Secure development for embedded systems

Next course: 18-20/11/2024
Place: Online
Language: English
Price: 27.500 SEK
Price: 2 400 EUR
Price: 17 900 DKK

Request more information

Magnus Kindberg (SE, NO)
Phone: +46 (0)40 59 22 22
magnus.kindberg@nohau.se

Heidi Lehtomäki – Finland
phone: +358 40 196 0142
heidi.lehtomaki@nohau.fi

Klaus Ahrensbach – Denmark
Phone: +45 3116 1019
ka@nohau.dk

The security of embedded systems is important today and even more in the future.

 

Learn how to safely use C/C++ in critical systems, including best practices for memory management, input validation, and error handling. Secure embedded systems combine numerous strategies and procedures for the complete coordination of cyber security in the programming and hardware of embedded frameworks.

You will learn about embedded security and industry standards, including ISO/SAE 214341, IEC 62443, NIST SP 800-53, Common Criteria, and OWASP. You also get an introduction to the RUST programming language and its built-in security features, including Memory-safety and Type-safety.

Training format

  • 3 days online training: 18 hours, 3 sessions, 6 hours each
  • Course dispensed using the Teams video-conferencing system.

Course Objectives

  • Introduction to embedded security and industry standards, including ISO/SAE 214341, IEC 62443, NIST SP 800-53, Common Criteria, and OWASP.
  • Learn about secure coding practices for C/C++ programming languages, including best practices for memory management, input validation, and error handling.
  • Introduce the RUST programming language and its built-in security features, including memory safety and type safety.
  • Learn about secure software development methodologies, including threat modelling, secure design principles, and secure coding standards.
  • Introduce techniques for ensuring security in embedded systems, including security testing, security provisioning, and secure boot processes.
  • Introduce cryptography in embedded system.
  • The course covers the design and implementation of secure embedded system hardware architecture, including secure boot processes and secure communication protocols.
  • Learn about secure communication in embedded systems, including network protocols, secure communication protocols, and secure data transfer.
  • Get an overview of security issues and best practices for Internet of Things (IoT) devices and systems.

Theoretical course

  • PDF course material (in English)
  • Course dispensed using the Teams video-conferencing system.
  • The trainer to answer trainees’ questions during the training and provide technical and pedagogical assistance through the Teams video-conferencing system.

Practical activities

  • During exercises you will connect remotely to Linux PC to performing the activities.
  • The trainer has access to trainees’ Online PCs for technical and pedagogical assistance.
  • Downloadable preconfigured virtual machine for post-course practical activities.

Day one
Embedded Security and programming languages C/C++, RUST

Introduction to embedded security

Embedded Security Trends

  • Embedded Systems Complexity
  • Sophisticated Attacks
  • Processor consolidation

Security policies

  • Perfect Security?
  • Embedded Security Challenges
  • Confidentiality, Integrity, and Availability
  • Isolation
  • Information Flow Control
  • Physical Security Policies

Security Threats

  • Summary of issues
  • Cyberattack exploits

Legacy Systems

  • Updatability
  • Securing Legacy Systems
  • Project Requirements
  • Performance?

Security standards

  • ISO/IEC
  • IEEE
  • UL 2900-2-2

IoT recommended Security standards

Secure C/C++ Code

Secure C

  • Preprocessor and macros
  • Compilation, Declaration, definition, and initialization
  • Types
  • Pointers and arrays
  • Structure and unions
  • Expressions
  • Conditional and iterative structures
  • Functions
  • Memory Management
  • Error handling
  • Standard Libraries

Secure C++

  • Declarations and Initialization
  • Expressions
  • Integers
  • Containers
  • Characters and Strings
  • Memory Management
  • Input Output
  • Exceptions and Error Handling
  • Object Oriented Programming
  • Concurrency
  • Miscellaneous

Exercise:  Debugging Memory Problems

Security in RUST

  • Development environment
  • Libraries
  • Language generalities
  • Memory management
  • Type system
  • Foreign function interface (FFI)
  • Recommendations

Day two
Secure Software Development and Testing

Secure Software Development 

 Threat modelling

  • Introduction to threat modelling
  • Example threat models

Risk analysis

Software Assurance Maturity Model (SAMM)

Platform Security architecture (PSA)

Frameworks and Standards

  • NIST SP 800-160: Developing Cyber-Resilient Systems
  • ISO/SAE 214341: Road vehicles & Cybersecurity engineering
  • ISO/IEC 15408: Security, cybersecurity and privacy protection
  • IEC 651508: Functional Safety of electrical/electronic/programmable electronic safety-related systems
  • UL 2900-2-2: Software cybersecurity for network-connectable products

Security Knowledge Framework and Certifications

Ensuring security in Embedded Systems

Introduction

Security Testing

  • Penetration testing
  • Vulnerability scanning
  • Risk assessment
  • Static Analysis
  • Dynamic analysis
  • Protocol fuzzing

Security provisioning

  • Security configuration management
  • Identity and access management
  • Incident response and management
  • Compliance and regulatory requirements

Security Testing Tools overview

Cryptography introduction

  • Overview of cryptography
  • Classic Cryptography
  • Information assurance
  • Symmetric encryption
  • Asymmetric encryption
  • Random number generation
  • Integrity and authentication
  • Access authentication
  • Elliptic Curve cryptography
  • Certificates and Public Key infrastructures
  • Rules and recommendations

Exercise:  Encryption/Decryption

Exercise:  Private/Public Keys

Exercise:  Authentication and Integrity on IoT Devices

Day one
Hardware Architecture, Transport Layer Security and IoT security recommendations

Secure Embedded System Hardware Architecture

Crypto-Accelerator Overview

ARM TrustZone

Intel Software Guard eXtensions

SoC Security overview

  • Memory Protection
  • Trusted Boot and Firmware update overview
  • Secure Elements
  • Trusted Platform Module (TPM)
  • Hardware Security Module (HSM)

Exercise:  Secure boot

Exercise:  ARM TrustZone application (secure/non secure)

Overview of Secure Communication in embedded Systems (3 hours)

Introduction

Transport Layer Security (TLS)

IPsec/IKE

Network layer

  • Bluetooth
  • WiFi
  • 5G
  • NFC
  • RFID
  • SigFox

IoT security

Secured IoT architecture

IoT standard and recommendations

Software development architecture and practices

Cryptology

Software security

Hardware protection

Network security

Life cycle and support

Klar til at bestille? Eller bare til at høre mere?

Giv os et ring på 44 52 16 50, eller udfyld felterne, så ringer vi til dig!