Engineering Secure Devices
Professor releases practical guide for cyber security and engineering professionals
While developing devices, security can sometimes take a back seat compared to the devices’ functionality and profitability. However, in an increasingly networked and digitized world, a device’s security becomes a factor for success, ensuring customer satisfaction and, therefore, strengthening the manufacturer’s standing among its competitors.
Prof. Dr. Dominik Merli, professor of IT security at the Technical University of Applied Sciences Augsburg (THA) and head of THA’s Institute for Innovative Safety and Security (THA_innos), addresses this need for security with his book Engineering Secure Devices: A Practical Guide for Embedded System Architects and Developers, published in June 2024.
Merli says: “Engineering Secure Devices is a result of our daily research in embedded system security and my personal experiences with companies and products from various industries. The book is condensed practical know-how, boiling down to the question: How to balance the need for robust security with performance and innovative product design?”
Securing devices: Cyber Resilience Act and further challenges
Merli explains: „Whether you’re an IoT developer or an embedded system architect, Engineering Secure Devices equips you with indispensable knowledge to design, secure, and support the next generation of smart devices. This includes an increasing number of products—industrial components, smart household appliances, simple webcams or even four-legged robots.”
“However, the variety of IoT devices and their specific requirements are just one part of the challenges engineers and manufacturers face,” Merli continues. “New regulatory frameworks, like IEC 62443-4-2 for components in industrial automation and control systems or the EU’s upcoming Cyber Resilience Act for every product with digital elements, demand investments in device cyber security—even from a legal perspective.”
Crafting secure devices
Engineering Secure Devices guides readers through crafting secure devices—from protecting crucial assets to the nature of attackers and the risks they pose. The book also explores the technical intricacies and pros and cons of symmetric and asymmetric cryptography, how to use and analyze random number generators and cryptographic algorithms, and how to ensure confidential data storage and secure memory.
Further, it dives into secure device identity solutions and communication protocols, the design of secure boot and update processes, and the management of device access control. Lastly, Merli discusses robust device architectures that withstand attacks while maintaining critical operations and system monitoring strategies to detect and respond to anomalies or security breaches in IoT devices.
Engineering Secure Devices: A Practical Guide for Embedded System Architects and Developers was recently published by No Starch Press, an American publishing company specializing in technical literature. The printed version can be ordered for $59.99 and includes the e-book.
About the Institute for Innovative Safety and Security
The Institute for Innovative Safety and Security at Technical University of Applied Sciences Augsburg (THA_innos) supports organizations of all sizes in operating securely and sustainably in a networked world. The institute's innovative approaches make systems, products and personnel resistant to digital threats that endanger economy and society.
Contacts
Phone: | +49 821 5586-3459 |
Fax: | +49 821 5586-3499 |
Phone: | +49 821 5586-3617 |