This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

Difference between revisions of "Updating and Patching The Internet of Things"

From OWASP
Jump to: navigation, search
(Background)
(Background)
Line 1: Line 1:
 +
Note: This page is a work in progress to capture major ideas on the topic. It will be formalized as the community provides more information and review.
 +
 
= Background=
 
= Background=
  
Line 6: Line 8:
 
* [[OWASP_Internet_of_Things_Top_Ten_Project | OWASP Internet of Things Top 10]] & [[Top_10_2014-I9_Insecure_Software/Firmware | #9 Insecure Software/Firmware]]
 
* [[OWASP_Internet_of_Things_Top_Ten_Project | OWASP Internet of Things Top 10]] & [[Top_10_2014-I9_Insecure_Software/Firmware | #9 Insecure Software/Firmware]]
  
=
+
= Major Topics =
 +
 
 +
== Seamless & Reliable Update vs Secure Update ==
 +
Explain the difference in the intent of the topics
 +
 
 +
== Different Categories of IoT Devices==
 +
Life impacting vs internet as a feature
 +
* Category 1 - Medical & other life impacting systems, cars, what else?
 +
* Category 2 - Non-life systems - Ovens, refrigerators, pedometers, thermostats
 +
 
 +
=== Methodology to Determine Cat 1 vs Cat 2 ===
 +
Prescriptive process to determine if an IoT is cat 1 or cat 2

Revision as of 18:19, 26 August 2014

Note: This page is a work in progress to capture major ideas on the topic. It will be formalized as the community provides more information and review.

Background

Discussion on OWASP-Community mailing list - Internet of Things and criticality of patching

Major Topics

Seamless & Reliable Update vs Secure Update

Explain the difference in the intent of the topics

Different Categories of IoT Devices

Life impacting vs internet as a feature

  • Category 1 - Medical & other life impacting systems, cars, what else?
  • Category 2 - Non-life systems - Ovens, refrigerators, pedometers, thermostats

Methodology to Determine Cat 1 vs Cat 2

Prescriptive process to determine if an IoT is cat 1 or cat 2