News
Tutorial SlotsWritten on 09.04.26 by Julian Rederlechner Hey everyone, we hope you're all settling into the semester well! The first tutorial sessions are coming up, so it’s time to choose your preferred slot. We’ll have three options on Tuesdays:
This schedule will remain the same… Read more Hey everyone, we hope you're all settling into the semester well! The first tutorial sessions are coming up, so it’s time to choose your preferred slot. We’ll have three options on Tuesdays:
This schedule will remain the same for the following dates:
Each slot has limited capacity, so if one works best for your schedule, make sure to sign up early. Registration is open from now until Monday, April 13th at 16:00. Looking forward to seeing you in the tutorials! |
Foundations of Firmware Security
This course introduces students to the security of embedded systems, focusing on identifying and analyzing firmware vulnerabilities. The course begins with core concepts in embedded systems and hardware communication protocols, including UART, SPI, and JTAG. Students will learn to extract and analyze firmware from real-world devices.
The curriculum then moves into reverse engineering of unknown binaries, teaching foundational techniques for recovering control and data structures. Tools such as Ghidra and QEMU are used for firmware emulation and reverse engineering. Students then explore vulnerability discovery through fuzzing and rehosting techniques, learning to design or adapt fuzzers to analyze embedded firmware. Additional topics include software vulnerabilities, side-channel analysis, and bug triaging. The course also includes a weekly hands-on tutorial session.
Instead of a written exam, students complete a final project report and an oral exam, during which they demonstrate their skills by identifying 0-day vulnerabilities in embedded firmware.
We take pride in the fact that all previous iterations of this course have led students to discover 0-day vulnerabilities in real-world embedded firmware.
Prerequisites
This course is not for the unprepared. You must have hands-on experience in C (and at least a basic understanding of Rust or be willing to learn a bit of Rust), as well as solid knowledge of operating systems and cybersecurity. If you lack these foundations, you will struggle from day one, fall behind, and eventually fail the course.
Most homeworks build on the previous one. If you cannot solve one, you will likely not be able to solve the rest. This requires a serious time investment.
Confidence, Claude Code, "learning ability," or the belief that you are the exception will not save you. Every year, students who are convinced they are different try, and every year, they fail. If you are not prepared, do not enroll.
Course Book:
We recommend the following course books so you can get familiar with the topics:
1. Fuzzing Against the Machine: Automate vulnerability research with emulated IoT devices on QEMU, ISBN: 978-1804614976
2. The Hardware Hacking Handbook: Breaking Embedded Security with Hardware Attacks, ISBN: 978-1593278748
3. Microcontroller Exploits, ISBN: 978-1718503885
More info: https://www.infomath-bib.de/tmp/vorlesungen/info-advanced_foundations-of-firmware-security.html
Time, Location, and Structure
Lectures: CISPA C0 - 0.05 Lecture Hall, Every Wednesday 13:00 to 15:00 (c.t.)
Tutorials: CISPA C0 - 0.01 Presentation Room. The first three tutorials are dependent on the group assignment (3 Groups, Tuesdays 09:00-11:00, 13:00-15:00, and 15:00-17:00), then a weekly tutorial at 09:00-11:00 every Tuesday.
Kickoff Lecture: 8th April 2026,
Kickoff Tutorial: 14th April 2026
Grading
There is no written exam in this course. 40% of your final grades come from tasks and homework. 60% of your grades come from the final project report and your verbal exam. To be admitted to the exam, you must achieve at least 50% of the points from the exercises. The final project is applying the techniques learned in class to a set of targets (bypassing fuzzing obstacles, selecting and building the targets, finding vulnerable code, and writing PoCs). Then the students should write a "Final Project Report". The final project report should contain a step-by-step, detailed description of the whole process. To pass the course, you must score at least 50% on the final oral exam.
Strict no cheating policy
You may discuss the assignments with other students, but you are not allowed to collaborate on the solutions. Your solution should be original and not an existing solution (e.g., from someone else, the internet, LLMs, etc). All submissions will be automatically checked for plagiarism due to our strict no-cheating policy. If we find plagiarism, we will assign 0 points. If you ever get stuck, you can ask questions in the forum or participate in the exercise lessons. We invite you to help fellow students who have asked questions, but avoid giving away the solution. Nobody likes spoilers :)
Regardless, the course is designed in such a way that by cheating, you guarantee your failure on the final project and oral exam.
Verbal Exam
This course does not have a written exam. At the end of the semester, there will be an oral exam of your final project for 30 minutes. All questions of the oral exam are in English. You will need to bring your laptop and present your final project report in a step-by-step manner. We will ask related questions about the report and lectures.
Verbal Exam Date: The verbal exam will take place between July 29th and July 31st. Your specific day depends on your assigned time.