Security of a product only becomes exciting when it fails: consumers start worrying whether their private data was exposed and vendors are (hopefully) scrambling to publish fixes. This talk presents the system and security architecture of a new, upcoming Yocto-based IoT OS that tries to avoid that by providing a base OS that protects against a variety of threats out-of-the-box so that vendors can focus on developing their value-add applications and appliances. In particular network and offline attacks are addressed, because devices will be deployed in hostile environments where neither the network nor people with physical access to the hardware can be trusted.
At the same time it is understood that not all devices are alike. Therefore the OS offers what we call “scalable security”: several different techniques are integrated and can be chosen when building images.