How to handle time on embedded systems?

See my previous post on What is the Device Identifier Composition Engine (DICE)?

How to securely handle time on embedded systems? Do you trust your time or not? What should you do if the certificate expires? Where do you sync your time from? These are all questions that routinely come up during the design of an embedded system and they often have very real security impacts. I talk about how to think about these questions and why, to a certain degree, they are the wrong question to ask.

Also, I show a fun demo of receiving the new time format from WWVB using the Everset ES100 receiver to pull the 60kHz BPSK signal from the air.

For a full list of my available trainings, check out Advanced Security
For consulting, contact us at Cryptotronix.

Leave a Reply