Back to Courses

C and C++ Programming for embedded systems

Instructor: Chris and Felix

BG

Introduction

If you have ever wanted to write a program for use on an embedded system, then arguably this course is for you.  However…. This course is actually designed to take people with a cyber security background and give them the extra knowledge needed to work with the code they find on target devices, as well as write code for those target devices.

C and C++ Programming for embedded systems: Course cost and dates

This module is new, the beta tests are being run:

  • 24th – 28th March 2025
  • 6th – 10th October 2025

Module beta tester cost: £2600+VAT per person

Module standard cost: £3600+VAT per person

Beta testers get the discounted price of £2600+VAT (normal price is £3600+VAT), you will also get public recognition in our hall of fame, dedicated beta-tester swag, and a special acknowledgement on your certificates.

Additional costs include, your travel, accommodation and your breakfast and evening meals.

Deeper description

You might be a pretty good programmer but have no experience in C or C++.  You might even know some C or C++ but have only ever used these skills on traditional IT settings.  This course will teach you about how programming for embedded systems is different.  We look at low-level concepts such as cross compilation, memory issues and address-based peripheral access, as well as some of the higher level challenges such as the implications of resource constrained devices and the use of ASLR.

There is a certain amount of theory to cover in this module.  Yes we will do things like for loops and variable types, but that is because these concepts and the knowledge to apply them are all needed later in the module.  The emphasis throughout this module though is for it to be practical with theoretical support.

Strictly speaking this module isn’t about hacking badly written embedded applications.  Instead its about writing them.  Yes, you read that correctly, the code you produce is likely to be insecure.  This is to enable the module to work through some of the cyber security implications of the code that is in front of you as well as enabling you to see different ways of achieving the same results.  That last part is actually really important, in other modules we look at code that has been decompiled and in order to be able to recognise what those assembly functions are up to, you need to know what the possibilities are.

Without wanting to ruin the surprise we can also reveal that we have devised a cunning plan.  Our plan is a way of getting you all to develop your embedded C and C++ programming knowledge and skills, but with a cyber security emphasis.  This module will give you all of that whilst also simultaneously preparing you for your new career as a cyber criminal mastermind and all things evil for embedded systems.  *Maniacal laugh not included.

Instructors / bio

Chris leads this module as he is a highly skilled professional with deep expertise in C/C++ and C# programming for embedded systems that has been a core component of his strong background in digital forensics. His experience spans a wide range of devices, from traditional computers and mobile devices to embedded systems and IoT gadgets. Chris’s methodical and analytical approach to problem-solving allows him to navigate complex technical challenges, making him a go-to expert in both programming and forensic analysis. Chris’s career has been marked by a commitment to understanding the intricacies of the tasks he is set, whether that is low-level programming or the unique demands of embedded systems. This blend of skills ensures that he can speak with confidence and teach with ease.

Felix supports this module and is our embedded systems expert. He began his cyber security career in 2008 with a focus on vulnerability assessments and web application security. He later became a security engineer and then a penetration tester, eventually leading a team as principal consultant. His interest in cyber-physical systems led him to specialise in embedded systems, securing devices like cars, medical devices, kiosks, ships, and CCTV systems. Felix holds a Master’s degree from Oxford University and has contributed to the field through published research, tools, and conference talks.

Module contents

This list shows the various main topics we cover during the module:

  • Working with different versions of C
  • Development environments
  • Compiling and cross compilation
  • Data types
  • Pointers, values, references and dereferencing
  • Core concepts such as loops, functions, general logic operations and so on
  • Class structure and Object Oriented Programming (OOP)
  • Libraries and modules and static compilation
  • Memory concepts such as memory maps, access types of memory, management and garbage collection, and safety issues
  • Common mistakes both security and non-security related
  • Unsafe functions and why they are fun bad
  • Efficient code for embedded systems and their trade-offs
  • Code obfuscation techniques
  • Interacting with peripherals, for example and GPIO
  • C / C++ vs Embedded C / C++
  • Execution entry points
  • Bare-metal programming
  • More advanced embedded system programming techniques such as networking and routing, message queueing, event driven code and threading

Module format

This module is a strong blend of theoretical discussion and practical, hands-on effort.  At the moment this module is only available in person.  This is because the course is new and we need some beta testers.  In the not-too-distant future we are looking to make this available as a remote course, or hybrid course.  If these options appeal to you, please let us know!

The certification option at the end of this module will inevitably involve some programming.  Exactly what programming you will do though, is a surprise. It isn’t just the code that gets you through this though, there are some surrounding tasks that show you understand the code, understand the purpose of the module and can do useful things by smashing these two bits together.  Again, we think you will like this.

Why this is good for you

Fundamentally this module will enable you to produce working code on embedded systems. It covers a lot of the common ground that would be found in traditional C and C++ programming courses, but it extends this by looking at the unique approaches and challenges that are present with embedded system programming.  As you leave this course you will have produced working code, you will have interacted with hardware at a very low level, and you will have completed this on an embedded device.  This module isn’t just about having nerdy fun its about bringing a whole new dimension to you, either professionally in the work that you do, or personally by enabling you to build digital systems that achieve things in the physical world.

As this is a cyber security course, this module might seem a little misplaced.  We see why that might be the case.  From our experience, the best hackers and penetration testers out are those who have used, built, maintained and developed the type of systems they are now trying to attack.  The objective of this course is to produce individuals that are well prepared, highly skilled and capable of taking on the cyber security concerns of the age of embedded systems.  Don’t worry though, we maintain a cyber-security focus throughout the module and the practical elements of this module will really bring that home.

With this experience and information you will be able to look at embedded code written in C and C++ and be able to understand what it is doing as well as be able to contribute to its extension.  You can take this new knowledge and confidence and use it to take your career into the hardware hacking scene, expand the types of penetration test you take on, or just show off to your mates.

Required equipment, tools, and software

You will need a laptop with at least 8GB RAM, an up to date and stable Operating System, and an Ethernet port / reliable Ethernet dongle.  This laptop must be fully under your control such that you can install tools, dependencies and run arbitrary code.  It is often useful to have the ability to run virtual machines and any that we provide will be suitable for importing into VirtualBox.  If you use a different hypervisor, ensure that you are confident about importing VMs from OVF file formats.  Unfortunately we are unable to pause the course for technical difficulties as a result of the amount of material that we need to cover.

We will use a number of other tools during the module.  We put together a goodie bag which directly relates to the activities in the course.  The free goodie bag is yours to keep at the end of the module. The exact details of what is in it will vary depending on availability but we always make it a useful and interesting collection.  We provide any other tools needed to complete all the tasks set, aside from a laptop.

You don’t need to bring anything extra other than your enthusiasm!

Prerequisites

There are no formal prerequisites, but the C programming for Embedded Systems module is highly technical.  Experience of programming concepts is needed but you don’t have to have prior experience of C or C++.  The module is designed to build good foundational knowledge first and then dig into increasingly interesting stuff as the days progress.  It also works as a brilliant primer for two of our other modules: Software Reverse Engineering (SRE) and Firmware Reverse Engineering (FRE).

Register interest or Get in touch

Register interest