Securing Software Updates for IoT devices with TUF and Uptane

By Ricardo Salveti, Open Source Foundries

Software update is a critical and basic feature for any IoT product, but a traditional update system doesn’t protect the connected devices from the many different threats currently explored in the world of Internet of Things. This talk will introduce the software update frameworks TUF (The Update Framework) and Uptane (TUF extended for the automotive industry) and show how a traditional Linux Embedded product can be extended in order to create an update solution designed to protect against nation-state attacks.


Ricardo Salveti has over 12 years of experience developing Linux Embedded products, working for companies such as IBM, Nokia (INdT), Canonical, Linaro and now as Principal Engineer at Open Source Foundries. Has a large experience working with kernel, bootloader, Android BSP/HAL, Debian/Ubuntu and OpenEmbedded/Yocto, with direct contributions to several upstream projects and speaking in several conferences such as Embedded Linux Conference, Linaro Connect and others.