First Session
System Software Consideration
- The Operating System
- Multiple Independent Levels of Security
- Information Flow
- Data Isolation
- Damage Limitation
- Periods Processing
- Tamper Proof
- Evaluable
- Core embedded Operating system Security Requirements
- Memory Protection
- Virtual Memory
- Guard Pages
- Location obfuscation
- Fault Recovery
- Impact of Determinism
- Secure Scheduling
- Hypervisors and System Virtualization
- Introduction to System Virtualization
- Applications of System Virtualization
- Environment Sandboxing
- Virtual Security Appliances
- Hypervisor Architectures
- Paravirtualization
- Leveraging Hardware Assists for Virtualization
- Hypervisor Security
- I/O Virtualization
- Remote Management
- Assuring Integrity of the TCB
- Trusted Hardware and Supply Chain
- Secure Boot
- Static versus Dynamic Root of Trust
- Remote Attestation
Exercise: |
Memory Protection (MPU) |
Exercise: |
ARM TrustZone |
Exercise: |
Secure Boot |
|
Second Session
Data Protection Protocols for Embedded Systems
- Data-in-Motion Protocols
- Generalized Model
- Choosing the Network Layer for Security
- Ethernet Security Protocols
- IPsec versus SSL
- IPsec
- SSL/TLS
- Embedded VPN Clients
- DTLS
- SSH
- Custom Network Security Protocols
- Secure Multimedia Protocols
- Broadcast Security
- Data-at-Rest Protocols
- Choosing the Storage Layer for Security
- Symmetric Encryption Algorithm Selection
- Managing the Storage Encryption Key
Testing for Security
- Basic Testing Methods
- White-Box Testing
- Black-Box Testing
- Grey-Box Testing
- Fuzz-Testing
|