Threat Modeling for Secure Embedded Software
When it comes to security, embedded software presents a unique set of challenges for application development and engineering teams. To ensure your embedded software is secure, you must start by understanding the threats that can make it susceptible to attack and then establish appropriate counter measures. Designed for embedded software engineers and security specialists, this session identifies the characteristics of embedded software that make it vulnerable to security threats, discusses the importance of threat modeling, and provides specific mitigation activities all embedded teams should employ.
What You'll Learn:
- Common attacks and threats against embedded systems
- What threat modeling is—and isn't—and why it's important
- Leveraging your threat model to write secure code, conduct effective security code reviews, and drive test planning
- Defensive coding and test attack techniques
Joe Basirico, Engineering Team Lead, Security Innovation
Joe leads the Security Innovation engineering team in their delivery of high-quality, impactful assessment and remediation solutions to the company's customers. He has spent most the majority of his professional career analyzing application behavior, understanding application threats and developing tools and methodologies that assist in the discovery and removal of application security problems. Joe manages the company's engineering blog and has written several publications that focus on vulnerabilities at the source code level.
Gwyn Fisher, Chief Technology Officer, Klocwork
Gwyn Fisher is the chief technology officer at Klocwork and has more than 20 years of global technology experience. He brings a valuable combination of vision, experience, and direct insight into the software developer's perspective. At Klocwork, Gwyn returns to his original passion, compiler theory, to move static source code analysis to the next level.