About The Hague Security Delta
What's happening in the
Dutch Security Domain?
Riscure has recently partnered with QA Ltd. a key training organization HQ in the United Kingdom which serves major Government and defense communities. This October 28, together we will present and answer questions on designing secure bootloaders. A very key topic when communication and secure computing is critical!
Most embedded devices have strong requirements on the integrity of the code running on the platform. Attackers are finding new ways to compromise these systems and a robust secure boot implementation that ensures the software integrity is considered essential. However, implementing a robust secure boot is a major challenge. Several attacks of widely deployed embedded devices got high profile media attention, exposing manufacturers to lost revenue, liability claims and brand damage.
At Riscure, we have evaluated and advised on over 400 products with bootloaders over the last 15 years. We cover common vulnerabilities such as software for memory corruptions, sensitive information leakage, synchronization and state issues, logical errors in security critical components, etc.. The attacks on the secure boot can include logical, fault injection and side channel attacks, depending on the use case and customer needs. So it’s safe to say, we have seen them in all sizes, shapes and development stages.
We discovered that some mistakes in implementing a secure bootloader are very common. This is not surprising given that up until now there hasn't been any course or book teaching developers how to add security to a bootloader, other than consultation. To save billions of bootloaders from attacks, and help our customers save money from costly redevelopment and reputational damage, we have created an online course showing you how to design a secure bootloader. In this webinar, join the team who created a new course on Designing Secure bootloaders and learn about the most common mistakes we see when designing secure bootloaders.