Experience Embedded

Professional Training, Consulting and Project Support

Security of Embedded Systems in the Context of Functional Safety

  • Content
     
  • Objectives
     
  • Participants
     
  • Requirements
     

You know about potential security vulnerabilities in embedded systems, such as in the context of IoT, and you learn how to assess the related risks (risk assessment).

Efficient solutions help you minimize these vulnerabilities by means of specific IP blocks and/or strategies.

Your benefit:

Efficient and compact jump-start into the overall topic

Practical tips on safety and security

Templates on USB stick or as download.

Hardware and software architects, hardware and software developers, test engineers, project managers, system engineers

Experience with embedded systems as well as basic knowledge of safety

Threats and Attack Scenarios

  • Security incidents
  • Concerns
  • Applications
  • Authentication
  • Communication protocols
  • Terms and definitions
  • Vulnerabilities
  • Impacts
  • A case study
  • Defense in depth
  • Classes of attackers
  • Security - an ongoing process
  • Security by design
  • Security mindset
  • Management challenge
  • Security development lifecycle (SDL)
  • Threat models

Risks and Efforts

  • Procedure
  • Classic approach to risk management
  • Assurance matrix
  • Risk matrix concept
  • TARA
  • Determining a generic method for risk assessment
  • New approach to risk management
  • A glimpse into IT security risk assessment
  • Security goals
  • Selected TARA methods and vulnerability analysis
  • EVITA
  • TVRA

Generic Application of Countermeasures

  • Security principles
  • List of exemplary countermeasures
  • Countermeasures as requirements
  • Industry and government security initiatives
  • Cryptography
  • Defense in depth
  • Security zones
  • Security conduits
  • EVITA
  • HIS - SHE
  • ARM security
  • Security development lifecycle (SDL)
  • Software security matters
  • Trusted platform module
  • Security testing methods

Selected Vulnerabilities and Countermeasures

  • Stack based buffer overflow
  • Code reuse
  • Countermeasures
  • Boundary error vulnerabilities
  • Memory management and security
  • Debugging and security

Norms and Standards

Partial ISO/IEC List

  • Other standards and work
  • IEC 62443
  • Certification
  • SAE J3061™

Security in a Safety Context

  • Safety and security differences
  • Subsets of product assurance
  • Relations between safety and security
  • Leveraging commonalities
  • Security in safety norms
  • Rules for industrial control systems (ICS)
  • Inheritance of safety principles
  • Comparisons
  • Communication paths


The price includes lunch,

drinks, training documentation and training certificate.


Information for HR

You can book up to 5 participants on one training with our online order form.
If you wish to book more participants on several trainings, please contact us!
Please also note our bonus program when booking several trainings and/or participants at once.


Information for HR

Trainings

DatePrice *Duration
14.02. – 14.02.2019650,00 €1 day 
24.10. – 24.10.2019650,00 €1 day 
Training code: E-SECURITY
* All prices are exclusive of applicable VAT.


> Registration form download (PDF)
> Training details as PDF

Onsite Training

In customized workshops, we integrate your specific project tasks and our training program, considering your requirements as regards content, time, location, duration, technical environment and knowledge transfer methodology.

Please contact us for further information or an individual quotation.

> Training details as PDF

Coaching

Unsere Coaching-Angebote bieten den großen Vorteil, dass unsere Experten ihr Wissen und ihre Erfahrungen direkt in Ihren Lösungsprozess einbringen und damit unmittelbar zu Ihrem Projekterfolg beitragen.

Für Ihre Anfrage oder weiterführende Informationen stehen wir Ihnen gern zur Verfügung.

Security of Embedded Systems in the Context of Functional Safety

Content

Threats and Attack Scenarios

  • Security incidents
  • Concerns
  • Applications
  • Authentication
  • Communication protocols
  • Terms and definitions
  • Vulnerabilities
  • Impacts
  • A case study
  • Defense in depth
  • Classes of attackers
  • Security - an ongoing process
  • Security by design
  • Security mindset
  • Management challenge
  • Security development lifecycle (SDL)
  • Threat models

Risks and Efforts

  • Procedure
  • Classic approach to risk management
  • Assurance matrix
  • Risk matrix concept
  • TARA
  • Determining a generic method for risk assessment
  • New approach to risk management
  • A glimpse into IT security risk assessment
  • Security goals
  • Selected TARA methods and vulnerability analysis
  • EVITA
  • TVRA

Generic Application of Countermeasures

  • Security principles
  • List of exemplary countermeasures
  • Countermeasures as requirements
  • Industry and government security initiatives
  • Cryptography
  • Defense in depth
  • Security zones
  • Security conduits
  • EVITA
  • HIS - SHE
  • ARM security
  • Security development lifecycle (SDL)
  • Software security matters
  • Trusted platform module
  • Security testing methods

Selected Vulnerabilities and Countermeasures

  • Stack based buffer overflow
  • Code reuse
  • Countermeasures
  • Boundary error vulnerabilities
  • Memory management and security
  • Debugging and security

Norms and Standards

Partial ISO/IEC List

  • Other standards and work
  • IEC 62443
  • Certification
  • SAE J3061™

Security in a Safety Context

  • Safety and security differences
  • Subsets of product assurance
  • Relations between safety and security
  • Leveraging commonalities
  • Security in safety norms
  • Rules for industrial control systems (ICS)
  • Inheritance of safety principles
  • Comparisons
  • Communication paths

Wishlist


No trainings