21 hours (usually 3 days including breaks)
- Experience with embedded systems development.
- Embedded systems professionals
- Security professionals
This instructor-led, live training introduces the system architectures, operating systems, networking, storage, and cryptographic issues that should be considered when designing secure embedded systems.
By the end of this course, participants will have a solid understanding of security principles, concerns, and technologies. More importantly, participants will be equipped with the techniques needed for developing safe and secure embedded software.
Format of the course
- Interactive lecture and discussion.
- Lots of exercises and practice.
- Hands-on implementation in a live-lab environment.
Course Customization Options
- To request a customized training for this course, please contact us to arrange.
- Security vs embedded systems security
Characteristics of Embedded Application Security
- Embedded network transactions
- Automotive security
- Android devices
- Next-generation software-defined radio
Critical Aspects of an Embedded System
- Microkernel vs monolith
- Independent security levels
- Core security requirements
- Access control
- I/O virtualization
Performing Threat Modeling and Assessment
- Attackers and assets
- Attack surface
- Attack trees
- Establishsing a security policy
Developing Secure Embedded Software
- Secure coding principles
- Secure program design
- Minimal Implementation
- Component architecture
- Least privilege
- Secure development process
- Independent expert validation
- Model-driven design
- Code review and static analysis
- Security testing
- Peer code reviews
Understanding and Implementing Cryptography
- Cryptographic modes
- Cryptographic hashes
- Cryptographic certifications
- Managing keys
- Block ciphers
- Message Authentication Codes
- Random Number Generation
- Data-in-motion protocols
- Securing data in motion
- Data-at-rest protocols
- Securing data at rest
- Common software attacks
- Preventing side-channel attacks
Retrofitting Security in Existing Projects
- Securing bootloaders and firmware updates
Summary and Conclusion
Also provided a lot of curiously related interesting in some way with the subject
EduBroker Sp. z o.o.
Security models, discussion of good programming practices, various types of attacks.
Piotr Piątek - EduBroker Sp. z o.o.