Zephyr Project Security Status - Recent and Ongoing Work

Zephyr Project Security Status - Recent and Ongoing Work

Linux Foundation via YouTube Direct link

Aims: Crypto Drivers . Same API for different implementations • Provided by hardware, e.g. Atmel ATAES132A . Provided by software

9 of 11

9 of 11

Aims: Crypto Drivers . Same API for different implementations • Provided by hardware, e.g. Atmel ATAES132A . Provided by software

Class Central Classrooms beta

YouTube videos curated by Class Central.

Classroom Contents

Zephyr Project Security Status - Recent and Ongoing Work

Automatically move to the next video in the Classroom when playback concludes

  1. 1 Intro
  2. 2 Ok, What is Zephyr • Open Source: Apache 2.0 Open Linux Foundation project, in git github-style, maintainers, mailing list, and meetings
  3. 3 Key differences from Linux • Generally single address-space (maybe MPU) . Usually no dynamic code Many things are compile-time, not dynamic . Intended for microcontrollers. Think 1003 KB and 10s
  4. 4 Zephyr Security Past What is done Present: What we're doing Future: What we want to do
  5. 5 Zephyr Security Subcommittee . One person from each platinum member silver members by invitation • A security Chair elected by the subcommittee Responsible for running bi-weekly meeting Sets ogenda a…
  6. 6 Code repositories: Auditable • Stable branches off of LTS Subset of the code Frozen in time
  7. 7 Ongoing work • Described in project documents Code guidelines How to report vulnerabilities • Process for a security bug JIRA instance to manage bugs during embargo
  8. 8 Ongoing example: randomness • Open PR updating entropyrandom framework • Addresses multiple security issues Discussed within subcommittee meeting In this case worked on by someone in team . Goal clea…
  9. 9 Aims: Crypto Drivers . Same API for different implementations • Provided by hardware, e.g. Atmel ATAES132A . Provided by software
  10. 10 Aims: FIPS 140-2/3 . Common for cryptographic modules Generally, certifies products But, certification of ouditable helps that process • Focus is on crypto operations
  11. 11 Aims: Fuzzing . Most fuzzing work done on bigger systems than Zephyr targets Research into QEMU-based fuzzer . Other possibilities Existing fuzzers often assure lots of memory Pasix Native part can h…

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.