Overview Threat modling is a type of security analysis: Analysis Target: representations of a system Analysis Goal: highlight concerns about security and privacy characteristics. There are 4 key questions in threat modeling: What are we working on? (Target) What can go wrong? (Threat Analysis) What are we going t...
Todo Tools Trivy: Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more
Motivation With SBOMs, we can do the following things: Using a Vulnerability Scanner to find potential vulnerabilities Determine whether a vulnerability we’ve discovered actually presents a risk to our device. These two things are different, sometimes we can scan a lot of vulnerabilities, but it also often happen...
Risk Management (for MDMs, Medical Device Manufacturers) Risk management involves risk evaluation, risk control, … Risk evaluation: SBOM can provide detailed information about the software components, then with the external vulnerability databases, MDMs can identify potential vulnerabilities, including their risk s...
Overview Along the way of generating, distributing, and maintaining SBOMs, what kind of challenges may MDMs face? Challenge 1: SBOM for Currently Marketed/Legacy Devices SBOM actually is a quite new concept, generating SBOM for older devices may be difficult, even for basic information and elements. Potential Soluti...
Prologue Today (2026-02-15), I got a new perspective on note-taking. Taking notes is not about collecting information and rewarding yourself, to feel like you’ve worked hard, but MAKE CONNECTIONS. To make connections, you need to structure your notes at the lowest level as individual “cards” (basically talking about...
An overview of Agile methodology and tools used in project management.
Overview Focus on: the teaching of recitations that accompany large lectures A recitation is a small, instructor- or TA-led class that accompanies a large lecture and focuses on reviewing, practicing, and discussing the lecture material. Important things before the main course: Don’t follow advice that makes you ...
Overview of Signal Processing It all starts with sensors. Sensor: something that can record the environment, bring that information into the digital world. That’s when signal processing begins. Diverse of Signals Electromagnetism Electromagnetic signals are generated by the movement of charged particles. They can ...