Security Fundamentals for Embedded Systems - Face-to-Face Training
You get familiar with structured and efficient Security by Design, learn how to identify potential security vulnerabilities in embedded systems and how to suitably assess and eliminate those vulnerabilities. This includes the most essential kryptographic processes and their application as well as specific hardware and software concepts. You know the details of ISO/SAE 21434 and can comply with the related requirements.
Your benefit:
Jump-start into the security topic with compact knowledge
Functional security (safety) context
Details on ISO/SAE 21434
Exercises covering the different phases of the security lifecycle
Download of exercises
Hardware and software architects, hardware and software developers, test engineers, project managers, system engineers
Experience with embedded systems as well as basic safety knowledge of are an advantage.
Threats and Attack Scenarios
- Security incidents
- Terms and definitions
- Vulnerability databases
- Impacts
- Classes of attackers
- Case study
- Defense in depth
- Security process/ mindset/ design
- Security development lifecycle (SDL)
- Threat models
Risks and Efforts
- Classic risk management
- Security risk management
- Threat analysis and risk assessment TARA
- IT security risk assessment
- Examples of TARA methods
Generic Application of Countermeasures
- Security attributes
- Cryptography (symmetric, asymmentric, hash, MAC, signatures)
- Example of memory encryption
- Security modules (SHE, HSM, TPM)
- CPU core security
- Secure software
- Security testing
Selected Vulnerabilities and Countermeasures
- Code injection
- Code reuse
- Countermeasures
- Boundary error vulnerabilities
- Side channel attacks
- Debug interface aspects
Norms and Standards
- References
- Extracts from IEC 62443
Security in Safety Context
- Differences and similarities
- Security in safety norms
Cybersecurity Engineering
- ISO/SAE 21434:2021
- Exercises: headlamp system