Embedded Security Engineering

With practical examples for the automotive industry and IoT

The challenge: Systematically developing and implementing cybersecurity in embedded systems

Embedded systems are used in many fields such as the automotive industry, industrial
automation, or Internet of Things (IoT). As interconnection in networks expands, they are increasingly exposed to cyberattacks. While in the past, it was sufficient to take measures to ensure functional safety, nowadays IT security measures are necessary. To implement suitable IT security measures many different factors must be taken into account. As such, a systematic development methodology is required, for example, SAE-J3061, which is a requirement in the automotive industry. Likewise, there is a demand for information regarding specific requirements (e.g. interactions between safety and security, long-term security) and suitable technical IT security measures.

The solution: Methodical and technical expertise

The participants will become familiarized with a development process for embedded systems, both theoretically and practically, based on a specific application case. Security concepts, procedures and protocols are systematically developed on the basis of typical threats and weaknesses. Different question will be addressed, such as: implementation of lightweight cryptography with appropriate key management; using hardware security concepts such as TPM 2.0; or developing protocols, e.g. for secure over-the-air code updates. Hot topics, such as post-quantum cryptography and its practical feasibility in embedded systems, will also be considered.

How you can benefit: at a glance#

After the seminar, you will be able to...

... understand and assess various kinds of threats.
... understand and categorize the basic concepts of IT security and cryptography.
... carry out threat and risk analyses.
... systematically develop security concepts and protocols.
... practically implement security solutions.
... assess the efficiency of the security solutions developed.


This seminar will provide you with...

... first-hand practical knowledge (from various fields of application).
... a comprehensive overview of security solution development processes for embedded systems.
... up-to-date knowledge of research in security solutions for embedded systems.
... practical exercises and demonstrations for implementing security solutions.

Information Overview#


Duration 2 days in class
Learning objectives The participants are provided with a comprehensive overview of the challenges and approaches to developing IT security solutions for embedded systems. In addition to an efficient, systematic approach — from requirement analysis to final assessment of the solution developed — the speakers will also be considering the current solutions and their feasibility.
Target group – Developers in the fields of automotiveindustry, IoT and other fields related to embedded systems that develop IT security solutions
– IT security experts who would like to expand their knowledge in new domains
Requirements Good understanding of technical systems, ideally in the field of embedded systems
Organized by Fraunhofer SIT
Cost € 1.200

Download our flyer for more information.


– IT security development processes
– Basics of IT security and cryptography
– Challenges of securing embeddedsystems
– Lightweight cryptography and keymanagement for embedded systems
– Long-term security for embeddedsystems (e.g. migration strategies, post-quantum cryptography)
– Network security and cryptographicprotocols (e.g. secure over-the-air codeupdates)
– Hardware security (e.g. TPM 2.0,lightweight alternatives)
– Separation and isolation solutions (e.g.microkernel operating systems)
– Platform integrity and device identity(e.g. attestation protocols, securebooting)
– Standardization, e.g. SAE-J3061,ISO15118


The speakers work in the Cyber-Physical Systems Security division of the Fraunhofer Institute for Secure Information Technology (SIT). For many years, they have been analyzing and developing security solutions for embedded systems in various fields, consulting with vehicle manufacturers, suppliers, and industrial automation engineers in developing and standardizing their own embedded systems.