Course Overview
In today’s explosive growth of interconnectivity, the importance of developing of safe and security-hardened embedded systems has never been more critical. In this lecture series, attendees will learn the best design practices for developing both safe and secure embedded systems. This course will dive deep into critical security issues such as embedded crypto and retrofitting security and the use of coding standards, static analysis, and other best practices to increase reliability, safety, and security in embedded devices.
Series Prerequisites: Attendees should have prior experience in the design of one or more embedded systems.
This course is split into two sections. Sections can also be taught as individual courses.
SECTION I: Best Practices for Designing Secure Embedded Systems
Vulnerabilities in products ranging from medical devices to industrial control systems and automobiles are being exploited by attackers. However, these systems can be hardened by following a variety of best practices. This two-day training gives you the skills to harden your embedded system to prevent vulnerabilities and defend against the most common attacks.
Topics covered in this section include:
- Threat Assessment
- Protecting Data at Rest
- Protecting Data in Motion
- Defenses in Software
- Defenses in Hardware
SECTION 2: Best Practices for Designing Safe Embedded Systems
Embedded systems are pervasive: from implantable medical devices to self-driving cars. The risks of human injury are also rising as more embedded systems connect to the internet and each other - becoming open to hacking as well as malfunction.
In this 2-day section, attendees will learn "what, why and how" of approximately a dozen practical, lightweight techniques for designing safer and more reliable embedded systems. We will focus on minimizing hazards and malfunctions though a combination of lightweight, demonstrably-effective design techniques. Architectural, process and cultural aspects will also be covered.
Topics covered in this section include:
- System Partitioning for Designing Safe, Robust Systems
- Run-Time Monitoring
- Design for Test
- Managing Time for Safe Product Operation
- Run-time Logging
- Safety Case Requirements
- Managing Software Complexity
- Coding Standards
- Static Analysis
- Code Inspections
- Issue Tracking
- Post Mortems