Cover coming soon

Engineering Secure Devices

by Dominik Merli
June 2024, 288 pp.
ISBN-13: 
9781718503489
Use coupon code PREORDER to get 25% off!

Download Chapter 6: Secure Device Identity

With the rise of the Internet of Things (IoT) and the increased connectivity of smart devices that rely on an embedded computer system at their core, the need for affordable yet effective security measures is higher than ever. This book takes you on a tour through the jungle of potential risks and protection measures, as well as the reasoning behind them, and practical implementation examples.

Based on hands-on experience and recent research insights, the journey starts with the basics for a secure development process and summarizes the cryptographic essentials relevant for practical security engineering. Next you'll explore embedded security building blocks like random number generators, implementations options for cryptographic algorithms, secure data storage, unique device identities, and protected communication channels. Later chapters cover advanced device concepts like secure boot and firmware update processes, access control management, and system monitoring. Several case studies throughout will bridge the gap between theory and real-world practices, demonstrating the advantages—or disadvantages—of different implementations.

Author Bio 

Dominik Merli is a professor for IT security at the Augsburg Technical University of Applied Sciences, with more than a decade of experience in security engineering research and the implementation of practical protection measures. His research on embedded systems' security for industrial, automotive, and semiconductor companies led to his PhD at the Technical University of Munich, after which he worked on security innovations for industrial products at Siemens before entering the education field.

Table of contents 

Foreword
Introduction
Part I: Fundamentals
Chapter 1: Secure Development Process
Chapter 2: Cryptography
Part II: Device Security Building Blocks
Chapter 3: Random Number Generators
Chapter 4: Cryptographic Implementations
Chapter 5: Confidential Data Storage and Secure Memory
Chapter 6: Secure Device Identity
Chapter 7: Secure Communication
Part III: Advanced Device Security Concepts
Chapter 8: Secure Boot and System Integrity
Chapter 9: Secure Firmware Update
Chapter 10: Robust Device Architecture
Chapter 11: Access Control and Management
Chapter 12: System Monitoring
Afterword
Index

The chapters in red are included in this Early Access PDF.

Reviews 

“The book provides a well understandable introduction on how to design and implement secure embedded devices. Case studies exemplify the practical application of relevant security technologies, making this complex topic well accessible for both practitioners and students.” 

—Dr. Rainer Falk, Principal Key Expert for Embedded Security, Siemens AG

“This book has so much valuable and practical information on engineering secure devices with lessons learned by the author and comprehensible case studies. The detailed explanations of security basics and concepts allow the book to be used by beginners to get started on the topic, but even security professionals would definitely find it valuable. Whether you are a developer for an embedded system, responsible for product security, or just interested in the topic, this book is an excellent read!” 

—Dr. Matthias Niedermaier, OT Security Expert, Airbus

“This book is an indispensable technical guide for the design, implementation and maintenance of embedded systems in security-sensitive applications. It presents fundamental elements and illustrates how they are utilized in practice, providing seasoned insight into the construction of a secure embedded system.” 

—Dr. Marc Stöttinger, Professor of Computer Engineering and Security, RheinMain University of Applied Sciences

“An engaging book for anyone interested in getting a hands-on introduction into embedded system security. Plenty of real-world examples, enriched by anecdotes, make security concepts and mechanisms comprehensible. The book touched on a broad range of topics, encouraging the reader to delve into security engineering.” 

—Dr. Johannes Obermaier, security engineer and researcher

"Dominik Merli finally wrote the textbook that everyone teaching on embedded system security was waiting for. The focus on the practical aspects of real-world embedded systems with the relevant theoretical background makes it an excellent base for education and practitioners. I am really excited to use it in my courses." 

—Dr. Stefan Wallentowitz, Professor of Embedded System Security, Hochschule München University of Applied Sciences

"This book is exactly what you need to read as an engineer working in the automotive, industrial, or IoT domain to level up with comprehensive security know-how — from secure design processes to comprehensive security concepts and their secure implementations. The scope clearly covers what is needed in practice." 

—Dr. Johann Heyszl, Security Engineering Manager, Google

"An excellent book for practitioners dealing with the security of embedded systems and IoT security. A special feature of the book is the large number of practical examples and instructions that help the reader to understand and implement security requirements for embedded systems. Dominik succeeds in converting his extensive practical knowledge into an exciting book that can be used both to familiarize yourself with the complex topic and also as a reference."

—Wolfgang Rankl, author of The Smart Card Handbook