Product Design (Hardware) Part 2

Video Activity
Join over 3 million cybersecurity professionals advancing their career
Sign up with

Already have an account? Sign In »

8 hours 10 minutes
Video Transcription
Hi, I'm Matthew Clark. This is Lesson 5.2, Project Design Hardware, Part two. In this lesson, we will continue our discussion of the product development process by taking a look at Phase one, consisting of concept, feasibility and design. So let's get started. Let's begin our conversation
by reminding ourselves what phase one of the product development process looks like.
This includes concept where we create a mock up
feasibility where we create the product and security requirement documents and design a proof of concept
and design where we create engineering validation tests.
So let's begin with the concept stage. This is basically where you mature an idea the dream it up stage, so to speak.
It starts with a concept. In the output is a mock up that doesn't look anything like a finished product. It could be cardboard and straws and duct tape or clay or even a drawing on a napkin.
The idea is to create an M v. P. A minimal, viable product.
If you've ever walked through a new product development engineering team, then you kind of know what this looks like. There's equipment stacked up against the wall. There's parts for this and that there's a three D printer whirling away in the corner and hushed but excited conversations. You know how wild and crazy these engineers could get.
But the output is generally just one unit
and the security to be considered it. This stage is really the security that has to be built in Azaz, part of an initial design. And the output from a security standpoint is really offering a security architecture er and designing privacy requirements.
And it may be really difficult to think of security when you're still sketching out your idea on a napkin and a McDonald's drive through, but one of the most important security activities that you can prepare for us a sip. So is for this. These types of security discussions and having meaningful security awareness touch points
throughout the year, with through engineers and designers and product managers,
so that when a new product does come along and is approved, then you're sips. Those team is brought in, you know, at the beginning,
and the Simpsons team needs to be part of that engineering team so that they're not seen as the gal crashing the party and bringing everyone down with Oliver fear, uncertainty and doubt.
Another important part is to have an agreed upon security framework already in place because it gives the sip so and the engineering team of frame of reference for security. You never want the first time for your engineering to consider security to be when they're already getting ready to mass produce an item or
or after they settled on design requirements, either, for that matter.
The feasibility stage is where we move from a concept to a proof of concept.
The output here is to create specifications.
The product requirement document. The PRD will capture any specifications that are required for the product, and the Simpsons team would also be building and designing security requirements as well.
The idea is to move from a general concept to approval concept through the companies to find design iteration process,
and you'll use pre billboards and components such like digi key components
and different teams that work together to evaluate and test hardware and software and perform a technical analysis. And this might include the firmware team, a software team and electrical and mechanical engineers,
as well as marketing departments for market trends and analysis and competitive analysis
and that's really where you begin. Thio make your key component selection. The output at this stage is 123 units, and the security at this stage is really where the Sip SOS team will start their threat modeling process.
So let's discuss the design stage.
This is where the engineering verification that DVT occurs, it's the design it stage, so to speak.
It's part of the overall time to market.
The O. E. M. At this stage will have an overall design that they're comfortable in going into production with the product does not move out of the E V T stage until all the functional requirements are matched in the hardware provides the results expected from the product requirements document.
The purpose of the design stage
is to create a system design to create the PCB design a layout,
UM toe have a mechanical design completed and to begin software development and bias creation.
So the design stage really leads to the building materials creation, which we'll talk about in a future lesson. And this isn't really the first time that the OM engineers will try to build units using manufactured parts, not prototype parts.
The parts that were made on hard tools that will be also be used in production, such as injection molding, not on prototype or three D printed parts.
The engineers will also use custom built PCBs instead of pre built ones. This includes custom stencils and mask that will need to be made to fabricate the I O. T products, custom electrical boards and custom tools to machine non plastic parts like Medals and Woods, etcetera.
This validates the PCB itself and that all the components and the functionality will work. As expected.
The printed circuit board is that greenish colored board that connects the silicone ship and the other components along a conductive pathway.
This is where the OM engineers will also need to deal with all other types of problems. Assed different batches were made. They'll find different variances and the output in conditions, and they'll be busy trying to fix the tooling issues. While they also develop other tooling molds and work with injection molding issues,
they'll be snaps and fits. It will need to be be bad need to be fixed,
as well as cosmetic issues like lines, increases
or even color mixing issues.
Dealing with all these issues, along with electrical parts such as like L. E D S Brar, who aren't as bright as it should be. Our components don't work like batteries that mind the whole charge or have recharging issue.
And on the security side, you'll find bios. Settings will need to be verified and firmware bugs. It'll occur. His software engineers test the product,
and, of course, the product will need to be tested for thermal and power. And am I stress as well?
So what does the cycle process really look like? A. This stage well for a small company, and it's their first product. You probably look trying toe look at producing 1 to 10 units, and for a large company or a company working on the next gen product, you probably start with 5 to 10 units and end with a batch of 50 units.
So what's gonna be happening with security at this stage?
Well, the sips of staff will continue working on threat modeling that will be developing attack trees, assistant secure coding, providing vulnerability analysis, and could bill of material reviews as well a software license reviews and there's a lot of different activities will be going on.
Certainly, if products security has not engaged to begin with at this stage,
then it'll be behind, Really, for the rest of the product design process, forced to play catch up
and it's always much better of security is involved in the beginning part of the process.
Well, that's it for this lesson. So what do we talk about? Well, we continued our trip into the mysterious world of product design. We discuss product development process focused on Phase one, the concept, feasibility and design.
I'll see you next time.
Up Next
IoT Product Security

This course will focus on the fundamentals of how to set up a functioning IoT product security program from the perspective of a company that designs, manufactures, and sells IoT and IIoT devices for consumer or industrial use.

Instructed By