Embedded Systems Security Training Course

Course Code



21 hours (usually 3 days including breaks)


  • Experience with embedded systems development.


  • Embedded systems professionals
  • Security professionals


This instructor-led, live training introduces the system architectures, operating systems, networking, storage, and cryptographic issues that should be considered when designing secure embedded systems.

By the end of this course, participants will have a solid understanding of security principles, concerns, and technologies. More importantly, participants will be equipped with the techniques needed for developing safe and secure embedded software.

Format of the course

  • Interactive lecture and discussion.
  • Lots of exercises and practice.
  • Hands-on implementation in a live-lab environment.

Course Customization Options

  • To request a customized training for this course, please contact us to arrange.

Course Outline


  • Security vs embedded systems security

Characteristics of Embedded Application Security

  • Embedded network transactions
  • Automotive security
  • Android devices
  • Next-generation software-defined radio

Critical Aspects of an Embedded System

  • Microkernel vs monolith
  • Independent security levels
  • Core security requirements
  • Access control
  • I/O virtualization

Performing Threat Modeling and Assessment  

  • Attackers and assets
  • Attack surface
  • Attack trees
  • Establishsing a security policy

Developing Secure Embedded Software

  • Secure coding principles
  • Secure program design
  • Minimal Implementation
  • Component architecture
  • Least privilege
  • Secure development process
  • Independent expert validation
  • Model-driven design
  • Code review and static analysis
  • Security testing
  • Peer code reviews

Understanding and Implementing Cryptography

  • Cryptographic modes
  • Cryptographic hashes
  • Cryptographic certifications
  • Managing keys
  • Block ciphers
  • Message Authentication Codes
  • Random Number Generation

Data Protection

  • Data-in-motion protocols
  • Securing data in motion
  • Data-at-rest protocols
  • Securing data at rest

Mitigating Attacks

  • Common software attacks
  • Preventing side-channel attacks

Retrofitting Security in Existing Projects

  • Securing bootloaders and firmware updates

Summary and Conclusion



Related Categories

Related Courses

Course Discounts

Course Discounts Newsletter

We respect the privacy of your email address. We will not pass on or sell your address to others.
You can always change your preferences or unsubscribe completely.

Some of our clients

is growing fast!

We are looking for a good mixture of IT and soft skills in Finland!

As a NobleProg Trainer you will be responsible for:

  • delivering training and consultancy Worldwide
  • preparing training materials
  • creating new courses outlines
  • delivering consultancy
  • quality management

At the moment we are focusing on the following areas:

  • Statistic, Forecasting, Big Data Analysis, Data Mining, Evolution Alogrithm, Natural Language Processing, Machine Learning (recommender system, neural networks .etc...)
  • Hibernate/Spring, Scala, Spark, jBPM, Drools
  • R, Python
  • Mobile Development (iOS, Android)
  • LAMP, Drupal, Mediawiki, Symfony, MEAN, jQuery
  • You need to have patience and ability to explain to non-technical people

To apply, please create your trainer-profile by going to the link below:

Apply now!

This site in other countries/regions