J. Yao, V. ZimmerBuilding Secure Firmwarehttps://doi.org/10.1007/978-1-4842-6106-4_22

22. Security Validation and Penetration Test

Jiewen Yao¹ and Vincent Zimmer²

(1)

Shanghai, China

(2)

Issaquah, WA, USA

After we have done the development, secure code review, and security unit test, the firmware code is checked in. At this point, the validation team can perform the security validation and penetration activities. The real secure validation work starts much earlier, namely, during the threat modeling phase. At that time, the security validation team needs to be involved in the threat model discussion and prepare both the security validation plan and the penetration test plan.

Security Validation Plan

In Chapter 2

Get Building Secure Firmware: Armoring the Foundation of the Platform now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Building Secure Firmware: Armoring the Foundation of the Platform by Jiewen Yao, Vincent Zimmer

22. Security Validation and Penetration Test

Security Validation Plan

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly