Engineering Secure Devices
Merli, Dominik
- 出版商: No Starch Press
- 出版日期: 2024-07-23
- 售價: $1,720
- 貴賓價: 9.5 折 $1,634
- 語言: 英文
- 頁數: 264
- 裝訂: Quality Paper - also called trade paper
- ISBN: 1718503482
- ISBN-13: 9781718503489
尚未上市,歡迎預購
商品描述
This practical guide to building embedded and IoT devices securely is an essential resource for current and future developers tasked with protecting users from the potential threats of these ubiquitous devices. With the rise of the Internet of Things (IoT) and the increased connectivity of smart devices that rely on an embedded computer system at their core, the need for affordable yet effective security measures is higher than ever. This book takes you on a tour through the jungle of potential risks and protection measures, as well as the reasoning behind them, and practical implementation examples. Based on hands-on experience and recent research insights, the journey starts with the basics for a secure development process and summarizes the cryptographic essentials relevant for practical security engineering. Next you'll explore embedded security building blocks like random number generators, implementations options for cryptographic algorithms, secure data storage, unique device identities, and protected communication channels. Later chapters cover advanced device concepts like secure boot and firmware update processes, access control management, and system monitoring. Several case studies throughout will bridge the gap between theory and real-world practices, demonstrating the advantages--or disadvantages--of different implementations.
商品描述(中文翻譯)
這本實用指南專為當前和未來的開發人員而設,他們負責保護使用者免受這些無所不在的嵌入式和物聯網設備的潛在威脅。隨著物聯網的興起和依賴嵌入式電腦系統的智能設備連接性的增加,需要價格合理但有效的安全措施比以往更為重要。本書將帶您穿越潛在風險和保護措施的叢林,以及背後的原因和實際實施示例。基於實踐經驗和最新研究見解,旅程從安全開發流程的基礎開始,並總結了與實際安全工程相關的加密基礎知識。接下來,您將探索嵌入式安全構建塊,如隨機數生成器、加密算法的實現選項、安全數據存儲、唯一設備身份和受保護的通信通道。後面的章節涵蓋了高級設備概念,如安全引導和固件更新過程、訪問控制管理和系統監控。全書中的幾個案例研究將填補理論與實際應用之間的差距,展示不同實施方式的優點或缺點。
作者簡介
Dominik Merli is a professor for IT security at the Augsburg Technical University of Applied Sciences, with more than a decade of experience in security engineering research and the implementation of practical protection measures. His research on embedded systems' security for industrial, automotive, and semiconductor companies led to his PhD at the Technical University of Munich, after which he worked on security innovations for industrial products at Siemens before entering the education field.
作者簡介(中文翻譯)
Dominik Merli是奧格斯堡應用科學技術大學的IT安全教授,擁有十多年的安全工程研究和實際保護措施實施經驗。他在工業、汽車和半導體公司的嵌入式系統安全研究為他在慕尼黑工業大學獲得博士學位,之後在西門子公司從事工業產品的安全創新工作,然後進入教育領域。
