Surviving in the Wilderness: Integrity Protection and System Update for IoT Devices
Offered By: Linux Foundation via YouTube
Course Description
Overview
Explore a comprehensive conference talk on integrity protection and system updates for IoT devices in challenging environments. Learn about over-the-air (OTA) update mechanisms and techniques to detect tampering attempts on powered-off devices. Compare various approaches including Linux Integrity Measurement Architecture (IMA), Clear Linux OS swupd, dm-verity, and OSTree. Gain insights into using meta-integrity and meta-swupd layers in Yocto/OpenEmbedded-based Linux distributions. Discover key criteria for evaluating update mechanisms, integration with boot processes and update servers, and compatibility between updates and integrity protection. Delve into architecture considerations, target machine setup, installer images, initramfs, and whole-disk encryption. Benefit from the expertise of Patrick Ohly, maintainer of meta-integrity and meta-swupd, as he shares his experience in IoT OS development based on OpenEmbedded and the Yocto Project.
Syllabus
Intro
MOTIVATION FOR THE TALK
PERSONAL BACKGROUND
WHY BOTHER?
MECHANISMS COMPARED FOR YOCTO PROJECT
KEY CRITERIA
BLOCK VS. FILE UPDATE
PARTITION LAYOUT
INTEGRATION WITH BOOT PROCESS
INTEGRATION WITH UPDATE SERVER
IMA/EVM
DM-VERITY
COMPATIBILITY BETWEEN UPDATE AND INTEGRITY
ARCHITECTURE
TARGET MACHINE
INSTALLER IMAGE
INITRAMES
WHOLE-DISK ENCRYPTION
DEMO
OPENS
Taught by
Linux Foundation
Tags
Related Courses
A developer's guide to the Internet of Things (IoT)IBM via Coursera Enterprise and Infrastructure Security
New York University (NYU) via Coursera Getting Started with the Internet of Things (IoT)
Microsoft via edX AWS IoT: Developing and Deploying an Internet of Things
Amazon Web Services via edX Components And Applications Of Internet Of Things
Indian Institute of Technology Patna via Swayam