Crushed by the Wheels Industry
12-27, 11:30–12:30 (Europe/Berlin), HIP - Track 1 - Room 5
Language: English

We'll look at the role IT and software play in modern manufacturing, with a twist on the semiconductor industry. Since I'm a security guy, we'll mostly focus on the sorry state of that.

Semiconductor fabrication has been in the news a lot lately, not only because of the US government pulling the reigns down on American companies providing know-how and services to China. The actual manufacturing technology is controlled by a rather small playing field of companies. When it comes to software and IT architecture, some of them are stuck in the mid-90s, while others have apparently had some wake-up calls.
Security wise, the field is equally heterogeneous, but the manufacturers who are clearly oblivious to any security requirements greatly outnumber those with more solid precautions.
With average run times of machines and their software of 15-20 years the consequences can be drastic. We'll look at the state of things (with partially anonymized examples) , and some perspectives for the future.

Been in security for well over 20 years. Not sure if old school or just old. First computer was a Sinclair ZX81 that crashed when the 16kb expansion pack got too hot. Originally into software security, pen testing for a long time, I moved into (technical) security management a few years ago. Still enjoy breaking stuff, harassing developers and making fun of PHP.
Currently responsible for technical security in a multinational photonics company.