Security & IoT – Sensors Expo & Conference 2019



I would say we always like from a security person I look at that and I think that's crazy but really did that end like that was a few years ago and I'm not sure that really made a huge change on it I feel like on the automotive side what's really gonna impact the car OEMs is they're gonna say dude I want my car to actually be a living room where I can make money on additional services that are SS autonomous vehicles going down somebody can be purchasing at or purchasing an additional aspect that's coming in or a book that they're reading or whatever it is or going by a store and that's really what the value is and unless these these OEMs are gonna see an additional piece I'm not sure from all the security side they're going to be that worried or put in that much effort to just make sure that they're addressing the the g-pack because I don't think they've done that much they've haven't made that much of steps and unfortunately I've got some softballs it's okay since in first for you okay talk to me about the test beds going on at the industrial area consortium that was security being tested there so yeah security because people are working together in the consortium to create a security firm framework consider the industry healthy systems especially for the define the space for framework how those systems typically work and how the industry have worked together to get a unified civil framework for to protect the industry I think that's a above the very major major world there are security group is currently working on I see myself so it's a very important piece to protecting the industry system through a comment and though so as part of the Internet's workshop I think it's really important that we can all work together and see each other's problems from a different aspect but one piece from a security person from if I look at my customers aspect is we as I see have come out with the security stack that are a security framework that is inches.that great it's gonna have a sub factor when you put it down and we need to figure out how to help our customers really address that with a one-page what's simplified version because we can't go in and say look at this amazing framework you can use people will be scared and I feel like just say well screw it if I got to do that I'm not even gonna do anything and I think in some ways that's really what the decision some people have made in the past and we need to help them figure out a simple way to start taking steps so they are at least steps towards a more secure environment okay so this is sort of not as softball so Giulio when I think of keys I think of certificates okay and if I go into my computer right now it's like the movie Sixth Sense in the fact that I open up my certs and I see dead companies okay lots and lots of death certificates so just in a curiosity what's the impact of having all these certs out there that don't necessarily have any management or control anymore that's work that I'm not sure how to address that really and are really simplified level but I think we have to I mean in your browser yourself right you were relying on some of these browsers to continuously update that on the other hand you need to be able to figure out if you're looking at much smaller IOT devices and I'm going to dive into the IOT sense rather than say at the browser Spence just because of where we are in the IOT sense you need to figure out what aspects if you're if you just have trust on that one device and be able to provide an authentication for that device you need to be able to blacklist it if you need if it needs to come back online what are your applications on the other hand if you just don't want to trust the data you can do it in the cloud and say well if I get any more data from that I'm not trusting it anymore I'm just gonna ignore it so I think virtually I don't think I can answer from an IOT sense that there's a unified vision of what to think of that from the browser side there's a more unified vision of how the the browsers are actually addressing that yeah so for the for the IOT domain actually the pecan certificate that have been play very important role for past few years to bring the trusted device to the to the system actually also system yes using the X level knife that's most popular certificated using also in the in the web world however people found that certificates actually quite big sometimes cannot fit into your smaller devices also you can see the ladder circuit specification Center development particularly for the machine-to-machine communications which relatively ref is small compared to the tradition of and you can fit most LT of the patient's that's also that's a certificate it's a short lab you'll keep issuing that's more sophisticated to the device and after the short period of time become it's very I think the policy associated with those certificates of what we're doing with each device is really important to address okay I'm ready for John you've got to come back here or scream at them if you say I think we can handle over here questions so you brought up something interesting once you blacks this back the bike white I agree it's most cases vegetable yes sorry tits and the question so your question was I was we were talking about the fact when she black lists the device most times you would never bring that device online you're never gonna trust it again and I agree with you in most cases yes that is the piece if you basically when do you provide when do you validate and authenticate that trust is really what you're doing and you have to look at each one unfortunately from the threat model that each of those devices is but yet in some cases you may be somebody owns this device and you're gonna say okay now I'm not going to trust it based on that person and authenticated to that person or that company but in a few cases you're going to want to be able to reallocate these devices as basically someone else yeah so that question was it's very expensive because you gotta roll a trap I had a percent agree yes and being able to and as we get costs down for these sensors I think some of them we're just gonna have to say they're throwaway once you don't have a certain amount of trust you're gonna have to throw it away because it's not worth the truck roll right and as once we have these sensors just distributed all over yeah I agree with you I think means every time I just wanted that truck roll is in a lot of ways what we're doing with int is being able to try and bring in that data without a truck rolls right that's why we want to have these devices out there in the first place in oil I guess that's why they're monitoring the pipeline so they don't have to have literally I was talking to someone in the space that literally at ten years ago you can put someone walking every single pipe once a year right you don't want that anymore and that's what ideas for how do we avoid that so I've got one last question and you have to speak loud enough because there it's for the entire quality here okay which is okay if I were a sensor company and I don't talk about security right now what is the one place I should go to first to understand more about security yeah this is a very interesting question if you are sensor company you don't know that secret Adama the first place you need to look at what's a significant impact what's up what's a potential asset might have in the future yeah just look at the past you need to know what you need to do in the future I was giving you that softball to say the industrial internet consortium is a huge amount of people on the IC with a broad range of experiences both from use cases all the way through the manufacturers or each one of those companies my rabbi says there's only one tested what what are you trying to solve and sometimes that's the biggest piece that the first question is what are you trying to solve what are you what your impact if you are breached okay and with that give them a round of applause so

Be First to Comment

Leave a Reply

Your email address will not be published. Required fields are marked *