As a rich operating system environment, Linux provides standard tools to implement robust, and auditable security policies together with many security hardening options.
This course covers security topics and technologies widely used to help secure Embedded Linux systems.
Attendees will learn how teams can manage their security as a top-down process using a secure development lifecycle methodology.
The Yocto build system is used to illustrate how security choices (compiler options, container settings, access control models, etc.) can be implemented at a distribution level.
Linux is also a rich environment for adversaries who are likely to invest time to compromise an embedded Linux target, in order to establish a versatile and persistent presence. To this end the course will also help teams identify and manage common vulnerabilities and exposures (CVEs) through the use of well-known testing and vulnerability assessment tools.
The course also investigates platform security features such as secure boot and trusted execution environments (TEEs) using a QEMU emulator.
The practical side of the training is based around carefully designed exercises, investigating security features and issues for a real embedded system, to reinforce and challenge the extent of learning. These comprise approximately 50% of class time.
If you have specific security application requirements, please contact the Doulos team to discuss your options.
Course Overview Video
Embedded Linux developers and architects working on projects which need to be secure.
“Practical Embedded Linux Security Online” is aimed at electronic hardware, software and system-on-chip engineers who need to gain a working knowledge of the software and operating system security issues affecting Linux based embedded systems.
Please note: this is not a course on bare metal security issues affecting microcontrollers. Delegates wishing to learn more about that topic are recommended to take the Doulos Embedded System Security for C/C++ Developers course.
Attendees should be familiar with and have experience of working with embedded Linux systems, e.g. completion of Developing with Embedded Linux training or equivalent working knowledge.
Specifically, attendees should have:
Attendees should also have knowledge of the C or C++ programming language and embedded system architecture. In particular, a basic level of familiarity with functions, variables, data types, operators, and statements.
The Doulos C Programming for Embedded Systems course provides appropriate preparation for engineers who lack this experience.
Please contact Doulos directly to discuss and assess your specific experience against the pre-requisites.
Doulos training materials are renowned for being the most comprehensive and user-friendly available. Their style, content and coverage are unique in the Embedded Systems training world and have made them sought after resources in their own right. The materials include:
Security and trust • Attack model - threats, vulnerabilities, and exploits • CVEs and CWEs • Software development lifecycle and processes • Embedded System Security
Practicals: Look at the CVEs found in a Yocto build system with cve-check enabled. Find the severity of the vulnerabilities flagged as "unpatched".
Permissions • Filesystem and extended attributes • Process Privileges • Capabilities • Primitive operations • Syscall filtering with seccomp
Practicals: Explore the impact of the GTFOBins binaries when associated with elevated privileges or capabilities. Look at how access control lists can further limit access to files. Experiment with syscall filtering with seccomp.
CWE Top 25 • Stack-based attacks • Improper input validation • Other vulnerabilities and useful tools
Practicals: Investigate several common code vulnerabilities including stack overflows and improper input validation, using tools like GDB to examine the effects. Use the checksec script to analyse compiler options for security.
Basic terminology • Encryption Plain text (P) and Cipher text (C) • Random Number Generators • Cipher modes • Integrity (cryptographic hashes) • Public Key Cryptography • Key exchange protocols • Software Signing
Practicals: Work through the process of sending an encrypted message using a Diffie-Hellman key exchange, monitoring the integrity of the data with a message authentication code.
Kernel and CVE • Kernel hardening • Kernel security features • Extra: SoC security features implementation
Practicals: Test the security status of a kernel using CVE checking and the kconfig-hardened-check script. Use module signing to prevent the loading of a malicious kernel module. If you have time, experiment with the LoadPin LSM to prevent module loading from unauthorised locations.
Access Control (Discretionary, Mandatory) • LSM and MAC in Linux (SMACK,SELinux)
Practicals: First we will use a custom SMACK policy rule to limit access to a file. We next explore how certain SELinux policy rules can be tuned with Boolean values. Finally we extend a targeted policy by building a custom SELinux policy to control accesses for a new application. If you have time, other SELinux exceptions can be found and resolved.
Sandboxing • Namespaces and Cgroups • Characteristics of an Embedded Container • The LXC tools • Creating Containers in Yocto
Practical: Creating and comparing the effectiveness of full containers and application containers, when isolating a vulnerable FTP server.
Secure & measured boot • Trusted execution environments (Trustzone) • Trusted execution environments (OP-TEE) • Arm Trusted Firmware (TF-A) • U-boot hardening configurations
Practicals: Looking at the OP-TEE build system, modify an existing TA to decrement a counter and run it on the QEMU emulator.
Linux Filesystem Integrity Checks – IMA, EVM • Integrity and encryption for block devices (dm-verity, dm-integrity, dm-crypt) • Integrity and encryption for filesystems (fs-verity, fscrypt) • OTA update frameworks
Practical: Experiment with fscrypt to encrypt data on a Linux filesystem. Use fs-verity to detect changes to a file.
Network layers • Netcat and remote shells • Port monitoring and firewalls • TLS • VPN
Practicals: Experiment with different mechanisms for creating VPNs.
Common Criteria • Security Requirement • SDL and Maturity Models • Security Activities/Practices
Practicals: Perform a system wide security audit and look at the results. Use a threat modelling tool to help automate threat reports.
Unit tests and frameworks • Penetration Testing • Binary disassembly tools • Protocol Fuzzing • Intrusion Detection Systems
Practical: Use a network testing tool to detect a network intrusion attack.
For on-site, team-based training, please contact Doulos about tailoring this course to suit your particular hardware and software environment.
Complete an enquiry form and a Doulos representative will get back to you.
Enquiry FormPrice on request