iSAQB® EMBEDDEDSEC
The iSAQB® EMBEDDEDSEC course trains software architects and engineers to design secure embedded systems. Through theoretical lectures and practical case studies, participants learn to identify vulnerabilities and apply security controls at the architectural level.
No sessions available
Check back later or contact a provider directly.
Description
The iSAQB® EMBEDDEDSEC course trains software architects and engineers to design secure embedded systems. Through theoretical lectures and practical case studies, participants learn to identify vulnerabilities and apply security controls at the architectural level.
Key topics include:
Threat modeling and risk assessment
Cryptography for resource-constrained devices
Secure boot and firmware updates
Hardware Security Modules (HSM) and Trusted Execution Environments (TEE)
The training prepares professionals to meet compliance requirements for industry standards like ISO/SAE 21434 and IEC 62443. After completion, attendees can systematically plan and implement security mechanisms within embedded software architectures.
What You Will Learn
Curriculum Structure (iSAQB CPSA-Advanced, module EMBEDDEDSEC), based on the official curriculum
Module 1- Introduction
Security as a quality attribute in architecture, and trade-offs with other quality attributes
Security properties, including confidentiality, integrity, availability, plus authentication, authorization, non-repudiation
Security across the product lifecycle (conception to decommission), including Secure Development Lifecycle concepts
Security-related regulations, standards, and guidelines, with examples such as ISO/IEC 25010, IEC 62443, ISO/SAE 21434, UN R 155, UN R 156, ETSI EN 303 645, NIST SP 800 series
Module 2- Analysis
System definition and system context for security analysis
Assets and damage scenarios
Threat modeling concepts such as threats, attack paths, attack trees, feasibility, impact, and risk
Deriving security goals and security claims from analysis results
Module 3- Verification
Techniques to verify and validate security properties in embedded systems
Module 4- Cryptography
Cryptography fundamentals relevant to embedded architectures and security goals
Module 5- Attacks
Common embedded attack patterns and how they affect assets, goals, and architecture decisions
Module 6- Embedded Design Considerations
Security-relevant qualities, technologies, and architectural considerations for embedded systems
Module 7- Embedded Security Design Patterns
Security design patterns for embedded architectures, and selecting control measures based on risk
Certification & Exam
The iSAQB® EMBEDDEDSEC course prepares participants for the iSAQB CPSA® Advanced Level program by covering the Advanced Level module Embedded Security for Architects (EMBEDDEDSEC).
The module can be attended independently of holding a CPSA-F certificate, and it contributes credit points that can count toward eligibility for the CPSA-A certification exam. In this module, participants learn how to design embedded system architectures that reflect defined security goals, including methods to identify assets worth protecting, derive security goals, recognize common attack patterns, and select appropriate design patterns and controls. The curriculum also includes approaches to verify and validate security properties in embedded systems.
What You Will Achieve
Course outcomes for iSAQB® EMBEDDEDSEC
Analyze embedded architectures for security attributes and trade-offs using ISO/IEC 25010, ISO/SAE 21434, and IEC 62443 standards.
Create system definitions and context views, including interfaces and assets, to support security analysis and threat modeling.
Apply threat modeling methods such as STRIDE, data flow diagrams, and attack trees using attacker, asset, or system-centric approaches.
Evaluate security risks by mapping threats to damage scenarios and rating them with CVSS and ISO/SAE 21434 frameworks.
Select security verification activities, including SAST, DAST, IAST, fuzzy testing, and vulnerability scanning for embedded software.
Apply cryptographic mechanisms, including symmetric and asymmetric encryption, hashing, and key derivation, to specific embedded use cases.
Analyze attacker profiles and vulnerabilities using data from CVE, CWE, OWASP, SANS, and BSI to inform architecture decisions.
Design security controls such as Secure Boot, signed firmware updates, and secure coding practices based on MISRA and CERT guidelines.
Training Providers
1 providerFAQs
Get Custom In-house Training
Post once, get competitive offers from multiple providers. Choose the one that fits your team.
Similar Trainings
iSAQB® Foundation Level Certification (CPSA-F)
iSAQB® Foundation Level Certification (CPSA-F) training covers the core tasks of software architecture according to curriculum version 2025.1: clarifying stakeholder requirements and constraints, designing the system, communicating architecture, and evaluating or analyzing results. Participants learn how to derive architecture decisions from requirements, document views and decisions, discuss architecture with stakeholders, and assess quality. Teaching combines theory, examples, and practical exercises for small and medium-sized systems. The course supports preparation for the official CPSA-F exam and practical work in architecture roles.
iSAQB® ADOC - Architecture Documentation Certification
The iSAQB® ADOC training is an Advanced Level module in the CPSA-A program and covers the structured documentation of software architectures. You learn to build architecture documentation with arc42 , suitable diagram types, and clear documentation rules. The course combines theory with practical examples and exercises so that you can describe architectural decisions, quality requirements, views, and technical relationships in a clear way. Depending on the provider, the training takes place online or on-site. After completion, you can use documentation in a more targeted way for communication, maintenance, and project work.
iSAQB® AGILA - Agile Software Architecture Certification
The iSAQB® AGILA module is an Advanced Level training course within the Certified Professional for Software Architecture – Advanced Level (CPSA-A) program. The course focuses on how software architecture works in agile development environments. Participants learn how to design and evolve software systems in agile teams where architectural responsibility is shared . The training shows how architects and developers make architecture decisions during short development cycles while keeping systems stable and maintainable. The course also explains how to balance architecture, speed, and quality in agile projects. Topics include collaborative design practices, continuous architecture work, and practical approaches for identifying and managing technical debt during iterative development.
iSAQB® ARCEVAL - Architecture Evaluation Certification
The iSAQB ARCEVAL course teaches systematic methods to evaluate software architectures. This module of the Certified Professional for Software Architecture (CPSA) Advanced Level helps professionals verify if a system meets its quality requirements. ATAM: Identifying risks and design trade-offs. Quality Models: Using ISO/IEC 25010 to define software quality. Review Techniques: Performing audits using checklists and walkthroughs. Economic Evaluation: Analyzing the cost-benefit of technical decisions. This training is for software architects and senior developers who must justify technical choices. Participants learn to document results and provide clear recommendations. Completion provides credit points toward the iSAQB CPSA-A certificate.
iSAQB® CLOUDINFRA - Advanced Level Certification
In the iSAQB® CLOUDINFRA Advanced Level Training , you will focus on cloud-native architectures and the operation of distributed applications. You will learn how to plan, deploy, and reliably operate container-based applications, which infrastructure concepts are important for this, and how to set up monitoring, logging, and alerting in a meaningful way. The course combines architectural concepts with practical examples, case studies, and technical discussions. After completing the course, you can better evaluate cloud infrastructures, include operational requirements in architectural decisions, and prepare specifically for the iSAQB® CLOUDINFRA certification .
iSAQB® DDD - Domain Driven Design Training
This iSAQB® DDD training covers Domain-Driven Design for software architects and developers. Participants learn to build a Ubiquitous Language, define Bounded Contexts, and map context relationships. The curriculum teaches strategic and tactical DDD concepts, including aggregates, entities, value objects, repositories, and domain services. Through lectures and modeling exercises, attendees learn to translate complex business requirements into maintainable software structures and apply these patterns in architecture decisions.