Projects/OWASP Embedded Application Security/Roadmap

Year 1

Reach out to embedded developers and embedded security experts to start discussing security challenges in embedded development lifecycle.

Create a list of the top risks and known security downfalls in embedded development.

Create an Embedded Security Tool resource list for testing

Create an ASVS for Embedded Applications

Year 2

Create a development cheat sheet for embedded developers to reference

Create a Secure development guide for embedded applications

-Will need developers who are comfortable with C/C++ for code snippets

-Will be in detail

Create a guide for testing embedded applications

Year 3

Create platform specific risk lists for embedded industries like Routers, IoT, etc Create an embedded application threat model describing its differences from normal software development

Year 4

Create security tool chains that can be used for embedded development