Embedded World 2017 – IoT coming of age.

by Cesare Garlati – Chief Security Strategist, prpl Foundation

Last week I had the pleasure of attending Embedded World 2017 in Germany as I was invited to give a couple of presentations on the pioneering work we have been doing at the prpl Foundation with regards to the prplHypervisor™ and prplPUF™ APIs for securing IoT. As it turns out, IoT was the top line at the conference that drew in more than 30,000 trade visitors – and the event solidified the notion that embedded computing is now synonymous with IoT.

Continue reading

prpl @ Microchip MASTERs 2016

U.S. MASTERs 2016prpl Foundation, along with our members Imagination Technologies and Seltech, were excited to participate in Microchip MASTERs conference in Phoenix last week.

MASTERs is known as the “premier technical training conference for embedded control engineers”. We were thrilled to showcase our latest developments for this group: the porting of the prplSecurity™ framework to Microchip’s PIC32MZ controllers sporting the MIPS M5150 core.

Continue reading

Open, Hardware-Based IoT Security Can Be a Win/Win for Innovation & Regulation

Art Swift, President, prpl Foundation

In the last blog post, I discussed how regulators are increasingly setting themselves on a collision course with consumers keen to customize and improve the functionality of their products. The key here is the Internet of Things, which is rapidly turning a new generation of products “smart” by adding computing power, network connectivity, and sophisticated software. From cars to routers and drug infusion pumps to drones, they now offer a wealth of possibilities for tech savvy owners keen to push their device capabilities to the limits. At the same time there are logical reasons why lawmakers and regulators need to lock down certain functionality – for the safety and well-being of their citizens. It’s a delicate balance.

The problem is that current IoT systems simply aren’t architected in a way which will allow for this kind of granularity. The answer is a new approach outlined in the prpl Foundation’s new document: Security Guidance for Critical Areas of Embedded Computing. It describes how open source development; secure boot based on a root of trust anchored in the silicon; and hardware virtualization can keep both regulators and consumers happy. Continue reading

Open source software under attack – is the worst still to come?

What we can learn from the recent cyber attacks to the popular website GitHub and why we should worry about what is likely to come next.

github-attackOver the last few days the popular website GitHub has been the target of a massive Distributed Denial Of Service attack – DDoS, apparently originated from China. As I write this note, the GitHub status webpage now indicates “Everything operating normally” and “All systems reporting at 100%”. However, I am afraid the story is far from over and the worst may still be to come.

Continue reading