I'll respond in more detail when I'm on the computer. I strongly agree, at the very minimum:
1. Secure bootloader
2. Lock flash, or better blow JTAG fuse
3. Keep CA certs on device and issue certs using CA to cloud servers
4. use signed OTA payloads, you'll need this if you're doing 1. (edited)
[10:03]
I learnt the hard way comprising security for usability/product requirements. :disappointed:
[10:04]
If you're using resource starved mcus use micro-ecc or something similar.
Created
October 26, 2016 18:49
-
-
Save wolfeidau/0b3456e4c307a1d09303c903091e3489 to your computer and use it in GitHub Desktop.
Discussion on security for devices
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment