In the Embedded Security Challenge (ESC), a Blue Team designs a target system. A Red Teams try to hack it.

Competitors must exploit the weaknesses of a target system, assess the effectiveness of their hardware security techniques, identify vulnerabilities and implement effective defense mechanisms. 

ESC is an educational, research-oriented tournament aimed at hacking into the hardware of embedded systems. First run in 2008, it is the oldest hardware security competition in the world. 2019 represents ESC's 12 year anniversary! 

2019 Challenge Overview 

In 2019, a team of security experts from the University of Delaware are developing the competition under the guidance of former ESC lead and now faculty member at UD, Nektarios Tsoutsos. This year's topic is Radio Frequency Identification (RFID). 

RFID is utilized as a security measure in everything from building access to user authentication in computing systems. The 2019 challenge will task competitors with hacking the firmware of a vulnerable RFID reader with professional level United States National Security Agency (NSA) reverse engineering tools.

Competitors will gain experience with the NSA Ghidra tool, firmware exploitation, RFID protocols, and possibly hardware functional testing. 

Following the qualification round, the top teams in each region will be provided a custom PCB and RFID firmware which they will utilize to develop multi-level exploits to bypass the RFID firmware and unlock the system without knowing the correct key.

Please visit the ESC Github repository, accessible via the Click Here link above, for details. 

Participating Regions

• CSAW Europe - hosted by INP-Grenoble Esisar (Valence, France) 
• CSAW India - hosted by IIT Kanpur (Kanpur, India) 
• CSAW MENA - hosted by NYU Abu Dhabi (Abu Dhabi, UAE) 
• CSAW US-Canada - hosted by NYU Tandon School of Engineering (Brooklyn, USA) 

Timeline

(specific dates and details to be released when registration opens) 

April 2019: RFID challenge overview is released (above) 

4 July 2019: Registration opens and competition details published 

15 September 2019: Registration deadline

22 September 2019: Registration deadline *extension*

22 September 2019: Qualification reports due 

7 - 8 November 2019: In-person final demonstrations