Embedded Application Security Best Practices
  • Embedded Application Security Best Practices
  • What are Embedded Systems?
  • Buffer and Stack Overflow Protection
  • Injection Prevention
  • Firmware Updates and Cryptographic Signatures
  • Securing Sensitive Information
  • Identity Management
  • Embedded Framework and C-Based Toolchain Hardening
  • Usage of Debugging Code and Interfaces
  • Transport Layer Security
  • Usage of Data Collection and Storage - Privacy
  • Third Party Code and Components
  • Threat Modeling
  • About OWASP
Powered by GitBook
On this page
  • Welcome
  • GitBook integration
  • Contributing
  • Roadmap
  • Project Leaders

Was this helpful?

Embedded Application Security Best Practices

NextWhat are Embedded Systems?

Last updated 4 years ago

Was this helpful?

OWASP Embedded Application Security Project

Welcome

Thank you for your interest in the OWASP Embedded Application Security Project. This is the development version of the OWASP Embedded Application Security Best Practices Guide, and will be converted into PDF & MediaWiki for publishing when complete.

This document was put together by the collaborative efforts of developers, engineers, and hobbyists with the sole purpose of assisting manufacturers produce embedded devices with security in mind. A special "thank you" is due to all those who have contributed (see below) as well as those who continue to see this project evolve. It is our goal that this document will provide a detailed technical pathway for manufacturers to build secure devices for an increasingly insecure world. This is considered a "living" document as it is open to feedback and further collaboration, please contact the project leaders with any feedback you may have.

Made possible by contributions from:

  • Jim Manico

  • Benjamin Samuels

  • Janet Kulp

GitBook integration

Contributing

You do not have to be a security expert in order to contribute!

Some of the ways you can help:

  • Technical editing

  • Review

  • Diagrams

  • Graphic design

  • Code snippets in your favorite language

  • Translate guidance material

Roadmap

🚨⚠️ This project is currently going through a revamp of its content and structure. 🚨⚠️

Join the mailing list, slack channel and contact the Project leaders if you feel you can contribute.

Project Leaders

For a pleasant reading experience, use to turn this document into a PDF, e-book, website, etc.

Feel free to sign up for a task out of our roadmap below or add your own idea to the roadmap. To get started, create a GitBook account or sign in with your Github credentials to add comments and make edits. All changes are tracked and synced to . Alternatively, clone the Github repo, use your favorite markdown editor, apply/make your edits, and submit a pull request. Feel free to contact the project leaders for ways to get involved.

Alex Lafrenz

GitBook
https://github.com/scriptingxss/embeddedappsec
Aaron Guzman
@scriptingxss
@zerofrenz
Wiki Page