Talk Title:

Why Fault Injection is the attacker's weapon of choice in the IoT era

Abstract:

The IoT revolution brought us many useful devices, but also leads to strong attacker interest. We first look at the emerging IoT business models and show how these enable and stimulate a further growth of physical attacks. While Fault Injection initially seems less attractive than logical attacks, we observe a strong surge in their application and success. Our analysis shows that this can be explained by the abundance of exploitation opportunities in the software. Also, the increased availability of powerful tools contributes to its popularity. We conclude that an increased awareness is needed for IoT developers because understanding is the first step towards mitigation.

Speaker Bio:

Marc Witteman has a long track record in security testing. He wrote many articles ranging from hardware to software topics, and spoke at dozens of conferences, including RSA, Embedded World, and Hardwear.io