Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

Linux Foundation

Surviving in the Wilderness: Integrity Protection and System Update for IoT Devices

Linux Foundation via YouTube

Overview

Explore a comprehensive conference talk on integrity protection and system updates for IoT devices in challenging environments. Learn about over-the-air (OTA) update mechanisms and techniques to detect tampering attempts on powered-off devices. Compare various approaches including Linux Integrity Measurement Architecture (IMA), Clear Linux OS swupd, dm-verity, and OSTree. Gain insights into using meta-integrity and meta-swupd layers in Yocto/OpenEmbedded-based Linux distributions. Discover key criteria for evaluating update mechanisms, integration with boot processes and update servers, and compatibility between updates and integrity protection. Delve into architecture considerations, target machine setup, installer images, initramfs, and whole-disk encryption. Benefit from the expertise of Patrick Ohly, maintainer of meta-integrity and meta-swupd, as he shares his experience in IoT OS development based on OpenEmbedded and the Yocto Project.

Syllabus

Intro
MOTIVATION FOR THE TALK
PERSONAL BACKGROUND
WHY BOTHER?
MECHANISMS COMPARED FOR YOCTO PROJECT
KEY CRITERIA
BLOCK VS. FILE UPDATE
PARTITION LAYOUT
INTEGRATION WITH BOOT PROCESS
INTEGRATION WITH UPDATE SERVER
IMA/EVM
DM-VERITY
COMPATIBILITY BETWEEN UPDATE AND INTEGRITY
ARCHITECTURE
TARGET MACHINE
INSTALLER IMAGE
INITRAMES
WHOLE-DISK ENCRYPTION
DEMO
OPENS

Taught by

Linux Foundation

Reviews

Start your review of Surviving in the Wilderness: Integrity Protection and System Update for IoT Devices

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.