Embedded System Hacking and Security

This course provided a deep dive into the security of embedded systems, which make up 98% of all microprocessors in use today. Designed to mirror real-world adversary behavior, the course covered both hardware and software exploitation techniques commonly used to target devices like routers, IoT devices, industrial controllers, and other embedded platforms.

university

University of Maryland • graduate course

focus areas

embedded systems ARM exploitation JTAG / UART firmware analysis ROP secure boot

🔧 key concepts & hands-on skills

  • embedded system architecture: learned components and architecture of embedded systems, including microcontrollers, memory layout, and peripherals.
  • pcb analysis: identified key components like chips, buses, diagnostic ports (UART, JTAG), and tap points on PCBs.
  • hardware hacking techniques:
    • basic soldering and PCB rework
    • used logic analyzers and multimeters
    • bus monitoring & decoding (I²C, SPI)
  • device instrumentation & debugging: used JTAG/UART to extract firmware, access consoles, and debug systems.
  • software exploitation on ARM: wrote & analyzed ARM assembly; performed buffer overflow and ROP on embedded binaries; compared ARM vs x86 exploitation.
  • shellcode development & analysis: crafted shellcode for ARM targets; studied memory corruption attack vectors.
  • mitigations & defenses: explored stack canaries, ASLR, secure boot chains.

🧪 projects & hands-on work

  • reverse engineered and analyzed ARM-based firmware.
  • implemented hardware debugging via JTAG & UART.
  • developed working exploits for vulnerable embedded binaries.
  • tested mitigation bypasses and defense implementations.
Analyzing an ARM-based embedded device via UART connection
Embedded Device Analysis

tools & environment

  • hardware tools: logic analyzer, multimeter, soldering station
  • debugging interfaces: JTAG, UART
  • software: binwalk, Ghidra, OpenOCD
  • os: Linux (Kali/Ubuntu), embedded Linux distros

outcomes

This course bridged hardware and software security, strengthening my skills in reverse engineering, firmware analysis, and ARM-based exploit development. It enhanced my ability to think like an adversary targeting embedded platforms and design countermeasures to defend them.

references & practice

Back to Education