Device Security by Design Series - Available On Demand

This session discusses how standards and the Arm ecosystem can help accelerate IoT development. It focuses on the importance of IoT security and the potential security threats developers must address. Subjects include IoT hardware isolation and software frameworks including the Arm TrustZone hardware isolation and the PSA Certified IoT Security Framework. The session wraps up with a discussion of Project Centauri and collaboration with AWS. 

Reinhard Keil is Senior Director of Embedded Technology at Arm. His responsibilities include the definition and strategy of tools for Arm microcontrollers and the CMSIS (Cortex Microcontroller Software Interface Standard). He is founder of Keil Software and co-author of several key software products, such as Keil C51, Keil C166, and µVision. Reinhard continues to influence the microcontroller market and advance the technology in the embedded space.

Securing the Future: Designing Embedded Devices with Security

As embedded devices become more prevalent in our daily lives, their security has become increasingly important. These devices are used in critical infrastructure, industrial control systems, medical devices, and consumer electronics, making them targets for cyberattacks.To ensure the security of these devices, security must be considered in the design phase.

This talk will explore the concept of security by design for embedded devices. It will discuss the unique security challenges faced by embedded devices, including resource constraints and the need for real-time performance. The session will also cover the best practices for implementing security by design, such as threat modeling, secure boot, secure communication protocols, and firmware updates.

Finally, case studies of real-world attacks on embedded devices will be reviewed, and how security by design could have prevented these attacks. By the end of this talk, attendees will have a better understanding of the importance of security by design for embedded devices and the practical steps they can take to implement it.        

Shawn Prestridge has served as IAR System's Senior Field Applications Engineer since 2008 and as the U.S. FAE Manager since 2018. Shawn has worked in the software industry since 1993. Prior to joining IAR Systems, he held the position of Embedded Hardware/Software Engineer with Texas Instruments and was involved with embedded development as the owner of Ministry of Software. Shawn’s research interests are primarily focused in cryptology and he specializes in large number theory, quantum cryptography, elliptic-curve cryptography, number field sieve computing, and communication encryption.

Shawn’s degree work includes a BS in electrical engineering, a BS in mathematics, an MS in electrical engineering, an MS in software engineering, and a PhD in electrical engineering specializing in quantum cryptography, all with Southern Methodist University in Dallas.        

Using AI Anomaly Detection in Embedded Applications

Presented by Roman Lysecky, CTO, BG Networks

Applying anomaly detection to embedded systems is a challenge, but it's one that can provide benefits like identifying a device that's not working properly or one that might be under attack by nefarious third parties. This session takes a look at this approach and how it's implemented in BG Networks' AnCyR platform.

Dr. Roman Lysecky is the CTO of BG Networks and Professor Emeritus of Electrical and Computer Engineering at the University of Arizona. He's an expert on embedded systems, IoT security, medical device security, automated threat detection and mitigation, performance and energy optimization, and non-intrusive observation methods. He's also an author of over 100 research publications in top journals and conferences.

Dr. Lysecky was instrumental in content development for an Ed Tech startup called zyBooks. zyBooks was acquired by John Wiley & Sons in 2019. He holds PhD, MS, and BS degrees in computer science from the University of California, Riverside.        

Multicore Processors and Hard Real-Time Applications: Mixing Oil and Water? 

For a single core, the calculation of worst-case execution times (WCET) using static analysis alone can only be an estimate. That problem is exacerbated when more cores are involved, where shared resources such as memory and caches further degrade the theoretical calculation. In an environment where precise timing can mean life or death, approximations do not sit comfortably.

The most demanding execution paths in the code base can be identified precisely using static analysis. This session will argue that leveraging such information in conjunction with the dynamic measurement of WCET presents the most pragmatic approach to achieving the assurances demanded across the safety-critical sectors, including the CAST-32A & A(M)C 20-193 objectives in civil aviation.

Mark Pitchford, technical specialist at LDRA, has over 30 years of experience in software development for engineering applications. He has worked on many significant industrial and commercial projects in development and management, both in the UK and internationally. Since 2001, he has worked with development teams looking to achieve compliant software development in safety- and security-critical environments, working with standards such as DO-178, IEC 61508, ISO 26262, IIRA, and RAMI 4.0.

Mark earned his Bachelor of Science degree at Trent University, Nottingham, and he has been a Chartered Engineer for over 20 years.