Embedded Security Tools and Techniques: Hands-on Assessment Exercises
Embedded computing systems are prolific in modern society and increasingly used in applications ranging from consumer products (e.g., mobile devices, wearables, smart appliances) to industrial and military systems (e.g., process control, mobile or field units). Growing dependence on self-driving transportation systems, smart city infrastructure, and other Internet of Things (IoT) devices further highlights the need for security and trust in these systems and the data they provide. Sophisticated attacks such as Stuxnet and Aurora have demonstrated the powerful implications of penetrating such systems and the need for protections at computing leaf nodes. Yet, embedded security lags behind that of general-purpose/traditional IT computing due to numerous factors such as the use of heterogeneous architectures, proprietary algorithms and protocols, resource constraints, and poor design practices.
The primary objective of this course is to learn tools and techniques to identify and mitigate cyber-security threats to embedded systems. The course is a series of hands-on labs (exercises) supplemented by a relatively small amount of lecture material. While working with real embedded system platforms, participants will learn how to instrument and test systems to obtain information. Participants will then learn how to perform functional and vulnerability analysis on embedded binaries, firmware, software, communications, etc., using static and dynamic methods. Secure design practices and mitigating strategies will be discussed to deter adversaries from applying similar methods to tamper with or steal designs. Participants will demonstrate their newly developed skillset on a capstone project involving assessment of a real embedded system.
This course is restricted to US citizens who are industrial and/or government employees and complete the Access Eligibility Form. Eligibility questions should be directed to 404-407-6661. Attendees must fax the Access Eligibility Form to 404-407-8691. Laptop computers will not be permitted in the classroom and storage will not be available.
Contract Only Course
This course is available for contract only. Please fill out this form if you are interested in this offering.
Familiarity with a Linux operating system, embedded microelectronics, binary and hexadecimal number formats
Who Should Attend
System Developers, Hardware or Software Designers, Security or Information Assurance Evaluators, Program Managers
How You Will Benefit
Understand embedded systems components, architectures, features, design, and constraints
Learn test and instrumentation techniques and tools
Identify weaknesses and potential vulnerabilities in embedded designs
Learn defensive practices to protect embedded designs
Obtain hands-on experience with real embedded platforms
Overview of embedded systems
Test and instrumentation of embedded systems
Analysis of embedded data, firmware, software, and communications
Vulnerability identification and mitigation
Hands-on exercises with real embedded platforms
Hard copy of presentation/lab instruction materials
Partner with Georgia Tech to hire a veteran. As a partner, the Georgia Tech program will train military members in areas that directly translate to their job duties.
Georgia Tech Professional Education allows working professionals and industry partners to access the expertise of a world-renowned technological research university. As an academic division of the Georgia Institute of Technology, we embrace the Georgia Tech values of integrity, excellence, impact, and innovation. These values drive every aspect of our programs.