Getting Started with Embedded Linux Security - Simon Goda - NDC TechTown 2024

This talk was recorded at NDC TechTown in Kongsberg, Norway. #ndctechtown #ndcconferences #developer #softwaredeveloper Attend the next NDC conference near you: https://ndcconferences.com https://ndctechtown.com/ Subscribe to our YouTube channel and learn every day: / @NDC Follow our Social Media! https://www.facebook.com/ndcconferences https://twitter.com/NDC_Conferences https://www.instagram.com/ndc_conferences/ #clanguage #platform #os In this presentation we review some of the main aspects of an embedded Linux system in terms of how that system can be made more secure. We'll examine features of the toolchain and additional tools which can be used to create more secure applications and we'll look at system level features of Linux which will make your running system more robust. We'll also look at some of the kernel features which can be used to harden the system and review aspects of the boot process which can be used to secure the booting of the system. Agenda: Introduction: - Security and trust - Attack models and secure development Secure compilation and extra tools: - Code Vulnerabilities - GCC options - checksec - ASAN Securing the Linux system: - Permissions, attributes - MAC - Containers - Filesystem integrity & encryption - Syscall filtering Securing the Kernel: - Kernel configs - Module signing Hardening the boot process: - Secure boot - Hardening U-Boot