Description
This training provides an overview of the security domain, its cryptographic building blocks and the security engineering processes that are required to build secure systems. The participants can actively participate in practical exercises to directly apply the training material. The training will be performed by two senior cyber security engineers who actively work in cyber security projects in the areas of medical, automotive, and industrial engineering.
The cyber security seminar provides an overview of what it takes to create secure systems, particularly cryptographic building blocks and security engineering processes. Hands-on exercises serve to reinforce the lessons learned.
Content focus | What does security mean?
- Definition: Safety vs. security
- Why security is important: The intelligent attacker
- Basic terms and objectives
- The “security mindset”
- Definition of security engineering
Basics
- Basics of modern cryptography
- Encryption methods
- Key exchange protocols
- Cryptographic hash functions
- Message Authentication Codes
- Digital signatures
- Management aspects
- Authentication methods
- Certificates and public key infrastructures
Customizable | Regulatory & normative cyber security environment in your industry:
- Automotive: UNECE r155, ISO/SAE 21434
- Medical technology: EU Medical Device Regulation, FDA guidelines, IEC 81001-5-1
- Industry: EU Cyber Resilience Act, EU NIS2, EU RED, IEC 62443
- Mobile machines & off-highway vehicles: EU Cyber Resilience Act, EU NIS2, EU RED, ISO 24882
- Aviation: DO 326 / 356, ED 201-205
The security engineering development process
Introduction to the security engineering development process:
- Risk analysis
- Security concept
- Selection of cryptographic methods
- Implementation
- Secure programming / code analysis
- Penetration tests
Your benefit
This seminar introduces participants to the topic of security, imparting the fundamentals of cyber security and the development process that is security engineering
Target group
The building blocks covered in this training are generic and suitable for engineers from both the IT and embedded domains. Because security across both domains in many scenarios, it is encouraged for both types of engineers to participate.
Requirements
A basic grasp of computer science.
Participants and duration
2 days incl. practical examples and exercises / Up to 12 participants
Price on demand.