Reconciliation of Patch Management Methods for Smartcards and Similar Devices (A03b)
Smartcards and similar devices are key fundamentals building blocks of today’s security, being included within all devices such as mobile phones, smart home, IOT and getting their way within cars and industry 4.0 as elements of trust.
At ISCI working group we have been working since several years on an innovative approach to offer a quick turnover to deal with security questions and offer a timely answer to protect the security of the device and allowing a fast answer to potentially damageful security incidents. The approach received strong tractions and have been adopted by the Industry, as well as being recently adopted within the first draft of the EUCC. Also, recent work have been undertaken with the ISO working group in charge of the patch management approach to align the technical answers to approach patch management.
Within this presentation, we will present the landscape of patch mechanism, review the key elements required to be solved for the industry, presenting in details the new approach of the EUCC and the novelties introduced. As a conclusion, we will summarize the next steps in the domain, provide key recommendations for adoption in the Industry, and review how a strong collaboration of all entities can resolve the industry problem in a pragmatic way.