April 2017 Update
The prpl Foundation is an open-source, community-driven consortium with a focus on enabling the security and interoperability of embedded devices for the IoT and smart society of the future.
Below are the top announcements, articles, interviews and videos from Q1 2017. Enjoy!
Want to know more about the prpl Foundation and membership?
Best regards,
Art Swift, President, prpl Foundation
|
|
|
The prpl Foundation was @ Embedded World, Nuremberg March 14th, 2017. Cesare Garlati spoke on the panels: “United We Stand; Addressing the Bigger Challenges of IoT Security with Collaboration" and “How a New Hardware-Based Approach Can Fix Critical Areas of Embedded Computing Security." Other prpl members made their mark at the event with their own presentations tackling the advancement of embedded computing systems including Altran, Baikal Electronics, Imagination Technologies, Imperas Software, Intel, Intercede, Kernkonzept, Microsemi, Qualcomm, and Synopsys.
For a full line up of presentations, including those given by prpl and its members, click here.
|
|
|
Embedded World 2017 – IoT coming of age
IoT Security: Pushing the boundaries of resource constrained devices. The main theme running throughout was the challenge of pushing resource constrained devices to the limits. From a tech provider’s perspective, this was the most pervasive, well-defined issue being tackled at the show – how do we push the capabilities when it comes to functionality and security in low power devices with limited memory and minimal CPU resources?
|
|
|
Coping with the Internet of Unnecessary Things
It’s taken a while, but the Internet of Things (IoT) is finally mainstream. From smart homes with heating, entertainment and security systems to connected street lights and smart cities, the infrastructure has now been put in place to support a connected world. As such, we will see more and more applications spiral off of it.
|
|
|
The world’s great and good of the information security industry descended on San Francisco for RSA Conference 2017... by Cesare Garlati, Chief Security Strategist, prpl Foundation.
|
|
|
Feature Articles: prpl in the News
|
|
Article in Information Age, by Art Swift. The rate at which the Internet of Things (IoT) is growing is staggering and it’s potential is just being realised. Yesterday, IoT was simply in people's mobile phones and computers.
|
|
|
Don’t let that flying drone out of your sight: you never know where it might turn up next. Article in Engineering Technology with Cesare Garlati.
|
|
|
Security holes known as zero-day vulnerabilities can lie dormant for up to 10 years, a study has suggested... Via BBC News, with Art Swift.
|
|
|
The Internet of Things needs common standards to live up to its promise.
|
|
|
IoT experts join forces to secure the IofT and share best practise
AT&T, IBM, Nokia, Palo Alto Networks, Symantec and Trustonic are joining forces and combining their expertise to help tackle today's top Internet of Things (IoT) security challenges. The IoT Cybersecurity Alliance will combine industry-leading security providers and IoT experts. The group will research and raise awareness of ways to better secure the IoT ecosystem.
|
|
|
IBM, AT&T and Others Have Another Crack at IoT Security
IBM and AT&T have teamed up with several security vendors to form a new group focused on improving IoT security and influencing industry standards. The IoT Cybersecurity Alliance will also feature Symantec, Palo Alto Networks and UK smart device security firm Trustonic. Member organizations will collaborate on new research across IoT verticals including healthcare, connected car and industrial.
|
|
|
What The Metaspoilt Update Means For IoT Security
Reports have broken that the Metaspoilt tool, which can be used to maneuver through networks, servers and even OSes, is now being used to control the physical world. Researchers have discovered a new addition on Metaspoilt that extends Metaspoilts capabilities into hardware devices. Cesare Garlati, Chief Security Strategist at the prpl Foundation comments.
|
|
|
QEMU
Generic and open source machine emulator and virtualizer.
Learn more.
|
|
|
Prplwrt
Enabling carrier-grade features to complement OpenWrt.
Learn more.
|
|
|
Virtualization & Security
To enable multi-tenant, secure, software environments in datacenter, networking & storage, home, mobile and embedded.
Learn more.
|
|
|
Carrier Interest Group
Ensuring the technical needs of major international carriers are represented and communicated to the wider prpl community.
Learn more
|
|
|
Trust Continuum: Providing the guidance, APIs and framework for end-to-end trust.
Learn more
|
|
|
See the prpl Foundation Youtube channel!
Featuring a wide variety of technical and business videos.
Click here to view!
|
|
|
Smart Home Security Report
Research Findings from a prpl Foundation Study, September 2016. Smart device adoption has reached a tipping point - the smart home is already here! But, the smart home is woefully insecure due to users’ failure to follow best practices. Smart home users do prefer security to usability, and are prepared to take more responsibility.
Download the report here.
|
|
|
Prpl Security Framework Application Note
This technical note describes how to build and run a secure application according to the principles set forth by the prpl Security Guidance for Critical Areas of Embedded Computing. It demonstrates a real world implementation of the multi-domain security provided by the prplSecurity™ framework including: the prplHypervisor™, prplSecureInterVM™ communications, and prplPUF™ APIs.
Download the report here.
|
|
|
Security Guidance Note
Security is a core requirement for manufacturers, developers, service providers and other stakeholders who produce and use connected devices. Most of these – especially those used on the “Internet of Things” – rely on a complex web of embedded systems. Securing these is a major challenge, and failure to do so can result in significant harm to individuals, businesses and to nations. Guidance in this report provided by prpl Foundation will help stakeholders address the challenges to securing embedded devices.
Download the report here.
|
|
|
prpl.works is an online community by and for open source developers and users, highlighting the open source work of prpl Foundation and its members, to encourage collaboration across the community. Current subgroups include:
- prplSecurity™ – Links and resources from the prpl security engineering group
- Android MIPS – Tips and builds for Android integration with MIPS
- Linux MIPS – Tips, resources and a link to the Linux MIPS website
- prplWrt– Tips, resources and links to the prpl engineering group (PEG) supporting OpenWrt
- OVP – Forums, resources and links to the Open Virtual Platforms (OVP) website
- QEMU – Links and resources for developers needing Quick Emulator and virtualizer technology
See projects and application notes on prpl.works.
|
|
Technology You Can Use!
Open Source Software Supported by the prpl Foundation
|
|
Free open source code is available for the following programs:
- prplHypervisor: First of its kind hypervisor for enabling security through separation. Click here.
- System Configuration Abstraction Layer (SCAL): A pluggable abstraction API for accessing data models on OpenWrt/LEDE. Click here.
- prplPUF API: A standard API for Physically Unclonable Functions (PUFs). Click here.
- BoardFarm: A framework to automate testing of OpenWrt routers and other devices. Click here.
|
|
|
Our Members
The prpl Foundation would not be possible without the support of its member companies.
|
|
|
|
|
|
|
|