YoVDO

IoT Security - Ecosystem, Interoperability and Standards

Offered By: OWASP Foundation via YouTube

Tags

Internet of Things Courses GDPR Courses Privacy Courses Software Security Courses Hardware Security Courses Firmware Security Courses

Course Description

Overview

Save Big on Coursera Plus. 7,000+ courses at $160 off. Limited Time Only!
Explore the challenges and solutions for securing Internet of Things (IoT) devices in this AppSecUSA 2018 conference talk. Dive into the Security & Privacy Development Lifecycle (SPDL), an agile framework tailored for IoT platforms that addresses both process and technical challenges. Learn about the shortcomings of traditional Security Development Lifecycle (SDL) methodologies when applied to IoT and how SPDL overcomes them. Discover the importance of privacy in IoT development, including compliance with regulations like GDPR, and understand the proposed privacy vulnerability scoring framework (CPVSS) for measuring and prioritizing privacy breaches. Gain insights from industry experts on securing various IoT devices, from smart fridges to pacemakers, and explore topics such as hardware and firmware security paradigms, software security, communication protocols, and ecosystem security challenges. Watch demonstrations of ecosystem overviews and exploit scenarios to better understand the complexities of IoT security.

Syllabus

Intro
Agenda
Process Challenges
Technical Challenges
Holistic Security & Privacy Process
Security Topics
Hardware & Firmware Security Paradigms
SW Security Paradigms: application SW
Communication Protocols
Ecosystem security challenges
Demo 1: Ecosystem overview
Device communication
The Problem - Prelude
Example - Wearable Ecosystem 1
Demo 2: Ecosystem overview
Target : Sign-up and Profile pages
Exploit Scenario: The attack
Victim - logs in
Attacker's c&c
Access to admin portal
Privacy & Data Access Laws
Quantifying Privacy Vulnerabilities
Summary


Taught by

OWASP Foundation

Related Courses

Pattern-Oriented Software Architectures: Programming Mobile Services for Android Handheld Systems
Vanderbilt University via Coursera
Engineering Maintainable Android Apps
Vanderbilt University via Coursera
Software Design as an Element of the Software Development Lifecycle
University of Colorado System via Coursera
Secure Software Development
Pluralsight
Secure Software Concepts for CSSLPĀ®
Pluralsight