Engineering Secure Devices: A Practical Guide for Embedded System Architects and Developers

Merli, Dominik

  • 出版商: No Starch Press
  • 出版日期: 2024-07-23
  • 售價: $2,070
  • 貴賓價: 9.5$1,967
  • 語言: 英文
  • 頁數: 288
  • 裝訂: Quality Paper - also called trade paper
  • ISBN: 1718503482
  • ISBN-13: 9781718503489
  • 相關分類: 嵌入式系統
  • 立即出貨 (庫存 < 3)

相關主題

商品描述

This practical guide to building embedded and IoT devices securely is an essential resource for current and future developers tasked with protecting users from the potential threats of these ubiquitous devices.

As an engineer, you know that countless devices--from industrial components to smart household appliances--rely on embedded computer systems. But how do you balance the need for robust security with performance and innovative product design?

Engineering Secure Devices will guide you through crafting secure devices--from protecting crucial assets to the nature of attackers and the risks they pose. You'll explore the technical intricacies and pros and cons of symmetric and asymmetric cryptography and learn how to use and analyze random number generators and cryptographic algorithms. You'll learn how to ensure confidential data storage and secure memory, and devise secure device identity solutions and communication protocols to reinforce system architecture against potential threats. And finally, you'll learn how to properly design secure boot and secure update processes, manage access control, and perform system monitoring to secure IoT devices.

Real-world case studies throughout highlight practical applications, solutions, and obstacles, such as firmware updates with SWUpdate, secure communication with MQTT, and advanced access control with AppArmor.

You'll also dig into topics like:

  • Analyzing the performance of cryptographic implementations in both hardware and software
  • Considerations for secure boot and software update processes to ensure ongoing firmware integrity
  • Designing robust device architectures that withstand attacks while maintaining critical operations
  • Developing strategies to detect and respond to anomalies or security breaches in embedded systems


Whether you're an IoT developer or an embedded system architect, Engineering Secure Devices equips you with the indispensable knowledge to design, secure, and support the next generation of smart devices--from webcams to four-legged robots.

商品描述(中文翻譯)

這本實用指南專為當前和未來的開發人員而設,他們負責保護使用者免受這些無所不在的裝置潛在威脅的影響。作為一名工程師,您知道從工業組件到智能家電等無數設備都依賴於嵌入式電腦系統。但是,如何在保證強大安全性的同時兼顧性能和創新產品設計的需求呢?《安全設備工程》將引導您制定安全設備,從保護重要資產到攻擊者的本質和他們帶來的風險。您將探索對稱和非對稱加密的技術細節和優缺點,並學習如何使用和分析隨機數生成器和加密算法。您將學習如何確保機密數據存儲和安全記憶體,並制定安全設備身份解決方案和通信協議,以加強系統架構對潛在威脅的防範。最後,您將學習如何正確設計安全啟動和安全更新流程,管理訪問控制,並執行系統監控以保護物聯網設備。全書通過實際案例研究突出了實際應用、解決方案和障礙,例如使用SWUpdate進行固件更新、使用MQTT進行安全通信以及使用AppArmor進行高級訪問控制。您還將深入探討以下主題:分析硬體和軟體中加密實現的性能、確保持續固件完整性的安全啟動和軟體更新流程的考慮事項、設計能夠抵禦攻擊並保持關鍵操作的強大設備架構、開發檢測和應對嵌入式系統異常或安全漏洞的策略。無論您是物聯網開發人員還是嵌入式系統架構師,《安全設備工程》都將為您提供不可或缺的知識,以設計、保護和支持下一代智能設備,從網絡攝像頭到四足機器人。

作者簡介

Dominik Merli is a professor of IT Security at the Augsburg Technical University of Applied Sciences, with over a decade of experience in security engineering for industrial, automotive, and semiconductor sectors at companies like Fraunhofer and Siemens. He holds a master's of engineering degree from Ulster University and a doctorate from the Technical University of Munich.

作者簡介(中文翻譯)

Dominik Merli 是奧格斯堡應用科學技術大學的資訊安全教授,擁有超過十年的工業、汽車和半導體領域的安全工程經驗,曾在Fraunhofer和西門子等公司工作。他擁有阿爾斯特大學的工程碩士學位和慕尼黑工業大學的博士學位。