Richard Barry joins David to talk about the role of the RTOS in IoT, the increasing complexities that need to be considered when connecting devices to the internet and how security must be a mindset from the beginning of product development. The discussion also covers the coordination of device-side and cloud-side security to look at patterns from a fleet of devices and prevent scalable attacks.

Minutes:

• Introducing Richard Barry and the FreeRTOS project [00:57]
  
• Breaking down what an RTOS is [2:04]
  
• Real-time use cases – the variety of real-time requirements [4:10]
  
• The increase in remote accessibility and the security challenges it brings [5:40]
  
• RTOS as the undifferentiating factor in devices [6:48]
  
• Internet connectivity and the increasing security complexities it brings [8:10]
  
• The role of Amazon in FreeRTOS - making development as quick and secure as possible [9:18]
  
• Knowledge gaps in a multi-disciplinary IoT [10:50]
  
• The relationship between the RTOS and Root of Trust [13:22]
  
• Reference integrations and standardized interfaces to ease the porting to hardware security [14:28]
  
• Developer security expertise – the challenge of new concepts, terminology and requirements [15:55]
  
• Practical challenges that come with scale [17:35]
  
• Developer considerations for lifecycle security [18:40]
  
• The importance of demonstrating and educating best practice [19:26]
  
• Awareness of the consequences of getting it wrong, the increased legislation and, inevitably, the increased use of the Root of Trust [21:36]
  
• The importance of security being the mindset from the beginning [22:37]
  
• Evolution of Open Source projects – being driven by market requirements, enabling scalability [23:30]
  
• Building confidence in FreeRTOS, with backing and credibility from Amazon [24:30]
  
• Simplifying the FreeRTOS software – making it smaller and decoupled to suit the diversified use cases [25:11]
  
• Futureproofed strategy for developers – reuse undifferentiating factors [26:42]
  
• Coordinating cloud and device security to prevent scalable attacks [27:33]
  

Learn more about PSA Certified www.psacertified.org