Softwareentwicklung (Windows, Linux, Mobile)
Requirements Engineering
Hier finden Sie Termine und Anmeldung zum Präsenz-Training. Für das Live-Online-Training klicken Sie bitte hier.
Security: Sicherheit von Embedded-Systemen im Kontext der funktionalen Sicherheit
Sie wissen um potentielle Sicherheitslücken in eingebetteten Systemen (embedded systems), wie z.B. IoT und können daraus entstehende Gefahren einschätzen (Risikobewertung).
Effiziente Lösungsansätze erlauben, diese Lücken mithilfe von ausgewählten IP-Blöcken und/oder Strategien zu schließen.
Ihre Vorteile:
Effektiver und zeitsparender Einstieg in die Gesamtthematik
Praktische Tipps zu Security und Safety
Templates auf USB-Stick oder als Download.
Hardware- und Software-Architekten, Hardware- und Software-Entwickler, Testingenieure, Projektmanager, Systemingenieure
Erfahrung im Zusammenhang mit Embedded-Systemen sowie Grundkenntnisse im Bereich Safety
Threats and Attack Scenarios
- Security Incidents
- Concerns
- Applications
- Authentication
- Communication Protocols
- Terms and Definitions
- Vulnerabilities
- Impacts
- A Case Study
- Defense In Depth
- Classes of Attackers
- Security - an Ongoing Process
- Security by Design
- The Security Mindset
- The Management Challenge
- Security Development Lifecycle (SDL)
- Threat Models
Risks and Efforts
- Procedure
- Classic Approach to Risk Management
- The Assurance Matrix
- Risk Matrix Concept
- TARA
- Determining a Generic Method for Risk Assessment
- New Approach to Risk Management
- A Glimpse into IT Security Risk Assessment
- Security Goals
- Selected TARA Methods and Vulnerability Analysis
- EVITA
- TVRA
Generic Application of Countermeasures
- Security Principles
- List of Examplary Countermeasures
- Countermeasures as Requirements
- Industry and Government Security Initiatives
- Cryptography
- Defense in Depth
- Security Zones
- Security Conduits
- EVITA
- HIS - SHE
- ARM Security
- Security Development Lifecycle (SDL)
- Software Security Matters
- Trusted Platform Module
- Security Testing Methods
Selected Vulnerabilities and Countermeasures
- Stack Based Buffer Overflow
- Code Reuse
- Countermeasures
- Boundary Error Vulnerabilities
- Memory Management and Security
- Debugging and Security
Norms and Standards
- Partial ISO/IEC List
- Other Standards and Work
- IEC 62443
- Certification
- SAE J3061™
Security in a Safety Context
- Safety and Security Differences
- Subsets of Product Assurance
- Relations between Safety and Security
- Leveraging Commonalities
- Security in Safety Norms
- Rules for Industrial Control Systems (ICS)
- Inheritance of Safety Principles
- Comparisons
- Communication Paths
HINWEIS: Die Kursunterlagen sind auf Englisch
Offenes Präsenz-Training
Onsite-Training
Coaching
Security: Sicherheit von Embedded-Systemen im Kontext der funktionalen Sicherheit
Inhalt
Threats and Attack Scenarios
- Security Incidents
- Concerns
- Applications
- Authentication
- Communication Protocols
- Terms and Definitions
- Vulnerabilities
- Impacts
- A Case Study
- Defense In Depth
- Classes of Attackers
- Security - an Ongoing Process
- Security by Design
- The Security Mindset
- The Management Challenge
- Security Development Lifecycle (SDL)
- Threat Models
Risks and Efforts
- Procedure
- Classic Approach to Risk Management
- The Assurance Matrix
- Risk Matrix Concept
- TARA
- Determining a Generic Method for Risk Assessment
- New Approach to Risk Management
- A Glimpse into IT Security Risk Assessment
- Security Goals
- Selected TARA Methods and Vulnerability Analysis
- EVITA
- TVRA
Generic Application of Countermeasures
- Security Principles
- List of Examplary Countermeasures
- Countermeasures as Requirements
- Industry and Government Security Initiatives
- Cryptography
- Defense in Depth
- Security Zones
- Security Conduits
- EVITA
- HIS - SHE
- ARM Security
- Security Development Lifecycle (SDL)
- Software Security Matters
- Trusted Platform Module
- Security Testing Methods
Selected Vulnerabilities and Countermeasures
- Stack Based Buffer Overflow
- Code Reuse
- Countermeasures
- Boundary Error Vulnerabilities
- Memory Management and Security
- Debugging and Security
Norms and Standards
- Partial ISO/IEC List
- Other Standards and Work
- IEC 62443
- Certification
- SAE J3061™
Security in a Safety Context
- Safety and Security Differences
- Subsets of Product Assurance
- Relations between Safety and Security
- Leveraging Commonalities
- Security in Safety Norms
- Rules for Industrial Control Systems (ICS)
- Inheritance of Safety Principles
- Comparisons
- Communication Paths