Skip to main content
Planet Zephyr

Insights from Zephyr Security Audit and Vulnerability Experiences – Flavio Ceolin & David Brown

The Zephyr® Project strives to deliver the best-in-class RTOS for connected resource-constrained devices, built to be secure and safe. Click here to learn more: https://www.zephyrproject.org

Insights from Zephyr Security Audit and Vulnerability Experiences – Flavio Ceolin, Intel & David Brown, Linaro, LTD

This talk navigates through lessons learned from real-world vulnerabilities and an external third-party code audit. In an era where embedded systems face escalating threats, ensuring the security of applications is paramount, and Zephyr emerges as a steadfast framework dedicated to fortifying the core of embedded development. The session commences with an exploration of the historical context of vulnerabilities reported in Zephyr, offering a retrospective view on the evolution of security measures within the framework. Attendees will gain a comprehensive understanding of the security challenges encountered by Zephyr and the proactive measures taken to address them. A pivotal aspect of the session will focus on dissecting the outcomes of external code audits conducted on Zephyr. It will discuss the findings, cover strategies employed to strengthen the framework, and share practical insights derived from this audit. This segment aims to empower developers with tangible knowledge to enhance the security posture of their Zephyr-based projects.

Benjamin Cabé