TOPICS

Training materials
LearnChase training materials are renowned for being the most comprehensive and user friendly available. Their style, content and coverage is unique in the embedded systems training world, and has made them sought after resources in their own right. The materials include:
Fully indexed class notes creating a complete reference manual
Workbook full of practical examples and solutions to help you apply your knowledge
Structure and Content
Security fundamentals
What is security and why is it necessary? • Security concepts and terminology • Defense-in-depth approach • Why are devices attacked and who attacks them? • The guiding principles of securing a system
The Secure Software Development Lifecycle
Introduction to the Secure Software Development Lifecycle process • Why built-in-by-design security is important • Identifying what to protect • Security design and architecture • Threat modelling and mitigation design • Security assessment • Software implementation • Security testing • Release and maintenance • Practicals: Creating a threat model, defining security requirements

Common attacks and mitigations
Fundamental system software vulnerabilities • Application level attacks • Attacks against the system • Side-channel attacks • Mobile application security • Practical: Common attacks and protecting against them

Application security

Access models • The Unix security model • Process privileges and capabilities • Process resources and execution limits • Sandboxes • Securing inter-process communication • Practical: Implementing an LXC sandbox
Linux boot, bootloaders and the chain of trust
The bootloader • Debug and trace • The Linux kernel interface • Building a chain of trust • Example boot scenarios and fast boot • Hibernation and security • Practical: Signing and verifying code
Network security
Data in motion • The internet protocol suite • Link layer protection • Internet and transport layer protection • Application layer protection • Network domains, firewalls and port forwarding • Wireless security • Network security approaches and protocols • Other digital connectivity threats • Practicals: Port scanning, implementing a firewall

Hardening the Linux kernel
What is the Linux kernel? • Configuring the kernel • Trace and debug options • Kernel modules • Kernel build options • Kernel hardening • Linux security modules • Understanding the Kernel Crypto subsystem and key management • Latest kernel security features • Practical: Adding a security patch to a standard kernel
Developing, building and maintaining secure software
Writing secure software • The secure software developer • Coding conventions and standards • Working with sensitive data and algorithms • Code review and test • Choice of programming language • (Software maintenance) deleted?
Using Open Source software
What is Open Source Software? • Why is Open Source Software used? • What are the disadvantages of Open Source Software? • The GNU Public Licenses • How to use OSS in commercial code • OSS security vulnerability disclosure policies • Tracking OSS security
Security testing and release control
Testing and the Secure Software Development Lifecycle • Release management • Test tools • Practical: basic penetration testing
Securing the runtime environment
Dynamic loading • Limiting resources • Limiting kernel access • Practical: Dynamic linking
Linux Security Modules
The origin and role of LSMs • Access Control Mechanisms • LSMs used in embedded systems • Performance impacts of LSMs • Practical: adding LSM hardening to an LXC sandbox
Information security
Data at rest and in use • Linux filesystems • Integrity and Authenticity • Confidentiality • Availability
The course can also be tailored to suit your particular hardware and software environment. Please contact LearnChase to discuss your specific requirements.