Key Topics covered

Covers the core principles of information security and how they apply to modern systems. Participants develop a clear understanding of why cybersecurity is a business risk, not just a technical issue.

Topics include:

• Confidentiality, Integrity, Availability (CIA)
• Threats vs vulnerabilities vs risk
• Common attack vectors (phishing, misconfiguration, credential abuse)
• Human factors in security

Secure Updates

Focuses on ensuring that software updates cannot be tampered with or abused by attackers.

Participants learn:

• Why unsigned updates are a critical risk
• How software signing establishes trust
• The role of hashing, integrity checks, and certificate chains
• Common real-world failures in update mechanisms

Secure Boot

Explains how systems protect themselves from running unauthorized or malicious firmware/software during startup.

Covers:

• Boot chain of trust
• Bootloaders and verification steps
• Secure Boot architecture
• Real-world examples of boot compromise risks

Inter-Microcontroller Communication

Introduces communication channels commonly used in embedded and automotive systems.

Topics include:

• SPI, UART communication risks
• Debug and diagnostic interfaces (JTAG)
• How attackers abuse exposed debug interfaces
• How to design safer interfaces

These topics are especially relevant for organizations working with embedded systems, IoT, automotive, industrial control, and connected products.