-
Welcome
-
Subscribe to
Software Updates for Connected Linux Devices: Key Considerations
Session information has not yet been published for this event.
One Line Summary
In this presentation, we will cover the nuances and security considerations one must be mindful of when deploying software updates to connected Linux devices to ensure the security and integrity of devices deployed in the wild.
Abstract
A key requirement for connected devices/IoT is the ability to deploy software updates. Data breaches are occurring on a regular basis and extending devices outside the firewall perimeter increases the attack surface. There are on average 1-25 bugs/defects per 1,000 lines of code.
The good news is that security breaches are largely preventable. The Center of Internet Security estimates that 80-90% can be prevented through swift software updates and patching, which are necessary in order to:
1. Deploy bug fixes
2. Patch security vulnerabilities
3. Deliver new features
In this presentation, we will cover all the nuances and security considerations one must be mindful of when deploying software updates to connected Linux devices to ensure the security and integrity of devices deployed in the wild. The presentation will drill down on four primary areas with the following subtopics:
● Basic functionality
○ Artifact and device compatibility
○ Rollback
○ Resilient updates
○ Device grouping
○ image/package/file/container-based updates
○ Atomic
● Security requirements
○ Artifact integrity and authenticity
○ Encrypted traffic
○ Access controls
○ Secure and simple bootstrapping
● Operational functionality
○ Logging and compliance
○ Monitoring
○ Rollout management
○ Notifications
○ Device inventory
● Extensibility
○ Messaging protocols support
○ 3rd party tooling integration
The key takeaway is for Linux device owners and their teams to have actionable requirements to ensure the integrity of their update process for connected Linux device/IoT projects.
Tags
embedded Linux, IoT, software updates, connected devices
Speaker
-
Eystein Stenberg
Mender.io- Website: http://mender.io/
- Blog: http://mender.io/blog
- Twitter: @mender_io
Biography
Eystein Stenberg has over 7 years of experience in security and systems management as a developer, a support engineer, a technical account manager, and now as a product manager. He has been in the front line of some of the largest production environments in various roles and has in-depth knowledge of the challenges in systems security in a real-world context.
Eystein has presented at various technical conferences, including Embedded Linux Conference, Embedded Systems Conference, and Internet of Things World. He holds a Masters degree in cryptography and his writing credits include “Distributing a Private Key Generator in Ad Hoc Networks."