13 – 15 FEBRUARY 2020 | KTPO TRADE CENTER | BENGALURU | INDIA
 

RISC: Secured IoT and Cybersecurity

RISC Part 1: Date: 26th Feb (Full Day),  Venue: Conference Hall A, KTPO Expo Centre

RISC Part 2: Date: 27th Feb (11:20 to 13:30),  Venue: Conference Hall B, KTPO Expo Centre


RISC Part 1


SECURE IoT THROUGH FRAMEWORK, DESIGN AND DEPLOYMENT CONSIDERATIONS

By Ratnakar Gandhe, Head- Product Engineering Services and IoT solutions Group, Mindteck  (Speaker Profile)

Ratnakar Gandhe, Head – Product Engineering Services and IoT solutions group, Mindteck

There is no option but to adopt IoT solutions in the existing business processes in the enterprise as well as home environment due to its attractive benefits of reducing efforts, better yields, higher visibility in operations, prediction and decision-making process leading to Industry 4.0.

IoT security can never be assured or guaranteed and implementations are always vulnerable. While new vulnerabilities are being discovered, it’s important to follow a framework to monitor and develop best practices continue to guide specific use case and operating environment. A structured process of questioning and evidence gathering helps to ensure the implementation of suitable security mechanisms and practices. Similarly, security of IoT implementation has to be a concern with all stakeholders: OEM designing the devices, service provider and retailers or anyone involved with architecting, design, planning or procuring the IoT product.

It is also important to adopt secure by design approach. It is understood that addressing the security of a product at the design stage cost much lower than to introduce security around the product after it’s creation. Apart from technical concerns such as architecture, design feature, and maintenance, it is equally important to consider use case, business model and liability level. Components of the IoT network must provide aspects such as encrypted communications, whitelisting capabilities, interoperability between devices & vendors and software solution with strong roots of trust and added benefits of user privacy.

This presentation discusses above challenges and provide a practical view and approach on how to adopt best practices and use secure design methodology  to reduce vulnerability of IoT implementation and ensuring IoT implementation stockholder such OEM, designers, service provider or retailers to  take  secure product  to market with minimal or no involvement or expectations from user from technology and expertise point of view.

Key takeaways

  • Need for IoT solutions and challenges in implementation
  • IoT solutions for Smart Factory/Smart Solutions
  • Understanding possible approaches

HOW TO SECURE REAL-TIME MISSION CRITICAL IoT SYSTEMS

Amar Prusty, Cloud Data Center Architect, DXC Technology

By Amar Prusty, Cloud Data Center Architect, DXC Technology (Speaker Profile)

The internet of things (IoT) presents us with enormous opportunities to positively affect the world around us—everything from increasing air quality to easing traffic to saving water and electricity. We can measure the world in new ways that can impact lives for the better. But just as opportunities increase with IoT, so does data. Secure IOT-Edge-Cloud is critical today as IoT & Digital Technologies are working in close collaboration with larger attack surface for security attacks-Vulnerabilities in IoT-Edge-Cloud-Application Solution Architecture which can be fixed proactively and fast response for attacks. This talk would focus on the overview of Security Risks with IOT-Edge-Cloud and approaches for prevention. It will also give you an overview of cybersecurity, Internet of Things, Edge, Cloud, Secure Application Development.

Key Takeaways

  • What are the various security risks prevalent in IoT – Edge cloud.
  • How can we prevent the attacks on real-time mission-critical systems
  • What are the steps to follow to develop secure applications?

WHAT ARE THE THREATS AT DIFFERENT LEVELS OF IoT ECO-SYSTEM AND THE CONSIDERATIONS TO MITIGATE THEM

By Tejas Vaghela, General Manager/ Director, System Level Solutions Pvt Ltd (Speaker profile)

Tejas Vaghela General Manager/ Director, System Level Solutions Pvt Ltd

Tejas has 12 years of experience in System and Embedded technology and having 6 years of experience from managing engineering team, defining, architecture system design.
Managing in house group and Lead and motivated teams toward excellence. Designing products including cloud to low-level hardware.

He is going to talk about Secured IoT and Cyber Security, the threats at different levels of IoT Eco-System and the considerations to mitigate them using various techniques.

Key takeaways

  • Knowing the threats at different levels of IoT Eco-System such as Cyber Level, Physical level, Infrastructure level, and Enterprise level
  • Security challenges and risks in IoT Eco-system and how to address them using basic algorithms and techniques.
  • Best real-time practices for robust and reliable IoT Eco-System

BEST PRACTICES TO MAKE YOUR IoT SOLUTIONS SECURE

Shailendra Miglani, Global Black Belt Team-Technical Sales, Microsoft Azure IoT Cloud

By Shailendra Miglani, Global Black Belt Team-Technical Sales, Microsoft Azure IoT Cloud (Speaker Profile)

Shailendra Miglani has been working as Technology Influencer and Technical Sales Professional for over 18+ years in specialized areas of Embedded & IoT Computing, Cloud Infrastructure and Signal Processing. He has a distinction of working with Customers for the diverse portfolio in domains such as Manufacturing, Transportation, Security, Communication Infrastructure, Surveillance, and Energy. His talk will be about the security threats in IoT devices and how to make them more secure.

Security threats are emerging in IoT because IoT Devices are vulnerable and easy to attack.  There is an urgent need for organizations to consider IoT end to end security as part of the design process. The session will cover challenges that organizations are facing on IoT Security and what are the best practice to make IoT solutions secure. The session also covers the Microsoft approach to solve security challenges in IoT.

Key takeaways

  • How can organizations consider the end to end security as part of the design process
  • What are the challenges faced by organizations with respect to IoT Security
  • What are the approaches followed by Microsoft to solve security challenges in IoT

PERILS OF TRIVIALIZING SECURITY FOR IoT: WHY YOU SHOULD CARE ABOUT IT, AND WHAT YOU CAN DO

Sumanth Naropanth, CEO, Deep Armor

By Sumanth Naropanth, CEO, Deep Armor (Speaker Profile)

The Internet of Things (IoT) market today is defined by product manufacturers pushing a broad spectrum of computing devices out to the hands of consumers at an ever-increasing pace. They are in a rush to hit the market shelves before their competitors and they often marginalize security, citing irrelevance and no “return on investment” In this presentation, we discuss commonly seen security vulnerabilities in IoT products, their impact to business and consumers, liability laws (including the new California SB 237) and what they mean to companies. We demonstrate new, practical attack vectors for these platforms. We conclude with a series of discussions on a new Security Development Lifecycle (SDL) framework tailored for IoT. Our proposal weaves security and privacy activities. It enables IoT product vendors to “shift-left” their security practices and accommodate for continuous integration/delivery, thereby helping them build and ship secure, privacy-preserving solutions to their customers.

Key Takeaways

  • Impact of marginalizing security for IoT products.
  • Steps that IoT vendors can take to mitigate common security problems in such platforms

CYBER SECURITY: THE FOUNDING PILLAR OF IOT

Divyanshu Verma, Sr. Engineering Manager, Intel RnD

By Divyanshu Verma, Sr. Engineering Manager, Intel RnD (Speaker Profile)

This talk will bring out the importance and challenges in an IoT world. The interactions inside Iothe T enabled the ecosystem and the cyber risks that are an inherent part of any IoT.

The talk will explore the new attacks such as insider ddos, critical i/f attacks etc and will finally explore the strengths and weaknesses of some of the protocols that are primarily used inside an IoT ecosystem.

Key Takeaways

  • Security perspective of IoT
  • Types of cyber Risks inside IoT ecosystem
  • Some use cases of cyber risks inside IoT implementations

RISC Part 2


THE RIGHT SECURITY FOR IoT

Sarah Woo, Marketing Manager Digital Security Solutions Infineon Technologies

By Sarah Woo, Marketing Manager Digital Security Solutions Infineon Technologies Asia Pacific (Speaker Profile)

A successful attack on an IoT device or system can have significant impact on users, device manufacturers and service providers by affecting the physical as well as the cyber world. It may expose confidential information such as private user data as well as know-how, intellectual property and process intelligence.

In addition, it can lead to interruption of operations, compromise of business continuity and even danger to a company’s brand image, success and very existence. Most of the IoT devices are constrained devices that have very low CPU power and memory.

Therefore, they are unable to support the elaborate suites of enterprise solutions such as antivirus or malware protection software.

These devices, therefore, need to depend on the security design methodology that includes both software practices and using tamper-resistant hardware trust anchors. Infineon OPTIGA™ product family is designed to deter four main attack scenarios on IoT devices; namely Fake device, Eavesdropping, Manipulation and Malware attacks.

Sarah Woo is the Marketing Manager of Digital Security Solutions at Infineon. In her area of work, she focuses on security for Connected Devices. She is particularly interested in the growth of the Internet of Things (IoT) market and is a huge believer that Trust is a prerequisite for IoT systems to be widely adopted.


HOW HARDWARE DESIGN CHOICES CAN MAKE THE LIFE OF ATTACKERS DIFFICULT IN IOT SECURITY?

Ruchi Shankar, IP Design Manager, TI

Ruchi Shankar, IP Design Manager, TI

By Ruchi Shankar, IP Design Manager, Texas Instruments (Speaker Profile)

If it’s on the internet, it isn’t private. With the widespread adoption of the Internet of Things, the number of connected devices, including consumer wearable’s, connected vehicles, health devices, and smart grids have been showing a huge rise worldwide. These systems are able to gather and share huge quantities of sensitive data, which raises serious concerns. Now visualize all this data flowing through the un-safe and un-reliable public Internet. It doubles the overall risk to consumers as well as to the provider. “It is like posting your personal information on Internet …you know the impact…Don’t you?”. IoT security is the practice of eradicating vulnerabilities in IoT devices and equipping them with the means to detect, resist and recover from malicious attacks. You need to make the right choices from the beginning since hardware vulnerabilities cannot be patched as easily as software. Unless a clear hardware foundational security is made as a design choice in IOT equipment design, you are increasing the risk of easy accessibility to attackers. This presentation would emphasize on the strong hardware foundation which is a key to IoT security. In this paper an approach has been made to identify major security and privacy flaws existing in IoT enabled devices especially from hardware perspectives, and thereby to present possible solutions to existing challenges for conversion of ‘Internet of Things’ in ‘Internet of Secure Things’.

Key Takeaways

  • Visualization of how the attacks would look like in the IoT ecosystem.;
  • IoT edge node and building blocks.;
  • How hardware comes as a rescue means in IOT application security?

TACKLING DATA SECURITY, PRIVACY, TRUST CHALLENGES IN THE INTERNET OF THINGS

Aditya Kumar, Group Technical Specialist – NEC Technologies India Pvt Ltd

By Aditya Kumar, Group Technical Specialist – NEC Technologies India Pvt Ltd (Speaker Profile)

With the advent of network-connected devices, systems and services comprising the Internet of Things have suddenly opened up immense opportunities and benefits for our global society. Every industry is gearing up to embrace this journey and delivering connected devices to enhance customer experience at a lower cost in a subscription based service model. IoT Security, however, has not kept up with the rapid pace of innovation and deployment thereby bringing in increased security risk – safety and economy. These risks have the potential to evolve into bigger threats which can include physical harm to people, infrastructure damage, prolonged power downtime. In this presentation, IoT Security risks shall be discussed and shall provide the best practices towards design, manufacture and operate in Industrial IoT space.

Key Takeaways

  • Insight into IoT Security trends
  • Challenges in implementing security across complete IoT eco-system
  • Best practices on Safety, Privacy, and Trust

Many more talks in this track will be updated soon! Meanwhile, you can check out the rest of the conference here.