 Welcome to STM32 Security MOOC. In this MOOC, we have already seen the concept of crypto, the STM32 security features. Now it's time to understand how to use them in real life. We will see how to combine these concepts to achieve the level of security you need. After following this MOOC, you should be able to have an overview of the concepts involved in MCU security evaluate possible solutions to fewer security needs understand what security involves in terms of enrolment and tools have a rough idea of the cost of security. Here's the agenda of this MOOC. First, we will have a short introduction on MCU security and then we will look into some use cases from simple ones to more advanced ones including the former protection to achieve confidentiality of the former ensure former is not corrupted and ensure former is the one that you want to run. After that, we will also look into secure boot and secure former update. First question, what is security on MCU? If you have ever followed another MOOC named basics of security in STM32 you might have some idea about this already. So let's just have a refresh of the same thing quickly. Here's the definition of security in general from Wikipedia. Security is the degree of resistance to or protection from harm. It applies to any vulnerable and valuable asset such as a person, dwelling, community, nation or organization. So security is about protecting assets. There could be many different kinds of assets. For example, asset could be information, capability, advantage, feature, financial or technical resources that may be damaged, lost or disrupted. An asset could be in different formats. It can be digital, physical or commercial. Damage to an asset may affect the normal operation of the system as well as that of individuals and organizations involved with the system. When we talk about information security there are three major properties to be considered. Confidentiality, integrity and availability. Confidentiality is to say that information should not be made available or disclosed to unauthorized individuals, entities or processes. Integrity is to maintain and assure the accuracy and completeness of data over its entire life cycle. Data should not be modified in an unauthorized or undetected manner. Availability is to say that information should be available when needed. The reason we need to protect assets not only because of course the assets have values but also because there are threats to those assets and there are vulnerabilities in the system. So what is a threat? A threat is a specific scenario or a sequence of actions that exploits a set of vulnerabilities and may cause damage to one or more of the system's assets. And vulnerability is a weakness, limitation or a defect in one or more of the system's elements that could be exploited by the threats to disrupt the normal operation of the system. And vulnerabilities could resize in different places. They may be in specific modules of the system in its architecture, its users and operators, in its associated regulations or even in the operational and business procedures. Now we know the three properties of information security, confidentiality, integrity and availability. In a real use case, whether all of the three or some of the three properties should be protected really depends on the application itself and the nature of the assets to be protected. So a security analysis procedure should be put in place to first understand what are the assets to be protected, what kind of threats are there to the assets and what kind of damages could be caused by the threats. Then identify the system vulnerabilities that could be exploited by the threats and in the end find out countermeasures that could be put in place to mitigate the vulnerability and to mitigate threats. So we can see that building a fortified solution is all about risk management. You need to understand the value of assets you want to protect. You need to understand your threats and vulnerabilities. So the risk is just in the middle of the three elements, assets, threats and vulnerabilities. Once you understand what are the risks that you have, then the next step is to develop a security strategy to reduce risk using right level of security for the value of the assets being protected. And in the case of information security, most likely we will make use of the available integrity and cryptographic tools. Usually people may think that when they develop the product they should first finish development of all the functional features and then at the end to look at what are the security features that they can add. But that's not the right way. Security should be something that you need to consider since day one. You need to identify the assets you want to protect at the time you define the product and define the appropriate level of security to apply when you design the product and at development phase put in place methods and processes to protect those assets over the entire lifecycle of the product. When the product is manufactured in factory, when it is in use on the market, when the product need to be updated or even at the end of its life. When you look at security under the scenario of an IoT system, for example, the security strategies to address CIA properties rely on many things such as authentication of both parties, encryption of exchanges, integrity of exchanges, robustness of stakeholders, connectivity, cloud server and knows, gateways and so on. And there are also some security requirements on the device side. Typically, secure boot, secure form update, temporary detection, runtime protection and key storage. And for information security, most of the time cryptographic operations will be involved and the cryptography relies on standard algorithms, the algorithms for signature, data encryption, data authenticity and integrity and also secure key management that involves key generation, key storage and the protection of the keys during its usage. Now let's take the former inside MCU as an example and think about the security of the former itself. So actually, you know that the former itself has values, it's also a valuable asset because first of all, this is a software intellectual property. Certainly, we don't want someone else to copy it and use it for free. And secondly, in a product, the former is playing a very important role because it runs some services, it's running the application that is linked to certain services provided to the end user. So certainly, former has values and there were also some threats that could damage the former. For example, the former could be stolen or could be altered or could be replaced by a different one on the device. So we need to find some ways to protect the former from different kinds of threats. Then in the next section, we will show some ways to help protecting the former. We will show the way to protect the former confidentiality, to protect the former integrity and to protect the former authenticity. Confidentiality because I don't want anyone to read my former. Integrity because I want to be sure that the former that is running on the device is not modified. Authenticity is because I don't want the former running from my device is actually coming from someone else. It has been replaced by some other former. Thank you for watching.