Here's the page we think you wanted. See search results instead:

Training at a Glance

Vector illustration of an audience watching an instructor on screen

Format

  • Self-paced eLearning
  • Interactive exercises and quizzes
  • Scheduled live mentoring
  • Scale to multiple groups

Vector illustration of 3 people serving as an audience

Audience

  • Architects
  • Designers
  • Developers of bootloaders

Vector illustration of a stopwatch timer

Duration

  • 4 courses
  • 4–6 weeks total
  • 24 hours self-paced eLearning
  • 6 hours live mentoring

Vector illustration of certificate or diploma

Outcomes

  • Identify and understand threats
  • Analyze trade-offs and make decisions
  • Implement and harden bootloaders

Designing Secure Bootloaders

Most embedded devices have strong requirements for the integrity of the code running on the platform. Attackers are adept at finding new ways to compromise these systems. A robust, secure boot implementation that ensures software integrity is essential, and the implementation presents a major challenge. Several attacks on widely deployed embedded devices received high-profile media attention, exposing manufacturers to lost revenue, liability claims, and brand damage.

This training helps architects, designers, and developers of bootloaders learn how to correct and avoid common security mistakes through hands-on exercises in a virtual practice environment. Participants will identify vulnerabilities and secure an existing bootloader. By building a foundational knowledge of the design building blocks for secure boot and understanding various state-of-the-art threats, participants will gain the competencies and the confidence to tackle difficult decisions head-on.

Training Outline

  • Anatomy of a bootloader
    • Design requirements
    • Implementation requirements
    • Secure chip platform, secure software, and cryptographic primitives
  • Threat analysis and risk assessment fundamentals
    • Asset, threat, vulnerability, practical security, and risk
  • Hardware (ROM, OTP)
  • Cryptography
    • Confidentiality, integrity, and authenticity
    • Cryptographic schemes
    • Symmetric versus asymmetric crypto
  • Bootloader code
  • Product lifecycle
  • Analyzing a bootloader
  • Assumptions and logical flaws
  • Software flaws
  • Fault injection simulator exercises
    • Software flaws, source code review, and writing a secure bootloader
  • Hardware attacks
  • Fault injection attacks
  • Combined attacks
  • Countermeasures
  • Fault injection simulator exercises
    • Identify single points of failure and harden a secure bootloader

Related Trainings

Secure Coding Training

Secure Coding Training

Learn to identify security vulnerabilities, secure crypto engines, and implement countermeasures in this group secure coding training for C/C++ developers.

Chip Design and Security Training

Chip Design and Security Training

Gain an understanding of security in the System-on-Chip (SoC) design and development process in this course for developers and evaluators.

Embedded Systems Security Training

Embedded Systems Security Training

Gain a comprehensive understanding of embedded systems in this online group training, with a focus on security engineering and defense strategy.

Interested in this service? Reach out to learn more.