Tags:





Advertise here: Contact FM.


Security training for embedded developers?
February 9, 2009 11:04 AM   RSS feed for this thread Subscribe

What's a good security course for embedded developers?

The folks at the top say we need "security training". The server guys are taking a course in SQL injection, ASP.NET stuff, etc. I'd rather get my embedded guys something more, well, embedded-specific. I'm thinking a refresher on basics of cryptography, network security, specific protocols, etc. and maybe some "code practices greatest hits". A short two-day course is the target. Does anyone have a recommendation for either online/onsite training that might fit the bill?
posted by RobotVoodooPower to computers & internet (4 comments total) 1 user marked this as a favorite
Read Security Engineering: A Guide to Building Dependable Distributed Systems, 2nd Edition.
posted by pdxpatzer at 11:34 AM on February 9


What platforms do they develop for? Frequently with embedded software on phones or PDAs, for example, the manufacturer will offer platform-specific security training.
posted by doteatop at 11:36 AM on February 9


doteatop, we develop against Windows CE and Linux. I'd like to remain platform-agnostic if possible, because my main goal is not to teach specific API behaviors but to satisfy the PHBs at my company while at the same time getting the developers excited about learning something new.
posted by RobotVoodooPower at 12:01 PM on February 9


I can strongly recommend Fortify's training, and Cigital is highly spoken of as well.

Your developers might also appreciate putting into place some form of automation to check for memory management bugs, etc, during the build. If you have flexibility in your spending, maybe you can check out some affordable static analysis tools or fuzzer suites, and look for training more specific to those. I personally love build automation and this would get me really excited (management never or rarely expresses interest in these kinds of solutions).

For books, in addition to the above I can recommend:

posted by doteatop at 2:51 PM on February 9


« Older Can somebody help me identify ...   |   Mr. Uauagè and I are going for... Newer »

You are not logged in, either login or create an account to post comments