How Will IoT Applications Be Able to Build Upon a Security Resilient Eco-System? (R20b)
IoT applications consist of multiple components, including silicon chips, root-of-trust software, system software, protocol stacks, and the application itself. These components often originate from different developers or suppliers, including third-party binaries and open-source software, and may have interdependencies. Organizations placing IoT products on the market must ensure the security of their entire supply chain.
To achieve resilience across the ecosystem, open-source communities must align on long-term supported (LTS) versions to maintain compatibility and security updates. However, maintaining products becomes increasingly difficult as software evolves rapidly, breaking APIs and shortening patch availability periods. This talk explores the challenges of aligning the ecosystem, maintaining innovation, and addressing the legal responsibilities of open-source communities that underpin IoT product security.
