Reference and research for connected-product security.

2026-06-19

Dark Factories and Dark Logistics - The Cybersecurity Risk of Lights-Out Operations

A threat model for automated factories and logistics sites where robots, WMS, MES, PLCs, AMRs, RFID, and cloud dashboards turn cyber incidents into physical downtime.

2026-06-19

Can a USB-Charging Device Steal Data? Lessons from the Sex Toy Malware Case

A careful security analysis of the viral USB-charging gadget malware story, removable-media risk, BadUSB behavior, and practical controls for consumer IoT and corporate laptops.

2026-06-19

IoT Threat Landscape 2026 - Edge Devices Are Becoming Attacker Infrastructure

A practitioner threat model for IoT risk in 2026: routers, DVRs, gateways, serial converters, RFID readers, and unmanaged edge devices as botnet, proxy, and lateral-movement infrastructure.

IoT Supply-Chain Vulnerabilities — A Procurement and Architecture Framework for 2026

A three-dimension Procurement Responsiveness Profile for IoT supply-chain risk decisions, with CWE-category methodology, vendor responsiveness analysis, and architectural guidance for connected-product teams.

MLPS Compliance Pathways for Overseas SaaS — A Structured Decision Framework

Four-pathway taxonomy for overseas SaaS evaluating mainland-China market entry — direct, hosting-partner, overseas-served, and subsidiary structures with MLPS, PIPL, DSL implications.

Prompt-Injection Defense Architecture — The Five-Family Posture Matrix

A five-family defense taxonomy mapped to five deployment shapes — the Posture Matrix for prompt injection defense across consumer, enterprise, agentic, RAG, and high-authority LLM systems.

The Five-Boundary Attack-Surface Taxonomy for LLM Applications

A five-boundary taxonomy for production LLM application attack surface — input, retrieval, tool-integration, output, and persistence — with attack classes, defense families, engineering ownership, and cross-boundary scenarios.

TARA Quality Anti-Patterns — A Practitioner Catalog and Four-Question Review Protocol

Seven recurring quality anti-patterns in ISO/SAE 21434 TARA execution, with cause, consequence, and remediation pattern for each — plus a four-question review protocol that surfaces most catalogued issues within an hour.