This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
Difference between revisions of "Projects/OWASP Embedded Application Security/Roadmap"
Aaron.guzman (talk | contribs) |
Aaron.guzman (talk | contribs) |
||
| (One intermediate revision by the same user not shown) | |||
| Line 6: | Line 6: | ||
Create an Embedded Security Tool resource list for testing | Create an Embedded Security Tool resource list for testing | ||
| + | |||
| + | Create an ASVS for Embedded Applications | ||
'''Year 2''' | '''Year 2''' | ||
| Line 12: | Line 14: | ||
Create a Secure development guide for embedded applications | Create a Secure development guide for embedded applications | ||
| − | -Will need developers who are comfortable with C/C++ for code snippets | + | |
| − | -Will be in detail | + | ''-Will need developers who are comfortable with C/C++ for code snippets'' |
| + | |||
| + | ''-Will be in detail'' | ||
Create a guide for testing embedded applications | Create a guide for testing embedded applications | ||
Latest revision as of 17:41, 11 March 2015
Year 1
Reach out to embedded developers and embedded security experts to start discussing security challenges in embedded development lifecycle.
Create a list of the top risks and known security downfalls in embedded development.
Create an Embedded Security Tool resource list for testing
Create an ASVS for Embedded Applications
Year 2
Create a development cheat sheet for embedded developers to reference
Create a Secure development guide for embedded applications
-Will need developers who are comfortable with C/C++ for code snippets
-Will be in detail
Create a guide for testing embedded applications
Year 3
Create platform specific risk lists for embedded industries like Routers, IoT, etc Create an embedded application threat model describing its differences from normal software development
Year 4
Create security tool chains that can be used for embedded development
