Many deployed embedded systems, particularly legacy medical devices, do not have adequate security measures. Typically, security was either not considered during the requirements phase of their design or was discarded later as “not worth more investment” given other important needs—like getting the product out the door or testing the market. Other products already in the field may contain a set of security features yet suffer a “weakest link” that has been turned into an exploitable attack by academic researchers or full-fledged hackers. This course teaches practical techniques for increasing the security of deployed embedded systems.

Length/Options

  • 0.5 day

Audience

  • Engineers or teams needing to add security to a legacy embedded device

Prerequisites

Related Courses

Outline

  • Case Study: DirecTV Piracy
    • Satellite TV Overview/History
    • The "Renewable" Security Architecture
    • Initial Piracy Techniques
    • The Satellite TV Piracy Ecosystem
    • Electronic Counter Measures
    • Advanced Piracy Techniques
    • End User Lawsuits
    • Discussion: Lessons Learned
  • Case Study: HP Printer Attacks
    • Research Methods
    • Attack Capabilities
    • Security Updates
    • Discussion: Lessons Learned
  • Retrofitting Security
    • Security as Arms Race
    • Post-Deployment Constraints
    • Attack Detection and Logging
    • Resecuring Data at Rest
    • Resecuring Data in Motion
    • Adding Authentication
    • Resecuring Bootup/Updates
    • Final Discussion

Format

This course is taught through a series of case studies based on real attacks on embedded systems ranging from consumer electronics to medical devices to home/office printers.

Learn More

To request pricing or dates, or for more information about this course, contact us.

Find out More

Contact us now to find out more about this course or to enquire about an on-site training at your company.

Recording Policy

Barr Group's courses may not be audiotaped, videotaped, or photographed without consent from Barr Group's executive team.