TOPICS

Training materials
Training materials are renowned for being the most comprehensive and user friendly available. Their style, content and coverage is unique in the embedded systems training world, and has made them sought after resources in their own right. The materials include:
Fully indexed class notes creating a complete reference manual
Workbook full of practical examples and solutions to help you apply your knowledge

Structure and Content
Security fundamentals
What is security and why is it necessary? • Security concepts and terminology • Defense-in-depth approach • Why are devices attacked and who attacks them? • The guiding principles of securing a system

Linux boot, bootloaders and the chain of trust
The bootloader • Debug and trace • The Linux kernel interface • Building a chain of trust • Example boot scenarios and fast boot • Hibernation and security

Hardening the Linux kernel
What is the Linux kernel? • Configuring the kernel • Trace and debug options • Kernel modules • Kernel build options • Kernel hardening • Linux security modules • Understanding the Kernel Crypto subsystem and key management • Latest kernel security features • Practical: Adding a security patch to a standard kernel

Network security
Data in motion • The internet protocol suite • Link layer protection • Internet and transport layer protection • Application layer protection • Network domains, firewalls and port forwarding • Wireless security • Other digital connectivity threats • Practicals: Port scanning, implementing a firewall

Security testing and release control
Testing and the Secure Software Development Lifecycle • Release management • Test tools • Practical: basic penetration testing

Security testing tools
System breaking tools • Network tools • File system tools • Vulnerability testing and exploit frameworks

Securing the software environment
Dynamic loading • Limiting resources • Limiting kernel access • Practical: Dynamic linking

Common kernel attacks and mitigations
Fundamental system software vulnerabilities • Application level attacks • Attacks against the system • Side-channel attacks • Practical: Â Common attacks and protecting against them

Information security
Data at rest and in use • Linux filesystems • Integrity and Authenticity • Confidentiality • Availability • Caching and security • Overview on SoC hardware security features that can help

Linux Security Modules
The origin and role of LSMs • Mandatory Access Control • LSMs used in embedded systems • Performance impacts of LSMs • Practical: adding LSM hardening to an LXC sandbox.