Digital Forensics Techniques for Embedded Systems

  • Overview
  • Course Content
  • Requirements & Materials
Overview

Digital Forensics Techniques for Embedded Systems

Course Description

Take a systematic approach. In Digital Forensics Techniques for Embedded Systems, you will explore the forensic investigation of the combination of traditional workstations, embedded systems, networks, and system busses. The course reviews the similarities and differences between commodity PCs and embedded systems. You will gain knowledge of a wide variety of forensic evidence data sources from all classes of systems, as well methods of data acquisition, evidence extraction, and analysis using a wide variety of tools (both commercial and open-source).

Course Content

EMBEDDED SYSTEMS

  • Embedded systems as cyber-physical systems
  • Embedded systems data sources

DATA CONCEPTS

  • Principles and definitions
  • Data organization and basic types
  • Data structures

EMBEDDED SYSTEMS

  • Digital processing components
  • Memory devices
  • Programming and interfacing with embedded systems
  • Embedded software

DATA ACQUISITION AND PROCESSING

  • Data triage
  • System preservation
  • Data ingest and analysis with autopsy
  • Embedded system instrumentation and acquisition
  • Tools and techniques for embedded data analysis

NETWORKS AND BUSSES

  • Common network and bus types
  • Ethernet
  • USB
  • CAN bus

TRAFFIC ANALYSIS

  • Network traffic analysis
  • Bus traffic analysis
  • RF/wireless traffic analysis

INCIDENT RESPONSE

  • Walk-through of an example Embedded System incident response leveraging all topics previously discussed
Requirements & Materials
Important Information

This course requires completion of an Access Eligibility Form.  Please make sure to read the Course Restrictions section below before registering for this course.

Materials

Provided

  • Laptop to use during class
Course Restrictions

This course is restricted to US citizens who are industrial and/or government employees and complete the Access Eligibility Form. Eligibility questions should be directed to 404-407-6661. Attendees must fax the Access Eligibility Form to 404-407-8691. Laptop computers will not be permitted in the classroom and storage will not be available.

Session Details

  • Georgia Tech Research Institute (GTRI) employees are eligible to receive a discount.  If you are a GTRI employee, please go to the Organizational Development website and look for the coupon code under GT Professional Development. Review coupon instructions for more information.

Who Should Attend

This course is designed for military, law enforcement, and IT professionals responsible for incident response, failure analysis, and digital investigations.

Coding boot camp professional working on laptop

What You Will Learn

  • Digital forensics foundations and disk-based forensics
  • Forensic acquisition and analysis of disk-based systems
  • Forensic acquisition and analysis of embedded systems
  • Network and internal bus traffic forensic analysis
  • Survey of advanced forensic tools and hands-on lab activities
Cybersecurity professional working on computer

How You Will Benefit

  • Conduct forensic data acquisition.
  • Analyze various storage mediums, such as volatile and non-volatile memory, and data sources, such as serial bus and network captures.
  • Investigate simulated embedded system compromises.
  • Demonstrate the ability to conduct an end-to-end digital forensics investigation.
  • Taught by Experts in the Field icon
    Taught by Experts in the Field
  • Grow Your Professional Network icon
    Grow Your Professional Network

The course schedule was well-structured with a mix of lectures, class discussions, and hands-on exercises led by knowledgeable and engaging instructors.

- Abe Kani
President

TRAIN AT YOUR LOCATION

We enable employers to provide specialized, on-location training on their own timetables. Our world-renowned experts can create unique content that meets your employees' specific needs. We also have the ability to deliver courses via web conferencing or on-demand online videos. For 15 or more students, it is more cost-effective for us to come to you.

  • Save Money
  • Flexible Schedule
  • Group Training
  • Customize Content
  • On-Site Training
  • Earn a Certificate
Learn More

Want to learn more about this course?