Surveys

Beyond the Sample Firmware: Survey of Embedded System Security#

Point of contact: Qiang Liu
Suitable for: BSc semester project, potentially BSc thesis, MSc semester project, or thesis
Keywords: Embedded system security, Hardening and attacks, Embedded inference

Embedded systems power critical applications ranging from satellites and public transport to agricultural machinery, smart locks, routers, and cameras. Their security cannot be captured by sample firmware alone, as real-world threats span multiple layers. At the hardware level, attacks such as voltage glitching challenge integrity measurement and device resilience, while hardening techniques aim to close these gaps. At the hardware–software boundary, co-designed mitigations like MPUs and hypervisors play a key role in isolation and key management, yet remain targets of sophisticated attacks. At the software layer, authentication protocols and cryptographic keys are frequently exposed, undermining device trustworthiness. This survey provides a holistic view of these challenges and defenses, while also considering the computational capacity of embedded platforms and their growing role in enabling embedded inference at the edge.

The objectives are to:

Compile a representative list of critical embedded devices and their firmware
Survey existing mitigations at the hardware, hardware–software co-design, and software levels, along with corresponding attack techniques
Assess the computational capabilities of embedded systems and examine the feasibility and challenges of deploying machine learning inference on these platforms

Trust Across the Skies: Survey of All-Altitude Aero-Space Security#

Point of contact: Qiang Liu
Suitable for: BSc semester project, potentially BSc thesis, MSc semester project, or thesis
Keywords: Embedded system security, Hardening and attacks, Embedded inference

All-altitude aero-space security spans diverse targets—including satellites, aircraft, drones, base stations, and supporting cloud infrastructures—but the most critical challenge lies in securing the integrated cloud–base station–aircraft–satellite networks. These multi-layered systems enable global communication, navigation, and control, yet also introduce cascading vulnerabilities. An adversary who compromises a single layer, such as a base station or cloud service, may propagate attacks upward to aircraft or satellites, or downward to end devices, threatening safety and mission continuity. Known attack vectors include GPS spoofing, signal jamming, avionics intrusion, and exploitation of weak authentication and key management in cross-domain links. Mitigations require coordinated defenses: trusted execution in aircraft and satellites, integrity verification at base stations, and secure orchestration in the cloud. Building resilience in these interconnected networks remains a central challenge, demanding end-to-end designs that unify hardware, protocol, and system-level defenses across altitudes.

The objectives are to:

Compile a representative list of aero-space targets
Survey existing mitigations and attacks

Hacking Culture#

We have focused too much on cool technology while neglecting the fun stories, nerdy fonts, and meme creativity that are equally important. It's time to systematically explore and celebrate hacking culture—not just to entertain ourselves but also to inspire and attract more people to join us. Parents can raise children who are independent and creative, teachers can guides students who are collaborative and competitive, and entrepreneurs can engage customers who are eager to buy innovative products. Be classy and be cool!