Embedded Security for Architects

Certified Profes­sional for Software Architecture (CPSA®)

The CPSA®-Advanced Level Module EMBED­DEDSEC – iSAQB® Training Course in Embedded Security for Architects

Embedded Security for Architects

What does a security-focused architecture for embedded systems require? The curriculum covers the analysis of protection-worthy assets, the derivation of security goals, attack patterns, and the use of design principles, technologies, and verification techniques. It enables the identification of security risks and the selection of appropriate control measures.

How to design embedded systems with security as a core quality

The module EMBED­DEDSEC provides partic­i­pants with methods for designing an embedded system architecture that reflects their security goals. Building on the concepts of the Foundation Level, the module intro­duces partic­i­pants to analysis methods for identi­fying protection-worthy assets and deriving security goals for embedded systems. It presents qualities, design patterns, and technologies that help in achieving security goals and famil­iarize partic­i­pants with common attack patterns.

Finally, techniques for verifying and validating security properties are presented. At the end of the module, partic­i­pants know approaches to designing embedded archi­tec­tures with security as a quality in mind and are able to identify security risks and select suitable control measures.

Content of the module Embedded Security for Archi­tects (EMBED­DEDSEC)

  • Intro­duction
  • Analysis
  • Verifi­cation
  • Cryptog­raphy
  • Attacks
  • Embedded Design Considerations
  • Embedded Security Design Patterns
Download EMBEDDEDSEC Curriculum
Find an accredited EMBEDDEDSEC Training

Related Blog Posts

Additional Information

Frequently Asked Questions

Is the iSAQB responsible for the quality of its training providers’ CPSA trainings?

The iSAQB operates an elaborate quality assurance system with regard to its training providers, CPSA trainings, and trainers. Our aim is to ensure a consistently high training standard for all CPSA training courses worldwide. However, despite extensive accreditation processes, the iSAQB assumes no liability for the quality of trainings provided by its accredited training partners. Furthermore, the iSAQB assumes no liability for the results of CPSA examinations.

How is CPSA program different from TOGAF certification?

Alongside the TOGAF training, the CPSA program rates highly in companies internationally. Compared to the TOGAF training, the CPSA program generally places more emphasis on the practical implementation of IT systems.

I have lost my certificate. Can it be reissued?

If your certificate has been lost, you can contact the certification body that took your exam or the iSAQB. Generally, you can request a copy of your certificate within 10 years after the date of the exam.

Is it possible to attend Advanced Level training courses without an existing CPSA Foundation Level certification and earn credit points for it?
Software architects who do not yet have a Foundation Level certification can also participate in the Advanced Level training courses. Successful participation in the Advanced Level courses earns credit points, which are required for a possible Advanced Level exam. However, a prerequisite for applying for an Advanced Level exam is always a successfully passed Foundation Level exam.
May I call myself “Software Architect” after passing the exam?

The CPSA certification is not a vocational qualification, but a proof of knowledge in the field of software architecture. The iSAQB is not entitled to award vocational qualifications, so we propose you call yourself “Certified Professional for Software Architecture by iSAQB” after passing the exam.
In Germany it is unclear if it is legally allowed to call oneself “Software Architect”. We recommend you inform yourself about the laws regarding the vocational qualifications in your country.

What does the Advanced Level curriculum include?

For the purpose of CPSA-A training, the iSAQB has defined the three following areas of competence:

  • Methodical competence: a systematic approach to architectural tasks, regardless of the technologies used
  • Technological competence: knowledge and implementation of technology solutions used in design tasks
  • Communicative competence: communication, presentation, argumentation, and moderation skills as well as the ability to cooperate productively with different stakeholders
Which requirements must I fulfill to access Advanced Level certification?
  • Successful training and certification at CPSA‑F level (Certified Professional for Software Architecture, Foundation Level).
  • A minimum of three years full-time professional experience in the IT industry, including the involvement in the design and development of at least two different IT systems. Exceptions can be granted upon application (for instance involvement in open source projects).
  • Training and further education within the scope of iSAQB Advanced Level trainings of at least 70 credit points. All three areas of competence must be covered with at least 10 credit points each.
  • Successful completion of the CPSA‑A certification task, including an interview with two independent examiners appointed by the iSAQB.
Who may offer and conduct CPSA-Advanced Level training?
Trainings at CPSA-Advanced Level may only be offered and conducted by training providers accredited by the iSAQB. Accredited training providers have proven the high quality of their CPSA training offers and are committed to the iSAQB accreditation conditions.
Are participation certificates for Advanced Level training courses also issued if a training course has to be cancelled through no fault of one’s own, or if the participation is delayed?

For Advanced Level training courses, participation certificates with the designated credit points can only be issued if a participant has attended at least 75% of the training. If less than 75% have been completed, the intended credit points may not be awarded. It is necessary to repeat the entire training or to make up for the missing part in order to earn the credit points. In any case, this regulation also applies to reasons that are not the fault of the participant (e.g. illness, accidents, traffic jams, etc.).

Are credit points awarded for participation in online training courses at Advanced Level?

For online training courses at Advanced Level you will receive an official iSAQB participation certificate with the respective credit points.

Downloads

Curriculum Module EMBEDDEDSEC – Embedded Security for Architects

Curriculum of the Advanced Level Module EMBEDDEDSEC with all learning goals and terms for the individual chapters.

Advanced Level – Sample task for the CPSA‑A examination task

Sample task “BigSpender” / Topic – Information System

Advanced Level – Examination Rules

This document contains general rules regarding the CPSA-Advanced Level examination. It provides information on areas of competence, modular concept, examination requirements, costs, preparation, registration, and structure of the examination.