Embedded Systems Security
-
COURSE DATES AND LOCATIONS
DATE
Duration
LOCATION
FEES
Book Now
-
INTRODUCTION
Embedded system offer many opportunities to economically and effectively control large infrastructure, small single purpose devices, and many products in between. But their use can also introduce vulnerabilities easily exploited to gain access to valuable data, alter device functionality, or impose other risks. This course will provide an understanding of those unique vulnerabilities in embedded systems that are commonly exploited. Discover techniques and strategies for integrating cyber security measures into products from the start. Through hands-on labs, examine emerging threats and learn to think like a hacker to gain the skills necessary to create more secure products.
-
COURSE OBJECTIVES
By the end of the course, you‘ll be able to:
- Encryption and authentication defensive technologies
- Foundations of cyber security and emerging threats
- Wireless networks and embedded systems
- Embedded hardware and firmware analysis
- Integrating security into the design process
- Secure software practices
- Advanced cybersecurity and threats applied to embedded systems
- Embedded systems cybersecurity engineering
- Risk Management Framework (RMF) for embedded systems cybersecurity assessments and control
- Integrating security into the your systems engineering processes
- Deriving embedded systems security functional requirements traceable to controls
- Offensive Hacking/exploitation techniques, tools, and embedded systems vulnerabilities
-
COURSE AUDIENCE
This course is made for :
- IT designers
- Software developers
- Cybersecurity developers
- Compliance security specialists
-
COURSE OUTLINE
Day One
Characteristics of Embedded Application Security
- Embedded network transactions
- Automotive security
- Android devices
- Next-generation software-defined radio
Critical Aspects of an Embedded System
- Microkernel vs monolith
- Independent security levels
- Core security requirements
- Access control
- I/O virtualization
Day Two
Performing Threat Modeling and Assessment
- Attackers and assets
- Attack surface
- Attack trees
- Establishsing a security policy
Day Three
Developing Secure Embedded Software
- Secure coding principles
- Secure program design
- Minimal Implementation
- Component architecture
- Least privilege
- Secure development process
- Independent expert validation
- Model-driven design
- Code review and static analysis
- Security testing
- Peer code reviews
Day Four
Understanding and Implementing Cryptography
- Cryptographic modes
- Cryptographic hashes
- Cryptographic certifications
- Managing keys
- Block ciphers
- Message Authentication Codes
- Random Number Generation
Data Protection
- Data-in-motion protocols
- Securing data in motion
- Data-at-rest protocols
- Securing data at rest
Day Five
Mitigating Attacks
- Common software attacks
- Preventing side-channel attacks
Retrofitting Security in Existing Projects
- Securing bootloaders and firmware updates