Embedded Systems and Security

Lecturer (assistant)
Duration2 SWS
TermSommersemester 2024
Language of instructionGerman
Position within curriculaSee TUMonline
DatesSee TUMonline

Admission information


The students shall be able to design a secure embedded system. In particular, to implement given tasks on an embedded system and to assess and choose appropriate measures to secure an embedded system. The former includes being able to - Use toolchains for embedded development - Discuss memory organisation - Classify types of on-chip memory - Recall the boot process of a uC - Describe and use memory mapped I/O - List common peripherals and explain their purpose - Explain and use interrupts - Compare and use methods for embedded debugging while the latter encompasses the ability to - List security objectives - Exemplify typical vulnerabilities - Apply some common attacks - Choose appropriate countermeasures - Use cryptography - Illustrate methods for separation - Explain and use MMUs/MPUs - Explain side channels - Demonstrate the concept of trusted computing


To enable students to implement given tasks on an embedded system, the course will deal with: - Introduction to microcontrollers, differences to desktop computers - Memory in embedded systems and its usage by C compilers - Typical peripherals and their usage - Interrupts and exceptions - Embedded debugging The ability to assess and choose appropriate measures to secure embedded systems motivates: - Short introduction to security objective and cryptographic operations - Typical vulnerabilities in embedded systems - Common attacks and countermeasures - A note on side-channels - Concepts of separation and trusted computing


C programming Basic knowledge in computer architectures

Teaching and learning methods

Knowledge will be taught using slides and notes on the blackboard. Learning by students is supported within the exercises through interactive problem discussion, group work and live programming. Programming exercises during the semester give students the opportunity to train and show their skills on real hardware.


The above mentioned abilities of discussing, classifying, recalling, describing, listing, explaining, comparing, exemplifying, choosing, illustrating, and demonstrating will be assessed by answering open questions, analyzing code examples and calculating problems in a written exam making up 80% of the final grade. The abilities of using and applying are assessed through programming exercises during the course, which make up the remaining 20% of the final grade.

Recommended literature

The definitive guide to ARM Cortex-M3 and Cortex-M4 processors Joseph Yiu Understanding Cryptography Christoph Paar, Jan Pelzl Accompanied lecture slides: http://www.crypto-textbook.com Handbook of Applied Cryptography Alfred J. Menezes, Paul C. van Oorschot, Scott A. Vanstone Download from: http://www.cacr.math.uwaterloo.ca/hac/ Security Engineering Ross Anderson Download from: https://www.cl.cam.ac.uk/~rja14/book.html


Important and additional Information

An additional lab is part of this module.

Offered in winter and summer semester.

Programming exercises on an embedded system by Infineon will give the opportunity to apply the knowledge acquired in the lectures.


Slides will be uploaded to the lecture's Moodle Course after each session.


English (winter semester), German (summer semester)



Marble Run

In the Embedded Systems and Security exercise, the students program a remote control for the marble run in the video on their Infineon XMC4500 Relax Lite board. The marble run ist started in case of a successfull authentication.

As an alternative, the marble run can be started by breaking a 16 bit mini RSA encryption.

It can be accessed unter (only from inside the TUM network)

Infineon XMC4500 Relax Kit