Author: Richard Marshall, IoTSF
Taking a secure IoT product to mass production involves more than just making sure the software is secure. It often requires creating secure production and deployment processes both of which have an impact on the embedded software and can involve the development of supporting software elements for automated credential and configuration management to allow deployment at scale. In his presentation Richard will give some insights into some of principles and pitfalls of deploying secure devices at scale to ensure that the product deployment is resilient to changes and security updates.
Security and Safety - Tues 25th September 14.25 - 15.10
Richard is Managing Consultant at Xitex Limited, which provides consultancy on defining and launching wired and wireless connected products with emphasis on creating secure IoT products and their secure supply chains. He has spent over 25 years in the electronics and communications sectors, having worked for Lucent Technologies, Sony, Cisco and also being a founding lead team member at startups Ubiquisys and nSine. At Ubiquisys and subsequently Cisco, after its acquisition of Ubiquisys in 2013, Richard was the Product Manager for their global cloud based activation system for 3G/4G small cells. This role being the security advocate, technology champion and secure manufacturing supply chain architect for the successful secure deployment of more than a million small cells manufactured in Europe and SE Asia. More recently he has been involved with taking various IoT products to market.
As Chair of the Internet of Things Security Foundation Plenary Group, Richard leads the implementation of IoTSF’s strategy. The Foundation’s objective is to drive the pervasiveness of IoT security, improving its fitness and end-to-end quality. The Plenary Group is an important piece of the delivery plan as it is the central members’ forum where concerns are identified and active working groups determine the corresponding measures to address the challenges. Typical outputs from the working groups are best practice guidelines which satisfy the simple requirements of being useful, accessible and crucially, actionable.