Price: $1,999.00
Length: 2 Days
Print Friendly, PDF & Email

Cybersecurity Applied to Embedded Systems Training, Embedded Systems Cybersecurity Fundamentals

Cybersecurity Applied to Embedded Systems Training is a 2-day training discusses fundamentals of embedded systems and applications of cybersecurity to illustrate unique vulnerabilities that are commonly exploited. Learn about methods and techniques considering cybersecurity measures in the entire system life cycle and acquisition. Secure Embedded Systems include many procedures, methods and techniques to seamlessly integrate cybersecurity within embedded system software. Added security components to embedded systems can impede a system’s functionality and impact the real time performance of the mission critical systems. Systems engineers, developers and analysts need a well-defined approach for simultaneously designing embedded functionality and cybersecurity. Secure embedded systems might use a security co-processor to cryptographically ensure system confidentiality and integrity while maintaining functionality.

This course will also teach students how to analyze, reverse, debug, and exploit embedded RTOS firmware. Hands-on experience with a variety of real-world devices, RTOS’s, and architectures equip students with the practical knowledge and skills necessary to be proficient in RTOS vulnerability analysis and exploitation. We will discuss risk assessment methodologies, failure analysis and using defensive tools to mitigate cyber risk and vulnerabilities. To assure successful mission control system performance, embedded systems such as weapon systems, missiles, smart weapons, Network Enabled Weapons (NEW), UAVs, communications systems, industrial control systems, medical devices, robotics, smart grid, SCADA, Intelligent Electronic Devices (IED), PLCs, and autonomous cars must be secured to perform their intended functions, prevent cyberattacks, and operate with no cyber attack impact. Cybersecurity Applied to Embedded Systems introduces cybersecurity concepts applied to embedded systems, firmware, hardware and embedded software. This course is designed for anyone interested in cybersecurity, analysis, exploiting, and patching vulnerabilities with real-world embedded systems.

Who Should Attend:

  • Product/process designers and engineers
  • Developers working with embedded systems
  • Information security professionals
  • Application developers

Takeaways from this course include:

  • Examining how to cybersecurity fit in the embedded systems
  • Fundamentals of cybersecurity
  • Fundamentals of Embedded Systems
  • Fundamentals of embedded system product design cycle, project management, design for production, V&V and O&M
  • Embedded Systems Security Requirements
  • Fundamentals of hardware and firmware analysis and design in embedded design
  • Vulnerabilities in embedded systems
  • Embedded hardware and firmware analysis to detect vulnerabilities
  • Foundation  knowledge of cyber security threats, risks, mitigation strategies applied to embedded systems
  • Exploitable vulnerabilities in embedded systems and techniques and strategies for systems engineering embedded systems
  • Communication protocols, wired and wireless networks, information and network attacks and their impact on embedded devices
  • Risk assessment techniques and methodologies and using defensive tools for mitigating risk and vulnerabilities

Course Topics:

Cybersecurity 101

  • What is Cybersecurity?
  • Basic principles of CIA
  • Confidentiality
  • Embedded system’s critical information
  • Application code and surveillance data
  • Unauthorized entities
  • Integrity
  • Availability and mission objectives
  • Cyber Risks applied to Embedded Systems
  • Principles and practices designed to safeguard your embedded system
  • Hacking tools and entry points
  • Encryption and authentication
  • Data Integrity
  • Vulnerability analysis 101
  • Mitigation 101
  • Networking and network attacks
  • Role of wireless networks in the embedded systems
  • Embedded hardware and firmware analysis and reverse engineering
  • Embedded system security Threats
  • Intrusion
  • Virus, Worm, Trojan Horse (Malware)
  • Spyware
  • DoS
  • Secure software fundamentals

Introduction to Embedded Systems

  • Embedded Systems 101
  • Hardware Architecture
  • Software Development
  • Microprocessor Primer
  • Basic architecture
  • Programmer’s view
  • Embedded Operating Systems
  • Case Study: Embedded mmWave Radar System
  • Embedded Systems Engineering

Embedded System Vulnerability Analysis

  • Networking and network attacks
  • Wireless networks and embedded systems
  • Embedded hardware and firmware analysis
  • Exploiting Embedded Devices
  • The stages of router exploitation
  • Initial Reconnaissance
  • Exploitation
  • Firmware Unpacking and Modification
  • Detecting
  • Extracting
  • Analysis
  • Cross Compiling
  • Modification and Creation of new firmware
  • Persistent Dynamic Backdoor
  • Firmware analysis and extraction
  • Finding and exploiting logic flaws
  • Firmware emulation and debugging
  • Finding and exploiting real-world overflows
  • Foundations of cyber security and emerging threats
  • Hacking/exploitation techniques, tools and entry points
  • Defensive technologies: Encryption and authentication

Exploiting Real Time Operating Systems

  • Basic introduction to the concept of Real Time Operating Systems
  • Overview of MIPS architecture and design
  • Firmware analysis of our first target device
  • Debugging our first target device
  • Augmenting IDA’s auto analysis
  • Searching for backdoors
  • How not to crash your target
  • Hardware & firmware analysis
  • Identifying functions without a symbol table
  • Low-hanging crypto
  • Breaking custom crypto
  • Practical exploitation of crypto bugs
  • More firmware analysis
  • Augmenting IDA’s auto analysis
  • Chip backdoors
  • Hidden manufacturer menus
  • Hardware Hacking
  • Basic electronics and circuit analysis
  • Analog/digital communications
  • Common inter-component protocols

Securing Embedded Systems Interfaces and Protocols

  • Embedded Systems Communication Protocols
  • Universal Asynchronous Receiver/Transmitter (UART)
  • Serial Peripheral Interface (SPI)
  • Joint Test Action Group (JTAG)
  • Inter-integrated Circuit (I2C)
  • I2C bus
  • CAN bus
  • FireWire bus
  • USB
  • Parallel protocols
  • PCI bus
  • ARM bus
  • Wireless protocols
  • IrDA
  • Bluetooth
  • Bluetooth LE (BLE)
  • IEEE 802.11
  • NFC
  • RFID
  • 802.15.4
  • 6LowPAN
  • Thread
  • Zigbee
  • Z-Wave

Cybersecurity Attacks and Best Mitigation Practices for Embedded Systems

  • Non-Invasive Hardware Reverse Engineering
  • Component identification
  • Tracking PCB traces
  • Re-producing schematic and block diagrams
  • Bus Sniffing
  • Interface Analysis
  • Communications protocols sniffing
  • Decoding and deciphering captured bits
  • Critical data identification and detection
  • Component removal and replacement
  • Dealing with surface mount components
  • Electronics and circuit analysis
  • Understanding your tools and their effects on the circuit
  • Understanding the circuit and its effect on your tools
  • Security Measures

Case Study and Workshop

  • Cybersecurity Analysis of Embedded Systems used in unmanned aircraft system (UAS)
  • Design Process
  • Embedded system CONOPS
  • Mission objectives
  • CONOPS
  • Test and evaluation
  • Functional requirements
  • Threat analysis
  • System design
  • Security requirements
  • Performance evaluation
  • Security evaluation
  • System Implementation Security
  • Attack surface
  • Boot process, system data, and software
  • Physical attack surface
  • Root of trust establishment
  • Trust hardware and software components
  • Trusted platform module (TPM)
  • Operating system (OS)
  • Mission-specific application code (Apps)
  • Field-programmable gate array (FPGA)
  • BIOS
  • Boot process
  • Startup
  • Trusted computing base (TCB)

Request More Information

  • Please complete the following form and a Tonex Training Specialist will contact you as soon as is possible.

    * Indicates required fields

  • This field is for validation purposes and should be left unchanged.