I will be speaking in the ARM Security Seminar in Taipei, Taiwan. The title of the talk is “Future proofing your security architecture”.
Following is the talk abstract:
When a manufacturer produces a device, it is important to make the device remain relevant and useful for years to come. Indeed, some consumer devices are manufactured with a short lifespan in mind. However, the Internet-of-Things consists also of devices that are expected to remain in service for decades without losing their relevance. The security subsystem of such a device, being responsible for enabling much of the device usefulness, also needs to be designed with the future in mind.
Future-proofing the security architecture has some well known elements to it, such as making its logic changeable using code updates. Less known elements of assuring longevity require the ability to add and remove assets throughout the device lifetime. Finally, an important aspect of future-proofing devices, particularly IoT ones, requires addressing the future ecosystems in which these devices will operate, and accounting for the relationships between their foreseen stakeholders.
Only by considering all factors that make a security architecture both secure and useful, can a security subsystem, and the device that encompasses it, remain relevant and useful for years to come.