eCTF

An attack-and-defend exercise for designing secure embedded systems.

Collegiate eCTF 2018

Overview

MITRE's eCTF (embedded capture-the-flag) is an embedded security competition that puts participants through the experience of trying to create a secure system and then learning from their mistakes. The main target is a real physical embedded device, which opens the scope of the challenge to include physical/proximal access attacks. The eCTF is a two-phase competition with attack and defense components. In the first phase, competitors design and implement a secure system based on a set of challenge requirements. The second phase involves analyzing and attacking the other teams’ designs.


Announcements
2018.01.19:  The competition officially kicked off two days ago! We sent out the challenge document to all registered teams for the details on this year's challenge. We also posted our example source code on GitHub.
2018.01.25:  The KickOff meeting is today! Here are the slides.
2018.01.30:  The "Milestones Demo" project has now been posted: 2018-ectf-milestones-demo
2018.02.20:  The challenge document v1.1 is now available. This update to the rules and requirements document adds some new functions that we will use for testing and adds more clarity to address some common questions.

Schedule

2018.01.17:  Start eCTF Phase 1 (secure design)
2018.03.01:  System handoff. Secure designs are due. Start Phase 2 (attack)
2018.04.13:  Competition concludes
2018.04.19:  Award ceremony and debrief



Past competitions and results

Collegiate eCTF 2017

  • First Place Overall: Firmware Dogs --University of Connecticut, advised by John Chandy
  • Mass Attack Winner: Team Sprite --Northeastern University, advised by Guevara Noubir
  • Iron Flag Winners:
    • Firmware Dogs --University of Connecticut, advised by John Chandy
    • pgm_read_flag() --Carnegie Mellon University, advised by Martin Carlisle
    • Snorlax --University of Massachusetts- Amherst, advised by Dan Holcomb

Collegiate eCTF 2016

  • First Place Overall: We're Probably Insecure --Worcester Polytechnic Institute, advised by Thomas Eisenbarth
  • Most Flag Points: WillHax4Snacks --Northeastern University, advised by Yunsi Fei
  • Iron Flag: Tufts eCTF --Tufts University, advised by Ming Chow

Questions?

Please contact the MITRE eCTF team at ectf@mitre.org