Who is this training for?
The primary audience for this training includes system architects, software developers, chip and hardware designers or product managers who are upgrading their product with security features. The training is also relevant for the security analyst with a software background who is interested in building their knowledge base about the security features of the system, where his code is running.
This training provides a solid primer for implementing security for embedded systems. During three days packed with information you learn concepts applicable to a wide range of Commercial off the shelf (COTS) products such as gaming consoles, IP cameras, routers and diverse IoT devices.
To lay the foundations for understanding embedded systems security, we use a three-step approach. First, you get a solid, technical grasp of the typical components present on an embedded system and the functioning of an embedded system. Next, we look at an embedded system from the perspective of an attacker who aims to compromise the assets. You learn how to identify relevant assets, determine the most likely attack paths and refine this attack path, by discovering tooling available to an attacker. Finally, we discuss defense principles, the most sophisticated and complex view of an embedded system. Creating a defense strategy requires not only to understand how a system works or how an attacker would compromise an asset but also to have the ability to prioritize defenses according to risk, time, cost, attack surfaces, etc.
Next to the three days of embedded system security training, we offer the possibility to practice your new knowledge and skills on a second, different embedded system. After the training you can take home this second target and continue learning.
“The training is very good for creating awareness of security issues for embedded system developers, especially those who have no or little experience with this topic. Creating attack trees and actually performing the attacks also is a lot of fun.”
“This course is an introduction to ES and the Riscure approach to security analysis. It is a showcase of why good security implementations are difficult. If you are new to electronics or security you will learn a lot.”
“A professional course, valuable content.”
“An excellent introduction into the complex and pitfall-ridden world of securing embedded systems.”
Secure Code Development Bootcamp
This training helps your development team to adopt the best security practices by sharing a hacker's mindset. Look at your software from a different perspective, understand how it can be hacked and identify ways to mitigate a coding error before it happens.
ARM Reverse Engineering
Extract data structures, language constructs and identify typical vulnerability patterns from compiled code by combining static and dynamic analysis techniques.