x

Our Privacy Policy has changed. By using this site, you agree to the Privacy Policy.

Embedded Systems Security Practical Methods for Safe and Secure Software and Systems Development

ISBN-10: 0123868866
ISBN-13: 9780123868862
Edition: 2012
Buy it from $71.54
eBook available
This item qualifies for FREE shipping

*A minimum purchase of $35 is required. Shipping is provided via FedEx SmartPost® and FedEx Express Saver®. Average delivery time is 1 – 5 business days, but is not guaranteed in that timeframe. Also allow 1 - 2 days for processing. Free shipping is eligible only in the continental United States and excludes Hawaii, Alaska and Puerto Rico. FedEx service marks used by permission."Marketplace" orders are not eligible for free or discounted shipping.

30 day, 100% satisfaction guarantee

If an item you ordered from TextbookRush does not meet your expectations due to an error on our part, simply fill out a return request and then return it by mail within 30 days of ordering it for a full refund of item cost.

Learn more about our returns policy

Description: The ultimate resource for making embedded systems reliable, safe, and secureEmbedded Systems Security provides:A broad understanding of security principles, concerns, and technologiesProven techniques for the efficient development of safe and secure  More...

New Starting from $75.10
eBooks Starting from $64.95
Buy
what's this?
Rush Rewards U
Members Receive:
coins
coins
You have reached 400 XP and carrot coins. That is the daily max!

Study Briefs

Limited time offer: Get the first one free! (?)

All the information you need in one place! Each Study Brief is a summary of one specific subject; facts, figures, and explanations to help you learn faster.

Add to cart
Study Briefs
Periodic Table Online content $4.95 $1.99
Add to cart
Study Briefs
SQL Online content $4.95 $1.99
Add to cart
Study Briefs
MS Excel® 2010 Online content $4.95 $1.99
Add to cart
Study Briefs
MS Word® 2010 Online content $4.95 $1.99

Customers also bought

Loading
Loading
Loading
Loading
Loading
Loading
Loading
Loading
Loading
Loading

Book details

Copyright year: 2012
Publisher: Elsevier Science & Technology Books
Publication date: 3/16/2012
Binding: Paperback
Pages: 416
Size: 7.75" wide x 9.50" long x 1.00" tall
Weight: 1.958
Language: English

The ultimate resource for making embedded systems reliable, safe, and secureEmbedded Systems Security provides:A broad understanding of security principles, concerns, and technologiesProven techniques for the efficient development of safe and secure embedded softwareA study of the system architectures, operating systems and hypervisors, networking, storage, and cryptographic issues that must be considered when designing secure embedded systemsNuggets of practical advice and numerous case studies throughoutWritten by leading authorities in the field with 65 years of embedded security experience: one of the original developers of the world's only Common Criteria EAL 6+ security certified software product and a lead designer of NSA certified cryptographic systems.This book is indispensable for embedded systems and security professionals, new and experienced.An important contribution to the understanding of the security of embedded systems. The Kleidermachers are experts in their field. As the Internet of things becomes reality, this book helps business and technology management as well as engineers understand the importance of "security from scratch." This book, with its examples and key points, can help bring more secure, robust systems to the market.Dr. Joerg Borchert, Vice President, Chip Card & Security, Infineon Technologies North America Corp.; President and Chairman, Trusted Computing GroupEmbedded Systems Security provides real-world examples of risk and exploitation; most importantly the book offers clear insight into methods used to counter vulnerabilities to build true, native security into technology.Adriel Desautels, President and CTO, Netragard, LLC.Security of embedded systems is more important than ever. The growth in networking is just one reason. However, many embedded systems developers have insufficient knowledge of how to achieve security in their systems. David Kleidermacher, a world-renowned expert in this field, shares in this book his knowledge and long experience with other engineers. A very important book at the right time.Prof. Dr.-Ing. Matthias Sturm, Leipzig University of Applied Sciences; Chairman, Embedded World Conference steering boardGain an understanding of the operating systems, microprocessors, and network security critical issues that must be considered when designing secure embedded systemsContains nuggets of practical and simple advice on critical issues highlighted throughout the textShort and to -the- point real case studies included to demonstrate embedded systems security in practice

Foreword
Preface
Acknowledgements
Introduction to Embedded Systems Security
What is Security?
What is an Embedded System?
Embedded Security Trends
Embedded Systems Complexity
Network Connectivity
Reliance on Embedded Systems for Critical Infrastructure
Sophisticated Attackers
Processor Consolidation
Security Policies
Perfect Security
Confidentiality, Integrity, and Availability
Isolation
Information Flow Control
Physical Security Policies
Apphcation-Specific Policies
Security Threats
Case Study: VxWorks Debug Port Vulnerability
Wrap-up
Key Points
Bibliography and Notes
Systems Software Considerations
The Role of the Operating System
Multiple Independent Levels of Security
Information Flow
Data Isolation
Damage Limitation
Periods Processing
Always Invoked
Tamper Proof
Evaluable
Microkernel versus Monolith
Case Study: The Duqu Virus
Core Embedded Operating System Security Requirements
Memory Protection
Virtual Memory
Fault Recovery
Guaranteed Resources
Virtual Device Drivers
Impact of Determinism
Secure Scheduling
Access Control and Capabilities
Case Study: Secure Web Browser
Granularity versus Simplicity of Access Controls
Whitelists versus Blacklists
Confused Deputy Problem
Capabilities versus Access Control Lists
Capability Confinement and Revocation
Secure Design Using Capabilities
Hypervisors and System Virtualization
Introduction to System Virtualization
Applications of System Virtualization
Environment Sandboxing
Virtual Security Appliances
Hypervisor Architectures
Paravirtualization
Leveraging Hardware Assists for Virtualization
Hypervisor Security
I/O Virtualization
The Need for Shared I/O
Emulation
Pass-through
Shared IOMMU
IOMMUs and Virtual Device Drivers
Secure I/O Virtualization within Microkernels
Remote Management
Security Implications
Assuring Integrity of the TCB
Trusted Hardware and Supply Chain
Secure Boot
Static versus Dynamic Root of Trust
Remote Attestation
Key Points
Bibliography and Notes
Secure Embedded Software Development
Introduction to PHASE-Principles of High-Assurance Software Engineering
Minimal Implementation
Component Architecture
Runtime Componentization
A Note on Processes versus Threads
Least Privilege
Secure Development Process
Change Management
Peer Reviews
Development Tool Security
Secure Coding
Software Testing and Verification
Development Process Efficiency
Independent Expert Validation
Common Criteria
Case Study: Operating System Protection Profiles
Case Study: HAWS-High-Assurance Web Server
Minimal Implementation
Component Architecture
Least Privilege
Secure Development Process
Independent Expert Validation
Model-Driven Design
Introduction to MDD
Executable Models
Modeling Languages
Types of MDD Platforms
Case Study: A Digital Pathology Scanner
Selecting an MDD Platform
Using MDD in Safety-and Security-Critical Systems
Key Points
Bibliography and Notes
Embedded Cryptography
Introduction
U.S. Government Cryptographic Guidance
NSA Suite B
The One-Time Pad
Cryptographic Synchronization
Cryptographic Modes
Output Feedback
Cipher Feedback
OFB with CFB Protection
Traffic Flow Security
Counter Mode
Block Ciphers
Additional Cryptographic Block Cipher Modes
Authenticated Encryption
CCM
Galois Counter Mode
Public Key Cryptography
RSA
Equivalent Key Strength
Trapdoor Construction
Key Agreement
Man-in-the-Middle Attack on Diffie-Hellman
Public Key Authentication
Certificate Types
Elliptic Curve Cryptography
Elliptic Curve Digital Signatures
Elliptic Curve Anonymous Key Agreement
Cryptographic Hashes
Secure Hash Algorithm
MMO
Message Authentication Codes
Random Number Generation
True Random Number Generation
Pseudo-Random Number Generation
Key Management for Embedded Systems
Case Study: The Walker Spy Case
Key Management-Generalized Model
Key Management Case Studies
Cryptographic Certifications
FIPS 140-2 Certification
NSA Certification
Key Points
Bibliography and Notes
Data Protection Protocols for Embedded Systems
Introduction
Data-in-Motion Protocols
Generalized Model
Choosing the Network Layer for Security
Ethernet Security Protocols
BPsec versus SSL
IPsec
SSL/TLS
Embedded VPN Clients
DTLS
SSH
Custom Network Security Protocols
Application of Cryptography within Network Security Protocols
Secure Multimedia Protocols
Broadcast Security
Data-at-Rest Protocols
Choosing the Storage Layer for Security
Symmetric Encryption Algorithm Selection
Managing the Storage Encryption Key
Advanced Threats to Data Encryption Solutions
Key Points
Bibliography and Notes
Emerging Applications
Embedded Network Transactions
Anatomy of a Network Transaction
State of Insecurity
Network-based Transaction Threats
Modern Attempts to Improve Network Transaction Security
Trustworthy Embedded Transaction Architecture
Automotive Security
Vehicular Security Threats and Mitigations
Secure Android
Android Security Retrospective
Android Device Rooting
Mobile Phone Data Protection: A Case Study of Defense-in-Depth
Android Sandboxing Approaches
Next-Generation Software-Defined Radio
Red-Black Separation
Software-Defined Radio Architecture
Enter Linux
Multi-Domain Radio
Key Points
Bibliography and Notes
Index

×
Free shipping on orders over $35*

*A minimum purchase of $35 is required. Shipping is provided via FedEx SmartPost® and FedEx Express Saver®. Average delivery time is 1 – 5 business days, but is not guaranteed in that timeframe. Also allow 1 - 2 days for processing. Free shipping is eligible only in the continental United States and excludes Hawaii, Alaska and Puerto Rico. FedEx service marks used by permission."Marketplace" orders are not eligible for free or discounted shipping.

Learn more about the TextbookRush Marketplace.

×