SlideShare a Scribd company logo

Why the IoT the Needs Upgradable Security

Silicon Labs
Silicon Labs

In this webinar, Lars Lydersen, senior director of product security at Silicon Labs, delves into the historical data of how adversary capability has evolved, and discusses how these can be extrapolated into the future. This understanding gives a necessary background to evaluate what security functionality is necessary in an IoT design. Even with advanced security functionality, there will always be unknown unknowns, and it will be necessary to secure against attacks and adversaries of the future. Lars will also discuss the typical properties of an attack that can be thwarted via updates, why enabling software updates is needed, and the consequences for IoT designs. Watch the complete webinar, here: http://bit.ly/2wyiTDB

Technology
1 of 19
Download to read offline
Why the IoT Needs Upgradable Security L A R S LY D E R S E N , S E N I O R D I R E C T O R O F P R O D U C T S E C U R I T Y
Why the IoT Needs Upgradable Security L A R S LY D E R S E N , S E N I O R D I R E C T O R O F P R O D U C T S E C U R I T Y
Meet Lars, the Quantum Hacker
IoT of Guns Smart Engineers What you see You aimed here The gun shot here 4
Don’t Break My Heart 5
Classical Cyber Security Proprietary 6
IoT Security Proprietary /  Increased attack surface  Accessibility to hardware  Limited processing power in end nodes 7
 Security/privacy  Easy of use  Functionality  Cost Security/privacy is a balancing act 8
Class Hobbyist / script-kiddie Advanced hackers Security researchers Nation state attacks Motivation Fun, curiosity, fame Fame, financial Curiosity, improve security, novel ideas and attacks Espionage, sabotage Resources Limited, commodity hacking equipment Semi-specialized equipment. Experts in single domain Ultra-specialized equipment. Experts in multiple domains Unlimited Exponentially increasing cost of security Who is the adversary? Why do they attack? 9
Commoditization of attacker tools: DPA Before ca. 1998 Nation state? No public knowledge about DPA? Ca. 1998 – ca. 2015 Cryptographic Research, now Rambus, publishes papers on DPA and starts selling DPA equipment at a prohibitive price Security researchers 2015 - now Chipwisperer on Kickstarter for $300. Analysis software on Github Hobbyists 10
DPA today 11
Commoditization of attacker tools: EMI 2017 - now? Nation state? No public knowledge about EMI? ? –2017 Risecure sells EM Probe stations at a prohibitive price Security researchers Someone made a $350 probe station from a 3D printer and will put it on github (Badfet) Hobbyists 12
EMI today 13
What is the right security level? Time Level of security Adversary strength Today End of life for device  Adversary strengthens  Always new, novel attacks  Must upgrade security during lifecycle  Not all attacks are patchable  Need strong HW security today Choice of security level 14
Who is the adversary of 2035? 15
Secure boot is needed to enable upgradability  Signatures verify authenticity  Must use asymmetric crypto  Only requires public keys in the device  May provide confidentiality  Difficult find loopholes in image  Protect IP  Must put keys in immutable memory 16
M E M O R Y R E Q U I R E M E N T S How much overhead do you need? How to manage the memory budget? H O W Directly connected? Forced updates? W H O Who is authorized to push updates? How is the authorization enforced? Deploying upgrades Memory Bootloader RTOS Com Stack App data Overhead 17
 Security is not binary  Consider the adversary of the future  Upgradable security is necessary in IoT Summary 18
Thank you!

Recommended

Python-Assisted Red-Teaming Operation
Python-Assisted Red-Teaming OperationPython-Assisted Red-Teaming Operation
Python-Assisted Red-Teaming OperationSatria Ady Pradana
 
Berkarir di Cyber Security
Berkarir di Cyber SecurityBerkarir di Cyber Security
Berkarir di Cyber SecuritySatria Ady Pradana
 
Security for Human Beings
Security for Human BeingsSecurity for Human Beings
Security for Human Beingszekivazquez
 
SACON - Deception Technology (Sahir Hidayatullah)
SACON - Deception Technology (Sahir Hidayatullah)SACON - Deception Technology (Sahir Hidayatullah)
SACON - Deception Technology (Sahir Hidayatullah)Priyanka Aash
 
The value of Deep Instinct’s prediction model – Copy Cat Test Case
The value of Deep Instinct’s prediction model – Copy Cat Test CaseThe value of Deep Instinct’s prediction model – Copy Cat Test Case
The value of Deep Instinct’s prediction model – Copy Cat Test CaseAlly Benoliel
 
Crowd-Sourced Threat Intelligence
Crowd-Sourced Threat IntelligenceCrowd-Sourced Threat Intelligence
Crowd-Sourced Threat IntelligenceAlienVault
 
Weaponizing OSINT – Hacker Halted 2019 – Michael James
Weaponizing OSINT – Hacker Halted 2019 – Michael James Weaponizing OSINT – Hacker Halted 2019 – Michael James
Weaponizing OSINT – Hacker Halted 2019 – Michael James EC-Council
 
Deploying a Shadow Threat Intel Capability at CaralinaCon on March 6, 2016
Deploying a Shadow Threat Intel Capability at CaralinaCon on March 6, 2016Deploying a Shadow Threat Intel Capability at CaralinaCon on March 6, 2016
Deploying a Shadow Threat Intel Capability at CaralinaCon on March 6, 2016grecsl
 

Recommended

Python-Assisted Red-Teaming Operation
Python-Assisted Red-Teaming OperationPython-Assisted Red-Teaming Operation
Python-Assisted Red-Teaming OperationSatria Ady Pradana
 
Berkarir di Cyber Security
Berkarir di Cyber SecurityBerkarir di Cyber Security
Berkarir di Cyber SecuritySatria Ady Pradana
 
Security for Human Beings
Security for Human BeingsSecurity for Human Beings
Security for Human Beingszekivazquez
 
SACON - Deception Technology (Sahir Hidayatullah)
SACON - Deception Technology (Sahir Hidayatullah)SACON - Deception Technology (Sahir Hidayatullah)
SACON - Deception Technology (Sahir Hidayatullah)Priyanka Aash
 
The value of Deep Instinct’s prediction model – Copy Cat Test Case
The value of Deep Instinct’s prediction model – Copy Cat Test CaseThe value of Deep Instinct’s prediction model – Copy Cat Test Case
The value of Deep Instinct’s prediction model – Copy Cat Test CaseAlly Benoliel
 
Crowd-Sourced Threat Intelligence
Crowd-Sourced Threat IntelligenceCrowd-Sourced Threat Intelligence
Crowd-Sourced Threat IntelligenceAlienVault
 
Weaponizing OSINT – Hacker Halted 2019 – Michael James
Weaponizing OSINT – Hacker Halted 2019 – Michael James Weaponizing OSINT – Hacker Halted 2019 – Michael James
Weaponizing OSINT – Hacker Halted 2019 – Michael James EC-Council
 
Deploying a Shadow Threat Intel Capability at CaralinaCon on March 6, 2016
Deploying a Shadow Threat Intel Capability at CaralinaCon on March 6, 2016Deploying a Shadow Threat Intel Capability at CaralinaCon on March 6, 2016
Deploying a Shadow Threat Intel Capability at CaralinaCon on March 6, 2016grecsl
 
Hunting The Shadows: In Depth Analysis of Escalated APT Attacks
Hunting The Shadows: In Depth Analysis of Escalated APT AttacksHunting The Shadows: In Depth Analysis of Escalated APT Attacks
Hunting The Shadows: In Depth Analysis of Escalated APT AttacksF _
 
How to assign a CVE to yourself?
How to assign a CVE to yourself?How to assign a CVE to yourself?
How to assign a CVE to yourself?Ramin Farajpour Cami
 
Threat Deception - Counter Techniques from the Defenders League
Threat Deception - Counter Techniques from the Defenders LeagueThreat Deception - Counter Techniques from the Defenders League
Threat Deception - Counter Techniques from the Defenders LeagueAvkash Kathiriya
 
Hacking Diversity – Hacker Halted . 2019 – Marcelle Lee
Hacking Diversity – Hacker Halted . 2019 – Marcelle LeeHacking Diversity – Hacker Halted . 2019 – Marcelle Lee
Hacking Diversity – Hacker Halted . 2019 – Marcelle LeeEC-Council
 
Ethical Hacking
Ethical HackingEthical Hacking
Ethical HackingDivyadharshini S U
 
IoT Attack Surfaces -- DEFCON 2015
IoT Attack Surfaces -- DEFCON 2015IoT Attack Surfaces -- DEFCON 2015
IoT Attack Surfaces -- DEFCON 2015Daniel Miessler
 
ISACA Ethical Hacking Presentation 10/2011
ISACA Ethical Hacking Presentation 10/2011ISACA Ethical Hacking Presentation 10/2011
ISACA Ethical Hacking Presentation 10/2011Xavier Mertens
 
Android Hacking + Pentesting
Android Hacking + Pentesting Android Hacking + Pentesting
Android Hacking + Pentesting Sina Manavi
 
Extracting the Malware Signal from Internet Noise
Extracting the Malware Signal from Internet NoiseExtracting the Malware Signal from Internet Noise
Extracting the Malware Signal from Internet NoiseAshwini Almad
 
The Inmates Are Running the Asylum: Why Some Multi-Factor Authentication Tech...
The Inmates Are Running the Asylum: Why Some Multi-Factor Authentication Tech...The Inmates Are Running the Asylum: Why Some Multi-Factor Authentication Tech...
The Inmates Are Running the Asylum: Why Some Multi-Factor Authentication Tech...Clare Nelson, CISSP, CIPP-E
 
IoT security zigbee -- Null Meet bangalore
IoT security zigbee -- Null Meet bangaloreIoT security zigbee -- Null Meet bangalore
IoT security zigbee -- Null Meet bangaloreveerababu penugonda(Mr-IoT)
 
PSCR 2019 - ICAM Standards
PSCR 2019 - ICAM StandardsPSCR 2019 - ICAM Standards
PSCR 2019 - ICAM StandardsAdam Lewis
 
Practical hardware attacks against SOHO Routers & the Internet of Things
Practical hardware attacks against SOHO Routers & the Internet of ThingsPractical hardware attacks against SOHO Routers & the Internet of Things
Practical hardware attacks against SOHO Routers & the Internet of ThingsChase Schultz
 
Mobile phone Data Hacking
Mobile phone Data HackingMobile phone Data Hacking
Mobile phone Data HackingMd Abu Syeem Dipu
 
CyberCamp 2015: Low Hanging Fruit
CyberCamp 2015: Low Hanging FruitCyberCamp 2015: Low Hanging Fruit
CyberCamp 2015: Low Hanging FruitChema Alonso
 
RSA2015: Securing the Internet of Things
RSA2015: Securing the Internet of ThingsRSA2015: Securing the Internet of Things
RSA2015: Securing the Internet of ThingsDaniel Miessler
 
Information security
Information securityInformation security
Information securityVarshil Patel
 
Why Risk Management is Impossible
Why Risk Management is ImpossibleWhy Risk Management is Impossible
Why Risk Management is ImpossibleRichard Stiennon
 
Security and privacy for journalists
Security and privacy for journalistsSecurity and privacy for journalists
Security and privacy for journalistsJillian York
 
DEFCON 23 - Li Jun Yang Ging - I’M A NEWBIE YET I CAN HACK ZIGBEE
DEFCON 23 - Li Jun Yang Ging - I’M A NEWBIE YET I CAN HACK ZIGBEEDEFCON 23 - Li Jun Yang Ging - I’M A NEWBIE YET I CAN HACK ZIGBEE
DEFCON 23 - Li Jun Yang Ging - I’M A NEWBIE YET I CAN HACK ZIGBEEFelipe Prado
 
Hack one iot device, break them all!
Hack one iot device, break them all!Hack one iot device, break them all!
Hack one iot device, break them all!Justin Black
 
Ethical Hacking, Its relevance and Its Prospects
Ethical Hacking, Its relevance and Its ProspectsEthical Hacking, Its relevance and Its Prospects
Ethical Hacking, Its relevance and Its ProspectsRwik Kumar Dutta
 

More Related Content

What's hot

Hunting The Shadows: In Depth Analysis of Escalated APT Attacks
Hunting The Shadows: In Depth Analysis of Escalated APT AttacksHunting The Shadows: In Depth Analysis of Escalated APT Attacks
Hunting The Shadows: In Depth Analysis of Escalated APT AttacksF _
 
Threat Deception - Counter Techniques from the Defenders League
Threat Deception - Counter Techniques from the Defenders LeagueThreat Deception - Counter Techniques from the Defenders League
Threat Deception - Counter Techniques from the Defenders LeagueAvkash Kathiriya
 
Hacking Diversity – Hacker Halted . 2019 – Marcelle Lee
Hacking Diversity – Hacker Halted . 2019 – Marcelle LeeHacking Diversity – Hacker Halted . 2019 – Marcelle Lee
Hacking Diversity – Hacker Halted . 2019 – Marcelle LeeEC-Council
 
IoT Attack Surfaces -- DEFCON 2015
IoT Attack Surfaces -- DEFCON 2015IoT Attack Surfaces -- DEFCON 2015
IoT Attack Surfaces -- DEFCON 2015Daniel Miessler
 
ISACA Ethical Hacking Presentation 10/2011
ISACA Ethical Hacking Presentation 10/2011ISACA Ethical Hacking Presentation 10/2011
ISACA Ethical Hacking Presentation 10/2011Xavier Mertens
 
Android Hacking + Pentesting
Android Hacking + Pentesting Android Hacking + Pentesting
Android Hacking + Pentesting Sina Manavi
 
Extracting the Malware Signal from Internet Noise
Extracting the Malware Signal from Internet NoiseExtracting the Malware Signal from Internet Noise
Extracting the Malware Signal from Internet NoiseAshwini Almad
 
The Inmates Are Running the Asylum: Why Some Multi-Factor Authentication Tech...
The Inmates Are Running the Asylum: Why Some Multi-Factor Authentication Tech...The Inmates Are Running the Asylum: Why Some Multi-Factor Authentication Tech...
The Inmates Are Running the Asylum: Why Some Multi-Factor Authentication Tech...Clare Nelson, CISSP, CIPP-E
 
PSCR 2019 - ICAM Standards
PSCR 2019 - ICAM StandardsPSCR 2019 - ICAM Standards
PSCR 2019 - ICAM StandardsAdam Lewis
 
Practical hardware attacks against SOHO Routers & the Internet of Things
Practical hardware attacks against SOHO Routers & the Internet of ThingsPractical hardware attacks against SOHO Routers & the Internet of Things
Practical hardware attacks against SOHO Routers & the Internet of ThingsChase Schultz
 
CyberCamp 2015: Low Hanging Fruit
CyberCamp 2015: Low Hanging FruitCyberCamp 2015: Low Hanging Fruit
CyberCamp 2015: Low Hanging FruitChema Alonso
 
RSA2015: Securing the Internet of Things
RSA2015: Securing the Internet of ThingsRSA2015: Securing the Internet of Things
RSA2015: Securing the Internet of ThingsDaniel Miessler
 
Information security
Information securityInformation security
Information securityVarshil Patel
 
Why Risk Management is Impossible
Why Risk Management is ImpossibleWhy Risk Management is Impossible
Why Risk Management is ImpossibleRichard Stiennon
 
Security and privacy for journalists
Security and privacy for journalistsSecurity and privacy for journalists
Security and privacy for journalistsJillian York
 
DEFCON 23 - Li Jun Yang Ging - I’M A NEWBIE YET I CAN HACK ZIGBEE
DEFCON 23 - Li Jun Yang Ging - I’M A NEWBIE YET I CAN HACK ZIGBEEDEFCON 23 - Li Jun Yang Ging - I’M A NEWBIE YET I CAN HACK ZIGBEE
DEFCON 23 - Li Jun Yang Ging - I’M A NEWBIE YET I CAN HACK ZIGBEEFelipe Prado
 

What's hot (20)

Hunting The Shadows: In Depth Analysis of Escalated APT Attacks
Hunting The Shadows: In Depth Analysis of Escalated APT AttacksHunting The Shadows: In Depth Analysis of Escalated APT Attacks
Hunting The Shadows: In Depth Analysis of Escalated APT Attacks
 
How to assign a CVE to yourself?
How to assign a CVE to yourself?How to assign a CVE to yourself?
How to assign a CVE to yourself?
 
Threat Deception - Counter Techniques from the Defenders League
Threat Deception - Counter Techniques from the Defenders LeagueThreat Deception - Counter Techniques from the Defenders League
Threat Deception - Counter Techniques from the Defenders League
 
Hacking Diversity – Hacker Halted . 2019 – Marcelle Lee
Hacking Diversity – Hacker Halted . 2019 – Marcelle LeeHacking Diversity – Hacker Halted . 2019 – Marcelle Lee
Hacking Diversity – Hacker Halted . 2019 – Marcelle Lee
 
Ethical Hacking
Ethical HackingEthical Hacking
Ethical Hacking
 
IoT Attack Surfaces -- DEFCON 2015
IoT Attack Surfaces -- DEFCON 2015IoT Attack Surfaces -- DEFCON 2015
IoT Attack Surfaces -- DEFCON 2015
 
ISACA Ethical Hacking Presentation 10/2011
ISACA Ethical Hacking Presentation 10/2011ISACA Ethical Hacking Presentation 10/2011
ISACA Ethical Hacking Presentation 10/2011
 
Android Hacking + Pentesting
Android Hacking + Pentesting Android Hacking + Pentesting
Android Hacking + Pentesting
 
Extracting the Malware Signal from Internet Noise
Extracting the Malware Signal from Internet NoiseExtracting the Malware Signal from Internet Noise
Extracting the Malware Signal from Internet Noise
 
The Inmates Are Running the Asylum: Why Some Multi-Factor Authentication Tech...
The Inmates Are Running the Asylum: Why Some Multi-Factor Authentication Tech...The Inmates Are Running the Asylum: Why Some Multi-Factor Authentication Tech...
The Inmates Are Running the Asylum: Why Some Multi-Factor Authentication Tech...
 
IoT security zigbee -- Null Meet bangalore
IoT security zigbee -- Null Meet bangaloreIoT security zigbee -- Null Meet bangalore
IoT security zigbee -- Null Meet bangalore
 
PSCR 2019 - ICAM Standards
PSCR 2019 - ICAM StandardsPSCR 2019 - ICAM Standards
PSCR 2019 - ICAM Standards
 
Practical hardware attacks against SOHO Routers & the Internet of Things
Practical hardware attacks against SOHO Routers & the Internet of ThingsPractical hardware attacks against SOHO Routers & the Internet of Things
Practical hardware attacks against SOHO Routers & the Internet of Things
 
Mobile phone Data Hacking
Mobile phone Data HackingMobile phone Data Hacking
Mobile phone Data Hacking
 
CyberCamp 2015: Low Hanging Fruit
CyberCamp 2015: Low Hanging FruitCyberCamp 2015: Low Hanging Fruit
CyberCamp 2015: Low Hanging Fruit
 
RSA2015: Securing the Internet of Things
RSA2015: Securing the Internet of ThingsRSA2015: Securing the Internet of Things
RSA2015: Securing the Internet of Things
 
Information security
Information securityInformation security
Information security
 
Why Risk Management is Impossible
Why Risk Management is ImpossibleWhy Risk Management is Impossible
Why Risk Management is Impossible
 
Security and privacy for journalists
Security and privacy for journalistsSecurity and privacy for journalists
Security and privacy for journalists
 
DEFCON 23 - Li Jun Yang Ging - I’M A NEWBIE YET I CAN HACK ZIGBEE
DEFCON 23 - Li Jun Yang Ging - I’M A NEWBIE YET I CAN HACK ZIGBEEDEFCON 23 - Li Jun Yang Ging - I’M A NEWBIE YET I CAN HACK ZIGBEE
DEFCON 23 - Li Jun Yang Ging - I’M A NEWBIE YET I CAN HACK ZIGBEE
 

Similar to Why the IoT the Needs Upgradable Security

Hack one iot device, break them all!
Hack one iot device, break them all!Hack one iot device, break them all!
Hack one iot device, break them all!Justin Black
 
Ethical Hacking, Its relevance and Its Prospects
Ethical Hacking, Its relevance and Its ProspectsEthical Hacking, Its relevance and Its Prospects
Ethical Hacking, Its relevance and Its ProspectsRwik Kumar Dutta
 
ShadyRAT: Anatomy of targeted attack
ShadyRAT: Anatomy of targeted attackShadyRAT: Anatomy of targeted attack
ShadyRAT: Anatomy of targeted attackVladyslav Radetsky
 
CrowdSec A-Round Fundraising Deck
CrowdSec A-Round Fundraising DeckCrowdSec A-Round Fundraising Deck
CrowdSec A-Round Fundraising DeckCrowdSec
 
Digital Age-Preparing Yourself
Digital Age-Preparing YourselfDigital Age-Preparing Yourself
Digital Age-Preparing Yourselfjkl0202
 
Hacking Internet of Things (IoT)
Hacking Internet of Things (IoT)Hacking Internet of Things (IoT)
Hacking Internet of Things (IoT)SecPod Technologies
 
How to Build a Career in Cyber Security?
How to Build a Career in Cyber Security?How to Build a Career in Cyber Security?
How to Build a Career in Cyber Security?Intellipaat
 
Open Source Insight: AI for Open Source Management, IoT Time Bombs, Ready for...
Open Source Insight: AI for Open Source Management, IoT Time Bombs, Ready for...Open Source Insight: AI for Open Source Management, IoT Time Bombs, Ready for...
Open Source Insight: AI for Open Source Management, IoT Time Bombs, Ready for...Black Duck by Synopsys
 
Cyber Security: A Common Problem 2018
Cyber Security: A Common Problem 2018Cyber Security: A Common Problem 2018
Cyber Security: A Common Problem 2018joshquarrie
 
Avoid embarrassing press by designing secure IoT products with Misha Seltzer
Avoid embarrassing press by designing secure IoT products with Misha SeltzerAvoid embarrassing press by designing secure IoT products with Misha Seltzer
Avoid embarrassing press by designing secure IoT products with Misha SeltzerProduct of Things
 
Ethical Hacking by Krutarth Vasavada
Ethical Hacking by Krutarth VasavadaEthical Hacking by Krutarth Vasavada
Ethical Hacking by Krutarth VasavadaKrutarth Vasavada
 
Secure Your Edge-to-Cloud IoT Solution with Intel and AWS - IOT337 - re:Inven...
Secure Your Edge-to-Cloud IoT Solution with Intel and AWS - IOT337 - re:Inven...Secure Your Edge-to-Cloud IoT Solution with Intel and AWS - IOT337 - re:Inven...
Secure Your Edge-to-Cloud IoT Solution with Intel and AWS - IOT337 - re:Inven...Amazon Web Services
 
Io t slides_iotvillage
Io t slides_iotvillageIo t slides_iotvillage
Io t slides_iotvillageagmoneyy
 
5 of 13 Ways To Prevent Advanced Persistent Threads (APTs)
5 of 13 Ways To Prevent Advanced Persistent Threads (APTs)5 of 13 Ways To Prevent Advanced Persistent Threads (APTs)
5 of 13 Ways To Prevent Advanced Persistent Threads (APTs)RedZone Technologies
 
Tower defense for hackers: Layered (in-)security for microcontrollers
Tower defense for hackers: Layered (in-)security for microcontrollersTower defense for hackers: Layered (in-)security for microcontrollers
Tower defense for hackers: Layered (in-)security for microcontrollersMilosch Meriac
 
SAMBA - Luka Pavol - 12.3.2014
SAMBA - Luka Pavol - 12.3.2014SAMBA - Luka Pavol - 12.3.2014
SAMBA - Luka Pavol - 12.3.2014Anton Bittner
 
Machine Learning & Cyber Security: Detecting Malicious URLs in the Haystack
Machine Learning & Cyber Security: Detecting Malicious URLs in the HaystackMachine Learning & Cyber Security: Detecting Malicious URLs in the Haystack
Machine Learning & Cyber Security: Detecting Malicious URLs in the HaystackAlistair Gillespie
 
Blue team reboot - HackFest
Blue team reboot - HackFest Blue team reboot - HackFest
Blue team reboot - HackFest Haydn Johnson
 

Similar to Why the IoT the Needs Upgradable Security (20)

Hack one iot device, break them all!
Hack one iot device, break them all!Hack one iot device, break them all!
Hack one iot device, break them all!
 
Ethical Hacking, Its relevance and Its Prospects
Ethical Hacking, Its relevance and Its ProspectsEthical Hacking, Its relevance and Its Prospects
Ethical Hacking, Its relevance and Its Prospects
 
ShadyRAT: Anatomy of targeted attack
ShadyRAT: Anatomy of targeted attackShadyRAT: Anatomy of targeted attack
ShadyRAT: Anatomy of targeted attack
 
CrowdSec A-Round Fundraising Deck
CrowdSec A-Round Fundraising DeckCrowdSec A-Round Fundraising Deck
CrowdSec A-Round Fundraising Deck
 
Digital Age-Preparing Yourself
Digital Age-Preparing YourselfDigital Age-Preparing Yourself
Digital Age-Preparing Yourself
 
Hacking Internet of Things (IoT)
Hacking Internet of Things (IoT)Hacking Internet of Things (IoT)
Hacking Internet of Things (IoT)
 
How to Build a Career in Cyber Security?
How to Build a Career in Cyber Security?How to Build a Career in Cyber Security?
How to Build a Career in Cyber Security?
 
Open Source Insight: AI for Open Source Management, IoT Time Bombs, Ready for...
Open Source Insight: AI for Open Source Management, IoT Time Bombs, Ready for...Open Source Insight: AI for Open Source Management, IoT Time Bombs, Ready for...
Open Source Insight: AI for Open Source Management, IoT Time Bombs, Ready for...
 
Cyber Security: A Common Problem 2018
Cyber Security: A Common Problem 2018Cyber Security: A Common Problem 2018
Cyber Security: A Common Problem 2018
 
Avoid embarrassing press by designing secure IoT products with Misha Seltzer
Avoid embarrassing press by designing secure IoT products with Misha SeltzerAvoid embarrassing press by designing secure IoT products with Misha Seltzer
Avoid embarrassing press by designing secure IoT products with Misha Seltzer
 
Ethical Hacking by Krutarth Vasavada
Ethical Hacking by Krutarth VasavadaEthical Hacking by Krutarth Vasavada
Ethical Hacking by Krutarth Vasavada
 
Secure Your Edge-to-Cloud IoT Solution with Intel and AWS - IOT337 - re:Inven...
Secure Your Edge-to-Cloud IoT Solution with Intel and AWS - IOT337 - re:Inven...Secure Your Edge-to-Cloud IoT Solution with Intel and AWS - IOT337 - re:Inven...
Secure Your Edge-to-Cloud IoT Solution with Intel and AWS - IOT337 - re:Inven...
 
Io t slides_iotvillage
Io t slides_iotvillageIo t slides_iotvillage
Io t slides_iotvillage
 
5 of 13 Ways To Prevent Advanced Persistent Threads (APTs)
5 of 13 Ways To Prevent Advanced Persistent Threads (APTs)5 of 13 Ways To Prevent Advanced Persistent Threads (APTs)
5 of 13 Ways To Prevent Advanced Persistent Threads (APTs)
 
From Identity to Ownership Theft
From Identity to Ownership TheftFrom Identity to Ownership Theft
From Identity to Ownership Theft
 
Tower defense for hackers: Layered (in-)security for microcontrollers
Tower defense for hackers: Layered (in-)security for microcontrollersTower defense for hackers: Layered (in-)security for microcontrollers
Tower defense for hackers: Layered (in-)security for microcontrollers
 
SAMBA - Luka Pavol - 12.3.2014
SAMBA - Luka Pavol - 12.3.2014SAMBA - Luka Pavol - 12.3.2014
SAMBA - Luka Pavol - 12.3.2014
 
Machine Learning & Cyber Security: Detecting Malicious URLs in the Haystack
Machine Learning & Cyber Security: Detecting Malicious URLs in the HaystackMachine Learning & Cyber Security: Detecting Malicious URLs in the Haystack
Machine Learning & Cyber Security: Detecting Malicious URLs in the Haystack
 
Network security
Network securityNetwork security
Network security
 
Blue team reboot - HackFest
Blue team reboot - HackFest Blue team reboot - HackFest
Blue team reboot - HackFest
 

More from Silicon Labs

Develop Secure, Interoperable Smart Home Products with Z-Wave
Develop Secure, Interoperable Smart Home Products with Z-WaveDevelop Secure, Interoperable Smart Home Products with Z-Wave
Develop Secure, Interoperable Smart Home Products with Z-WaveSilicon Labs
 
Benchmarking Bluetooth Mesh, Thread, and Zigbee Network Performance
Benchmarking Bluetooth Mesh, Thread, and Zigbee Network PerformanceBenchmarking Bluetooth Mesh, Thread, and Zigbee Network Performance
Benchmarking Bluetooth Mesh, Thread, and Zigbee Network PerformanceSilicon Labs
 
Enhance Home and Building Automation with Multiprotocol Wireless Connectivity
Enhance Home and Building Automation with Multiprotocol Wireless ConnectivityEnhance Home and Building Automation with Multiprotocol Wireless Connectivity
Enhance Home and Building Automation with Multiprotocol Wireless ConnectivitySilicon Labs
 
5 Clock Tree Design Techniques to Optimize SerDes Performance for Networking ...
5 Clock Tree Design Techniques to Optimize SerDes Performance for Networking ...5 Clock Tree Design Techniques to Optimize SerDes Performance for Networking ...
5 Clock Tree Design Techniques to Optimize SerDes Performance for Networking ...Silicon Labs
 
Extending Bluetooth with Mesh Networking
Extending Bluetooth with Mesh NetworkingExtending Bluetooth with Mesh Networking
Extending Bluetooth with Mesh NetworkingSilicon Labs
 
Selecting the Right Mesh Technology for Your Application
Selecting the Right Mesh Technology for Your ApplicationSelecting the Right Mesh Technology for Your Application
Selecting the Right Mesh Technology for Your ApplicationSilicon Labs
 
Getting the Most Out of Bluetooth 5
Getting the Most Out of Bluetooth 5Getting the Most Out of Bluetooth 5
Getting the Most Out of Bluetooth 5Silicon Labs
 
Developing Accessories for the Apple HomeKit Ecosystem
Developing Accessories for the Apple HomeKit EcosystemDeveloping Accessories for the Apple HomeKit Ecosystem
Developing Accessories for the Apple HomeKit EcosystemSilicon Labs
 
Developing Biomedical Devices with Bluetooth
Developing Biomedical Devices with BluetoothDeveloping Biomedical Devices with Bluetooth
Developing Biomedical Devices with BluetoothSilicon Labs
 
Integrating Speed and Flexibility Isolating Industrial Control
Integrating Speed and Flexibility Isolating Industrial ControlIntegrating Speed and Flexibility Isolating Industrial Control
Integrating Speed and Flexibility Isolating Industrial ControlSilicon Labs
 
Clock Tree Timing 101
Clock Tree Timing 101Clock Tree Timing 101
Clock Tree Timing 101Silicon Labs
 
Building a More Connected World
Building a More Connected WorldBuilding a More Connected World
Building a More Connected WorldSilicon Labs
 
Applications and Industries Being Powered by Bluetooth Low Energy
Applications and Industries Being Powered by Bluetooth Low EnergyApplications and Industries Being Powered by Bluetooth Low Energy
Applications and Industries Being Powered by Bluetooth Low EnergySilicon Labs
 
Choosing Between a Wireless Module and a Wireless SoC
Choosing Between a Wireless Module and a Wireless SoCChoosing Between a Wireless Module and a Wireless SoC
Choosing Between a Wireless Module and a Wireless SoCSilicon Labs
 
Multiprotocol Wireless Gecko SoCs
Multiprotocol Wireless Gecko SoCsMultiprotocol Wireless Gecko SoCs
Multiprotocol Wireless Gecko SoCsSilicon Labs
 
Multi-mode Wireless SoCs
Multi-mode Wireless SoCsMulti-mode Wireless SoCs
Multi-mode Wireless SoCsSilicon Labs
 
Router CPU Load in Home Networks
Router CPU Load in Home NetworksRouter CPU Load in Home Networks
Router CPU Load in Home NetworksSilicon Labs
 
Aiming Low: Low-Power MCUs for the IoT
Aiming Low: Low-Power MCUs for the IoTAiming Low: Low-Power MCUs for the IoT
Aiming Low: Low-Power MCUs for the IoTSilicon Labs
 
Step Right Up: Design the Next Winning Wearable
Step Right Up: Design the Next Winning Wearable Step Right Up: Design the Next Winning Wearable
Step Right Up: Design the Next Winning Wearable Silicon Labs
 
Top Lessons Learned: Industrial Automation Webinar Series
Top Lessons Learned: Industrial Automation Webinar SeriesTop Lessons Learned: Industrial Automation Webinar Series
Top Lessons Learned: Industrial Automation Webinar SeriesSilicon Labs
 

More from Silicon Labs (20)

Develop Secure, Interoperable Smart Home Products with Z-Wave
Develop Secure, Interoperable Smart Home Products with Z-WaveDevelop Secure, Interoperable Smart Home Products with Z-Wave
Develop Secure, Interoperable Smart Home Products with Z-Wave
 
Benchmarking Bluetooth Mesh, Thread, and Zigbee Network Performance
Benchmarking Bluetooth Mesh, Thread, and Zigbee Network PerformanceBenchmarking Bluetooth Mesh, Thread, and Zigbee Network Performance
Benchmarking Bluetooth Mesh, Thread, and Zigbee Network Performance
 
Enhance Home and Building Automation with Multiprotocol Wireless Connectivity
Enhance Home and Building Automation with Multiprotocol Wireless ConnectivityEnhance Home and Building Automation with Multiprotocol Wireless Connectivity
Enhance Home and Building Automation with Multiprotocol Wireless Connectivity
 
5 Clock Tree Design Techniques to Optimize SerDes Performance for Networking ...
5 Clock Tree Design Techniques to Optimize SerDes Performance for Networking ...5 Clock Tree Design Techniques to Optimize SerDes Performance for Networking ...
5 Clock Tree Design Techniques to Optimize SerDes Performance for Networking ...
 
Extending Bluetooth with Mesh Networking
Extending Bluetooth with Mesh NetworkingExtending Bluetooth with Mesh Networking
Extending Bluetooth with Mesh Networking
 
Selecting the Right Mesh Technology for Your Application
Selecting the Right Mesh Technology for Your ApplicationSelecting the Right Mesh Technology for Your Application
Selecting the Right Mesh Technology for Your Application
 
Getting the Most Out of Bluetooth 5
Getting the Most Out of Bluetooth 5Getting the Most Out of Bluetooth 5
Getting the Most Out of Bluetooth 5
 
Developing Accessories for the Apple HomeKit Ecosystem
Developing Accessories for the Apple HomeKit EcosystemDeveloping Accessories for the Apple HomeKit Ecosystem
Developing Accessories for the Apple HomeKit Ecosystem
 
Developing Biomedical Devices with Bluetooth
Developing Biomedical Devices with BluetoothDeveloping Biomedical Devices with Bluetooth
Developing Biomedical Devices with Bluetooth
 
Integrating Speed and Flexibility Isolating Industrial Control
Integrating Speed and Flexibility Isolating Industrial ControlIntegrating Speed and Flexibility Isolating Industrial Control
Integrating Speed and Flexibility Isolating Industrial Control
 
Clock Tree Timing 101
Clock Tree Timing 101Clock Tree Timing 101
Clock Tree Timing 101
 
Building a More Connected World
Building a More Connected WorldBuilding a More Connected World
Building a More Connected World
 
Applications and Industries Being Powered by Bluetooth Low Energy
Applications and Industries Being Powered by Bluetooth Low EnergyApplications and Industries Being Powered by Bluetooth Low Energy
Applications and Industries Being Powered by Bluetooth Low Energy
 
Choosing Between a Wireless Module and a Wireless SoC
Choosing Between a Wireless Module and a Wireless SoCChoosing Between a Wireless Module and a Wireless SoC
Choosing Between a Wireless Module and a Wireless SoC
 
Multiprotocol Wireless Gecko SoCs
Multiprotocol Wireless Gecko SoCsMultiprotocol Wireless Gecko SoCs
Multiprotocol Wireless Gecko SoCs
 
Multi-mode Wireless SoCs
Multi-mode Wireless SoCsMulti-mode Wireless SoCs
Multi-mode Wireless SoCs
 
Router CPU Load in Home Networks
Router CPU Load in Home NetworksRouter CPU Load in Home Networks
Router CPU Load in Home Networks
 
Aiming Low: Low-Power MCUs for the IoT
Aiming Low: Low-Power MCUs for the IoTAiming Low: Low-Power MCUs for the IoT
Aiming Low: Low-Power MCUs for the IoT
 
Step Right Up: Design the Next Winning Wearable
Step Right Up: Design the Next Winning Wearable Step Right Up: Design the Next Winning Wearable
Step Right Up: Design the Next Winning Wearable
 
Top Lessons Learned: Industrial Automation Webinar Series
Top Lessons Learned: Industrial Automation Webinar SeriesTop Lessons Learned: Industrial Automation Webinar Series
Top Lessons Learned: Industrial Automation Webinar Series
 

Recently uploaded

New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024BookNet Canada
 
AI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsAI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsMemoori
 
Scanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsScanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsRizwan Syed
 
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Mark Simos
 
Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Enterprise Knowledge
 
Powerpoint exploring the locations used in television show Time Clash
Powerpoint exploring the locations used in television show Time ClashPowerpoint exploring the locations used in television show Time Clash
Powerpoint exploring the locations used in television show Time Clashcharlottematthew16
 
"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii SoldatenkoFwdays
 
Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupStreamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupFlorian Wilhelm
 
Gen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfGen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfAddepto
 
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024BookNet Canada
 
Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 3652toLead Limited
 
SAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxSAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxNavinnSomaal
 
Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebDev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebUiPathCommunity
 
Commit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easyCommit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easyAlfredo García Lavilla
 
APIForce Zurich 5 April Automation LPDG
APIForce Zurich 5 April Automation LPDGAPIForce Zurich 5 April Automation LPDG
APIForce Zurich 5 April Automation LPDGMarianaLemus7
 
SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024Lorenzo Miniero
 
Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Scott Keck-Warren
 
Connect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationConnect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationSlibray Presentation
 

Recently uploaded (20)

New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
 
AI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsAI as an Interface for Commercial Buildings
AI as an Interface for Commercial Buildings
 
Scanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsScanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL Certs
 
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
 
Hot Sexy call girls in Panjabi Bagh 🔝 9953056974 🔝 Delhi escort Service
Hot Sexy call girls in Panjabi Bagh 🔝 9953056974 🔝 Delhi escort ServiceHot Sexy call girls in Panjabi Bagh 🔝 9953056974 🔝 Delhi escort Service
Hot Sexy call girls in Panjabi Bagh 🔝 9953056974 🔝 Delhi escort Service
 
Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024
 
Powerpoint exploring the locations used in television show Time Clash
Powerpoint exploring the locations used in television show Time ClashPowerpoint exploring the locations used in television show Time Clash
Powerpoint exploring the locations used in television show Time Clash
 
"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko
 
Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupStreamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project Setup
 
Gen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfGen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdf
 
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
 
Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365
 
SAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxSAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptx
 
Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebDev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio Web
 
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptxE-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
 
Commit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easyCommit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easy
 
APIForce Zurich 5 April Automation LPDG
APIForce Zurich 5 April Automation LPDGAPIForce Zurich 5 April Automation LPDG
APIForce Zurich 5 April Automation LPDG
 
SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024
 
Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024
 
Connect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationConnect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck Presentation
 

Why the IoT the Needs Upgradable Security

  • 1. Why the IoT Needs Upgradable Security L A R S LY D E R S E N , S E N I O R D I R E C T O R O F P R O D U C T S E C U R I T Y
  • 2. Why the IoT Needs Upgradable Security L A R S LY D E R S E N , S E N I O R D I R E C T O R O F P R O D U C T S E C U R I T Y
  • 3. Meet Lars, the Quantum Hacker
  • 4. IoT of Guns Smart Engineers What you see You aimed here The gun shot here 4
  • 7. IoT Security Proprietary /  Increased attack surface  Accessibility to hardware  Limited processing power in end nodes 7
  • 8.  Security/privacy  Easy of use  Functionality  Cost Security/privacy is a balancing act 8
  • 9. Class Hobbyist / script-kiddie Advanced hackers Security researchers Nation state attacks Motivation Fun, curiosity, fame Fame, financial Curiosity, improve security, novel ideas and attacks Espionage, sabotage Resources Limited, commodity hacking equipment Semi-specialized equipment. Experts in single domain Ultra-specialized equipment. Experts in multiple domains Unlimited Exponentially increasing cost of security Who is the adversary? Why do they attack? 9
  • 10. Commoditization of attacker tools: DPA Before ca. 1998 Nation state? No public knowledge about DPA? Ca. 1998 – ca. 2015 Cryptographic Research, now Rambus, publishes papers on DPA and starts selling DPA equipment at a prohibitive price Security researchers 2015 - now Chipwisperer on Kickstarter for $300. Analysis software on Github Hobbyists 10
  • 12. Commoditization of attacker tools: EMI 2017 - now? Nation state? No public knowledge about EMI? ? –2017 Risecure sells EM Probe stations at a prohibitive price Security researchers Someone made a $350 probe station from a 3D printer and will put it on github (Badfet) Hobbyists 12
  • 14. What is the right security level? Time Level of security Adversary strength Today End of life for device  Adversary strengthens  Always new, novel attacks  Must upgrade security during lifecycle  Not all attacks are patchable  Need strong HW security today Choice of security level 14
  • 15. Who is the adversary of 2035? 15
  • 16. Secure boot is needed to enable upgradability  Signatures verify authenticity  Must use asymmetric crypto  Only requires public keys in the device  May provide confidentiality  Difficult find loopholes in image  Protect IP  Must put keys in immutable memory 16
  • 17. M E M O R Y R E Q U I R E M E N T S How much overhead do you need? How to manage the memory budget? H O W Directly connected? Forced updates? W H O Who is authorized to push updates? How is the authorization enforced? Deploying upgrades Memory Bootloader RTOS Com Stack App data Overhead 17
  • 18.  Security is not binary  Consider the adversary of the future  Upgradable security is necessary in IoT Summary 18