This project implements a multi-layered secure embedded architecture on the ESP32 platform using FreeRTOS. The system is designed as a hardened IoT gateway capable of resisting both internal software attacks and external wireless attacks while maintaining deterministic real-time operation.
Unlike conventional IoT security architectures that rely heavily on TLS, BLE pairing, or cloud-side trust enforcement, this implementation demonstrates a lightweight but extremely structured defense-in-depth design directly inside the embedded firmware stack.
The system integrates:
- Secure Boot V2 and eFuse-backed hardware trust
- Software-enforced MPU-style task isolation
- Secure IPC with fault containment
- Authenticated ESP-NOW wireless communication
- PSA Crypto based HMAC verification
- Replay prevention and freshness validation
- Attack simulation and live mitigation
- Deterministic fault handling under FreeRTOS
The architecture is divided into four independent but interconnected security layers:
- Layer 1: Hardware Root of Trust + Secure Boot
- Layer 2: Task Isolation + Software MPU
- Layer 3: Secure IPC + Internal Attack Containment
- Layer 4: Wireless Authentication + Replay Protection
- Firmware Integrity: Ensure only authenticated firmware images execute.
- Runtime Task Isolation: Prevent rogue tasks from reading or modifying privileged memory regions.
- Secure Inter-Task Communication: Prevent internal attacks such as queue flooding, buffer corruption, race conditions, shared resource abuse, and IPC-based denial of service.
- Secure Wireless Communication: Secure ESP-NOW communication providing authentication, integrity, replay prevention, and freshness guarantees without TLS, BLE pairing, or Wi-Fi overhead.
- Fault Isolation: Ensure attacks do not collapse the RTOS kernel (Detect → Isolate → Contain → Continue Operation).
main/main.c: Primary firmware entry point, initializes NVS, starts IPC layer, creates all FreeRTOS tasks.main/comms_layer.c&.h: Implements the secure IPC backbone (static queues, static mutex).main/task_sensor.c: Simulates an embedded sensor node generating telemetry.main/task_comms.c: Security-critical task performing IPC validation, threat detection, HMAC generation, and ESP-NOW transmission.main/task_attacker.c: Simulates malicious firmware behavior (buffer corruption, queue flooding, unauthorized memory access).main/mpu_fault.c: Implements a software-based MPU.main/ipc_fault.c: Centralized IPC threat response engine.main/task_logger.c: Dedicated audit logging subsystem.main/task_admin.c: Highest privilege supervisory task generating heartbeat logs.
To compile and flash this project onto an ESP32:
- Ensure you have the ESP-IDF installed.
- Clone this repository.
- Run
idf.py buildto compile the firmware. - Run
idf.py -p (PORT) flash monitorto flash the ESP32 and view the logs.
For a detailed analysis of the architecture, simulated attack vectors, and security principles, please refer to Report.md.