M
logo

Embedded Capture the Flag:
Helping students experience the creation of a secure embedded system

Young curly hair woman discussing with man in classroom. Classmates are working together through laptop. They are wearing casuals.

Invaluable Hands-on Experience for the Future Cybersecurity Workforce

MITRE’s Embedded Capture the Flag (eCTF) competition provides participants with the invaluable experience of creating secure systems and then learning from their mistakes.
The program sets itself apart from traditional online-focused challenges by focusing on embedded systems, which present distinct security issues. It runs over the majority of the spring semester and includes Design and Attack phases to balance offense and defense. This allows time for development and for advanced attacks during the Attack Phase.

Download the Competition Flyer

Watch the 2023 Award Ceremony

 

Explore the Award Ceremony Presentation Deck

eCTF Takes a Unique Competition Approach

Unlike traditional CTF’s, MITRE’s eCTF presents a two-phase challenge with attack and defense factors. During the first phase, students design and apply a secure system based on a set of competition requirements. In the second phase, students analyze and attack the designs of competing teams.

Design, Handoff, and Attack Phases

Opportunities to Participate

Students & Educators

University-affiliated teams of 3-20 students compete for a cash prize and publicity. (A faculty advisor is required.) The competition is free and split into two 6-week phases starting Jan. 18, 2023. This year teams will design and implement a secure key fob system for a car door lock.

Details on Participation

Sponsors

eCTF sponsorship gives your organization exposure and access to the next generation of embedded security professionals – an in-demand demographic that is notoriously difficult to recruit. Multiple sponsorship tiers allow you to choose your level of involvement and visibility.

Details on Sponsorship

eCTF Over the Years

2016
2016

Pin Door Lock System

In the inaugural eCTF, teams designed a secure pin door lock system.

2017
2017

Bootloader for a Self-Driving Car

Teams designed a secure bootloader for a self-driving car.

2018
2018

ATM-Bank System

Teams designed a secure ATM-bank system.

2019
2019

Video Game Console

Teams designed a secure video game console on the Digilent Arty Z7. The system had to attempt to protect the intellectual property of game designers, prevent users from loading their own software, and allow verified users to install and play games that they have purchased.

2020
2020

Audio Digital Rights Management Module

Teams designed a secure audio digital rights management (DRM) module for a next-generation multimedia player on the Digilent Cora Z7. The system had to be secure to prevent users from playing pirated music, support region locking, and prevent the creation of cloned bootleg players.

2021
2021

UAV Package Delivery System

Teams designed a secure communications system for an unmanned aerial vehicle (UAV) package delivery system. The system had to be secure to prevent attackers from gaining access to the network to spy on and disrupt the UAV system.

2022
2022

Secure Avionic Device

Teams secured an avionic device by designing a secure firmware update system and bootloader. The system must protect intellectual property and aircraft mission secrets in an untrusted environment, and ensure firmware protection and integrity in the face of supply-chain threats such as hardware trojans.

2023
2023

Secure Key Fob

This year teams will design and implement a secure key fob system for a car door lock. Teams are tasked with creating systems that must protect against an adversary with physical access to the devices. Deliverables include car firmware, fob firmware and software tools for interacting with and controlling the devices.

See the 2023 eCTF Winners

PARTICIPATE
SPONSOR

2023 eCTF Winners

  • First Place Overall: Plaid Parliament of Pwning – Carnegie Mellon University, advised by Maverick Woo, Anthony Rowe, and Patrick Tague
  • Second Place Overall: SlugSec – University of California, Santa Cruz, advised by Alvaro Cardenas
  • Third Place Overall: sigpwny – University of Illinois Urbana Champaign, advised by Kirill Levchenko

  • Additional Awards:
    • Best Write-Up: ret2rev – University of New Haven, advised by Aladin Sabanovic and Christopher Martinez
    • Best Poster: b01lers – Purdue University, advised by Antonio Bianchi, Aravind Machiry, and Santiago Torres-Arias
    • Hardware Hacker: Plaid Parliament of Pwning – Carnegie Mellon University, advised by Maverick Woo, Anthony Rowe, and Patrick Tague
A group of eCTF winners posing for a picture on the stairs.

CMU 1st Place

First Place

eCTF winners holding certificates.

UCSC 2nd Place

Second Place

eCTF Winners holding plaques on stairs.

UIUC 3rd Place

Third Place

Stay informed

Sign up for news about MITRE Engenuity and the critical technical challenges facing our nation and world.

Subscribe to updates