Surviving in the Wilderness: Integrity Protection and System Update for IoT Devices
Offered By: Linux Foundation via YouTube
Course Description
Overview
Explore a comprehensive conference talk on integrity protection and system updates for IoT devices in challenging environments. Learn about over-the-air (OTA) update mechanisms and techniques to detect tampering attempts on powered-off devices. Compare various approaches including Linux Integrity Measurement Architecture (IMA), Clear Linux OS swupd, dm-verity, and OSTree. Gain insights into using meta-integrity and meta-swupd layers in Yocto/OpenEmbedded-based Linux distributions. Discover key criteria for evaluating update mechanisms, integration with boot processes and update servers, and compatibility between updates and integrity protection. Delve into architecture considerations, target machine setup, installer images, initramfs, and whole-disk encryption. Benefit from the expertise of Patrick Ohly, maintainer of meta-integrity and meta-swupd, as he shares his experience in IoT OS development based on OpenEmbedded and the Yocto Project.
Syllabus
Intro
MOTIVATION FOR THE TALK
PERSONAL BACKGROUND
WHY BOTHER?
MECHANISMS COMPARED FOR YOCTO PROJECT
KEY CRITERIA
BLOCK VS. FILE UPDATE
PARTITION LAYOUT
INTEGRATION WITH BOOT PROCESS
INTEGRATION WITH UPDATE SERVER
IMA/EVM
DM-VERITY
COMPATIBILITY BETWEEN UPDATE AND INTEGRITY
ARCHITECTURE
TARGET MACHINE
INSTALLER IMAGE
INITRAMES
WHOLE-DISK ENCRYPTION
DEMO
OPENS
Taught by
Linux Foundation
Tags
Related Courses
Software Update Solutions for Yocto and OpenEmbeddedLinux Foundation via YouTube One Build to Rule Them All - Building FreeRTOS & Linux Using Yocto
Linux Foundation via YouTube Building Container Images with OpenEmbedded and the Yocto Project
Linux Foundation via YouTube Speeding Your Linux Development with Debian and OpenEmbedded on DragonBoard 410c
Linux Foundation via YouTube How Did Linux Become a Mainstream Embedded Operating System
NDC Conferences via YouTube