GitHubBecome a leader in the IoT community!
Join our community of embedded and IoT practitioners to contribute experience, learn new skills and collaborate with other developers with complementary skillsets.
Step 1 of 5
CREATE YOUR PROFILE *Required
Step 2 of 5
WHAT BRINGS YOU TO DEVHEADS? *Choose 1 or more
Connect & collaborate π€with other tech professionals
Learn & Grow π
Contribute Experience & Expertise π§
Step 3 of 5
WHAT'S YOUR INTEREST OR EXPERTISE? *Choose 1 or more
Hardware Design π‘
Embedded Software π»
Edge Networking β‘
Step 4 of 5
Personalize your profile
Step 5 of 5
Read & agree to our COMMUNITY RULES
- We want this server to be a welcoming space! Treat everyone with respect. Absolutely no harassment, witch hunting, sexism, racism, or hate speech will be tolerated.
- If you see something against the rules or something that makes you feel unsafe, let staff know by messaging @admin in the "support-tickets" tab in the Live DevChat menu.
- No age-restricted, obscene or NSFW content. This includes text, images, or links featuring nudity, sex, hard violence, or other graphically disturbing content.
- No spam. This includes DMing fellow members.
- You must be over the age of 18 years old to participate in our community.
- You agree to our Terms of Service (https://www.devheads.io/terms-of-service/) and Privacy Policy (https://www.devheads.io/privacy-policy)
By clicking "Finish", you have read and agreed to the our Terms of Service and Privacy Policy.
First ig they should Mandate some level of encryption , in order to deny third party access to the iot system
Any idea on the encryption type and how it can be incorporated
asper nsit – ascon is the leading tech in lightweight cryptography – https://ascon.iaik.tugraz.at/
Yes based on the outline the course would help you get well grounded on atmega32 chip
okay got it , thanks a lot
@josephogbonna here are the benchmarks for basic dev boards like esp32 , arduino and stm
https://ascon.iaik.tugraz.at/implementations.html
What’s your thoughts on this @lmtx
From an European perspective, I think it is good to ensure some kind of protection for the end user – it is too easy to cut costs and ignore security and supportability.
Unfortunately, having created devices under that concept, the implementation is managed by pen-pushers who donβt actually understand the problem and so it turns into a box ticking exercise.
I spent a load of time doing security hardening on a system only to be told it was pointless because the guidelines didnβt say the system had to actually be secure, they just needed to have had a risk assessment!
π€ hmm, can you elaborate little on the risk assessment and the system not having need to be secured. Doesn’t this make the device to be vulnerable ?
It was not that the device didnβt need security, it was more that the guidelines seemed to have written by people who didnβt actually understand security. The tick box was along the lines of βhave you done a risk assessment?β
It made no comment about actually finding any issues and fixing them.
My (non-procedural view) was that I could have answered, βyes, I have done a risk assessment and we found a whole load of issues – but so what, we followed the procedure. β
I will admit to be a little cynical as I have had to deal with paperwork and procedures written by non-techies for too many years.
I would say that the governing body and regulators should seek expert advice before putting in policies in place, because it might hinder upcoming innovations.
Iot firms can be deliberate. This can be done by having a joint alliance. For example in blockchain security in the web3 space, major auditing companies came together to develop standards , best practices, etc that conforms to current industry trends
Government policies and regulations can outrightly affect the space, so they should be advised accordingly.
CONTRIBUTE TO THIS THREAD