Security in Embedded and (I)IoT Systems: From Classical Protection to the Post-Quantum Era

Embedded and IoT systems have become the backbone of modern industry, the automotive sector, and ecosystems of smart devices. However, as connectivity increases, so does the number of potential attack vectors. Security incidents can not only compromise data, but also paralyze entire production lines or endanger vehicles. It is therefore essential to understand the threats and develop a holistic security strategy. 

While traditional software is primarily exposed to network and application attacks, embedded systems face additional risks from physical manipulation and supply chain vulnerabilities. Attacks on embedded systems are often hardware-centric, exploit physical access, and target the unique constraints and long lifecycles of these systems. 

The Most Common Attacks 

Typical attacks on embedded systems are diverse and often highly specialized. Here is a selection of the most common attack scenarios: 

One of the most common methods is firmware extraction: Attackers read the program code to analyze vulnerabilities or steal intellectual property. Protection mechanisms such as secure boot or encryption are essential to counter this. 

With side-channel attacks, power consumption, electromagnetic emissions, or time information are analyzed to reconstruct cryptographic keys. Countermeasures include masking techniques and hardware protection. 

Manipulation of the boot process also poses a significant risk. Insecure bootloaders allow compromised firmware to be loaded, making an end-to-end “chain of trust” from the bootloader to the application indispensable.   

Attacks on communications are also widespread: unencrypted or poorly secured protocols are vulnerable to data manipulation and eavesdropping attempts. Resource-efficient implementations of TLS (Transport Layer Security) or DTLS (Datagram Transport Layer Security) are essential.   

Man-in-the-middle attacks, in which data between two communication partners is intercepted and modified, can only be prevented by certificate-based authentication.   

Finally, classic software vulnerabilities such as code injection and buffer overflows are also a problem in embedded systems and must be addressed through secure coding practices and compiler protection measures. 

How to Protect? 

The basic security requirements for embedded systems differ only slightly from those of conventional IT systems. Availability is a key objective: systems must remain operational even under attack conditions, especially in safety-critical applications such as automotive or industrial environments. Equally important is tamper protection to ensure that hardware and software cannot be modified without detection. Physical protection mechanisms such as housing sealing and secure elements play an important role here. 

Secure elements are special hardware components (i.e., a chip with its own secure operating system, physically separated from the device's main processor). They ensure maximum security in digital devices and systems and create a tamper-resistant environment in which sensitive data such as cryptographic keys, certificates, payment information, or identity data can be securely stored and processed.  

Real-time capability is another challenge, as security mechanisms must not impair response times. Cryptography must be efficient and deterministic. Finally, the protection of sensitive data such as keys, certificates, and personal information is essential, often through hardware security modules. 
 

The Architectural Perspective 

As with traditional software development, the “security by design” architectural approach is the key to robust systems. Under the banner of “shift left,” security, like testing and quality assurance in general, must not be an afterthought, but must be integrated into the system architecture from the outset. This includes comprehensive risk analyses such as TARA (Threat Analysis and Risk Assessment), IRA (Integrated Risk Assessment), and DRA (Data Risk Assessment) throughout the entire lifecycle, the implementation of the “least privilege” principle, and secure coding practices.   

In addition, a continuous chain of trust ensures that each component verifies the integrity of the previous one. PKI and certificate management are essential for authenticity and integrity, while secure OTA (over-the-air) updates with encryption, signatures, and rollback protection guarantee updatability.  

Embedded development can benefit significantly from classic DevSecOps practices, combining the principles of agility, automation, and collaboration with a strong focus on security. Automated security testing in CI/CD pipelines, static and dynamic code analysis, and the integration of security into the overall development and deployment culture are crucial for identifying and fixing vulnerabilities early on.  

The supply chain is a critical attack vector that is often underestimated. Trusted components, certified suppliers, and secure firmware distribution are prerequisites. Transparency through signed build and a Software Bill of Materials (SBOM) that provides transparency regarding libraries, frameworks, dependencies, versions, and license information in combination with secure boot protect against manipulation in the supply chain. 

Looking ahead 

The post-quantum era poses particular challenges for embedded and IoT systems. Quantum computers threaten classic cryptography algorithms, making quantum-resistant architectures and the integration of PQC algorithms in embedded and IoT devices necessary. It is not clear when Q-Day will arrive (i.e., when a quantum computer capable of cracking classic cryptographic algorithms will be available). But researchers are certain that it will come. It is important to be prepared for this moment. Especially since attackers operate according to the principle of “harvest now, decrypt later,” whereby encrypted data is intercepted and stored today in order to be decrypted in the future as soon as powerful technologies – especially quantum computers – become available. 

This is particularly relevant given that embedded systems are often designed for long service lives. In addition, embedded systems have limited memory resources, which makes it difficult to use more resource-intensive PQC cryptography methods. This is where crypto agility becomes a key competence (i.e., the ability to change algorithms without replacing hardware). Hybrid approaches that combine classic and PQC algorithms are also seen as a practical solution for the transition phase. 

In times when AI is being touted almost everywhere as a new savior, it should be noted that embedded AI also offers new targets for attack. AI models and the data they use must be protected against manipulation. And secure execution environments for AI inference are essential to ensure integrity and confidentiality. This refers to the process in which a trained AI model applies its learned knowledge to new, previously unknown data in order to make predictions, decisions, or classifications. 

In embedded scenarios, there have always been standards and specifications that require manufacturers to meet high safety and security standards, and for good reason. For the automotive industry, ISO/SAE 21434 is the most important standard for cybersecurity. Recently, regulations such as the NIS2 Directive and the Cyber Resilience Act have also made it clear that security is not only a technical challenge, but also a regulatory one. 

These regulations are linked to deadlines that require companies to comply with the requirements behind these regulations by a certain date. While this certainly involves a considerable amount of bureaucracy in some cases, it ultimately contributes to the implementation of security as part of corporate strategy. 

Security: A Fundamental Requirement

Security in embedded and IoT systems is not an annoying add-on, but a fundamental requirement. Manufacturers must pursue a holistic strategy that encompasses DevSecOps, supply chain security, and preparation for the post-quantum era. This is the only way to manage the risks of an increasingly connected world. 

---

Editor's Note: Security in embedded and IoT systems has never been more critical. As connected devices proliferate and attack surfaces expand, engineers are under growing pressure to design products that are secure by design, not as an afterthought. At Elektor, we’ve been covering embedded security for many years — through in-depth articles, hands-on projects, and expert-led learning — because we believe secure engineering is fundamental to innovation. Our mission remains unchanged: to equip the engineers in our global community with the knowledge, tools, and real-world solutions they need to build resilient systems. In March 2026, many companies that focus on embedded security will be exhibiting at the embedded world trade fair. We will cover many of these companies and their solutions on our various media channels in the coming days and weeks.