April 18–19, 2018Boston Convention & Exhibition CenterBoston, MA

ESC Boston 2017 Schedule Viewer

Use the scheduling tool below to browse all the available sessions, speakers, and topics at this year's event. Find the content and sessions to fit all of your educational needs and ensure you get the most out of your time at the event.
All SessionsSpeakersMy Schedule
View Sessions As:
  
  • Vulnerabilities in IoT: Insecure Design Patterns and Steps to Improving Device Security

    Speakers:
    Location:  160A
    Format: 45-Minute Technical Session
    Conference Track: Connected Devices and the Internet of Things, Embedded Software
    Session Type: Conference (Paid)
    Pass type: Conference (Paid) - Get your pass now!
    Vault Recording: TBD

    This talk will explore vulnerabilities resulting from insecure design patterns in internet-connected embedded devices using real-world examples. In the course of our research, we have observed a pattern of vendors incorporating remote configuration services, neglecting tamper proofing, and rampantly re-using code. We will explore how these design flaws resulted in vulnerabilities in a remote power supply, a web camera, and a router. This talk is intended for a wide audience, as these insecure design patterns exist across industries and market segments. Attendees will get an inside view into how attackers operate and walk away with an understanding of what must be done to improve the security of embedded devices.