The challenge: Systematically developing and implementing cybersecurity in embedded systems
Embedded systems are used in many fields such as the automotive industry, industrial
automation, or Internet of Things (IoT). As interconnection in networks expands, they are increasingly exposed to cyberattacks. While in the past, it was sufficient to take measures to ensure functional safety, nowadays IT security measures are necessary. To implement suitable IT security measures many different factors must be taken into account. As such, a systematic development methodology is required, for example, SAE-J3061, which is a requirement in the automotive industry. Likewise, there is a demand for information regarding specific requirements (e.g. interactions between safety and security, long-term security) and suitable technical IT security measures.
The solution: Methodical and technical expertise
The participants will become familiarized with a development process for embedded systems, both theoretically and practically, based on a specific application case. Security concepts, procedures and protocols are systematically developed on the basis of typical threats and weaknesses. Different question will be addressed, such as: implementation of lightweight cryptography with appropriate key management; using hardware security concepts such as TPM 2.0; or developing protocols, e.g. for secure over-the-air code updates. Hot topics, such as post-quantum cryptography and its practical feasibility in embedded systems, will also be considered.