Webinar / 29.09.2022
Embedded Systems Hardening
Security does not stop at embedded components. At the same time, more requirements are being placed on securing IoT and industrial components. Secure configuration and hardening play a special role here.
Hardening and secure configuration of embedded devices based on Linux
In this webinar, together with our partner from Limes Security, we look at how the topic of embedded systems security can be implemented in practice. Security does not stop at embedded components. At the same time, more requirements are being placed on securing IoT and industrial components. Secure configuration and hardening play a special role here.
The presentation will cover topics from embedded security and hardening of embedded systems. From the secure configuration of Uboot, to the handling of debug interfaces (UART, JTAG), to general info on what to look for when using Linux in the embedded area. The goal of embedded systems hardening is to reduce the security risk by eliminating potential attack vectors and condensing the attack surface of the system. Our partner Limes Security discusses the basics necessary to achieve this.
longterm partnership
LIMES Security GmbH
The speaker in the webinar is Gandalf Denk from LIMES Security. Mr. Denk is an experienced IT/OT Security Specialist. His focus is penetration testing of web applications, mobile applications for Android and IoT components. He likes to take the defender perspective in the course of secure development processes according to IEC 62443-4-1 and is a trainer for Secure Development and Security Testing.
Webinar Content:
- introduction
- Debug Interfaces: JTAG, UART and co.
- Cryptography with few resources
- Secure Boot with UBOOT: Problems and Solutions
- Secure Firmware process: Encrypted and signed
Linux:
- Use TLS instead of plain text
- Binary Hardening: Exploit Mitigation (Compile Options)
- OS Hardening: Reduce Kernel features, Ensure secure mount options, Logging, Dedicated users for services, Anti Priv Escalation Things (suid, permission), Secure Access (sshd, per Azure Iot )
target group:
- Product and project manager
- Development Manager
- Security managers
- Managing Director
time & place
- 29 September 2022
- 15:00 to 16:00
- Ginzinger Webinar Room