Secure embedded systems

Lecturer(s): Cédric MARCHAND
Course ⋅ 16 hPW ⋅ 8 hStudy ⋅ 4 h


Embedded systems are everywhere, whether in our pockets, homes or cars, but also in industry, aeronautics or the space sector. More and more of these systems are used in applications where the data handled is sensitive and must be protected. With the increase of Internet of thins ecosystems, a particular interest in security problems arises among the general public, notably with contactless payment, connected electricity meters, home automation, etc.

Throughout this course, we will discuss the basic principles of security as well as their integration into embedded systems. The classic attacks as well as some countermeasures will be presented. Finally, specific areas such as counterfeiting or security in RFID systems will be addressed to provide concrete and precise examples. The practical activities work students to implement, at least in part, an algorithm used for data security on microcontroller. The second step will be to attack this algorithm with a classic and very effective attack when the security algorithm is not protected.


Embedded System, Security, cryptography, hardware attacks and countermeasures


This module is divided in 82h of lectures and 24h of practical sessions. A 4h session is also used to prepare the practical sessions.

First, we introduce basical notions of embedded systems and security with 3 lectures: 1 - Introduction course : definition of embedded system, security and global challenge and opportunities 2 - Introduction to embedded systems, microcontroller and FPGA 3 - Introduction to cryptography

Then we explore different types of attacks targeting embedded systems and some countermeasures: 1 - Attacks and countermeasure on embedded systems 2 - Hardware primitives for electronic systems' security

Finally, we approach two specific context and give examples of the use of security in embedded systems: 1 - Fight against counterfeiting of integrated circuit 2 - RFID systems' security (external speaker from Naval group : Julien Francq)

Practical activities: Prepare practical sessions, 1 BE (4h) :

  • Install necessary software
  • Introduction to embedded system programming

Practical sessions: TP1 : Implement AES cryptographic algorithm on stm32 embedded board (4h) TP2 : Attack the AES implementation using Side Channel Attack (correlation power analysis) (4h)


grade = 70% knowledge + 30% pratical sessions

Knowledge grade = 100% final exam Practical sessions grade = = 50% TP1 + 50% TP2,