Embedded Systems Security Practical Methods for Safe and Secure Software and Systems Development

Name: Embedded Systems Security Practical Methods for Safe and Secure Software and Systems Development
Price: 18.29 USD
Availability: InStock
ISBN: 9780123868862

ISBN-10: 0123868866

ISBN-13: 9780123868862

Edition: 2012

Authors: David Kleidermacher, Mike Kleidermacher

List price: $64.95

This item qualifies for FREE shipping.

30 day, 100% satisfaction guarantee!

Buy new: $65.03

Marketplace

3 new & used from $18.29

what's this?

Rush Rewards U
Members Receive:

You have reached 400 XP and carrot coins. That is the daily max!

Description:

The ultimate resource for making embedded systems reliable, safe, and secureEmbedded Systems Security provides:A broad understanding of security principles, concerns, and technologiesProven techniques for the efficient development of safe and secure embedded softwareA study of the system architectures, operating systems and hypervisors, networking, storage, and cryptographic issues that must be considered when designing secure embedded systemsNuggets of practical advice and numerous case studies throughoutWritten by leading authorities in the field with 65 years of embedded security experience: one of the original developers of the world's only Common Criteria EAL 6+ security certified…

Book details

List price: $64.95
Copyright year: 2012
Publisher: Elsevier Science & Technology
Publication date: 4/25/2012
Binding: Paperback
Pages: 416
Size: 7.50" wide x 9.21" long x 1.00" tall
Weight: 2.134
Language: English



Foreword


Preface


Acknowledgements



Introduction to Embedded Systems Security



What is Security?



What is an Embedded System?



Embedded Security Trends



Embedded Systems Complexity



Network Connectivity



Reliance on Embedded Systems for Critical Infrastructure



Sophisticated Attackers



Processor Consolidation



Security Policies



Perfect Security



Confidentiality, Integrity, and Availability



Isolation



Information Flow Control



Physical Security Policies



Apphcation-Specific Policies



Security Threats



Case Study: VxWorks Debug Port Vulnerability



Wrap-up



Key Points



Bibliography and Notes



Systems Software Considerations



The Role of the Operating System



Multiple Independent Levels of Security



Information Flow



Data Isolation



Damage Limitation



Periods Processing



Always Invoked



Tamper Proof



Evaluable



Microkernel versus Monolith



Case Study: The Duqu Virus



Core Embedded Operating System Security Requirements



Memory Protection



Virtual Memory



Fault Recovery



Guaranteed Resources



Virtual Device Drivers



Impact of Determinism



Secure Scheduling



Access Control and Capabilities



Case Study: Secure Web Browser



Granularity versus Simplicity of Access Controls



Whitelists versus Blacklists



Confused Deputy Problem



Capabilities versus Access Control Lists



Capability Confinement and Revocation



Secure Design Using Capabilities



Hypervisors and System Virtualization



Introduction to System Virtualization



Applications of System Virtualization



Environment Sandboxing



Virtual Security Appliances



Hypervisor Architectures



Paravirtualization



Leveraging Hardware Assists for Virtualization



Hypervisor Security



I/O Virtualization



The Need for Shared I/O



Emulation



Pass-through



Shared IOMMU



IOMMUs and Virtual Device Drivers



Secure I/O Virtualization within Microkernels



Remote Management



Security Implications



Assuring Integrity of the TCB



Trusted Hardware and Supply Chain



Secure Boot



Static versus Dynamic Root of Trust



Remote Attestation



Key Points



Bibliography and Notes



Secure Embedded Software Development



Introduction to PHASE-Principles of High-Assurance Software Engineering



Minimal Implementation



Component Architecture



Runtime Componentization



A Note on Processes versus Threads



Least Privilege



Secure Development Process



Change Management



Peer Reviews



Development Tool Security



Secure Coding



Software Testing and Verification



Development Process Efficiency



Independent Expert Validation



Common Criteria



Case Study: Operating System Protection Profiles



Case Study: HAWS-High-Assurance Web Server



Minimal Implementation



Component Architecture



Least Privilege



Secure Development Process



Independent Expert Validation



Model-Driven Design



Introduction to MDD



Executable Models



Modeling Languages



Types of MDD Platforms



Case Study: A Digital Pathology Scanner



Selecting an MDD Platform



Using MDD in Safety-and Security-Critical Systems



Key Points



Bibliography and Notes



Embedded Cryptography



Introduction



U.S. Government Cryptographic Guidance



NSA Suite B



The One-Time Pad



Cryptographic Synchronization



Cryptographic Modes



Output Feedback



Cipher Feedback



OFB with CFB Protection



Traffic Flow Security



Counter Mode



Block Ciphers



Additional Cryptographic Block Cipher Modes



Authenticated Encryption



CCM



Galois Counter Mode



Public Key Cryptography



RSA



Equivalent Key Strength



Trapdoor Construction



Key Agreement



Man-in-the-Middle Attack on Diffie-Hellman



Public Key Authentication



Certificate Types



Elliptic Curve Cryptography



Elliptic Curve Digital Signatures



Elliptic Curve Anonymous Key Agreement



Cryptographic Hashes



Secure Hash Algorithm



MMO



Message Authentication Codes



Random Number Generation



True Random Number Generation



Pseudo-Random Number Generation



Key Management for Embedded Systems



Case Study: The Walker Spy Case



Key Management-Generalized Model



Key Management Case Studies



Cryptographic Certifications



FIPS 140-2 Certification



NSA Certification



Key Points



Bibliography and Notes



Data Protection Protocols for Embedded Systems



Introduction



Data-in-Motion Protocols



Generalized Model



Choosing the Network Layer for Security



Ethernet Security Protocols



BPsec versus SSL



IPsec



SSL/TLS



Embedded VPN Clients



DTLS



SSH



Custom Network Security Protocols



Application of Cryptography within Network Security Protocols



Secure Multimedia Protocols



Broadcast Security



Data-at-Rest Protocols



Choosing the Storage Layer for Security



Symmetric Encryption Algorithm Selection



Managing the Storage Encryption Key



Advanced Threats to Data Encryption Solutions



Key Points



Bibliography and Notes



Emerging Applications



Embedded Network Transactions



Anatomy of a Network Transaction



State of Insecurity



Network-based Transaction Threats



Modern Attempts to Improve Network Transaction Security



Trustworthy Embedded Transaction Architecture



Automotive Security



Vehicular Security Threats and Mitigations



Secure Android



Android Security Retrospective



Android Device Rooting



Mobile Phone Data Protection: A Case Study of Defense-in-Depth



Android Sandboxing Approaches



Next-Generation Software-Defined Radio



Red-Black Separation



Software-Defined Radio Architecture



Enter Linux



Multi-Domain Radio



Key Points



Bibliography and Notes


Index