Embedded Security

Fraunhofer Institute for Applied and Integrated Security

Embedded Security
© Fraunhofer AISEC / Volker Steger

The fast reduction of structure sizes in semiconductor technology allows the fabrication of increasingly powerful, energy-saving, and low-price microprocessors. Small micro-controllers can nowadays be found in more and more devices of daily life, like cars or mobile phones. These so-called embedded systems perform various sophisticated and sometimes safety-critical tasks. Failures of these systems have an immediate impact on our real live. These systems impose high requirements on safety and reliability.

Especially the increasing connectivity among embedded systems (Internet of things) demands security functions to ensure a reliable and safe operation of embedded systems. Because of the stringent resource constraints of embedded systems (computational power, energy), these security functions have to be combined with the actual functionality of the embedded system. Integrated security functions are therefore a necessity for a safe and reliable operation of embedded systems.


For our costumers, Fraunhofer AISEC develops hardened embedded systems, in which software security functions are complemented with matching hardware security functions. We offer an integrated hardware and software engineering process, as well as the necessary migration of functionality into hardware. Fraunhofer AISEC provides concepts, and develops and evaluates solutions for embedded systems according to different criteria, like energy consumption, computational power, and communication cost. These customized solutions range from the correct integration of hardware security elements to the development of tailored security solutions in hardware and software, according to the dedicated needs of our costumers.

Skills and services at a glance

  • side-channel analysis and attacks on embedded systems, together with the development of effective countermeasures
  • scalable techniques for the identification and authentication of components
  • efficient techniques for fault-detection and fault-tolerance in digital circuits
  • advanced virtualization concepts for embedded components
  • trusted operating system kernels for embedded systems
  • specific security modules for embedded systems based on field programmable gate arrays (FPGAs)


  • Merli, Dominik, Frederic Stumpf, and Claudia Eckert. Improving the Quality of Ring Oscillator PUFs on FPGAs. In Proceedings of the 5th Workshop on Embedded Systems Security (WESS'2010), Scottsdale, AZ, USA, October 2010.
  • Heyszl, Johann, and Frederic Stumpf. Efficient One-Pass Entity Authentication based on ECC for Constrained Devices. In IEEE Int. Symposium on Hardware-Oriented Security and Trust, pages 88–93 , Anaheim, USA, June 2010. IEEE Computer Society.
  • Stumpf, Frederic, Christian Meves, Benjamin Weyl, and Marko Wolf. A Security Architecture for Multipurpose ECUs in Vehicles. In 25. VDI/VW-Gemeinschaftstagung: Automotive Security, Ingolstadt, Germany, October 2009