Submit Search
Upload
6 martin heininger - security in embedded systems - the upcoming challenge
•
0 likes
•
241 views
I
Ievgenii Katsan
Follow
martin heininger - security in embedded systems - the upcoming challenge
Read less
Read more
Technology
Report
Share
Report
Share
1 of 20
Download now
Download to read offline
Recommended
Security policy and standards
Security policy and standards
Wilson Musyoka
Ch.5 rq (1)
Ch.5 rq (1)
anthnydvs
I-CERT
I-CERT
Syed Ahmad Raza
ADDRESSING CORPORATE CONCERNS
ADDRESSING CORPORATE CONCERNS
zohaibqadir
ISO 27001 Certification in Dubai
ISO 27001 Certification in Dubai
Mike Walker
Security and personnel
Security and personnel
Dhani Ahmad
Isms awareness training
Isms awareness training
SAROJ BEHERA
AI for Resilient Infrastructures
AI for Resilient Infrastructures
ADTELLIGENCE GmbH
Recommended
Security policy and standards
Security policy and standards
Wilson Musyoka
Ch.5 rq (1)
Ch.5 rq (1)
anthnydvs
I-CERT
I-CERT
Syed Ahmad Raza
ADDRESSING CORPORATE CONCERNS
ADDRESSING CORPORATE CONCERNS
zohaibqadir
ISO 27001 Certification in Dubai
ISO 27001 Certification in Dubai
Mike Walker
Security and personnel
Security and personnel
Dhani Ahmad
Isms awareness training
Isms awareness training
SAROJ BEHERA
AI for Resilient Infrastructures
AI for Resilient Infrastructures
ADTELLIGENCE GmbH
ISO 27001 2013 isms final overview
ISO 27001 2013 isms final overview
Naresh Rao
Information Assurance And Security - Chapter 1 - Lesson 4
Information Assurance And Security - Chapter 1 - Lesson 4
MLG College of Learning, Inc
ISO 27001 - Information Security Management System
ISO 27001 - Information Security Management System
Muhammad Faisal Naqvi, CISSP, CISA, AMBCI, ITIL, ISMS LA n Master
Structure of iso 27001
Structure of iso 27001
CUNIX INDIA
Cybersecurity - How to Protect your Organisation from Cybersecurity Threats
Cybersecurity - How to Protect your Organisation from Cybersecurity Threats
Craig Thornton
Iso27001 Isaca Seminar (23 May 08)
Iso27001 Isaca Seminar (23 May 08)
samsontamwaiho
NQA - ISO 27001 Implementation Guide
NQA - ISO 27001 Implementation Guide
NA Putra
Webinar: Is It Time to Upgrade Your Endpoint Data Strategy?
Webinar: Is It Time to Upgrade Your Endpoint Data Strategy?
Storage Switzerland
CMMC, ISO/IEC 27001, ISO/IEC 27032, and NIST – What You Need to Know
CMMC, ISO/IEC 27001, ISO/IEC 27032, and NIST – What You Need to Know
PECB
eGestalt Announces Next Generation Security Posture Management with Aegify
eGestalt Announces Next Generation Security Posture Management with Aegify
flashnewsrelease
Lesson 1- Information Policy
Lesson 1- Information Policy
MLG College of Learning, Inc
Specialized education for DPO and GDPR professionals
Specialized education for DPO and GDPR professionals
Georges Ataya
Privacy & security in heath care it
Privacy & security in heath care it
Dhani Ahmad
ISO 27001 Training | ISO 27001 Implementation
ISO 27001 Training | ISO 27001 Implementation
himalya sharma
Isms Implementer Course Module 1 Introduction To Information Security
Isms Implementer Course Module 1 Introduction To Information Security
anilchip
Galactic Security Systems - Who Owns OT Security Anyway?
Galactic Security Systems - Who Owns OT Security Anyway?
Fairuz Rafique
How to implement a robust information security management system?
How to implement a robust information security management system?
ESET
Flipping the Script & Changing the Game in Cyber
Flipping the Script & Changing the Game in Cyber
scoopnewsgroup
Hima cyber security
Hima cyber security
ie-net ingenieursvereniging vzw
Hardening as a Part of a holistic Security Strategy (UPDATE)
Hardening as a Part of a holistic Security Strategy (UPDATE)
NoCodeHardening
Hardening as Part of a holistic Security Strategy
Hardening as Part of a holistic Security Strategy
NoCodeHardening
The Charter of Trust
The Charter of Trust
DefCamp
More Related Content
What's hot
ISO 27001 2013 isms final overview
ISO 27001 2013 isms final overview
Naresh Rao
Information Assurance And Security - Chapter 1 - Lesson 4
Information Assurance And Security - Chapter 1 - Lesson 4
MLG College of Learning, Inc
ISO 27001 - Information Security Management System
ISO 27001 - Information Security Management System
Muhammad Faisal Naqvi, CISSP, CISA, AMBCI, ITIL, ISMS LA n Master
Structure of iso 27001
Structure of iso 27001
CUNIX INDIA
Cybersecurity - How to Protect your Organisation from Cybersecurity Threats
Cybersecurity - How to Protect your Organisation from Cybersecurity Threats
Craig Thornton
Iso27001 Isaca Seminar (23 May 08)
Iso27001 Isaca Seminar (23 May 08)
samsontamwaiho
NQA - ISO 27001 Implementation Guide
NQA - ISO 27001 Implementation Guide
NA Putra
Webinar: Is It Time to Upgrade Your Endpoint Data Strategy?
Webinar: Is It Time to Upgrade Your Endpoint Data Strategy?
Storage Switzerland
CMMC, ISO/IEC 27001, ISO/IEC 27032, and NIST – What You Need to Know
CMMC, ISO/IEC 27001, ISO/IEC 27032, and NIST – What You Need to Know
PECB
eGestalt Announces Next Generation Security Posture Management with Aegify
eGestalt Announces Next Generation Security Posture Management with Aegify
flashnewsrelease
Lesson 1- Information Policy
Lesson 1- Information Policy
MLG College of Learning, Inc
Specialized education for DPO and GDPR professionals
Specialized education for DPO and GDPR professionals
Georges Ataya
Privacy & security in heath care it
Privacy & security in heath care it
Dhani Ahmad
ISO 27001 Training | ISO 27001 Implementation
ISO 27001 Training | ISO 27001 Implementation
himalya sharma
Isms Implementer Course Module 1 Introduction To Information Security
Isms Implementer Course Module 1 Introduction To Information Security
anilchip
Galactic Security Systems - Who Owns OT Security Anyway?
Galactic Security Systems - Who Owns OT Security Anyway?
Fairuz Rafique
How to implement a robust information security management system?
How to implement a robust information security management system?
ESET
Flipping the Script & Changing the Game in Cyber
Flipping the Script & Changing the Game in Cyber
scoopnewsgroup
What's hot
(18)
ISO 27001 2013 isms final overview
ISO 27001 2013 isms final overview
Information Assurance And Security - Chapter 1 - Lesson 4
Information Assurance And Security - Chapter 1 - Lesson 4
ISO 27001 - Information Security Management System
ISO 27001 - Information Security Management System
Structure of iso 27001
Structure of iso 27001
Cybersecurity - How to Protect your Organisation from Cybersecurity Threats
Cybersecurity - How to Protect your Organisation from Cybersecurity Threats
Iso27001 Isaca Seminar (23 May 08)
Iso27001 Isaca Seminar (23 May 08)
NQA - ISO 27001 Implementation Guide
NQA - ISO 27001 Implementation Guide
Webinar: Is It Time to Upgrade Your Endpoint Data Strategy?
Webinar: Is It Time to Upgrade Your Endpoint Data Strategy?
CMMC, ISO/IEC 27001, ISO/IEC 27032, and NIST – What You Need to Know
CMMC, ISO/IEC 27001, ISO/IEC 27032, and NIST – What You Need to Know
eGestalt Announces Next Generation Security Posture Management with Aegify
eGestalt Announces Next Generation Security Posture Management with Aegify
Lesson 1- Information Policy
Lesson 1- Information Policy
Specialized education for DPO and GDPR professionals
Specialized education for DPO and GDPR professionals
Privacy & security in heath care it
Privacy & security in heath care it
ISO 27001 Training | ISO 27001 Implementation
ISO 27001 Training | ISO 27001 Implementation
Isms Implementer Course Module 1 Introduction To Information Security
Isms Implementer Course Module 1 Introduction To Information Security
Galactic Security Systems - Who Owns OT Security Anyway?
Galactic Security Systems - Who Owns OT Security Anyway?
How to implement a robust information security management system?
How to implement a robust information security management system?
Flipping the Script & Changing the Game in Cyber
Flipping the Script & Changing the Game in Cyber
Similar to 6 martin heininger - security in embedded systems - the upcoming challenge
Hima cyber security
Hima cyber security
ie-net ingenieursvereniging vzw
Hardening as a Part of a holistic Security Strategy (UPDATE)
Hardening as a Part of a holistic Security Strategy (UPDATE)
NoCodeHardening
Hardening as Part of a holistic Security Strategy
Hardening as Part of a holistic Security Strategy
NoCodeHardening
The Charter of Trust
The Charter of Trust
DefCamp
Medtec - Cyber-security Challenges on the Horizon
Medtec - Cyber-security Challenges on the Horizon
team-WIBU
Make things come alive in a secure way - Sigfox
Make things come alive in a secure way - Sigfox
Sigfox
102 Information security standards and specifications
102 Information security standards and specifications
SsendiSamuel
Infosec russia cnemeth_v1.2.ppt
Infosec russia cnemeth_v1.2.ppt
Christophe Németh (CISSP / CISM)
GoSecure
GoSecure
Nitesh Kulkarni
Khas bank isms 3 s
Khas bank isms 3 s
Khaltar Togtuun
SOC, Amore Mio! | Security Webinar
SOC, Amore Mio! | Security Webinar
Splunk
2018 06 Presentation Cloudguard IaaS de Checkpoint
2018 06 Presentation Cloudguard IaaS de Checkpoint
e-Xpert Solutions SA
Reports on Industrial Control Systems’ Cyber Security
Reports on Industrial Control Systems’ Cyber Security
A. V. Rajabahadur
How to implement security compliance with SanerNow
How to implement security compliance with SanerNow
SecPod
111.pptx
111.pptx
JESUNPK
ISO/IEC 27001.pdf
ISO/IEC 27001.pdf
LiiewaOfficial
Secure Software Development Lifecycle
Secure Software Development Lifecycle
1&1
ISO/IEC 27001 & ISO/IEC 27002:2022: What you need to know
ISO/IEC 27001 & ISO/IEC 27002:2022: What you need to know
PECB
Security as an Accelerator for Cloud Adoption
Security as an Accelerator for Cloud Adoption
MarketingArrowECS_CZ
How to Achieve Functional Safety in Safety-Citical Embedded Systems
How to Achieve Functional Safety in Safety-Citical Embedded Systems
evatjohnson
Similar to 6 martin heininger - security in embedded systems - the upcoming challenge
(20)
Hima cyber security
Hima cyber security
Hardening as a Part of a holistic Security Strategy (UPDATE)
Hardening as a Part of a holistic Security Strategy (UPDATE)
Hardening as Part of a holistic Security Strategy
Hardening as Part of a holistic Security Strategy
The Charter of Trust
The Charter of Trust
Medtec - Cyber-security Challenges on the Horizon
Medtec - Cyber-security Challenges on the Horizon
Make things come alive in a secure way - Sigfox
Make things come alive in a secure way - Sigfox
102 Information security standards and specifications
102 Information security standards and specifications
Infosec russia cnemeth_v1.2.ppt
Infosec russia cnemeth_v1.2.ppt
GoSecure
GoSecure
Khas bank isms 3 s
Khas bank isms 3 s
SOC, Amore Mio! | Security Webinar
SOC, Amore Mio! | Security Webinar
2018 06 Presentation Cloudguard IaaS de Checkpoint
2018 06 Presentation Cloudguard IaaS de Checkpoint
Reports on Industrial Control Systems’ Cyber Security
Reports on Industrial Control Systems’ Cyber Security
How to implement security compliance with SanerNow
How to implement security compliance with SanerNow
111.pptx
111.pptx
ISO/IEC 27001.pdf
ISO/IEC 27001.pdf
Secure Software Development Lifecycle
Secure Software Development Lifecycle
ISO/IEC 27001 & ISO/IEC 27002:2022: What you need to know
ISO/IEC 27001 & ISO/IEC 27002:2022: What you need to know
Security as an Accelerator for Cloud Adoption
Security as an Accelerator for Cloud Adoption
How to Achieve Functional Safety in Safety-Citical Embedded Systems
How to Achieve Functional Safety in Safety-Citical Embedded Systems
More from Ievgenii Katsan
8 andrew kalyuzhin - 30 ux-advices, that will make users love you
8 andrew kalyuzhin - 30 ux-advices, that will make users love you
Ievgenii Katsan
5 hans van loenhoud - master-class the 7 skills of highly successful teams
5 hans van loenhoud - master-class the 7 skills of highly successful teams
Ievgenii Katsan
4 alexey orlov - life of product in startup and enterprise
4 alexey orlov - life of product in startup and enterprise
Ievgenii Katsan
3 dmitry gomeniuk - how to make data-driven decisions in saa s products
3 dmitry gomeniuk - how to make data-driven decisions in saa s products
Ievgenii Katsan
7 hans van loenhoud - the problem-goal-solution trinity
7 hans van loenhoud - the problem-goal-solution trinity
Ievgenii Katsan
1 hans van loenhoud -
1 hans van loenhoud -
Ievgenii Katsan
3 denys gobov - change request specification the knowledge base or the task...
3 denys gobov - change request specification the knowledge base or the task...
Ievgenii Katsan
5 victoria cupet - learn to play business analysis
5 victoria cupet - learn to play business analysis
Ievgenii Katsan
5 alina petrenko - key requirements elicitation during the first contact wi...
5 alina petrenko - key requirements elicitation during the first contact wi...
Ievgenii Katsan
3 karabak kuyavets transformation of business analyst to product owner
3 karabak kuyavets transformation of business analyst to product owner
Ievgenii Katsan
4 andrii melnykov - stakeholder management for pd ms and b-as and why it is...
4 andrii melnykov - stakeholder management for pd ms and b-as and why it is...
Ievgenii Katsan
3 zornitsa nikolova - the product manager between decision making and facil...
3 zornitsa nikolova - the product manager between decision making and facil...
Ievgenii Katsan
4 viktoriya gudym - how to effectively manage remote employees
4 viktoriya gudym - how to effectively manage remote employees
Ievgenii Katsan
9 natali renska - product and outsource development, how to cook 2 meals in...
9 natali renska - product and outsource development, how to cook 2 meals in...
Ievgenii Katsan
7 denis parkhomenko - from idea to execution how to make a product that cus...
7 denis parkhomenko - from idea to execution how to make a product that cus...
Ievgenii Katsan
6 anton vitiaz - inside the mvp in 3 days
6 anton vitiaz - inside the mvp in 3 days
Ievgenii Katsan
5 mariya popova - ideal product management. unicorns in our reality
5 mariya popova - ideal product management. unicorns in our reality
Ievgenii Katsan
2 victor podzubanov - design thinking game
2 victor podzubanov - design thinking game
Ievgenii Katsan
3 sergiy potapov - analyst to product owner
3 sergiy potapov - analyst to product owner
Ievgenii Katsan
4 anton parkhomenko - how to make effective user research with no budget at...
4 anton parkhomenko - how to make effective user research with no budget at...
Ievgenii Katsan
More from Ievgenii Katsan
(20)
8 andrew kalyuzhin - 30 ux-advices, that will make users love you
8 andrew kalyuzhin - 30 ux-advices, that will make users love you
5 hans van loenhoud - master-class the 7 skills of highly successful teams
5 hans van loenhoud - master-class the 7 skills of highly successful teams
4 alexey orlov - life of product in startup and enterprise
4 alexey orlov - life of product in startup and enterprise
3 dmitry gomeniuk - how to make data-driven decisions in saa s products
3 dmitry gomeniuk - how to make data-driven decisions in saa s products
7 hans van loenhoud - the problem-goal-solution trinity
7 hans van loenhoud - the problem-goal-solution trinity
1 hans van loenhoud -
1 hans van loenhoud -
3 denys gobov - change request specification the knowledge base or the task...
3 denys gobov - change request specification the knowledge base or the task...
5 victoria cupet - learn to play business analysis
5 victoria cupet - learn to play business analysis
5 alina petrenko - key requirements elicitation during the first contact wi...
5 alina petrenko - key requirements elicitation during the first contact wi...
3 karabak kuyavets transformation of business analyst to product owner
3 karabak kuyavets transformation of business analyst to product owner
4 andrii melnykov - stakeholder management for pd ms and b-as and why it is...
4 andrii melnykov - stakeholder management for pd ms and b-as and why it is...
3 zornitsa nikolova - the product manager between decision making and facil...
3 zornitsa nikolova - the product manager between decision making and facil...
4 viktoriya gudym - how to effectively manage remote employees
4 viktoriya gudym - how to effectively manage remote employees
9 natali renska - product and outsource development, how to cook 2 meals in...
9 natali renska - product and outsource development, how to cook 2 meals in...
7 denis parkhomenko - from idea to execution how to make a product that cus...
7 denis parkhomenko - from idea to execution how to make a product that cus...
6 anton vitiaz - inside the mvp in 3 days
6 anton vitiaz - inside the mvp in 3 days
5 mariya popova - ideal product management. unicorns in our reality
5 mariya popova - ideal product management. unicorns in our reality
2 victor podzubanov - design thinking game
2 victor podzubanov - design thinking game
3 sergiy potapov - analyst to product owner
3 sergiy potapov - analyst to product owner
4 anton parkhomenko - how to make effective user research with no budget at...
4 anton parkhomenko - how to make effective user research with no budget at...
Recently uploaded
FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024
The Digital Insurer
Architecting Cloud Native Applications
Architecting Cloud Native Applications
WSO2
Exploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with Milvus
Zilliz
Corporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptx
Rustici Software
Spring Boot vs Quarkus the ultimate battle - DevoxxUK
Spring Boot vs Quarkus the ultimate battle - DevoxxUK
Jago de Vreede
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Victor Rentea
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
Zilliz
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Edi Saputra
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
apidays
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire business
panagenda
Cyberprint. Dark Pink Apt Group [EN].pdf
Cyberprint. Dark Pink Apt Group [EN].pdf
Overkill Security
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Jeffrey Haguewood
Artificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : Uncertainty
Khushali Kathiriya
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
MadyBayot
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
sudhanshuwaghmare1
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a Fresher
Remote DBA Services
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
apidays
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Safe Software
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Angeliki Cooney
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
The Digital Insurer
Recently uploaded
(20)
FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024
Architecting Cloud Native Applications
Architecting Cloud Native Applications
Exploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with Milvus
Corporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptx
Spring Boot vs Quarkus the ultimate battle - DevoxxUK
Spring Boot vs Quarkus the ultimate battle - DevoxxUK
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire business
Cyberprint. Dark Pink Apt Group [EN].pdf
Cyberprint. Dark Pink Apt Group [EN].pdf
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Artificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : Uncertainty
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a Fresher
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
6 martin heininger - security in embedded systems - the upcoming challenge
1.
1© HEICON –
Global Engineering GmbH HEICON Global Engineering GmbH Kreuzweg 22, 88477 Schwendi Internet: www.heicon-ulm.de Blog: http://blog.heicon-ulm.de Security in Embedded Systems – The upcoming challenge
2.
2© HEICON –
Global Engineering GmbH HEICON is a specialized engineering company which provides consulting- and development support with a focus on software-based embedded systems. The efficient implementation of methods and processes is the area of our engagement. Founding: 2018 Headquarter: South of Germany (Memmingen) Membership: Employees: 1 Legal form: GmbH Revenue Distribution: HEICON 71% 72% 39% 16% 23% 20% 28% 36% 35% 6% 18% 14% 4% 3% 10% 11% 19% 1% 2% 8% 19% 18% 2% 8% 4% 5% 7% 0% 10% 20% 30% 40% 50% 60% 70% 80% 90% 100% 2013 2014 2015 2016 2017 Other Sectors Military Space Railway Industrial Automation Automotive Aerospace
3.
3© HEICON –
Global Engineering GmbH HEICON Aero- space Auto- motive Railway Industry Defence Agri- culture HEICON - Starter HEICON - Consulting HEICON - Services HEICON - Training HEICON - Webinars
4.
4© HEICON –
Global Engineering GmbH Current situation on Industry Standards and Norms Solution approaches Megatrends – Security Contact
5.
5© HEICON –
Global Engineering GmbH Megatrends - Security
6.
6© HEICON –
Global Engineering GmbH Megatrends - Security
7.
7© HEICON –
Global Engineering GmbH Massive interconnection of previously independent embedded systems Enabling malicious attacks on almost all existing embedded systems Functional Safety relevant Products have to be made secure Embedded systems have to be made secure against external attacks Megatrends - Security
8.
8© HEICON –
Global Engineering GmbH Some futuristic (?) scenarios: Mass shutdown of private household heating systems by attacking software systems from market leaders Malicious remote control of highly automated cars Collapse of the electricity supply in Europe due to deliberate wrong connection and disconnection of large power plants or consumers Damage to health through intentional wrong control of medical devices Remote-controlled crash of aircrafts Megatrends - Security
9.
9© HEICON –
Global Engineering GmbH Megatrends - Security Attack scenarios Denial of Service Men in the Middle
10.
10© HEICON –
Global Engineering GmbH Current situation on Industry Standards and Norms Solution approaches Megatrends – Security Contact
11.
11© HEICON –
Global Engineering GmbH Current situation on Standards and Norms Federal Office for Information Security Act: German Federal Office for Information Security developed a procedure for identifying and implementing security measures of the company's own information technology (IT). The aim of basic protection is to achieve an adequate level of protection for IT systems; The basic IT protection catalogues recommend technical security measures and infrastructural, organizational and personnel protection measures.
12.
12© HEICON –
Global Engineering GmbH Current situation on Standards and Norms ISO 27001: Definition of security requirements and objectives for information security Cost-efficient management of security risks Ensuring compliance with laws and regulations Process framework for the implementation and management of measures to ensure specific information security objectives Definition of new information security management processes For auditors to determine the degree of implementation of guidelines and standards
13.
13© HEICON –
Global Engineering GmbH Terminology, concepts and models Master glossary of terms and abbreviations System security compliance metrics IACS security lifecycle and use-case 1-1 1-2 1-3 1-4 Req. for an IACS security mgt system Implement. guid- ance for an IACS security mgt syst. Patch manage- ment in the IACS environment Installation and maintenance req. for IACS suppliers 2-1 2-2 2-3 2-4 Security technologies for IACS Security risk assessment and system design System sec req. and security levels 3-1 3-2 3-3 Technical security req. for IACS components 4-2 General Policy and Procedures System Component Product development requirements 4-1 Current situation on Standards and Norms IEC62443:
14.
14© HEICON –
Global Engineering GmbH Current situation on Industry Standards and Norms Solution approaches Megatrends – Security Contact
15.
15© HEICON –
Global Engineering GmbH Solution approaches Security Safety Security Analyse Security Plan Design Security into the systems Minimize systematic failure Hazardous and Risk Analysis Safety Plan Design Safety into the System Minimize systematic failure
16.
16© HEICON –
Global Engineering GmbH Solution approaches Security Security Analyse rather difficult as systems to be analysed are not fixed Security Plan Open point how much effort should be spent as much more dynamic is there compared to safety Design Security into the systems Probably the most important point Minimize systematic failure Probably also very important
17.
17© HEICON –
Global Engineering GmbH Solution approaches Security Design Security into the systems: Examples Avoid back door attacks by making the RTOS interfaces secure Limit the times when embedded system is online Use the IT-Security mechanisms to make your Embedded System secure Create technical mechanisms to speed up security updates for you Embedded Systems (Functional Saftey constraints have to be solved)
18.
18© HEICON –
Global Engineering GmbH Solution approaches Security Minimize systematic failure: Example Use Security Coding guidelines (e.g. MISRA Security guidelines) Specify your system by professional requirements including the Security aspects Do systematic and professional security testing
19.
19© HEICON –
Global Engineering GmbH Solution approaches Defense in depth strategy Security Guidelines Security Require- mentsSecurity V&V Testing Security By design Security Imple- mentation Security Management Defense in depth strategy
20.
20© HEICON –
Global Engineering GmbH Contact - Publications Contact: HEICON – Global Engineering GmbH Martin Heininger Dipl.-Ing(FH) Kreuzweg 22 D-88477 Schwendi Tel.: +49 7353 - 98 17 81 Mobil: +49 176 - 24 73 99 60 martin.heininger@heicon-ulm.de http://www.heicon-ulm.de Publications: Testing power electronics according ISO26262, ATZ 04/15 Monthly: Blog article about Functional Safety Topics: http://blog.heicon- ulm.de
Download now