logo
        • Who We Are
        • Learn more about MITRE Engenuity’s journey as a hub for transformative innovation.

        • How We Engage
        • We forge innovative partnerships to generate whole-of-nation solutions to complex technological problems.

        • Contact Us
        • Connect with a member of the MITRE Engenuity team and ensure your inquiry gets to the right people.

        • Cybersecurity
        • We are relentlessly advancing the art of threat-informed defense, anchored by a belief that we can improve our defenses with a systemic application of a deep understanding of adversary tradecraft and technology.

        • ATT&CK Evaluations
        • We offer objective analysis of cyber products and features – see our latest results.

        • Center for Threat-Informed Defense
        • Read more about the cutting-edge research and development being done with input from our participant organizations, featuring some of the top security operations centers.

        • Developing tomorrow's cyber workforce today.
        • News & Insights
        • We are leading the leading edge of innovation. Explore the latest news, insights, R&D, and special projects from our advanced tech experts and partners.

        • Subscribe to Our Newsletters
        • Our tech foundation is addressing the complex problems that face our nation today. Find out how you can join our efforts as we spur innovation for public good.

          Subscribe

Embedded Capture the Flag:
Helping students experience the creation of a secure embedded system

Young curly hair woman discussing with man in classroom. Classmates are working together through laptop. They are wearing casuals.

Invaluable Hands-on Experience for the Future Cybersecurity Workforce

MITRE’s Embedded Capture the Flag (eCTF) competition provides participants with the invaluable experience of creating secure systems and then learning from their mistakes.
The program sets itself apart from traditional online-focused challenges by focusing on embedded systems, which present distinct security issues. It runs over the majority of the spring semester and includes Design and Attack phases to balance offense and defense. This allows time for development and for advanced attacks during the Attack Phase.

Download the Competition Flyer

2024 eCTF Winners

A group of people, some seated and some standing, pose for a photo in a large room with wooden paneling and a gridded ceiling. Many wear medals and business attire.

Winning Teams

  • First Place Overall: Carnegie Mellon University, $10,000
  • Second Place Overall: University of Illinois Urbana-Champaign, $5,000
  • Third Place Overall: Purdue University, $2,500

Additional Awards:

  • Top High School: Delaware Area Career Center, $2,500

  • Best Poster: Purdue University, $2,500

  • Responsible Disclosure: Carnegie Mellon University, $2,500

eCTF Takes a Unique Competition Approach

Unlike traditional CTF’s, MITRE’s eCTF presents a two-phase challenge with attack and defense factors. During the first phase, students design and apply a secure system based on a set of competition requirements. In the second phase, students analyze and attack the designs of competing teams.

Opportunities to Participate

Students & Educators

University-affiliated teams of 3-20 students compete for a cash prize and publicity. (A faculty advisor is required.) The competition is free and split into two 6-week phases in January. This year teams will design and implement a secure key fob system for a car door lock.

Sponsors

eCTF sponsorship gives your organization exposure and access to the next generation of embedded security professionals – an in-demand demographic that is notoriously difficult to recruit. Multiple sponsorship tiers allow you to choose your level of involvement and visibility.

eCTF Over the Years

2016
2016

Pin Door Lock System

In the inaugural eCTF, teams designed a secure pin door lock system.

2017
2017

Bootloader for a Self-Driving Car

Teams designed a secure bootloader for a self-driving car.

2018
2018

ATM-Bank System

Teams designed a secure ATM-bank system.

2019
2019

Video Game Console

Teams designed a secure video game console on the Digilent Arty Z7. The system had to attempt to protect the intellectual property of game designers, prevent users from loading their own software, and allow verified users to install and play games that they have purchased.

2020
2020

Audio Digital Rights Management Module

Teams designed a secure audio digital rights management (DRM) module for a next-generation multimedia player on the Digilent Cora Z7. The system had to be secure to prevent users from playing pirated music, support region locking, and prevent the creation of cloned bootleg players.

2021
2021

UAV Package Delivery System

Teams designed a secure communications system for an unmanned aerial vehicle (UAV) package delivery system. The system had to be secure to prevent attackers from gaining access to the network to spy on and disrupt the UAV system.

2022
2022

Secure Avionic Device

Teams secured an avionic device by designing a secure firmware update system and bootloader. The system must protect intellectual property and aircraft mission secrets in an untrusted environment, and ensure firmware protection and integrity in the face of supply-chain threats such as hardware trojans.

2023
2023

Secure Key Fob

This year teams will design and implement a secure key fob system for a car door lock. Teams are tasked with creating systems that must protect against an adversary with physical access to the devices. Deliverables include car firmware, fob firmware and software tools for interacting with and controlling the devices.

2024
2024

Medical Device

Teams will design and implement a supply chain security solution for microcontrollers on a medical device. The system must securely verify the device integrity while keeping sensitive data confidential.

Stay informed

Sign up for news about MITRE Engenuity and the critical technical challenges facing our nation and world.

Subscribe to updates