Completed
Zephyr Security Subcommittee . One person from each platinum member silver members by invitation • A security Chair elected by the subcommittee Responsible for running bi-weekly meeting Sets ogenda a…
Class Central Classrooms beta
YouTube videos curated by Class Central.
Classroom Contents
Zephyr Project Security Status - Recent and Ongoing Work
Automatically move to the next video in the Classroom when playback concludes
- 1 Intro
- 2 Ok, What is Zephyr • Open Source: Apache 2.0 Open Linux Foundation project, in git github-style, maintainers, mailing list, and meetings
- 3 Key differences from Linux • Generally single address-space (maybe MPU) . Usually no dynamic code Many things are compile-time, not dynamic . Intended for microcontrollers. Think 1003 KB and 10s
- 4 Zephyr Security Past What is done Present: What we're doing Future: What we want to do
- 5 Zephyr Security Subcommittee . One person from each platinum member silver members by invitation • A security Chair elected by the subcommittee Responsible for running bi-weekly meeting Sets ogenda a…
- 6 Code repositories: Auditable • Stable branches off of LTS Subset of the code Frozen in time
- 7 Ongoing work • Described in project documents Code guidelines How to report vulnerabilities • Process for a security bug JIRA instance to manage bugs during embargo
- 8 Ongoing example: randomness • Open PR updating entropyrandom framework • Addresses multiple security issues Discussed within subcommittee meeting In this case worked on by someone in team . Goal clea…
- 9 Aims: Crypto Drivers . Same API for different implementations • Provided by hardware, e.g. Atmel ATAES132A . Provided by software
- 10 Aims: FIPS 140-2/3 . Common for cryptographic modules Generally, certifies products But, certification of ouditable helps that process • Focus is on crypto operations
- 11 Aims: Fuzzing . Most fuzzing work done on bigger systems than Zephyr targets Research into QEMU-based fuzzer . Other possibilities Existing fuzzers often assure lots of memory Pasix Native part can h…