Embedded World 2017 – IoT coming of age.

by Cesare Garlati – Chief Security Strategist, prpl Foundation

Last week I had the pleasure of attending Embedded World 2017 in Germany as I was invited to give a couple of presentations on the pioneering work we have been doing at the prpl Foundation with regards to the prplHypervisor™ and prplPUF™ APIs for securing IoT. As it turns out, IoT was the top line at the conference that drew in more than 30,000 trade visitors – and the event solidified the notion that embedded computing is now synonymous with IoT.

Continue reading

RSA Conference 2016 – A New Hardware-Based Approach to Secure the Internet of Things

Live Demo: A New Hardware-Based Approach to Secure the Internet of Things
RSA Conference 2016 – Abu Dhabi
November 16, 2016 | 11.20 – 12.10 hrs | Level 1 | Room: Etihad Ballroom 2

rsa-2016-garlati-clip

 

Quick look – This session will address four key elements that have introduced serious weaknesses into the IoT: proprietary systems, connectivity, unsigned firmware and lateral movement. Discussion will showcase a new approach to IoT security demonstrating how SoC virtualization and security through separation can address these vulnerabilities, which have already been shown to have potentially life-threatening consequences.

From hospitals dispensing life-saving drugs, to connected cars – embedded computing is transforming the way we live and work. But underlying weaknesses have introduced potentially life-threatening vulnerabilities into the Internet of Things.

Continue reading

IoT Evolution Wrap Up

UPDATE : Application Note posted at https://prpl.works/application-note-july-2016/

Last week, the prpl Foundation took to the stage at IoT Evolution Expo in Las Vegas to present a workshop on the prpl Security Framework, during which we revealed a demonstration of the framework in practice. It was a series of firsts, as the use of the prplHypervisor™ was put into practice as well as prplPUF™ and prplSecureInterVM™.

Cesare Garlati, chief security strategist at prpl Foundation demonstrated the prplHypervisor™ on Thursday July 14th at 9AM, as part of a prplSecurity™ workshop on the IoT Developer track. The demo was a joint development effort of three key prpl members: Intrinsic-ID, Altran and the Pontifical Catholic University of Rio Grande do Sul (PUCRS).

Garlati showed three virtual machines connecting to the Internet and securely controlling a robotic arm. A MIPS M5150 CPU powers the PIC32 microcontroller to run the prplDSC_5023 hypervisor and thus securely isolates each application in its own virtual machine (VM). VM #1 receives commands from the Internet via Altran’s picoTCP listener, VM #2 authenticates the request via Intrinsic-ID’s implementation of the prplPUF™ API, and then relies authenticated valid command to VM #3, which is responsible for the real time control of the robotic arm via USB. The three VMs are completely separated and communicate within the system via the prplSecureInterVM™ communications APIs.

Continue reading

prpl Foundation Unveils the First Open Source Hypervisor for the Internet of Things

Debut of the prplHypervisor™ to occur at the IoT Evolution Expo in Las Vegas

SANTA CLARA, CA–The prpl Foundation today announced the upcoming debut of the prplHypervisor™ at the IoT Evolution Expo in Las Vegas. The prplHypervisor™ is an industry-first light-weight open source hypervisor specifically designed to provide security through separation for the billions of embedded connected devices that power the Internet of Things.

A principle set out in the Security Guidance for Embedded Computing published by prpl in early 2016, security through separation is key to fixing the fatal security flaws plaguing the IoT. “From theft of personal information and financial data to remote takeover of devices which could bring harm to the public, it’s in the interest of every stakeholder in the connected device supply chain to ensure that these devices are designed first for security,” said Art Swift, president, prpl Foundation. Continue reading