Embedded Systems Security Training Course

Course Code



21 hours (usually 3 days including breaks)


  • Experience with embedded systems development.


  • Embedded systems professionals
  • Security professionals


This instructor-led, live training introduces the system architectures, operating systems, networking, storage, and cryptographic issues that should be considered when designing secure embedded systems.

By the end of this course, participants will have a solid understanding of security principles, concerns, and technologies. More importantly, participants will be equipped with the techniques needed for developing safe and secure embedded software.

Format of the course

  • Interactive lecture and discussion.
  • Lots of exercises and practice.
  • Hands-on implementation in a live-lab environment.

Course Customization Options

  • To request a customized training for this course, please contact us to arrange.

Course Outline


  • Security vs embedded systems security

Characteristics of Embedded Application Security

  • Embedded network transactions
  • Automotive security
  • Android devices
  • Next-generation software-defined radio

Critical Aspects of an Embedded System

  • Microkernel vs monolith
  • Independent security levels
  • Core security requirements
  • Access control
  • I/O virtualization

Performing Threat Modeling and Assessment  

  • Attackers and assets
  • Attack surface
  • Attack trees
  • Establishsing a security policy

Developing Secure Embedded Software

  • Secure coding principles
  • Secure program design
  • Minimal Implementation
  • Component architecture
  • Least privilege
  • Secure development process
  • Independent expert validation
  • Model-driven design
  • Code review and static analysis
  • Security testing
  • Peer code reviews

Understanding and Implementing Cryptography

  • Cryptographic modes
  • Cryptographic hashes
  • Cryptographic certifications
  • Managing keys
  • Block ciphers
  • Message Authentication Codes
  • Random Number Generation

Data Protection

  • Data-in-motion protocols
  • Securing data in motion
  • Data-at-rest protocols
  • Securing data at rest

Mitigating Attacks

  • Common software attacks
  • Preventing side-channel attacks

Retrofitting Security in Existing Projects

  • Securing bootloaders and firmware updates

Summary and Conclusion



Related Categories

Related Courses

Course Discounts

Course Discounts Newsletter

We respect the privacy of your email address. We will not pass on or sell your address to others.
You can always change your preferences or unsubscribe completely.

Some of our clients

This site in other countries/regions