Global training solutions for engineers creating the world's electronics products

Practical Embedded Linux Security


COVID-19 Update: View Doulos COVID News Updates »

This course is available Live Online worldwide: View the Live Online full course description »


Standard Level - 4 days

As a rich operating system environment, Linux provides standard tools to implement robust, and auditable security policies together with many security hardening options.

This course covers security topics and technologies widely used to help secure Embedded Linux systems. 

Attendees will learn how teams can manage their security as a top-down process using a secure development lifecycle methodology. 

The Yocto build system is used to illustrate how security choices (compiler options, container settings, access control models, etc.) can be implemented at a distribution level. 

Linux is also a rich environment for adversaries who are likely to invest time to compromise an embedded Linux target, in order to establish a versatile and persistent presence. To this end the course will also help teams identify and manage common vulnerabilities and exposures (CVEs) through the use of well-known testing and vulnerability assessment tools. 

The course also investigates platform security features such as secure boot and trusted execution environments (TEEs) using a QEMU emulator. 

The practical side of the training is based around carefully designed exercises, investigating security features and issues for a real embedded system, to reinforce and challenge the extent of learning. These comprise approximately 50% of class time.

If you have specific security application requirements, please contact the Doulos team to discuss your options.

Who should attend?

Embedded Linux developers, architects, testers working on projects which need to be secure.

Practical Embedded Linux Security Onlineis aimed at electronic hardware, software and system-on-chip engineers who need to gain a working knowledge of the software and operating system security issues affecting Linux based embedded systems.

Please note: this is not a course on bare metal security issues affecting microcontrollers. Delegates wishing to learn more about that topic are recommended to take the Doulos  Embedded System Security for C/C++ Developers course.

What will you learn?
  • Awareness of security tools & frameworks available for configurable embedded Linux systems
  • How to apply isolation using lightweight LXC containers
  • Access control and security policy implementations using an LSM
  • Cryptography principles applied to secure network communications, filesystems and the platform
  • How to use Linux kernel security services and security configurations
  • Secure coding principles and common vulnerabilities
  • How a Secure Development Lifecycle can manage a secure project
Pre-requisites

Attendees should be familiar with and have experience of working with embedded Linux systems, e.g. completion of Developing with Embedded Linux training or equivalent working knowledge.

Specifically, attendees should have:

  • An understanding of the structure of an embedded Linux system and how to work with the component parts
  • Practical information about developing, analyzing and debugging kernel and user space applications using a wide range of freely available Linux tools
  • An understanding of how to configure embedded Linux on a target, including the filesystem and the booting process


Attendees should also have
 knowledge of the C or C++ programming language and embedded system architecture. In particular, a basic level of familiarity with functions, variables, data types, operators, and statements.

The Doulos C Programming for Embedded Systems course provides appropriate preparation for engineers who lack this experience.

Please contact Doulos directly to discuss and assess your specific experience against the pre-requisites.

Training materials

Doulos training materials are renowned for being the most comprehensive and user-friendly available. Their style, content and coverage are unique in the Embedded Systems training world and have made them sought after resources in their own right. The materials include:

  • Fully indexed class notes creating a complete reference manual
  • A downloadable VM image containing lab exercises as well as a fully configurable, Yocto based, distribution for a QEMU emulator.
Structure and Content

Introduction

Security and trust • Attack model - threats, vulnerabilities, and exploits • CVEs and CWEs • Software development lifecycle and processes • Embedded System Security
Practicals: Look at the CVEs found in a Yocto build system with cve-check enabled. Find the severity of the vulnerabilities flagged as "unpatched".


Linux Security

Permissions • Filesystem and extended attributes • Process Privileges • Capabilities • Primitive operations • Syscall filtering with seccomp
Practicals: Explore the impact of the GTFOBins binaries when associated with elevated privileges or capabilities. Look at how access control lists can further limit access to files. Experiment with syscall filtering with seccomp.


Code Vulnerability

CWE Top 25 • Stack-based attacks • Improper input validation • Other vulnerabilities and useful tools
Practicals: Investigate several common code vulnerabilities including stack overflows and improper input validation, using tools like GDB to examine the effects. Use the checksec script to analyse compiler options for security.


Cryptography

Basic terminology • Encryption Plain text (P) and Cipher text (C) • Random Number Generators • Cipher modes • Integrity (cryptographic hashes) • Public Key Cryptography • Key exchange protocols • Software Signing
Practicals: Work through the process of sending an encrypted message using a Diffie-Hellman key exchange, monitoring the integrity of the data with a message authentication code.


Kernel Security

Kernel and CVE • Kernel hardening • Kernel security features • Extra: SoC security features implementation
Practicals: Test the security status of a kernel using CVE checking and the kconfig-hardened-check script. Use module signing to prevent the loading of a malicious kernel module. If you have time, experiment with the LoadPin LSM to prevent module loading from unauthorised locations.


Access Control Models and Mechanisms

Access Control (Discretionary, Mandatory) • LSM and MAC in Linux (SMACK,SELinux)
Practicals: First we will use a custom SMACK policy rule to limit access to a file. We next explore how certain SELinux policy rules can be tuned with Boolean values. Finally we extend a targeted policy by building a custom SELinux policy to control accesses for a new application. If you have time, other SELinux exceptions can be found and resolved.


Containers

Sandboxing • Namespaces and Cgroups • Characteristics of an Embedded Container • The LXC tools • Creating Containers in Yocto
Practical: Creating and comparing the effectiveness of full containers and application containers, when isolating a vulnerable FTP server.


Platform Security

Secure & measured boot • Trusted execution environments (Trustzone) • Trusted execution environments (OP-TEE) • Arm Trusted Firmware (TF-A) • U-boot hardening configurations
Practicals: Looking at the OP-TEE build system, modify an existing TA to decrement a counter and run it on the QEMU emulator.


Filesystem Integrity and Updates

Linux Filesystem Integrity Checks – IMA, EVM • Integrity and encryption for block devices (dm-verity, dm-integrity, dm-crypt) • Integrity and encryption for filesystems (fs-verity, fscrypt) • OTA update frameworks
Practical: Experiment with fscrypt to encrypt data on a Linux filesystem. Use fs-verity to detect changes to a file.


Network Security

Network layers • Netcat and remote shells • Port monitoring and firewalls • TLS • VPN
Practicals: Experiment with different mechanisms for creating VPNs.


Security Development Process

Common Criteria • Security Requirement • SDL and Maturity Models • Security Activities/Practices
Practicals: Perform a system wide security audit and look at the results. Use a threat modelling tool to help automate threat reports.


Testing & Monitoring

Unit tests and frameworks • Penetration Testing • Binary disassembly tools • Protocol Fuzzing • Intrusion Detection Systems
Practical: Use a network testing tool to detect a network intrusion attack.

 

For on-site, team-based training, please contact Doulos about tailoring this course to suit your particular hardware and software environment.

Course Dates

17 Jan 2022 Ringwood, UK Enquire

Looking for team-based training, or other locations?

Complete an enquiry form and a Doulos representative will get back to you.

Enquiry FormPrice on request

Next dates for this course