Developing IoT Applications with Embedded Trust & C-Trust
This training introduces the basics of developing embedded applications with security. Reviewing the concepts of identity, the development of a Root of Trust, and the over-arching Security Context Profile, the training examines the practical implementation of security using Embedded Trust, and IAR Embedded Workbench with C-Trust.
Impact of Legislation & Security on IoT Applications
Legislation surrounding connected devices is already present, with governments across the US, EU and Asia Pacific rapidly implementing guidance and best practice. As a founding member of the IoT Security Foundation, a primary contributor to the legislation, this training will examine what is expected and how developers can build resilient systems for today and for the future.
Managing Intellectual Property & Inhibiting Overproduction
The OECD estimates that cloning, counterfeiting and overproduction of goods is a $500 Billion per year industry. The impact on companies of having critical IP stolen, and of having counterfeit goods in their supply chain is massive. Properly implemented security can inhibit all of these challenges, protecting valuable software R&D, and ensuing that services revenues are guarded. This module highlights how security encrypts and manages software through the development and production cycles.
Introduction to IoT Cryptography & Security Practices
This training focuses on the implementation of specific cryptographic requirements for IoT devices, including aspects of symmetric and asymmetric cryptography, key management, certificate struc- tures and basic Public Key Infrastructure. It is ideal for those focusing on the implementation of security into devices, understanding the evolution of security into advanced products with lifecycle management demands.
Implementing the 13 Best Security Practices
The 13 Best Security Practices have been evolved to give clear guidance on the fundamental security requirements for consumer connected devices. These best practices form the framework for the majority of the legislation globally. In this training, we will review how these Best Practices can be applied within IoT device security to provide a robust and sustainable platform for future proof devices.
Embedded Security - Device Authentication
Device authentication is a baseline requirement for all legislative requirements in the IoT domain. However, authentication has many other uses, including how we pair devices from vendors (e.g. power tool and battery pack, or printer and cartridge), and how we closely pair high-value services with specific devices. Device authentication is a broad domain, and this training introduces many of the different use cases and implementation techniques.
Embedded Security - Secure Cloud Onboarding
Connecting devices to cloud services is a rapidly growing requirement. However, the onboarding process is often challenging with multiple stakeholders having to exchange trust as part of formal onboarding process. This training reviews the core requirements for Secure Cloud Onboarding and examines a number of example implementations.
Embedded Security - PKI Techniques
This training is focused on enabling engineers to understand more technical details of Public Key Infrastructure (PKI), and the implementation required for future generation of device authorization and authentication. While many systems can be built today with standard or simple key exchanges, the requirements for a fully operational IoT will require more flexible and robust systems based on PKI techniques.
Custom Design Review
Our Custom Design Review supports a review of the organization’s security requirements and implementation. Starting with a review of the potential risks and threat model, including what requires protect, and from whom, the review then will support the creation of custom Security Context Pro- files to best meet the market need.