Embedded Linux Hardening and Firmware Security

While the process of implementing an embedded system is often within reach for numerous use cases, imbuing its design with a strong emphasis on security presents a distinct challenge. In this comprehensive training program, participants will not only gain insight into the nuances of embedded systems but also delve into the intricate realm of secure design practices.

Our aim is to equip attendees with an in-depth understanding of common pitfalls that can compromise security and to empower them with the knowledge needed to circumvent such issues effectively. Through a series of illustrative examples, we will not just introduce various hardening and debugging methods, but we will also elucidate their practical applications, ensuring that participants leave with not only theoretical knowledge but also the practical skills to implement secure embedded systems.

Agenda

• User authentication and administrator access
• Bootloader lock down
• Network security
• Lock down of network services
• Update policy
• Serial port access
• Secure/trusted boot
• Secret storage
• Userspace hardening
• Kernel hardening
• Sandboxing using different methods: seccomp, namespaces, resource control
• Collecting core files
• GDB Tutorial
• Remote debugging with GDB
• Defensive and secure programming guidelines
• Catching kernel logs
• Analyzing kernel errors/crashes
• Watchdog best practices