docs: adjust learning to goals to proper format

docs/01-introduction/02-learning-goals.adoc

@@ -8,7 +8,7 @@
 
 // tag::EN[]
 [[LG-1-1]]
-==== LG 1-1: Definition of Security
+==== LG 1-1: Know what security means in the context of an architecture.
 
 Participants know a definition of security and understand it as a quality of the system.
 Participants understand the relationship and trade-offs to other quality attributes.
@@ -18,14 +18,14 @@ Definitions can be found for example in ISO/IEC 25010, ISO/SAE 21434 and IEC 624
 endif::[]
 
 [[LG-1-2]]
-==== LG 1-2: Security Properties
+==== LG 1-2: Know the security triad
 
 Participants know the security properties of the universal triad: confidentiality, integrity and
 availability. In addition they know additional common properties such as authentication, authorization
 and non-repudiation.
 
 [[LG-1-3]]
-==== LG 1-3: Security Lifecycles
+==== LG 1-3: Understand that security needs to be considered throughout a product's lifecycle
 Participants understand, that security must be considered in the whole product lifecycle and not
 just for the development phase.
 Participants understand that maintaining security requires participation and consideration of all stakeholders.
@@ -38,7 +38,7 @@ Lifecycle and NIST's Secure Software Development Framework.
 endif::[]
 
 [[LG-1-4]]
-==== LG 1-4: Security Regulations and standards
+==== LG 1-4: Know relevant regulations, standards and guidelines.
 Participants understand the difference between regulations, standards and guidelines.
 Participants know examples of regulations, standards and guidelines regarding security.
 

docs/02-analysis/02-learning-goals.adoc

@@ -19,7 +19,7 @@ tbd.
 
 // tag::EN[]
 [[LG-2-1]]
-==== LG 2-1: System definition and context
+==== LG 2-1: Create a system definition and context
 Participants understand the security purpose of the system context. Participants are able to create
 a system context view, building on their Foundation Level knowledge.
 The system context provides necessary information for the security analysis of the system:
@@ -29,7 +29,7 @@ The system context provides necessary information for the security analysis of t
 * Assets associated with the system
 
 [[LG-2-2]]
-==== LG 2-2: Asset and damage identification
+==== LG 2-2: Identify assets and damage scenarios
 
 Participants understand what assets are and know typical examples.
 Participants are able to identify assets for a given system.
@@ -42,7 +42,7 @@ channels.
 endif::[]
 
 [[LG-2-3]]
-==== LG 2-3: Threat Modeling
+==== LG 2-3: Perform threat modeling
 
 Participants know approaches to threat modeling (attacker-, asset-, system-centric) and understand
 their advantages and disadvantages.
@@ -52,7 +52,7 @@ Participants understand that threat modeling is an interdisciplinary tasks, that
 inputs.
 
 [[LG-2-4]]
-==== LG 2-4: Threat scenario analysis
+==== LG 2-4: Analyse identified threats
 
 Participants know approaches to identifying threats (e.g., Misuse Case Diagram, Data Flow Diagram,
 STRIDE).
@@ -62,7 +62,7 @@ Analysis, Kill-Chains).
 Participants are able to identify and analyze threats for a given system.
 
 [[LG-2-5]]
-==== LG 2-4: Risk Assessment Methods
+==== LG 2-4: Assess and rate identified risks
 
 Participants understand the goal of assessing the risk of threats and the associated damage scenarios.
 Participants know approaches to classifying and rate attack risks.

docs/03-verification/02-learning-goals.adoc

@@ -20,7 +20,7 @@ tbd.
 
 // tag::EN[]
 [[LG-3-1]]
-==== LG 3-1: Verification Goals
+==== LG 3-1: Understand the goals of verification
 Participants understand the goals of security verification.
 Participants know classifications of security Verification methods:
 
@@ -31,7 +31,7 @@ Participants know classifications of security Verification methods:
 Participants understand the advantages and disadvantages of static and dynamic methods.
 
 [[LG-3-2]]
-==== LG 3-2: Static Analysis
+==== LG 3-2: Know static analysis techniques
 Participants know static analysis techniques such as 
 
 * Software Composition Analysis
@@ -40,7 +40,7 @@ Participants know static analysis techniques such as
 * Taint Analysis.
 
 [[LG-3-3]]
-==== LG 3-3: Dynamic Testing
+==== LG 3-3: Know dynamic testing techniques
 Participants know dynamic testing techniques such as 
 
 * Fuzzy Testing
@@ -50,7 +50,7 @@ Participants know dynamic testing techniques such as
 * Robustness Testing
 
 [[LG-3-4]]
-==== LG 3-4: Penetration Testing
+==== LG 3-4: Know what penetration testing is
 Participants understand the goal of penetration testing.
 Participants understand the relationship of penetration testing to other verification methods.
 Participants know the steps of a penetration test:

docs/04-cryptography/02-learning-goals.adoc

@@ -20,28 +20,28 @@ tbd.
 
 // tag::EN[]
 [[LG-4-1]]
-==== LG 4-1: Goals of Cryptography
+==== LG 4-1: Know the goals of cryptography
 
-Participants know the goals of cryptography (Authenticity, Confidentiality and Integrity).
+Participants know the goals of cryptography (Protection of authenticity, confidentiality and integrity).
 Participants know how a basic cryptographic function works.
 
 [[LG-4-2]]
-==== LG 4-2: Symmetric Cryptography
+==== LG 4-2: Understand symmetric cryptography and know its usecases
 
 Participants understand what symmetric cryptography is.
 Participants know use cases, advantages and disadvantages of symmetric cryptography.
 Participants know examples of recommended symmetric algorithms (e.g. from NIST or BSI).
 
 [[LG-4-3]]
-==== LG 4-3: Asymmetric Cryptography
+==== LG 4-3: Understand asymmetric Cryptography and know its usecases
 
 Participants understand what asymmetric cryptography is.
 Participants know use cases, advantages and disadvantages of asymmetric cryptography.
 Participants know examples of recommended asymmetric algorithms (e.g. from NIST or BSI) and are aware
 of the need to future-proof applications for post-quantum attacks.
 
 [[LG-4-4]]
-==== LG 4-4: Secure Hashing
+==== LG 4-4: Understand secure hashing and know its usecases
 
 Participants understand what a hash function does.
 Participants understand quality goals of hash functions (preimage resistance, second-preimage
@@ -50,15 +50,15 @@ Participants know use cases of hashing.
 Participants know examples of recommended hashing algorithms (e.g. from NIST or BSI).
 
 [[LG-4-5]]
-==== LG 4-5: Key Derivation Functions
+==== LG 4-5: Understand key derivation functions and know their use cases
 
 Participants understand the use of key derivation functions.
 Participants understand the difference in qualities compared to hashing functions.
 Participants know examples of recommended key derivation functions and their uses (e.g. from NIST or
 BSI)
 
 [[LG-4-6]]
-==== LG 4-6: Randomness and Entropy
+==== LG 4-6: Understand the need for randomness and entropy, and know typical sources
 
 Participants understand why cryptographically-secure random values are an important cornerstone of
 cryptography.

docs/embsec/05-attacks/02-learning-goals.adoc

@@ -20,27 +20,27 @@ tbd.
 
 // tag::EN[]
 [[LG-5-1]]
-==== LG 5-1: Attacker Motivations and Knowledge
+==== LG 5-1: Know attacker motivations and knowledge
 
 Participants know the levels of capabilities (script kiddy, programmer, security expert, state
 actor/competitor, etc.) and motivations (fun, research, monetary gain) attackers exhibit.
 They should understand the issues with attacker-based risk approaches.
 
 [[LG-5-2]]
-==== LG 5-2: Attack Terminology
+==== LG 5-2: Understand attack terminology
 
 Participants understand the difference between weaknesses and vulnerabilities.
 They understand the concept of an attack surface and how it relates to weaknesses and
 vulnerabilities.
 
 [[LG-5-3]]
-==== LG 5-3: Security Information Sources
+==== LG 5-3: Know sources for security information
 
 Participants know sources from which information about attacks, vulnerabilities and weaknesses can
 be gathered (e.g., CVE and CWE database, OWASP, SANS Institute, CISA, BSI, or UN R 155 for automotive).
 
 [[LG-5-4]]
-==== LG 5-4: Common Attack Patterns
+==== LG 5-4: Know common attack patterns
 
 Participants understand typical weaknesses, attack patterns and their effects.
 Examples for these are overflows, injections, privilege escalations, denial of service,
@@ -49,7 +49,7 @@ Further examples can be found in the OWASP (IoT) Top 10 and aforementioned secur
 sources.
 
 [[LG-5-5]]
-==== LG 5-5: Hardware Attack Surfaces
+==== LG 5-5: Know hardware attack surfaces
 
 Participants understand that attacks on embedded systems are not limited to software-based attacks,
 but can also be conducted via the system's hardware.

docs/embsec/06-considerations/02-learning-goals.adoc

@@ -20,7 +20,7 @@ tbd.
 
 // tag::EN[]
 [[LG-6-1]]
-==== LG 6-1: Security as a Quality in Embedded Systems
+==== LG 6-1: Understand security as a quality in embedded systems
 
 Participants understand security as a system quality and its relation to other quality requirements.
 Participants understand security as a quality in the context of ISO 25010 and the relation of these
@@ -33,13 +33,13 @@ uncircumventable risk, therefore it should be considered that the compromise of
 not compromise all products (e.g., when the same symmetric key is used in all devices).
 
 [[LG-6-2]]
-==== LG 6-2: Safety and Security
+==== LG 6-2: Understand the relationship of safety and security
 
 Participants understand that embedded systems can influence the physical world and pose additional
 safety risks that need to be addressed.
 
 [[LG-6-3]]
-==== LG 6-3: Guiding Principles
+==== LG 6-3: Understand the guiding principles of security
 
 Participants understand that good software engineering practices help designing a more secure
 system.
@@ -56,7 +56,7 @@ reflected in embedded systems, examples include:
 * Input and Output Validation
 
 [[LG-6-4]]
-==== LG 6-4: Resource Restrictions
+==== LG 6-4: Understand the effect of resource restrictions on security
 
 Participants understand that resource constraints limit the solution space for embedded systems.
 Examples of such limitations are:
@@ -73,7 +73,7 @@ these keys are compromised. Enforcement of roll-back protections through hardwar
 limited by the amount of available fuses.
 
 [[LG-6-5]]
-==== LG 6-5: Software Updates
+==== LG 6-5: Understand the role of software updates
 
 Participants understand the need for software updates and the challenges deploying updates to embedded
 devices pose.
@@ -83,7 +83,7 @@ Participants know possible solutions to securely deploy updates to embedded devi
 and encrypted firmware packages, secure version numbers)
 
 [[LG-6-6]]
-==== LG 6-6: Secure Implementation
+==== LG 6-6: Know secure implementation techniques
 
 Participants understand how a well engineered implementation supports the security goals.
 Participants know standards and guidelines to reduce the likelihood of introducing defects during

docs/embsec/07-patterns/02-learning-goals.adoc

@@ -20,7 +20,7 @@ tbd.
 
 // tag::EN[]
 [[LG-7-1]]
-==== LG 7-1: Authentication and Authorization
+==== LG 7-1: Know solutions to ensure authentication and authorization
 
 Participants know methods, patterns and technologies to ensure authentication of entities and manage
 authorization for actions taken on the system.
@@ -45,7 +45,7 @@ Participants understand that user interaction with the device might be limited,
 authentication mechanisms.
 
 [[LG-7-2]]
-==== LG 7-2: System Integrity
+==== LG 7-2: Know solutions to ensure system integrity
 
 Participants know methods, patterns and technologies to ensure the system's integrity and protect
 the system against tampering.
@@ -68,7 +68,7 @@ Examples to ensure integrity of operations are
 * control flow checking (e.g., software based encoding or hardware watchdogs),
 
 [[LG-7-3]]
-==== LG 7-3: Communication
+==== LG 7-3: Know solutions to secure communication
 
 Participants understand the necessity of ensuring confidentiality, integrity and availability of
 communication.
@@ -86,7 +86,7 @@ security mechanisms for protecting communication over such buses might have lowe
 guarantees compared to TLS or other typical communication protection.
 
 [[LG-7-4]]
-==== LG 7-4: Hardware Security
+==== LG 7-4: Know hardware security techniques and technologies
 
 Participants understand what role the underlying hardware plays in achieving security goals.
 Participants know how isolation concept can be realized with hardware support, what a Hardware