Core Theory and Skills
Our core theory & skills programs focus on building foundational knowledge and skills for developers and evaluators.
Fundamentals of Embedded System Security
In this program we lay the foundations for understanding embedded systems security. This program provides a solid, technical grasp of the typical components present on an embedded system and the functioning of an embedded system. We look at an embedded system from the perspectives of both an attacker and a developer: we show how to identify potential ways to compromise assets and we create a defense strategy.
Embedded System Security (ESS) Red Team Workshop
This is a 1-day on-site addendum to the core ESS program. Based on 20+ years of certifying devices, we created a compact program that delivers the required knowledge and expertise for evaluating devices in accordance with industry standards. This course delivers embedded security knowledge and skills that can immediately be applied on the job.
Fundamental Secure Coding
Are you a seasoned C/C++ programmer who wants to take their skills to the next level? Then this learning program is for you! Learn how to eliminate logical errors, protect crypto algorithms against Side Channel Analysis attacks, and harden critical code areas against Fault Injection attacks.
Designing Secure Bootloaders
Attackers are finding new ways to compromise these systems and a robust secure boot implementation that ensures the software integrity is considered essential. This is the first course aimed at developers of secure bootloader and is based on Riscure over 15 years of evaluating bootloaders.
Advanced Secure Coding
The main objective of the training is to enable developers to find vulnerabilities in their code by covering the what, why and how of code auditing. We show why compliance with code standards (e.g. MISRA-C) is not equivalent with secure code development and how compliant code can still have vulnerabilities. For each of the vulnerability classes presented during the training we discuss their potential impact on the system and strategies to help preventing the introduction such vulnerabilities. The training is highly practical with many examples from well-known open source projects.
Our awareness programs seek to explain important standards and schemes to create a common level of understanding of complex and important topics.
Automotive Security & ISO21434
The Automotive Security & ISO21434 learning path bridges the gap between formalized safety frameworks such as ISO 26262, SAE J3061-20161, and ISO/SAE 21434 and the best practices in security. The curriculum for this learning path is designed to accelerate the time to market of your product.
Skills with Riscure Tools
Riscure Tools are best in class developer and evaluator tools to perform SCA & FI. Our tools training programs are highly practical and help to make most effective use of our tools as fast as possible.
Essential Side-Channel Analysis
The main learning objective of this training is the methodology of applying SCA to a wide range of devices from the very simple, unprotected smartcards to implementations protected with advanced countermeasures or complex embedded applications. At the end of the training you have a thorough understanding of power and electromagnetic analysis methods and you are able to perform testing on both smart cards and embedded chips. You are able to assess the robustness of chips with no or basic countermeasures of moderate complexity. This training is available both online and a classroom.
Essential Fault injection
The end goal of this course is to enable you to perform voltage and EM fault injection attacks using Riscure software and hardware tools. You will also learn the theory behind FI attacks: the characteristics and effects of faults, different flavors and ways to inject faults, and common vulnerabilities and applications of fault injection attacks. This training is available both online and a classroom.
Advanced Side-Channel Analysis
The main learning objective of this training is the methodology of applying SCA to a wide range of devices from the very simple, unprotected smartcards to implementations protected with advanced countermeasures or complex embedded applications. At the end of the training you have a thorough understanding of power and electromagnetic analysis methods and you are able to perform testing on both smart cards and embedded chips. You are able to assess the robustness of chips with no or basic countermeasures of moderate complexity.
Advanced Fault Injection
This course is intended for security evaluators and researchers focused on hardware security testing, government organizations seeking to analyze threats posed by state-of-the-art side channel attacks and Inspector customers.
Deep Learning Side-Channel Analysis
The goal of this training is to introduce you to deep learning for side channel analysis. After the workshop you will be able to use neural networks to evaluate both private and public key crypto algorithms.
Understanding Leakage Detection
Side Channel Analysis (SCA) becomes possible if different inputs to the cryptographic system produce variations in the measurable physical characteristics of that device while in operation. Leakage detection is about checking whether exploitable differences are indeed present on a particular target device. The aim of this training is to help trainees grasp the intuition behind leakage detection methodologies and achieve a sound technical appreciation of how and why they work.