>
curriculum/Embedded Systems
section 13 of 184 min read

13. Embedded Security

Embedded systems are increasingly the front line of cyber-physical attacks. A compromised pacemaker hurts a patient. A compromised thermostat opens a botnet. A compromised car is a 2-ton remote weapon. Chapter 24 will go deeper; here is the embedded-engineer's view of the attack surface.

13.1 The threat model

  • Remote network attacker. Internet-connected, scanning. Targets the network stack, OTA service, default credentials.
  • Local network attacker. On the same Wi-Fi/BLE/CAN. Exploits weak pairing, replay, MitM.
  • Casual physical attacker. Owns a copy of the device. Can use UART/SWD/JTAG headers, dump flash with a programmer.
  • Skilled physical attacker. Has lab gear: ChipWhisperer, voltage glitcher, microprobe, decapping. Targets bootloaders, secure boot, side channels.
  • Supply-chain attacker. Modifies firmware before shipment, inserts backdoors at the factory.

A defense plan must name which of these you ignore and which you mitigate.

13.2 Secure boot

Already covered above. Recap: each stage signs and verifies the next, root of trust in fuses, anti-rollback. Implementations: ARM TrustZone-M with PSA Secure Boot, NXP HABv4, ST X-CUBE-SBSFU, Nordic nRF Secure Bootloader, ESP-IDF secure boot v2.

13.3 Hardware crypto accelerators

Fast, side-channel-protected crypto without burning CPU: AES, SHA, ECDSA, RSA, RNG. Examples: STM32 CRYP/HASH, Nordic CryptoCell, ESP32 hardware AES. Critical because software AES on Cortex-M0 is 100x slower and far more prone to timing leaks.

13.4 Secure storage

Keys in plain flash = compromised the moment flash is dumped. Better:

  • eFuses for one-shot keys (root of trust, anti-rollback counter).
  • Secure element (ATECC608, NXP A71CH, OPTIGA Trust). Separate chip, talks I2C, holds keys, performs ECDSA on-board. Even if the MCU is fully compromised, keys do not leak.
  • TPM (1.2 / 2.0). PC-style trusted platform module; some industrial embedded use them.
  • TrustZone secure storage. Keys and signed bootloader live in the secure world; non-secure code calls into APIs but never sees keys.

13.5 ARM TrustZone for Cortex-M

TrustZone-M (Armv8-M) splits the chip into Secure and Non-secure worlds. Memory regions, peripherals, and interrupts are tagged. Non-secure code calls Secure functions through Secure Gateway (SG) instructions. Use cases: cryptographic key storage, secure firmware update, license enforcement.

13.6 JTAG/SWD lockout

Production devices should disable debug access. Methods:

  • STM32 RDP (Read Out Protection): RDP1 disables external debug to internal flash, RDP2 permanently locks (can never re-enable).
  • NXP CRP (Code Read Protect): similar three-level scheme.
  • Nordic APPROTECT fuse.
  • ESP32 eFuse to disable JTAG.

But: glitching attacks have repeatedly broken these (Section 10.5). Defense in depth: also encrypt flash, require signed firmware, randomize timing, detect glitches with on-chip monitors.

13.7 Side channels in embedded

Even when crypto is correct, how you compute it leaks. AES on a small MCU has measurable power signatures correlating with key bytes (DPA). ECDSA implementations leak through timing if the scalar multiplication is not constant-time. RTOS context switches alter cache state, leaking secrets across tasks (FlushReload-style attacks even on Cortex-A).

Defenses: constant-time crypto code, masking, hardware accelerators with built-in countermeasures, randomized clock jitter, careful task isolation. Side-channel testing rigs (ChipWhisperer, Riscure Inspector) should be part of any high-stakes embedded security review.

13.8 Common embedded vulnerabilities

  • Default credentials. Telnet root with empty password. Mirai botnet (2016) compromised millions of IP cameras and DVRs this way.
  • Hard-coded keys. A signing key reused across an entire product line. One device dumped, all devices forged.
  • No signed updates. Anyone with network access pushes their own firmware.
  • Debug ports left enabled. UART shells, JTAG/SWD, USB recovery modes. Easy reverse engineering and persistent compromise.
  • Plaintext OTA. Updates over HTTP, no TLS. MITM and replay.
  • Missing flash encryption. Pull the SPI flash off the board, dump, find keys and secrets.
  • Buffer overflows in network stacks. Ripple20 (Treck TCP/IP, 2020), Urgent/11 (VxWorks IPnet, 2019). Each touched hundreds of millions of devices.
  • Cryptographic mistakes. Custom protocols, weak RNGs. The 2010 ATM master-key extraction by Andrea Barisani used a bad PRNG.

The pattern is mundane bugs at scale. The fix is almost never exotic; it is discipline.