Embedded Systems Security Training
Device security starts here. The Embedded Systems Security training is a primer for hardware and software security, a must-have course for those who would like to obtain the most essential knowledge on how to build robust and resilient embedded devices. Recommended as an introductory training, before you take a step further and take our Side Channel Analysis, Fault Injection and Reverse Engineering courses. Built by the veterans of embedded device security industry, this is a highly practical course with numerous examples on how embedded devices can be broken via software or hardware attacks. It also contains important insights on risk mitigation.
Duration: 3 days | Type: Classroom/Hands-on exercises
Who is this training for?
The primary audience for this training includes system architects, software developers, chip and hardware designers or product managers who are upgrading their product with security features. The training is also relevant for the security analyst with a software background who is interested in building their knowledge base about the security features of the system, where his code is running.
This training provides a solid primer for implementing security for embedded systems. During three days packed with information you learn concepts applicable to a wide range of Commercial off the shelf (COTS) products such as gaming consoles, IP cameras, routers and diverse IoT devices.
To lay the foundations for understanding embedded systems security, we use a three-step approach. First, you get a solid, technical grasp of the typical components present on an embedded system and the functioning of an embedded system. Next, we look at an embedded system from the perspective of an attacker who aims to compromise the assets. You learn how to identify relevant assets, determine the most likely attack paths and refine this attack path, by discovering tooling available to an attacker. Finally, we discuss defense principles, the most sophisticated and complex view of an embedded system. Creating a defense strategy requires not only to understand how a system works or how an attacker would compromise an asset but also to have the ability to prioritize defenses according to risk, time, cost, attack surfaces, etc.
Next to the three days of embedded system security training, we offer the possibility to practice your new knowledge and skills on a second, different embedded system. After the training you can take home this second target and continue learning.