Hey! We have a new updated course

regarding Secure Development for Embedded Systems!

Learn how to safely use C/C++ in critical systems, including best practices for memory management, input validation, and error handling.

Writing Secure C/C++ code

Interested? Contact us!
3 days
Ask for price
Online training

Request more information

Lena Bernhardsson – SE, DK, NO
+46 (0) 40 59 22 09
lena.bernhardsson@nohau.se

Heidi Lehtomäki – Finland
phone: +358 40 196 0142
heidi.lehtomaki@nohau.fi

Security in Embedded Systems is important today and even more so in the future.

Learn ways to use C/C++ safely in critical systems and discover the Embedded system features for security. Secure embedded systems integrate numerous strategies and procedures to perfectly coordinate cybersecurity in the programming and equipment of embedded frameworks.

Security segments added to embedded systems can block the usefulness of a framework and affect the constant execution of the missions of the core systems. A secure embedded framework can use a security coprocessor to cryptographically guarantee the confidentiality and reliability of the framework while ensuring its usefulness.

Training format
• 3 days online training: 18 hours, 3 days, 6 hours each
• Course dispensed using the Teams video-conferencing system
• PDF course material (in English)
• Practical activities represent from 40% to 50% of course duration

Course Objectives
• Learn how to verify programs are in a secure state on startup and when calling out to other program
• Become familiar with MISRA C guidelines for the use of the C language in critical systems
• Learn ways to use C/C++ safely in critical systems
• Learn how to interpret the output of the MISRA C 2012 checking tool
• How to manipulate files and directories in a secure manner
• Discover how to protect your programs from malicious user input
• How to secure communication with TLS
• Embedded system hardware features for security
• Secure Software Development methodology and framework

Practical activities
– The trainer to answer trainees’ questions during the training and provide technical and pedagogical assistance through the Teams video-conferencing system
– One Online Linux PC per trainee for the practical activities
– The trainer has access to trainees’ Online PCs for technical and pedagogical assistance
– Some Labs may be completed between sessions and are checked by the trainer on the next session
– Downloadable preconfigured virtual machine for post-course practical activities

Introduction to embedded security

Embedded Security Trends
– Embedded Systems Complexity
– Network connectivity
– Reliance on Embedded Systems for Critical Infrastructure
– Processor consolidation

Security policies
– Perfect Security
– Confidentiality, Integrity, and Availability
– Isolation
– Information Flow Control
– Physical Security Policies
– Application-Specific Policies

Security Threats
Writing Secure C/C++ Code
– Safe use of pointers
– Memory allocation and corruption
– Buffer overflow
– Return Oriented Programming
– Core embedded Operating system Security Requirements
– String and format functions
– Integer security
– Concurrency
– File I/O

Exercise: Memory Overflow Attacks

Secure Coding

– Coding Standards
– Case Study: MISRA C:2012 and MISRA C++:2008
– Embedded C++
– Complexity Control
– Static Source Code Analysis
– Creating a Tailored – Organizational Embedded Coding Standard
– Dynamic Code Analysis

Exercise: Use of static analysis tools

Cryptography Overview
– Cryptographic Modes
– Block Ciphers
– Authenticated Encryption
– Public Key Cryptography
– Key Agreement
– Public Key Authentication
– Elliptic Curve Cryptography
– Cryptographic Hashes
– Message Authentication Codes
– Random Number Generation
– Key Management for Embedded Systems

Exercise: Memory Overflow Attacks

Transport Layer Security

– Secure communications
– Authentication
– IoT Protocols
– MQTT
– DTLS
– HTTPS
– CoAP
– TLS Implementation
– Wireless LAN Security and Threats

Exercise: Installing and using certificates
Exercise: Sending secure messages with TLS

Secure Embedded System Software Architecture
– Secure software architecture goals
– Least privilege, trust and secure processes
– Arm Platform Security Architecture (PSA)

Secure Embedded System Hardware Architecture
– Crypto-Accelerator Overview
– Arm TrustZone
– Secure boot and update
– Hardware options for security

Please contact us for more information!

Don't wait, call us now!