The Essential Path from Security to Trust
Wed. October 31| 10:00 AM - 10:45 AM | 208A
Conference: ESC Minneapolis 2018
Track: ESC Track C: IoT & Connected Devices
Pass Type: Conference Pass (Paid)
Security starts with the boot of the device, but establishing trust requires verifying and authenticating all the software running on the device. This requires extending the secure boot process provided by silicon makers to ensure trustworthiness. This session will walk through typical scenarios that embedded systems use to establish a secure boot and then the best practices of what to do after the first piece of mutable code is running. It will cover using a hardware root of trust as a trust anchor, and describe a process for deriving additional device keys and certificates from that initial payload. The session will cover attesting the various components of the system from the boot code all the way to the device's primary application. Finally, it will describe the effect of isolating hardware components to limit exposure during this process.