EE Times has been covering the Internet of things for a very long time, and one thing that is painfully clear to everyone involved is that the IoT is going to be one huge security vulnerability unless people take action.
For example, earlier this week, EE Times editor Sally Ward-Foxton wrote an article about a set of “formal ethical positions” proposed by NXP Semiconductors for artificial intelligence at the network edge. The proposed principles deal with security and safety. Now, AI and the IoT are not the same thing, but they are highly congruent. A lot of the things that are going to be enabled with AI at the network edge are going to be IoT devices and applications.
The point is, IoT Security is a huge, far-ranging issue. Arrow Electronics is hosting a virtual conference and exposition on the subject. If you didn’t already know this, Arrow owns the AspenCore publishing house, and EE Times is part of AspenCore.
To find out more about the IoT Security Virtual Conference, we called up one of the organizers. Wayne Dragon is Arrow’s Global Technology Manger focusing on security and connectivity. Wayne’s apparently been around for a while. He said he’s being doing the Internet of Things since it was called machine-to-machine, or M2M. Yep, I’ve been reporting on the IoT for at least that long, too.
Wayne, tell us about market and about why the IoT Security Virtual Conference is going to be something that people are going to want to attend.
WAYNE DRAGON: Well it’s definitely going to be something people want to attend. We have a huge growing market for connected devices, and today over 70% of them are said to be vulnerable to security attacks. And when you look at that, combined with those billions of connected devices and everybody trying to hack into different things, whether it’s a small-time hacker or a nation state type of attack, we need to be able to stop them from an OEM perspective, or at least prevent them and think about them when we’re doing our designs.
BRIAN SANTO: So you’re talking about designing with security in mind. I imagine the program at the conference is going to have speakers addressing that issue.
WAYNE DRAGON: Absolutely. We have the technology leaders in the industry that are going to be there. We’re going to have some great panel discussions about legislation and regulation. We’re going to be talking about all sorts of things from our suppliers that are key suppliers to people like Infineon Technologies. We’re going to have folks from the PSA-certified organization, Microchip, NXP, Silicon Labs, ST, to name a few. We’re going to go through multiple technical sessions where we learn about how to do that. How to take technology and use it to build security into your original equipment manufacturer designs.
BRIAN SANTO: Great. So there’s going to be a lot of practical information for engineers to bring home to their jobs and figure out how to start, or if they’re not already doing some design for design, they’ll get some good tips on how to improve techniques. That sort of thing?
WAYNE DRAGON: Absolutely. That’s what our target is. We want to talk to our engineers that are developing these commercial and industrial that have to have security. It’s a mainstay. If you don’t have it, you’re not protecting critical data or IP that needs to be done. So how do you take, whether it’s hardware, software or services around your products, and secure them for the lifecycle. It’s not in the beginning, but you have to think about the product lifecycle and how I’m going to continue and do things like over-the-air updates and keep the product safe, the customer’s data safe and your IP safe. So those are those types of technology discussions that we’re going to be having.
BRIAN SANTO: Excellent. Tell us a little bit about the conference itself. How many days? Are there going to parallel tracks? Will they be single track? How’s the IoT Security Conference going to presented?
WAYNE DRAGON: Absolutely. There’s a day-day conference, October 15 and 16. So similar track for each day, where we’re going to set up and have an opening technology discussion or keynote.
That’ll be then followed by a panel where we have some industry leaders sharing the knowledge that they’ve learned about different technologies, whether it’s standards and regulations or maybe in other cases how do you do security implementation or how that’s affected by regulations.
And then the flow of the thing will have multiple technology presentations by key suppliers in the semiconductor industry. Those will be filled out.
And then after that, we have virtual booths set up where we have even more information where an engineer or a technology leader in a company can go in, learn about from the various people who are teaching us about the event, that lived it, that helped create these devices and technology solutions. So they can actually go to these different booths and get additional information, whether it’s webinars, downloadable information like AppsNotes or white papers. There’s going to be live chat capability so you can actually talk to the experts live during the sessions and go ahead and get some information right from those virtual booths. It’s definitely got a feel. We’re in a new world with our coronavirus, unfortunately, and so we’re trying to keep a person connection with you can actually chat and kind of converse live in those booth environments. So we really encourage people going and talking with those experts there as well.
BRIAN SANTO: Wow! It sounds really well thought-out. Wayne, thank you so much for your time. I appreciate it.
WAYNE DRAGON: You’re very welcome, and we look forward to having everybody come to the show and learn all about security and how they can get safer products to market faster.
BRIAN SANTO: I think we’re all hoping about that.
WAYNE DRAGON: Absolutely.
BRIAN SANTO: Take it easy, Wayne.
WAYNE DRAGON: Thank you. Bye-bye.
BRIAN SANTO: That was Arrow’s Wayne Dragon. After we wrapped the segment, Wayne mentioned the importance of an approach called secure by design. Many companies building IoT devices lack the resources to design in security. Some smaller companies, for example, might not be able to afford to hire someone dedicated to security. It’s also true that there just aren’t enough engineers with the relevant expertise to go around. Secure by design is an approach that makes security expertise available to companies that need it.
The address for the conference for anybody who wants to register for it is: www.arrow.com/securityexpo. (And securityexpo is all one word.) If you’re listening to this podcast after October 16, you can still go and review some of the content.
喜马拉雅
蜻蜓FM
