US Cyber Trust Mark: Is your firmware ready?
10-10, 10:30–11:00 (US/Pacific), Main Track

How the forthcoming "US Cyber Trust Mark" certification may impact firmware development and the devices it is installed on, as well as some of the unique challenges Open Source projects will face in trying to address the certification requirements and process.

The US FCC has announced a voluntary certification program for “smart devices”, using testing standards developed by NIST, aiming to establish a baseline for security of home appliances and IoT devices, with plans to include WiFi devices, routers, smart meters, and power inverters. These certification will ensure strong default passwords, personal data protections, and guaranteed software and security updates for the design lifetime of the device. More than just another certification logo, devices will have a QR code to allow consumers to verify that the device has retained its certified status in the evolving cybersecurity landscape.

We examine what it will mean to get firmware and operating system images ready for the certification process, how to lessen the cost of maintaining older platforms, and the unique technical and organization challenges faced by open source projects when undertaking industry certification. How can open source firmware projects prepare to lead the way in getting more secure appliances and IoT devices to market faster?

CTO and co-Founder of Klara Inc., Allan has been a part of the FreeBSD community since 1999 and an active participant in the OpenZFS community since 2013. The co-author of "FreeBSD Mastery: ZFS" and "FreeBSD Mastery: Advanced ZFS", Allan is an expert in operating systems and storage.