Experience Embedded

Professional Training, Consulting and Project Support

Security of Embedded Systems in the Context of Functional Safety

  • Content
     
  • Objectives
     
  • Participants
     
  • Requirements
     

You know about potential security vulnerabilities in embedded systems, such as in the context of IoT, and you learn how to assess the related risks (risk assessment).

Efficient solutions help you minimize these vulnerabilities by means of specific IP blocks and/or strategies.

Your benefit:

Efficient and compact jump-start into the overall topic

Practical tips on safety and security

Templates on USB stick or as download.

Hardware and software architects, hardware and software developers, test engineers, project managers, system engineers

Experience with embedded systems as well as basic knowledge of safety

Threats and Attack Scenarios

  • Security incidents
  • Concerns
  • Applications
  • Authentication
  • Communication protocols
  • Terms and definitions
  • Vulnerabilities
  • Impacts
  • A case study
  • Defense in depth
  • Classes of attackers
  • Security - an ongoing process
  • Security by design
  • Security mindset
  • Management challenge
  • Security development lifecycle (SDL)
  • Threat models

Risks and Efforts

  • Procedure
  • Classic approach to risk management
  • Assurance matrix
  • Risk matrix concept
  • TARA
  • Determining a generic method for risk assessment
  • New approach to risk management
  • A glimpse into IT security risk assessment
  • Security goals
  • Selected TARA methods and vulnerability analysis
  • EVITA
  • TVRA

Generic Application of Countermeasures

  • Security principles
  • List of exemplary countermeasures
  • Countermeasures as requirements
  • Industry and government security initiatives
  • Cryptography
  • Defense in depth
  • Security zones
  • Security conduits
  • EVITA
  • HIS - SHE
  • ARM security
  • Security development lifecycle (SDL)
  • Software security matters
  • Trusted platform module
  • Security testing methods

Selected Vulnerabilities and Countermeasures

  • Stack based buffer overflow
  • Code reuse
  • Countermeasures
  • Boundary error vulnerabilities
  • Memory management and security
  • Debugging and security

Norms and Standards

Partial ISO/IEC List

  • Other standards and work
  • IEC 62443
  • Certification
  • SAE J3061™

Security in a Safety Context

  • Safety and security differences
  • Subsets of product assurance
  • Relations between safety and security
  • Leveraging commonalities
  • Security in safety norms
  • Rules for industrial control systems (ICS)
  • Inheritance of safety principles
  • Comparisons
  • Communication paths

The training price includes:
Lunch, drinks, training documentation and your training certificate.


ALL INCLUSIVE!

Related trainings

Functional Safety of Electronics and Software: Implementation Compliant with IEC 61508 and ISO 26262
Training code: E-SAFETY


Related trainings

Trainings

DatePrice *Duration
24.10. – 24.10.2019700,00 €1 day 
09.07. – 09.07.2020700,00 €1 day 
Training code: E-SECURITY
* Price per attendee, in Euro plus VAT


> Registration form download (PDF)
> Training details as PDF

Onsite Training

Our customized workshops integrate your specific project tasks in our training content and accommodate your requirements on content, time, location, duration, technical environment and knowledge transfer methodology.

Please contact us for further information or an individual quotation.

> Training details as PDF

Coaching

Our coaching services offer a major advantage: our specialists introduce their expertise and experience directly in your solution process, thus contributing to the success of your projects.

Coaching: Embedded and Real-Time Programming

Security of Embedded Systems in the Context of Functional Safety

Content

Threats and Attack Scenarios

  • Security incidents
  • Concerns
  • Applications
  • Authentication
  • Communication protocols
  • Terms and definitions
  • Vulnerabilities
  • Impacts
  • A case study
  • Defense in depth
  • Classes of attackers
  • Security - an ongoing process
  • Security by design
  • Security mindset
  • Management challenge
  • Security development lifecycle (SDL)
  • Threat models

Risks and Efforts

  • Procedure
  • Classic approach to risk management
  • Assurance matrix
  • Risk matrix concept
  • TARA
  • Determining a generic method for risk assessment
  • New approach to risk management
  • A glimpse into IT security risk assessment
  • Security goals
  • Selected TARA methods and vulnerability analysis
  • EVITA
  • TVRA

Generic Application of Countermeasures

  • Security principles
  • List of exemplary countermeasures
  • Countermeasures as requirements
  • Industry and government security initiatives
  • Cryptography
  • Defense in depth
  • Security zones
  • Security conduits
  • EVITA
  • HIS - SHE
  • ARM security
  • Security development lifecycle (SDL)
  • Software security matters
  • Trusted platform module
  • Security testing methods

Selected Vulnerabilities and Countermeasures

  • Stack based buffer overflow
  • Code reuse
  • Countermeasures
  • Boundary error vulnerabilities
  • Memory management and security
  • Debugging and security

Norms and Standards

Partial ISO/IEC List

  • Other standards and work
  • IEC 62443
  • Certification
  • SAE J3061™

Security in a Safety Context

  • Safety and security differences
  • Subsets of product assurance
  • Relations between safety and security
  • Leveraging commonalities
  • Security in safety norms
  • Rules for industrial control systems (ICS)
  • Inheritance of safety principles
  • Comparisons
  • Communication paths

Wishlist


No trainings