Presentation is loading. Please wait.

Presentation is loading. Please wait.

Securing the Internet of (broken) Things Cesare Garlati, Chief Security Strategist, prpl Foundation.

Published byCandice Hicks Modified over 8 years ago

Similar presentations

Presentation on theme: "Securing the Internet of (broken) Things Cesare Garlati, Chief Security Strategist, prpl Foundation."— Presentation transcript:

1 Securing the Internet of (broken) Things Cesare Garlati, Chief Security Strategist, prpl Foundation

2 OpenWrt Summit 2015 – Dublin IE Securing the Internet of (broken) things Source: Remote Exploitation of an Unaltered Passenger Vehicle, Dr. Charlie Miller and Chris Valasek, August 2015 1.4M FIAT CHRYSLER RECALLS 1.4 MILLION VEHICLES AUGUST 2015 FDA STRONGLY ENCOURAGE TO DISCONTINUE USE OF THESE PUMPS - MAY 2015 CHARLIE & CHRIS HOSPIRA DRUG PUMP FBI Reverse engineer proprietary software to expose vulnerabilities [Uconnect 8.4AN/RA4]  Exploit weak implementations of network protocols [D-BUS service port 6667]  Modify firmware and re- flash image to execute arbitrary code [TI OMAP-DM3730]  Laterally move from the compromised head unit to the target CAN system [CAN mcu Renesas v850]  OPEN SOURCEINTEROPERABILITYROOT OF TRUSTVIRTUALIZATION BOEING 737/800

3 prpl Open security framework Linux Containers Secure Boot Key mgm’t Crypto HW Secure JTAG & Debug Secure Video Streams HypervisorMultitenant Service Provisioning Common security framework across hardware and software components in both single tenant and multitenant use cases OpenWrt Summit 2015 – Dublin IE

4 Multitenant use case Provider #1 Commercial Wi-Fi public hotspot 2 Provider #3 Utility company eMeter / IoT 3 1 Provider #1 Base services LTE/DSL/Wi-Fi 4 Provider #4 pay per view video streaming ? Available to next provider OpenWrt Summit 2015 – Dublin IE

5 Multitenant security  across hardware - cpus, mem, gpus, cameras, networks, radios, …   across software - hypervisor, OS, containers, apps  Multidomain Security New multitenant use cases – not just trusted/not-trusted islands Strong security model perfectly fits new multicore scenarios Hypervisor based – does not require OS modifications Open source framework and APIs – no royalties Reference framework open to ecosystem partners development HARDWARE OFFLOADS NETWORK INTERFACE DRAM OS / KERNEL HYPERVISOR HETEROGENEOUS PLATFORM IPC KERNEL LAN CLOUD API SECURE APP’S BASELINE SOFTWARE BROADBAND CLOUD API SECURE BOOT KERNEL WAN HW SW SECURE SEPARATED CONTAINERS OpenWrt Summit 2015 – Dublin IE

6 cesare@prplfoundation.orghttp://prpl.works

Download ppt "Securing the Internet of (broken) Things Cesare Garlati, Chief Security Strategist, prpl Foundation."

Similar presentations

Gateway Agent Product & Architecture

Gateway Agent Product & Architecture
.NET Remoting. .Net Remoting Replaces DCOM (Distributed Component Object Model – a proprietary Microsoft technology for communication among software components.

.NET Remoting. .Net Remoting Replaces DCOM (Distributed Component Object Model – a proprietary Microsoft technology for communication among software components.
© Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. Software Defined Networking.

© Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. Software Defined Networking.
Where Do the 7 layers “fit”? 1 2 3 4 5 6 7 Or, where is the dividing line between hdw & s/w? ? ?

Where Do the 7 layers “fit”? Or, where is the dividing line between hdw & s/w? ? ?
ANDROID OPERATING SYSTEM Guided By,Presented By, Ajay B.N Somashekar B.T Asst Professor MTech 2 nd Sem (CE)Dept of CS & E.

ANDROID OPERATING SYSTEM Guided By,Presented By, Ajay B.N Somashekar B.T Asst Professor MTech 2 nd Sem (CE)Dept of CS & E.
Building Applications Using SIP Scott Hoffpauir Vice President, Engineering Fall 1999 VON, Atlanta.

Building Applications Using SIP Scott Hoffpauir Vice President, Engineering Fall 1999 VON, Atlanta.
Copyright © 2006 by The McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill Technology Education Copyright © 2006 by The McGraw-Hill Companies,

Copyright © 2006 by The McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill Technology Education Copyright © 2006 by The McGraw-Hill Companies,
1 Hannes Tschofenig. 2 The Internet of Things Today Enormous potential  “Tens of billions of new devices”  … but market growing slower than expected.

1 Hannes Tschofenig. 2 The Internet of Things Today Enormous potential  “Tens of billions of new devices”  … but market growing slower than expected.
Introduction to Embedded Development. What is an Embedded System ? An embedded system is a computer system embedded in a device with a dedicated function.

Introduction to Embedded Development. What is an Embedded System ? An embedded system is a computer system embedded in a device with a dedicated function.
Introduction to Android Platform Overview 19.3.2013.

Introduction to Android Platform Overview
INTRODUCTION TO CLOUD COMPUTING Cs 595 Lecture 5 2/11/2015.

INTRODUCTION TO CLOUD COMPUTING Cs 595 Lecture 5 2/11/2015.
Multicore Software Development Kit (MCSDK) Training Introduction to the MCSDK.

Multicore Software Development Kit (MCSDK) Training Introduction to the MCSDK.
Virtualized FPGA accelerators in Cloud Computing Systems

Virtualized FPGA accelerators in Cloud Computing Systems
© Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. Enable Cloud with Virtual.

© Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. Enable Cloud with Virtual.
By Mihir Joshi Nikhil Dixit Limaye Pallavi Bhide Payal Godse.

By Mihir Joshi Nikhil Dixit Limaye Pallavi Bhide Payal Godse.
Cloud Computing Saneel Bidaye uni-slb2181. What is Cloud Computing? Cloud Computing refers to both the applications delivered as services over the Internet.

Cloud Computing Saneel Bidaye uni-slb2181. What is Cloud Computing? Cloud Computing refers to both the applications delivered as services over the Internet.
 Security and Smartphones By Parker Moore. The Smartphone Takeover  Half of mobile phone subscribers in the United States have a smartphone.  An estimated.

 Security and Smartphones By Parker Moore. The Smartphone Takeover  Half of mobile phone subscribers in the United States have a smartphone.  An estimated.
All Your Droid Are Belong To Us: A Survey of Current Android Attacks 단국대학교 컴퓨터 보안 및 OS 연구실 김낙영 2015. 04. 21.

All Your Droid Are Belong To Us: A Survey of Current Android Attacks 단국대학교 컴퓨터 보안 및 OS 연구실 김낙영
BREW Client for GHRC Prem Kumar, QUALCOMM Inc. BREW Client – 4.1 Overview Confidential and Proprietary 2 BREW GHRC Document History >Kicked off in the.

BREW Client for GHRC Prem Kumar, QUALCOMM Inc. BREW Client – 4.1 Overview Confidential and Proprietary 2 BREW GHRC Document History >Kicked off in the.
@2011 Mihail L. Sichitiu1 Android Introduction Platform Overview.

@2011 Mihail L. Sichitiu1 Android Introduction Platform Overview.

Similar presentations

Ads by Google