BEGIN:VCALENDAR
VERSION:2.0
PRODID:-//pretalx//cfp.osfc.io//osfc2020//speaker//9HPLTD
BEGIN:VTIMEZONE
TZID:CET
BEGIN:STANDARD
DTSTART:20001029T040000
RRULE:FREQ=YEARLY;BYDAY=-1SU;BYMONTH=10
TZNAME:CET
TZOFFSETFROM:+0200
TZOFFSETTO:+0100
END:STANDARD
BEGIN:DAYLIGHT
DTSTART:20000326T030000
RRULE:FREQ=YEARLY;BYDAY=-1SU;BYMONTH=3
TZNAME:CEST
TZOFFSETFROM:+0100
TZOFFSETTO:+0200
END:DAYLIGHT
END:VTIMEZONE
BEGIN:VEVENT
UID:pretalx-osfc2020-RAGN7M@cfp.osfc.io
DTSTART;TZID=CET:20201201T223000
DTEND;TZID=CET:20201201T230000
DESCRIPTION:With its rich feature set\, regular release cycle cadence\, and
  adoption into silicon vendors’ board support packages\, it is no wonder
  that the Open Source Das U-Boot bootloader has become so ubiquitous throu
 ghout products spanning a breadth of application domains.  However\, much 
 of what makes U-Boot so helpful to embedded systems engineers can be a dou
 ble-edged sword\; permissive functionality and readily available reference
  configurations represent a form of “security debt” that must be paid 
 off by the engineering teams integrating U-Boot into their product.  In bo
 th public research and private security assessments\, it is commonly found
  that devices are vulnerable to abuse as a result of product vendors faili
 ng to invest adequate time and effort into securing their U-Boot configura
 tions and customizations.\n\nThis talk will describe common security failu
 re patterns observed during security assessments of products using U-Boot\
 , introduce NCC Group’s “[Depthcharge](https://depthcharge.readthedocs
 .io)” toolkit built to support U-Boot security auditing\, and present it
 s new functionality that is aimed at providing engineering teams with a me
 ans to avoid inadvertent inclusion of functionality that may be an ill-fit
  for their specific security objectives.  At a higher level\, this talk ai
 ms to foster discussions about how we call all help ensure that product de
 velopment teams customize\, configure\, and deploy U-Boot more securely\, 
 such that end users remain safe.
DTSTAMP:20260415T162818Z
LOCATION:Main Stage
SUMMARY:Guiding Engineering Teams Toward a More Secure Usage of U-Boot - De
 leted User
URL:https://cfp.osfc.io/osfc2020/talk/RAGN7M/
END:VEVENT
END:VCALENDAR