 Strategies for Resolving Common Fleet Management ChallengesAssetWorks
This presentation provides a comprehensive overview of how the right technology solution can help organizations tackle common mobile workforce and fleet management challenges such as inefficient data management, poor communication, lone worker safety, and wasteful driving habits. Learn ten new ways to better manage these common challenges while increasing revenue and reducing costs at the same time.
Qualtrics + Accel Millennial Series: eBook No. 1: Millennials & Women in Lead...Accel
As millennials continue to advance in their careers, an entire generation is poised to enter new leadership roles, and many of these roles will be filled by women. With this U.S. presidential election, America is preparing to potentially welcome its first female president.
So it’s a perfect time to explore an important question: How do millennials view women in leadership roles? Will this be the generation that creates more equality between the sexes?
Accel Connect 2016 talk for portfolio founders & CEOsAccel
This November, we gathered our global founders and CEOs in San Francisco for our Accel Connect event. For part of the day, we discussed the current environment, independent of founders’ stage, as well as the changing requirements for building great, enduring companies. It’s a day we look forward to each year.
It’s also where we (Accel) attempted to synthesize a year’s worth of our own thinking: what’s happened in the markets, what trends caught our attention, and how have our own theses evolved. If successful, we ground our founders in the current state of affairs, while keeping an eye on what’s to come in 2017.
We’ve been talking to folks around our community about the discussion at Connect. Based on feedback, we wanted to share some of the presentation. Though it’s slightly “dated” (the material was built pre-election) and curated (for Accel’s global CEOs), we hope there are some nuggets of wisdom that can be useful in your own thinking — whether as a founder, employee, investor, or just an interested observer.
The summary to accompany the slides can be found here: https://medium.com/@Accel/reflecting-on-2016-and-looking-ahead-to-2017-6e6efe224224#.wl0y72oor
10 Strategies for Resolving Common Fleet Management ChallengesAssetWorks
This presentation provides a comprehensive overview of how the right technology solution can help organizations tackle common mobile workforce and fleet management challenges such as inefficient data management, poor communication, lone worker safety, and wasteful driving habits. Learn ten new ways to better manage these common challenges while increasing revenue and reducing costs at the same time.
Qualtrics + Accel Millennial Series: eBook No. 1: Millennials & Women in Lead...Accel
As millennials continue to advance in their careers, an entire generation is poised to enter new leadership roles, and many of these roles will be filled by women. With this U.S. presidential election, America is preparing to potentially welcome its first female president.
So it’s a perfect time to explore an important question: How do millennials view women in leadership roles? Will this be the generation that creates more equality between the sexes?
Accel Connect 2016 talk for portfolio founders & CEOsAccel
This November, we gathered our global founders and CEOs in San Francisco for our Accel Connect event. For part of the day, we discussed the current environment, independent of founders’ stage, as well as the changing requirements for building great, enduring companies. It’s a day we look forward to each year.
It’s also where we (Accel) attempted to synthesize a year’s worth of our own thinking: what’s happened in the markets, what trends caught our attention, and how have our own theses evolved. If successful, we ground our founders in the current state of affairs, while keeping an eye on what’s to come in 2017.
We’ve been talking to folks around our community about the discussion at Connect. Based on feedback, we wanted to share some of the presentation. Though it’s slightly “dated” (the material was built pre-election) and curated (for Accel’s global CEOs), we hope there are some nuggets of wisdom that can be useful in your own thinking — whether as a founder, employee, investor, or just an interested observer.
The summary to accompany the slides can be found here: https://medium.com/@Accel/reflecting-on-2016-and-looking-ahead-to-2017-6e6efe224224#.wl0y72oor
OpManager is an integrated network management tool that helps you monitor your network, physical & virtual servers, bandwidth, configurations, firewall, switch ports and IP addresses
Architectural Patterns in IoT Cloud PlatformsRoshan Kulkarni
IoT PaaS platforms help accelerate the delivery of IoT solutions. This deck outlines the various architectural patterns in IoT Cloud Platforms - A useful checklist to ascertain your own IoT Solution Architecture.
Reverse Engineering and Bug Hunting on KMDF Drivers - Enrique Nissim - 44CON ...44CON
Numerous technical articles, presentations, and even books exists about reverse engineering the Windows Driver Model (WDM) for purposes that vary from simply understanding how a specific driver works, to malware analysis and bug hunting. On the other hand, Microsoft has been providing the Kernel Mode Driver Framework (KMDF) for quite a while and we now see more and more drivers shifting to this framework instead of interacting directly with the OS like in the old WDM times. Yet, there is close to no information on how to approach this model from a reverse engineering and offensive standpoint.
In this presentation, I will first do a quick recap on WDM drivers, its common structures, and how to identify its entry points. Then I’ll introduce KMDF with all its relevant functions for reverse engineering through a set of case-studies. I’ll describe how to interact with a KMDF device object through SetupDI api and how to find and analyze the different IO queues dispatch routines. Does the framework actually enhances security? We’ll come to a conclusion after revealing some major vendor implementation problems.
Armed with this knowledge, you will be able to run your own bug hunting session over any KMDF driver.
SNMP OPC Server from Transcend AutomationBaiju P.S.
SNMP OPC Server will let your automation system both monitor and manage your automation infrastructure. In addition to monitoring your PLCs and Field Devices, you will be able to communicate with all the pieces that make up your automation network, the backbone of your plant.
Transcend Automation is the Authorized business partners for Kepware Technologies. We Market ,Promote, Integrate their products for customers in India
OpManager is integrated network management software that offers network monitoring, server monitoring, bandwidth analysis, configuration management, firewall log analysis, and IP & switch port management.
“Lights Out”Configuration using Tivoli Netcool AutoDiscovery ToolsAntonio Rolle
Review why a CMDB is essential to and is the foundation of your BSM strategy
Outline the known challenges that require planning at the outset of a CMDB initiative
Drill down into the approach and lessons learned in the initial stages of a CMDB rollout for one of the largest financial institutions in North America
Kaseya Connect 2012 - THE ABC'S OF MONITORINGKaseya
Is Agent or Agentless the best approach to monitoring devices and applications? The answer is both. Join us as we review the various approaches and solutions that Kaseya offers to handle this complex question and how they will be enhanced over the coming year.
Presented by: Jeff Keyes, Product Marketing Manager & Scott Brackett, Product Manager
Learn the methods of device discovery and classification in OpManager, the network monitoring software. Learn more from https://www.manageengine.com/network-monitoring/
PCI stands for “Payment Card Industry”. which is comprised of representatives from the major card brands (Visa, MasterCard, American Express, Discover, JCB etc.) who came together to set minimum security requirements for protecting cardholder data.
To achieve this, they wrote a framework of security controls known as the PCI DSS. They wrote a number of other directives but this is the main one that applies to the majority of businesses.
The PCI DSS consists of six goals, 12 requirements and 286 controls and must be implemented by any business that processes, stores or transmits credit or debit card holder data. The requirement for PCI DSS compliance is stated in your agreement with the bank that issues you a merchant identification. Your business is required to certify compliance to your bank upon achieving it and annually thereafter. The banks report your compliance to the PCI SCC and can issues fines for non-compliance.
State of ICS and IoT Cyber Threat Landscape Report 2024 previewPrayukth K V
The IoT and OT threat landscape report has been prepared by the Threat Research Team at Sectrio using data from Sectrio, cyber threat intelligence farming facilities spread across over 85 cities around the world. In addition, Sectrio also runs AI-based advanced threat and payload engagement facilities that serve as sinks to attract and engage sophisticated threat actors, and newer malware including new variants and latent threats that are at an earlier stage of development.
The latest edition of the OT/ICS and IoT security Threat Landscape Report 2024 also covers:
State of global ICS asset and network exposure
Sectoral targets and attacks as well as the cost of ransom
Global APT activity, AI usage, actor and tactic profiles, and implications
Rise in volumes of AI-powered cyberattacks
Major cyber events in 2024
Malware and malicious payload trends
Cyberattack types and targets
Vulnerability exploit attempts on CVEs
Attacks on counties – USA
Expansion of bot farms – how, where, and why
In-depth analysis of the cyber threat landscape across North America, South America, Europe, APAC, and the Middle East
Why are attacks on smart factories rising?
Cyber risk predictions
Axis of attacks – Europe
Systemic attacks in the Middle East
Download the full report from here:
https://sectrio.com/resources/ot-threat-landscape-reports/sectrio-releases-ot-ics-and-iot-security-threat-landscape-report-2024/
More Related Content
Similar to Device Identification & Driver Management (DIDM)
OpManager is an integrated network management tool that helps you monitor your network, physical & virtual servers, bandwidth, configurations, firewall, switch ports and IP addresses
Architectural Patterns in IoT Cloud PlatformsRoshan Kulkarni
IoT PaaS platforms help accelerate the delivery of IoT solutions. This deck outlines the various architectural patterns in IoT Cloud Platforms - A useful checklist to ascertain your own IoT Solution Architecture.
Reverse Engineering and Bug Hunting on KMDF Drivers - Enrique Nissim - 44CON ...44CON
Numerous technical articles, presentations, and even books exists about reverse engineering the Windows Driver Model (WDM) for purposes that vary from simply understanding how a specific driver works, to malware analysis and bug hunting. On the other hand, Microsoft has been providing the Kernel Mode Driver Framework (KMDF) for quite a while and we now see more and more drivers shifting to this framework instead of interacting directly with the OS like in the old WDM times. Yet, there is close to no information on how to approach this model from a reverse engineering and offensive standpoint.
In this presentation, I will first do a quick recap on WDM drivers, its common structures, and how to identify its entry points. Then I’ll introduce KMDF with all its relevant functions for reverse engineering through a set of case-studies. I’ll describe how to interact with a KMDF device object through SetupDI api and how to find and analyze the different IO queues dispatch routines. Does the framework actually enhances security? We’ll come to a conclusion after revealing some major vendor implementation problems.
Armed with this knowledge, you will be able to run your own bug hunting session over any KMDF driver.
SNMP OPC Server from Transcend AutomationBaiju P.S.
SNMP OPC Server will let your automation system both monitor and manage your automation infrastructure. In addition to monitoring your PLCs and Field Devices, you will be able to communicate with all the pieces that make up your automation network, the backbone of your plant.
Transcend Automation is the Authorized business partners for Kepware Technologies. We Market ,Promote, Integrate their products for customers in India
OpManager is integrated network management software that offers network monitoring, server monitoring, bandwidth analysis, configuration management, firewall log analysis, and IP & switch port management.
“Lights Out”Configuration using Tivoli Netcool AutoDiscovery ToolsAntonio Rolle
Review why a CMDB is essential to and is the foundation of your BSM strategy
Outline the known challenges that require planning at the outset of a CMDB initiative
Drill down into the approach and lessons learned in the initial stages of a CMDB rollout for one of the largest financial institutions in North America
Kaseya Connect 2012 - THE ABC'S OF MONITORINGKaseya
Is Agent or Agentless the best approach to monitoring devices and applications? The answer is both. Join us as we review the various approaches and solutions that Kaseya offers to handle this complex question and how they will be enhanced over the coming year.
Presented by: Jeff Keyes, Product Marketing Manager & Scott Brackett, Product Manager
Learn the methods of device discovery and classification in OpManager, the network monitoring software. Learn more from https://www.manageengine.com/network-monitoring/
PCI stands for “Payment Card Industry”. which is comprised of representatives from the major card brands (Visa, MasterCard, American Express, Discover, JCB etc.) who came together to set minimum security requirements for protecting cardholder data.
To achieve this, they wrote a framework of security controls known as the PCI DSS. They wrote a number of other directives but this is the main one that applies to the majority of businesses.
The PCI DSS consists of six goals, 12 requirements and 286 controls and must be implemented by any business that processes, stores or transmits credit or debit card holder data. The requirement for PCI DSS compliance is stated in your agreement with the bank that issues you a merchant identification. Your business is required to certify compliance to your bank upon achieving it and annually thereafter. The banks report your compliance to the PCI SCC and can issues fines for non-compliance.
Similar to Device Identification & Driver Management (DIDM) (20)
State of ICS and IoT Cyber Threat Landscape Report 2024 previewPrayukth K V
The IoT and OT threat landscape report has been prepared by the Threat Research Team at Sectrio using data from Sectrio, cyber threat intelligence farming facilities spread across over 85 cities around the world. In addition, Sectrio also runs AI-based advanced threat and payload engagement facilities that serve as sinks to attract and engage sophisticated threat actors, and newer malware including new variants and latent threats that are at an earlier stage of development.
The latest edition of the OT/ICS and IoT security Threat Landscape Report 2024 also covers:
State of global ICS asset and network exposure
Sectoral targets and attacks as well as the cost of ransom
Global APT activity, AI usage, actor and tactic profiles, and implications
Rise in volumes of AI-powered cyberattacks
Major cyber events in 2024
Malware and malicious payload trends
Cyberattack types and targets
Vulnerability exploit attempts on CVEs
Attacks on counties – USA
Expansion of bot farms – how, where, and why
In-depth analysis of the cyber threat landscape across North America, South America, Europe, APAC, and the Middle East
Why are attacks on smart factories rising?
Cyber risk predictions
Axis of attacks – Europe
Systemic attacks in the Middle East
Download the full report from here:
https://sectrio.com/resources/ot-threat-landscape-reports/sectrio-releases-ot-ics-and-iot-security-threat-landscape-report-2024/
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf91mobiles
91mobiles recently conducted a Smart TV Buyer Insights Survey in which we asked over 3,000 respondents about the TV they own, aspects they look at on a new TV, and their TV buying preferences.
Unlocking Productivity: Leveraging the Potential of Copilot in Microsoft 365, a presentation by Christoforos Vlachos, Senior Solutions Manager – Modern Workplace, Uni Systems
PHP Frameworks: I want to break free (IPC Berlin 2024)Ralf Eggert
In this presentation, we examine the challenges and limitations of relying too heavily on PHP frameworks in web development. We discuss the history of PHP and its frameworks to understand how this dependence has evolved. The focus will be on providing concrete tips and strategies to reduce reliance on these frameworks, based on real-world examples and practical considerations. The goal is to equip developers with the skills and knowledge to create more flexible and future-proof web applications. We'll explore the importance of maintaining autonomy in a rapidly changing tech landscape and how to make informed decisions in PHP development.
This talk is aimed at encouraging a more independent approach to using PHP frameworks, moving towards a more flexible and future-proof approach to PHP development.
GraphRAG is All You need? LLM & Knowledge GraphGuy Korland
Guy Korland, CEO and Co-founder of FalkorDB, will review two articles on the integration of language models with knowledge graphs.
1. Unifying Large Language Models and Knowledge Graphs: A Roadmap.
https://arxiv.org/abs/2306.08302
2. Microsoft Research's GraphRAG paper and a review paper on various uses of knowledge graphs:
https://www.microsoft.com/en-us/research/blog/graphrag-unlocking-llm-discovery-on-narrative-private-data/
GraphSummit Singapore | The Art of the Possible with Graph - Q2 2024Neo4j
Neha Bajwa, Vice President of Product Marketing, Neo4j
Join us as we explore breakthrough innovations enabled by interconnected data and AI. Discover firsthand how organizations use relationships in data to uncover contextual insights and solve our most pressing challenges – from optimizing supply chains, detecting fraud, and improving customer experiences to accelerating drug discoveries.
Dr. Sean Tan, Head of Data Science, Changi Airport Group
Discover how Changi Airport Group (CAG) leverages graph technologies and generative AI to revolutionize their search capabilities. This session delves into the unique search needs of CAG’s diverse passengers and customers, showcasing how graph data structures enhance the accuracy and relevance of AI-generated search results, mitigating the risk of “hallucinations” and improving the overall customer journey.
SAP Sapphire 2024 - ASUG301 building better apps with SAP Fiori.pdfPeter Spielvogel
Building better applications for business users with SAP Fiori.
• What is SAP Fiori and why it matters to you
• How a better user experience drives measurable business benefits
• How to get started with SAP Fiori today
• How SAP Fiori elements accelerates application development
• How SAP Build Code includes SAP Fiori tools and other generative artificial intelligence capabilities
• How SAP Fiori paves the way for using AI in SAP apps
Pushing the limits of ePRTC: 100ns holdover for 100 daysAdtran
At WSTS 2024, Alon Stern explored the topic of parametric holdover and explained how recent research findings can be implemented in real-world PNT networks to achieve 100 nanoseconds of accuracy for up to 100 days.
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...James Anderson
Effective Application Security in Software Delivery lifecycle using Deployment Firewall and DBOM
The modern software delivery process (or the CI/CD process) includes many tools, distributed teams, open-source code, and cloud platforms. Constant focus on speed to release software to market, along with the traditional slow and manual security checks has caused gaps in continuous security as an important piece in the software supply chain. Today organizations feel more susceptible to external and internal cyber threats due to the vast attack surface in their applications supply chain and the lack of end-to-end governance and risk management.
The software team must secure its software delivery process to avoid vulnerability and security breaches. This needs to be achieved with existing tool chains and without extensive rework of the delivery processes. This talk will present strategies and techniques for providing visibility into the true risk of the existing vulnerabilities, preventing the introduction of security issues in the software, resolving vulnerabilities in production environments quickly, and capturing the deployment bill of materials (DBOM).
Speakers:
Bob Boule
Robert Boule is a technology enthusiast with PASSION for technology and making things work along with a knack for helping others understand how things work. He comes with around 20 years of solution engineering experience in application security, software continuous delivery, and SaaS platforms. He is known for his dynamic presentations in CI/CD and application security integrated in software delivery lifecycle.
Gopinath Rebala
Gopinath Rebala is the CTO of OpsMx, where he has overall responsibility for the machine learning and data processing architectures for Secure Software Delivery. Gopi also has a strong connection with our customers, leading design and architecture for strategic implementations. Gopi is a frequent speaker and well-known leader in continuous delivery and integrating security into software delivery.
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...DanBrown980551
Do you want to learn how to model and simulate an electrical network from scratch in under an hour?
Then welcome to this PowSyBl workshop, hosted by Rte, the French Transmission System Operator (TSO)!
During the webinar, you will discover the PowSyBl ecosystem as well as handle and study an electrical network through an interactive Python notebook.
PowSyBl is an open source project hosted by LF Energy, which offers a comprehensive set of features for electrical grid modelling and simulation. Among other advanced features, PowSyBl provides:
- A fully editable and extendable library for grid component modelling;
- Visualization tools to display your network;
- Grid simulation tools, such as power flows, security analyses (with or without remedial actions) and sensitivity analyses;
The framework is mostly written in Java, with a Python binding so that Python developers can access PowSyBl functionalities as well.
What you will learn during the webinar:
- For beginners: discover PowSyBl's functionalities through a quick general presentation and the notebook, without needing any expert coding skills;
- For advanced developers: master the skills to efficiently apply PowSyBl functionalities to your real-world scenarios.
Epistemic Interaction - tuning interfaces to provide information for AI supportAlan Dix
Paper presented at SYNERGY workshop at AVI 2024, Genoa, Italy. 3rd June 2024
https://alandix.com/academic/papers/synergy2024-epistemic/
As machine learning integrates deeper into human-computer interactions, the concept of epistemic interaction emerges, aiming to refine these interactions to enhance system adaptability. This approach encourages minor, intentional adjustments in user behaviour to enrich the data available for system learning. This paper introduces epistemic interaction within the context of human-system communication, illustrating how deliberate interaction design can improve system understanding and adaptation. Through concrete examples, we demonstrate the potential of epistemic interaction to significantly advance human-computer interaction by leveraging intuitive human communication strategies to inform system design and functionality, offering a novel pathway for enriching user-system engagements.
2. Motivation
• Problems:
• Today applications need to know the device’s capabilities to create flow mods that best utilize the
capabilities of the device
• Controller doesn’t provide a common/consistent device specific way of handling CRUD operations for
functions such as VLAN configuration
• Motivation:
• Need to provide Device specific functionality
• Extensible -Allow new device specific functionality to be dynamically added, and allow dynamic support
for new device types
• Standard/consistent way of implementing device specific functionality
#ODSummit
3. Scope
1) Identification –determine the type of device
2) Device Driver – provide device specific functionality
3) Synchronization – collecting and pushing data to/from a device
4) Define Data Models for Common Features – define data models for
performing common function such as VLAN configuration
5) Define RPCs for Common Features – define APIs (RPCs) for common
features such as Flow Mod adjustment
6) Discovery - discover a non-OpenFlow device (manual discovery)
#ODSummit
4. Design Considerations
Invoking Drivers
Standard MD-SAL mechanisms
RPCs or invoked via a data change notification
Identification
Framework component that orchestrates the Identification process.
Drivers provide Identification component with information to identify
devices via MD-SAL mechanisms
Synchronization, Driver Registration
Use standard MD-SAL mechanisms, event driven via notifications
(Decentralized)
#ODSummit
6. MD-SAL enhancement Request
Enhancement requests that are yet to be implemented:
Ability to control how much processing is given to a plugin
Finer filter of data change notifications:
Eg, notify only if augmentation equal a specified value
#ODSummit
12. Discovery flow (1/2) [animation]
#ODSummit
Client
PUT inv:node {IP}
Oper
CHANGE Inv:node{ip}
PUBLISH unidentified device
Config NE Plugin
PUT Inv:node {ip, type}
Device
Connect
ok
Protocol Plugin
(SNMP)
Connect
ok
MD-SAL Identification
Mgr
Determine type
[Type Identified]
[Type Unidentified]
13. Discovery flow (2/2) [animation]
#ODSummit
Client Oper
RECEIVE Unidentified device
Config
PUT Inv:node {ip, type}
Device
Connect
ok
Protocol Plugin
(TL1/CORBA)
Connect
ok
MD-SAL NE Plugin
(Ciena 6500)
RECEIVE Unidentified device
NE Plugin
(Ciena 5430)
Connect
fail
Connect
fail
14. Synchronization [animation]
#ODSummit
Client
PUT inv:node {‘syncing’}
Oper
Data change {‘sync’}
MERGE Inv:node <<data>>, {state:’synchronized’}
Config NE Plugin
PUT inv:node {state: ‘synching’}
Device
Get data
<data>
Protocol Plugin
Get data
<data>
15. #ODSummit
Lithium Deliverables Beryllium Goals
Common model augmentations for device
type and device state
• Flow Mod driver
Device Drivers Data models and APIs for common “features” such
as VLAN configuration, Flow Mod adjustment, etc.
Identification components • VLAN driver
• Add VLAN
• Delete VLAN
• Add port
• Remove port
Documentation and sample driver • Non-OpenFlow discovery (Manual discovery)
Abstract/helper classes • Didm-feature-all (to install all the features)
• Tutorial on how to write a driver/use DIDM
framework
16. Wiki and Trello
• DIDM Wiki
• https://wiki.opendaylight.org/view/DIDM:Main
• Meeting and IRC Slack info
• Team members
• Project proposal
• Link to Trello board
• Lithium Release plan
• Trello Board
• https://trello.com/b/eUMAIoda/open-daylight-didm
#ODSummit