Project Laboratory Secure SoC for the Internet-of-Things

Lecturer (assistant)
Duration4 SWS
TermSommersemester 2022
Language of instructionEnglish
Position within curriculaSee TUMonline
DatesSee TUMonline

Admission information


At the end of this module, students are able to: 1) Develop software for an complex embedded system; 2) Understand the basis of IoT protocols; 3) Understand the concepts of cryptographic algorithms; 4) Use the IoT operating system Contiki OS to realize a complex project; 5.) Identify the weaknesses of a IoT-Protokoll (MQTT); 6.) Understand and successfully implement an authenticated encryption method.


Working together in teams, students must provide application layer security to a System-on-Chip (SoC) that operates in the context of IoT. The used SoC is the SensorTag of the company Texas Instruments, which was developed in the IoT context. As an operating system the open source Contiki OS is used. The Sensortag (SoC) has the following functionalities: i) Acquire data of the seven connected sensors (humidity, temperature, ambient light, ...) ii) Realize a MQTT client that sends the sensor data to a MQTT broker over the 6LoWPAN protocol. The security of the transmitted sensor data is provided by the use of an authenticated encryption. This symmetric encryption method ensures an end to end encryption between the MQTT-Publisher and MQTT-Subscriber. The necessity of a secure communication is demonstrated on the basis of an existing unsecured connection.


The following modules should be passed before taking the course: - Applied cryptology - Embedded Systems and Security It is recommended but not mandatory to take the following modules additionally: - Secure Implementation of Cryptographic Algorithms

Teaching and learning methods

- Teacher-centered teaching with discussions during the introduction of the laboratory to provide the required background. - Freely scheduled self-study with supervision from a tutor and an adviser during the project part, to facilitate the students in learning how to solve typical problems from the field of engineering. Important information for the lab is provided in form of a Wiki.


The module is examined in form of a lab work, which is graded as a whole, and consists of the following parts: - The students show the practical capability to develop software for a complex SoC by realizing a project in the context of IoT. The design must be processed and documented in groups. - The capability to design complex embedded systems and to secure the transferred data against possible attackers is shown in a 30-minute presentation on the project with subsequent discussion. For individual evaluation, each student must keep a lab diary regarding the task developed in the laboratory. - The contribution of each student to the group work is identified in an individual 10-minutes discussion. Also, the acquired knowledge of IoT protocols, cryptographic algorithms and the software development for the given SoC is shown during the discussion.

Recommended literature

- Understanding Cryptography, Christof Paar and Jan Pelzl, ISBN-13: 978-3-642-04100-6 - Federal Information Processing Standard, Advanced Encryption Standard, FIPS PUB 197 -