Embedded Systems and Security

Lecturer:                                                               Georg Sigl (L), Matthias Probst, Michaela Brunner, Jens Nöpel

Duration2 SWS
TermWintersemester 2023/24
Language of instructionEnglish
Position within curriculaSee TUMonline
DatesSee TUMonline

Admission information


The students shall be able to design a secure embedded system. In particular, to implement given tasks on an embedded system and to assess and choose appropriate measures to secure an embedded system. The former includes being able to - Use toolchains for embedded development - Discuss memory organisation - Classify types of on-chip memory - Recall the boot process of a uC - Describe and use memory mapped I/O - List common peripherals and explain their purpose - Explain and use interrupts - Compare and use methods for embedded debugging while the latter encompasses the ability to - List security objectives - Exemplify typical vulnerabilities - Apply some common attacks - Choose appropriate countermeasures - Use cryptography - Illustrate methods for separation - Explain and use MMUs/MPUs - Explain side channels - Demonstrate the concept of trusted computing


To enable students to implement given tasks on an embedded system, the course will deal with: - Introduction to microcontrollers, differences to desktop computers - Memory in embedded systems and its usage by C compilers - Typical peripherals and their usage - Interrupts and exceptions - Embedded debugging The ability to assess and choose appropriate measures to secure embedded systems motivates: - Short introduction to security objective and cryptographic operations - Typical vulnerabilities in embedded systems - Common attacks and countermeasures - A note on side-channels - Concepts of separation and trusted computing


C programming Basic knowledge in computer architectures

Teaching and learning methods

Knowledge will be taught using slides and notes on the blackboard. Learning by students is supported within the exercises through interactive problem discussion, group work and live programming. Programming exercises during the semester give students the opportunity to train and show their skills on real hardware.


The above mentioned abilities of discussing, classifying, recalling, describing, listing, explaining, comparing, exemplifying, choosing, illustrating, and demonstrating will be assessed by answering open questions, analyzing code examples and calculating problems in a written exam making up 80% of the final grade. The abilities of using and applying are assessed through programming exercises during the course, which make up the remaining 20% of the final grade.

Recommended literature

The definitive guide to ARM Cortex-M3 and Cortex-M4 processors Joseph Yiu Understanding Cryptography Christoph Paar, Jan Pelzl Accompanied lecture slides: http://www.crypto-textbook.com Handbook of Applied Cryptography Alfred J. Menezes, Paul C. van Oorschot, Scott A. Vanstone Download from: http://www.cacr.math.uwaterloo.ca/hac/ Security Engineering Ross Anderson Download from: https://www.cl.cam.ac.uk/~rja14/book.html


Hinweis und Weitere Informationen

Die Vorlesung wird um ein Praktikum um eine SWS ergänzt.

Wird im Winter- und Sommersemester angeboten.

Programmierübungen auf einem eingebetteten System von Infineon ermöglichen es, die erlernten Inhalte praktisch einzusetzen.


Die Folien werden nach der Vorlesung unter Moodle bereitgestellt


Englisch (WiSe), Deutsch (SoSe)




Im Rahmen der Embedded Systems and Security Übung programmieren die Studierenden eine Fernsteuerung auf einem Infineon XMC4500 Relax Lite Board für die Murmelbahn im Video. Bei einer erfolgreichen Authentifizierung können die Studierenden die Bahn von ihrem Board auslösen.

Alternativ kann die Murmelbahn durch das brechen einer 16 Bit Mini RSA Verschlüsselung gestartet werden.

Sie ist erreichbar unter (innerhalb des TUM Netzwerks)

Infineon XMC4500 Relax Kit