Embedded Software Engineering Cybersecurity Training
Embedded Software Engineering Cybersecurity Training is a 2-day training focuses on application of cybersecurity and risk management to embedded software and software engineering techniques.
Embedded Software Engineering Cybersecurity is the process of controlling various devices and machines, using software engineering. Integrating software engineering with non-computer devices leads to the formation of embedded systems.
Cybersecurity applied to embedded software engineering is a field that focuses on preventing malicious access to and use of embedded software. Cybersecurity for embedded software provides engineering mechanisms to protect a software system from all types of malicious behavior. Normally, cybersecurity specialists work with software design teams to ensure the embedded software has the necessary security mechanisms in place to mitigate the damage from these attacks.
Secure Embedded Systems include many procedures, methods, and techniques to seamlessly integrate cybersecurity within embedded software. Added security components to embedded software can impede a system’s functionality and impact the real-time performance of the mission critical systems.
Software engineers, architect, designers, developers and analysts need a well-defined approach for simultaneously designing embedded functionality and cybersecurity.
This course will also cover software FMEA and how to analyze, reverse, debug, and exploit embedded RTOS and firmware.
This course is designed for software engineers and analysts interested in software cybersecurity, analysis, exploiting, and patching vulnerabilities with real-world embedded systems.
Who Should Attend:
- Software designers and engineers
- Developers working with embedded software
- Information security professionals
- Application developers
- Project managers involved in embedded software engineering
Takeaways from this course include:
- Examining how to fit cybersecurity in embedded software
- Fundamentals of cybersecurity
- Fundamentals of embedded software
- Embedded software security requirements
- Fundamentals of software analysis and design in embedded design
- Vulnerabilities in embedded software
- Foundation knowledge of cyber security threats, risks, mitigation strategies applied to embedded systems
- Exploitable vulnerabilities in embedded software and techniques and strategies for systems engineering embedded systems
- Risk assessment techniques and methodologies and using defensive tools for mitigating risk and vulnerabilities
Course Topics:
Embedded Cybersecurity 101
- What is Cybersecurity?
- Basic principles of CIA
- Confidentiality
- Embedded software’s critical information
- Application code and surveillance data
- Unauthorized entities
- Integrity
- Availability and mission objectives
- Cyber Risks applied to Embedded Systems
- Principles and practices designed to safeguard your embedded system
- Hacking tools and entry points
- Encryption and authentication
- Data Integrity
- Vulnerability analysis 101
- Mitigation 101
- Embedded software security Threats
- Intrusion
- Virus, Worm, Trojan Horse (Malware)
- Spyware
- DoS
Embedded Systems and Software 101
- Embedded systems 101
- Software elements of embedded systems
- Firmware and RTOS
- Programming languages
- Data structure
- Algorithms
- Software design
- Databases
- System Design
- Microprocessor basics
- Interrupt processing, assembly code, registers
- Microcontroller basics
- DAC, ADC, Timers, DMA, PWM, watchdog
- Secure embedded software fundamentals
primary Stages of the Embedded Software Life Cycle
- Assessing requirements
- Planning
- Architecture and Design
- Prototyping
- Development
- Testing (Verification and acceptance)
- Deployment
- Operations and maintenance (O&M)
- Correction/improvements
- Maintenance and Sustainability
Introduction to Embedded Software Engineering Cybersecurity
- Embedded Software 101
- Software Security Engineering
- Embedded Software Engineering
- Embedded Software Vulnerability Analysis
- Exploiting Embedded Software
- Initial Reconnaissance
- Exploitation
- Firmware Unpacking and Modification
- Detecting
- Extracting
- Analysis
- Cross Compiling
- Modification and Creation of new firmware
- Persistent Dynamic Backdoor
- Firmware analysis and extraction
- Finding and exploiting logic flaws
- Firmware emulation and debugging
- Finding and exploiting real-world overflows
- Foundations of cyber security and emerging threats
- Hacking/exploitation techniques, tools, and entry points
- Defensive technologies: Encryption and authentication
- Exploiting Firmware
- Exploiting Real Time Operating Systems (RTOS)
- Cybersecurity Attacks and Best Mitigation Practices for Embedded Software
Building an Efficient Embedded System Design and Software Development Process
- Designing Complex Architecture Systems, Software and Platforms
- Embedded software engineering methods and specifications
- Embedded system design process steps
- Embedded software development process
- Embedded system product development life cycle
- Software security parameters
- Embedded software architecture
- Embedded software test and evaluation (T&E)
Language Comparison
- Programming language strengths and weaknesses applied to embedded software
- C
- C++
- Ada
- Java
- Python/MicroPython
- Rust
Embedded Software Engineering Cybersecurity and Development
- System requirements
- Software requirements
- Embedded software threat modeling
- Embedded software threat vectors
- Preliminary software design
- Critical software design
- Verification and validation
- Test readiness
- Audit of the functional configuration
- Audit of a physical configuration
- Approval to release software to production
- Release production test equipment
Case Study and Workshop
- Cybersecurity Analysis of Embedded Software
- Functional requirements
- Threat analysis
- Software design
- Security requirements
- Performance evaluation
- Design Process
- Security evaluation
- System Implementation Security
- Attack surface
- Trust hardware and software components
- Trusted platform module (TPM)
- Operating system (OS)
- Mission-specific application code (Apps)
- Field-programmable gate array (FPGA)
- BIOS
- Boot process
- Startup
- Trusted computing base (TCB)