Explore the critical importance of upgradable security in the Internet of Things (IoT) landscape in this 35-minute conference talk. Delve into the economic potential and security challenges of IoT devices, examining real-world examples like gun and pacemaker security. Understand the unique security requirements for IoT devices and the balancing act between functionality and protection. Investigate the evolving threat landscape, including commoditization of attacks, cryptographic vulnerabilities, and emerging techniques like EMI injection. Learn about secure boot processes, upgrade strategies, and the impact of regulations such as the IoT Security Improvement Act and GDPR. Gain insights into future-proofing IoT security against adversaries of 2035 and beyond, emphasizing that security is not a binary state but a continuum requiring constant vigilance and upgradability.
Overview
Syllabus
Intro
Why are we doing this
How do you get two billion devices
The value of the IoT
Security of guns
Security of pacemakers
Classical cybersecurity
IoT devices
IoT security requirements
IoT security is a balancing act
Who is the adversary
Commoditization
Cryptography
Cheap Whisper
IoT Goes Nuclear
EMI Injection
EMI today
Choice of security
New normal attacks
The adversary of 2035
Secure boot
Upgrade strategy
Labels
IoT Security Improvement Act
GDPR
Security is not binary
Taught by
NDC Conferences
