Page path:

Engineering Secure Devices

Professor releases practical guide for cyber security and engineering professionals

Embedded systems can be found everywhere. These components often perform very specific and critical tasks. This makes them important elements in networked systems and therefore frequent targets of cyberattacks. Created with Stable Diffusion.
Jun 25, 2024

In his book, Engineering Secure Devices, Prof. Dr. Dominik Merli guides the reader through the process of crafting secure devices, ranging from specialized industrial components to everyday smart home appliance.


While developing devices, security can sometimes take a back seat compared to the devices’ functionality and profitability. However, in an increasingly networked and digitized world, a device’s security becomes a factor for success, ensuring customer satisfaction and, therefore, strengthening the manufacturer’s standing among its competitors.

Prof. Dr. Dominik Merli, professor of IT security at the Technical University of Applied Sciences Augsburg (THA) and head of THA’s Institute for Innovative Safety and Security (THA_innos), addresses this need for security with his book Engineering Secure Devices: A Practical Guide for Embedded System Architects and Developers, published in June 2024.

Merli says: “Engineering Secure Devices is a result of our daily research in embedded system security and my personal experiences with companies and products from various industries. The book is condensed practical know-how, boiling down to the question: How to balance the need for robust security with performance and innovative product design?”


Securing devices: Cyber Resilience Act and further challenges

Merli explains: „Whether you’re an IoT developer or an embedded system architect, Engineering Secure Devices equips you with indispensable knowledge to design, secure, and support the next generation of smart devices. This includes an increasing number of products—industrial components, smart household appliances, simple webcams or even four-legged robots.”

“However, the variety of IoT devices and their specific requirements are just one part of the challenges engineers and manufacturers face,” Merli continues. “New regulatory frameworks, like IEC 62443-4-2 for components in industrial automation and control systems or the EU’s upcoming Cyber Resilience Act for every product with digital elements, demand investments in device cyber security—even from a legal perspective.”

Dominik Merli, Prof. für IT-Sicherheit
Prof. Dr. Dominik Merli is head of THA_innos and professor of IT security at the THA, with over a decade of experience at organizations like Fraunhofer and Siemens. Photographer: Pia Simon

Crafting secure devices

Engineering Secure Devices guides readers through crafting secure devices—from protecting crucial assets to the nature of attackers and the risks they pose. The book also explores the technical intricacies and pros and cons of symmetric and asymmetric cryptography, how to use and analyze random number generators and cryptographic algorithms, and how to ensure confidential data storage and secure memory.

Further, it dives into secure device identity solutions and communication protocols, the design of secure boot and update processes, and the management of device access control. Lastly, Merli discusses robust device architectures that withstand attacks while maintaining critical operations and system monitoring strategies to detect and respond to anomalies or security breaches in IoT devices.

Engineering Secure Devices: A Practical Guide for Embedded System Architects and Developers was recently published by No Starch Press, an American publishing company specializing in technical literature. The printed version can be ordered for $59.99 and includes the e-book. 

About the Institute for Innovative Safety and Security


The Institute for Innovative Safety and Security at Technical University of Applied Sciences Augsburg (THA_innos) supports organizations of all sizes in operating securely and sustainably in a networked world. The institute's innovative approaches make systems, products and personnel resistant to digital threats that endanger economy and society.

Logo THA_innos