Loading…
28 - 29 August | Amsterdam, Netherlands
View More Details & Registration
Note: The schedule is subject to change.

The Sched app allows you to build your schedule but is not a substitute for your event registration. You must be registered for Linux Security Summit Europe 2025 to participate in the sessions. If you have not registered but would like to join us, please go to the event registration page to purchase a registration.

This schedule is automatically displayed in Central European Summer Time (CEST | UTC+2). To see the schedule in your preferred timezone, please select from the drop-down menu to the right, above "Filter by Date."
Friday August 29, 2025 13:45 - 14:30 CEST
This talk presents a fully open-source framework to achieve secure full disk encryption (FDE) for TPM-equipped Edge devices (IoT), balancing strong security guarantees with practical maintainability at scale. We address key features including automated disk unlocking and recovery, monitoring and remote access. The talk will cover the following:

* A fully verified boot chain, from EFI firmware through the initramfs. We'll cover which system components to verify and common pitfalls to avoid when setting up a secure boot chain.
* A newly-developed, open-source TPM PCR prediction mechanism enabling seamless reboots after kernel or initramfs updates.
* Automated disk encryption key onboarding and recovery using Tang and Clevis.
* Secure remote access and fleet observability while disks remain locked - using WireGuard, SSH, and Prometheus.
* Guidance on how to extend the initramfs (dracut) with your own tooling.
* Discussion of shortfalls and potential security risks

Our aim with this talk is to help you make FDE convenient, recoverable and monitored to make large-scale rollouts possible.
Speakers
avatar for Kobus van Schoor

Kobus van Schoor

Tech Lead, DataProphet
I’m a senior software engineer in the Edge team at DataProphet, a South-African company building a real-time data collection and analytics platform for manufacturers. Edge devices are fully remotely managed Linux-based factory appliances that collect data from a variety of datasources.I’m... Read More →
Friday August 29, 2025 13:45 - 14:30 CEST
G102-103

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Share Modal

Share this link via

Or copy link