Safety and security Training: Embedded security | Ac6 Formation

ac6-formation, un département d'Ac6 SAS
EN
EnglishFrench
go-up

ac6 ac6-formation Programming Safety and security

Safety and security

Embedded security

What are Safety & Security in Embedded Systems?

Cybersecurity and functional safety work together for connected products and industrial IoT. Anchored in the EU Cyber Resilience Act (CRA) and standards like IEC 62443, IEC 61508, and ISO 26262 (plus ETSI EN 303 645 and NIS2), the goal is to prevent hazards, withstand attacks, and keep devices dependable throughout their lifetime—from concept and development to updates in the field.

Modern platforms provide strong building blocks out of the box: secure boot chains (TF-A/U-Boot, HAB/AHAB, SBSFU/TF-M), isolation with TrustZone-M and OP-TEE, and Linux hardening features (SELinux/AppArmor, dm-verity/IMA, namespaces, seccomp). On the safety side, practices like MISRA/CERT coding, static analysis, FMEA/FTA, watchdogs, and CRC/ECC reduce faults without slowing development.

Our ac6 training courses help you master this ecosystem—covering risk and threat analysis, SBOM/VEX and vulnerability handling, key management and secure update/rollback, Linux/MCU hardening and TrustZone partitioning, and the safety lifecycle with evidence (plans, traceability, safety case). The outcome: products that are both secure and safe, ready for real-world assessments.

Available Courses

SEC1Developing C/C++ Secure Embedded SystemsOutline
This course provides an introduction to embedded security and covers industry standards such as ISO/SAE 21434, IEC 62443, NIST SP 800-53, Common Criteria, and OWASP. It covers secure coding practices for C/C++ and introduces the RUST programming language with its built-in security features. Students will learn about secure software development methodologies, security testing, and cryptography in embedded systems. The course covers the design and implementation of secure embedded system hardware architecture and communication protocols. Additionally, it provides an overview of security best practices for IoT devices and systems.
SEC12Comprehensive Secure Systems ProgrammingOutline
The oSEC12 course is designed for software engineers that need to design and program secure systems. This course is a combination of oSEC1 - Secure C/C++ Development for Embedded Systems course and oSEC2 - Advanced Embedded Systems Security course, with a special price when both consecutive sessions are booked at once.
SEC2Advanced Embedded Systems SecurityOutline
Discover how to protect your programs from malicious user input, Secure System Software and Consideration, Apprehend the context and the use of Hypervisors and System Virtualization and Discover Security checks and Tools
C1Effective MISRA COutline
MISRA C:2023, the latest version of the MISRA C standard, which includes guidelines for safety and security supporting all published versions of the C standard. The course has been designed for the smooth and successful adoption of MISRA C into an organization. Lectures, exercises, tests, hands-on sessions and, optionally, a final exam, will significantly strengthen the skills and competences of teams involved in the design, development and verification of critical embedded software systems.
C2MISRA Compliance for Project ManagersOutline
MISRA for Project Managers, provides essential insights for managers overseeing projects that require MISRA compliance. It highlights the importance of MISRA standards in safety-critical systems across various industries. The training emphasizes key aspects such as negotiation, planning, execution, and assessment of MISRA compliance, and equips managers with the knowledge to make informed decisions. By enhancing managerial awareness and skills, it ensures better project outcomes, reduced costs, and improved code quality. This training is invaluable for project leaders seeking to streamline MISRA integration and enhance organizational efficiency.
SEC10Cyber Resilience Act (CRA) for Embedded SystemsOutline
This course provides embedded system developers and cybersecurity professionals with an in-depth understanding of the Cyber Resilience Act and its impact on digital products. Participants will learn essential cybersecurity requirements, explore compliance pathways, and discover practical strategies for securing embedded systems throughout their lifecycle. The course also highlights market-ready tools and solutions to ensure adherence to the regulation while enhancing product resilience.
SEC6Embedded Security for NXP i.MX-based processorsOutline
This course teaches the security challenges of embedded systems and NXP-based devices, covers latest security standards and best practices, and explains how to implement secure boot, network protocols, IoT security, and firmware updates.
SEC7ARM TrustZone for Cortex-M based devicesOutline
This course aims to provide an in-depth understanding of the ARM v8-M architecture and its security features. It covers topics such as the Memory Protection mechanism, Security Attribution unit configuration, management of Security access faults, and building and debugging secure and non-secure software. The objective is to equip attendees with the necessary knowledge and skills to develop secure applications for ARM v8-M based systems.
SEC8Secured Embedded Linux Platform BuildOutline
SEC9Advanced Embedded Linux SecurityOutline
SEC11NIS2 for EmbeddedOutline
This course equips embedded and OT teams with a clear, practical understanding of the NIS2 directive and its impact on critical digital services. Participants will grasp core obligations (Art. 21/23), map requirements to engineering workflows, and apply incident reporting timelines. The program also spotlights proven tools, supplier practices, and evidence-building techniques to accelerate compliance and strengthen operational resilience.
C8Critical Systems SafetyOutline
Embedded systems are more and more critical and subject to safety constraints. This training introduces the main concepts and standards applicable to safety-critical systems.