Talk

Secure by Design: Enhancing Embedded Firmware Resilience with SBOM-Driven Security Analysis

EOC 2026

Login to Watch

Amir Alavi

Seyed Amir Alavi is an embedded software engineer and control systems researcher passionate about building solutions for IoT, smart grid, industrial control systems, and communication networks. He enjoys utilizing tools like real-time operating systems and embedded Linux, with a keen interest in model-based control system design. During his PhD at Queen Mary University of London, Amir explored distributed multi-agent control systems using wireless communication protocols. He is an active open-source contributor, notably to Riverlane’s Aqueduct platform for quantum experiment management, where he supported development of Aqueduct Core and PyAqueduct, and to ActiveCpp, a C++ framework for real-time embedded systems, enhancing its event-driven Active Object model. Previously, he contributed to control systems for quantum computers at Riverlane. Now at Roku, Amir is excited to support the development of streaming media technologies, helping enhance user experiences.

View full profile

Talk

Secure by Design: Enhancing Embedded Firmware Resilience with SBOM-Driven Security Analysis

Amir Alavi

EOC 2026

Amir Alavi

As embedded devices continue to permeate critical applications, ensuring their security from the earliest stages of development has never been more essential.

This talk explores practical strategies for building ESP32-based products that are “secure by design,” with a focus on integrating Software Bill of Materials (SBOM) practices into the firmware lifecycle. Attendees will learn how SBOM security analysis tools can uncover hidden vulnerabilities, strengthen supply-chain trust, and streamline compliance efforts.

Using real-world examples from ESP32 firmware development, the session demonstrates how developers can incorporate automated analysis, dependency tracking, and continuous security validation to deliver robust and resilient embedded systems.

Formatting help

italics	surround text with asterisks
bold	surround text with two asterisks
hyperlink	[hyperlink](https://example.com) or just a bare URL
code	surround text with `backticks`
~~strikethrough~~	surround text with ~~two tilde characters~~
quote	prefix with >

Upvotes Newest Oldest

No comments or questions yet. Be the first to start the conversation!

Partners & Sponsors

AdaCore

Saleae

Become a Sponsor