Tuesday, April 19, 2016 - 1:00pm to 4:30pm
Test Attack Patterns for Mobile, IoT, and Embedded Software
Mobile/IoT/embedded software teams are looking for ways to speed up development, testing, and deployment of products that wow users but don’t blow up in their faces. In the tradition of James Whittaker’s book series How to Break Software, Jon Hagar applies the “attack” pattern concept to identify and test for potential failures in these types of systems. Jon defines the environments of mobile, IoT, and embedded software, and examines common software failures found in hardware/software systems. He shares a set of patterns you can apply during pre-production testing or in a continuous test and delivery—DevOps—environment. Based on common modes of failure, the patterns are not “cookbook processes” but must be customized for particular contexts. With select context examples, Jon explains when, who, and how to conduct the pattern. Attack patterns will cover developer testing, continuous integration, deployment for trusted bases, hardware/software test attacks, and security. Teams will be able to apply these patterns immediately to evolve local practices and avoid team silos. Attendees can practice attacks on devices containing mobile, IoT, and/or embedded software―so bring your smart devices and phones.
NOTE: To practice attacks, participants can either use devices that Jon will provide or their smartphones.