Advanced Security for Embedded Systems

Advanced Security for Embedded Systems

Advanced Security for Embedded Systems

Description

Security
Next course date: 20-21/06/2024
Place: Online
Enrol by: 17/05/2024
Language: English
Price: 2.160 EUR
Price: 24.945 SEK
Price: 16.100 DKK

Request more information

Magnus Kindberg (SE, NO)
Phone: +46 (0)40 59 22 22
magnus.kindberg@nohau.se

Heidi Lehtomäki – Finland
phone: +358 40 196 0142
heidi.lehtomaki@nohau.fi

Klaus Ahrensbach – Denmark
Phone: +45 3116 1019
ka@nohau.dk

In this course you will learn how to secure your embedded system. You will learn how to protect your program from malicious user input. You will also understand the use of hypervisors and virtualization of the system, and discover controls and tools for embedded security. You will also have hands-on exercises with topics such as memory protection unit (MPU) and secure boot. 

Advanced Security for Embedded Systems

2-day training online.

Course objectives

  • Understand the fundamental concepts and importance of embedded security, and recognize
    the key standards related to embedded systems security.
  • Comprehend the hardware security features in embedded systems
  • Analyze the concepts of key management in embedded devices
  • Identify the operating system security overview
  • Evaluate the advanced data protection and secure communication techniques
  • Apply testing for security in embedded systems.
  • Develop strategies to mitigate security threats and vulnerabilities

Prerequisities

  • Familiarity with computer architecture
  • Programming skills: Some programming experience, particularly in C
  • Knowledge of embedded systems implementations
  • Basic understanding of Security Algorithms and Secure coding
  • See also:
    – Secure Development for Embedded System

Course environment

  • Instructor-led training online.
  • Students will be given access to a shared filesystem to save and share their work.
  • PDF course material (in English)

Overview to embedded security and Standards

  • Introduction to Embedded System Software
  • Embedded System Security
  • Secure Software Design for Embedded Systems
  • Cryptography for Embedded Systems
  • Authentication and Authorization
    in Embedded Systems
  • Secure Communication in Embedded Systems
  • Secure Boot and Firmware Updates
  • Threat Modeling for Embedded Systems
  • Security Analysis and Penetration Testing
  • Hardening Techniques for Embedded Systems
  • Case Studies of Embedded System Security
  • Emerging Trends in Embedded System Security
    -Internet of Things (IoT) Security
    -Cyber-Physical Systems (CPS) Security
    -Security of Autonomous Systems
  • Security related standards

Exercise: Secure boot and firmware protection

Embedded Hardware Security

  • ARM TrustZone and Intel SGX
    -Hardware implementation
    -Secure and non-secure world
  • Memory Protection and Memory Virtualization
  • Hypervisor and Virtualization
    -Introduction to Hypervisor and Virtualization
    -Hardware Virtualization
    -Software Virtualization
    -Hypervisor Architecture
    -Secure Virtualization
    -Applications of Hypervisor and Virtualization
    -Hypervisor Management and Administration
    -Future Trends in Hypervisor and
    Virtualization
  • Trusted Platform Module (TPM)
  • Hardware security Module (HSM)
  • Cryptographic Accelerator in embedded
    devices
  • Overview of Embedded SoC implementations
    with security features

Exercise: Secure application development on a
secured hardware (TrustZone security)

Key Management in Embedded Devices

  • Introduction
    -Definition of provisioning and key
    management
    -Importance of provisioning and key
    management
    -Overview of the chapter
  • Provisioning Fundamentals
    -Definition of provisioning
    -Types of provisioning (e.g., over-the-air,
    physical)
    -Provisioning challenges
    -Provisioning architectures
  • Key Management Fundamentals
    -Definition of key management
    -Types of keys
    -Key generation, distribution, and storage
    -Key usage and revocation
    -Key management challenges
    -Key management architectures
  • Provisioning and Key Management in Practice
    -Provisioning and key management challenges
    in specific contexts (e.g., IoT, cloud, mobile)
    -Provisioning and key management
    architectures for specific contexts
  • NIST SP 800-57 recommendations:
    -General Key-Management Guidance
    -Protection Requirements for Key information
    -Key states and transitions
    -Key Management phases and functions

Operating system Security overview

  • Introduction
  • Security Basics
  • Security Components
  • Cryptography
  • Kernel Security
  • Server Security
  • Security Tools
  • Cloud Security
  • Linux and Compliance
  • Future Trends in Linux Security
    -Containerization and Orchestration
    -Machine Learning and Artificial Intelligence
    -Quantum Computing

Advanced Data protection and Secure
Communication

  • Data at Rest security
    -Overview of Data at Rest Security
    -Encryption of Data at Rest
    -Secure Storage
    -Key management for data at Rest
    -Data backup and Recovery
    -Compliance and standards for
    data at rest security
  • Data in Motion Security
    -Ethernet Security Protocols
    -IPSEC Protocol
    -TLS/SSL Protocol
    -DTLS Protocol
    -VPN Protocol
    -SSH Protocol
    -WLAN Security
    -Bluetooth Security
    -Zigbee Security
    -RFID Security

Exercise: TLS communication

Testing for Security – Fuzz-Testing and
Penetration Testing

  • Introduction to Testing for Security
  • Fuzz-Testing
  • Designing Fuzz-Testing
  • Implementing Fuzz-Testing
  • Penetration Testing
  • Designing Penetration Testing
  • Implementing Penetration Testing
  • Integration of Fuzz-Testing and Penetration
    Testing

Exercise: Fuzz Testing

Please contact us for more information!

Don't wait, call us now!