Beyond systems. Sanctuary
At SANCTUARY, we develop next-generation security architectures to secure distributed embedded systems. Our Sanctuary Embedded solution enables the secure aggregation of services on shared platforms to achieve complex functional objectives while reducing costs. Sanctuary guarantees strong isolation between services in embedded computing platforms, from satellites to smart factories.
Sanctuary Embedded combines Security Services and a Consolidation Layer to provide a comprehensive solution for manifold use cases.
Security Services
Securing the full life-cycle of connected embedded systems
Our Sanctuary Security Services provide means to validate a system’s trustworthiness in distributed settings, securely update a system’s software at all layers, and increase the applications’ protection against modern attacks. Simultaneously, the Sanctuary Security Services offer safety guarantees to enable modern applications like assisted and autonomous driving.
Consolidation
Unifying embedded applications on a single platform
Our Sanctuary consolidation solution allows aggregating distributed embedded systems on one single platform, supporting hassle-free deployment of existing applications. This ensures a transparent and unified environment for all subsystems, enabling a faster and more cost-effective development.
The Sanctuary Embedded Benefits
Cost saving
Cost saving
Manage complexity! In today‘s complex products, the use of different subsystems, from microcontrollers to powerful embedded systems, increases hardware costs and leads to chaotic safety and security conditions. Sanctuary Embbeded‘s consolidation approach reduces this complexity and decreases hardware, development, and maintenance costs.
Security
Security
Sanctuary Embedded provides a unified security platform for all embedded systems. The Sanctuary Security Services provide strong security features for the entire system on a single platform and in a distributed environment.
Forward-thinking
Forward-thinking
Designed by an innovation-driven team, well-connected in the research community, the mission of SANCTUARY is to bring next-generation technologies from research into industry-leading products.

You want to get things moving?
Then join our team! We are always looking for passionate people that excel.
News: Stay informed

- Event, Publication
- 08.05.2023
Hardware-Based Isolation for Advanced Safety and Security in Spacecraft
Our team presented a paper on the research prototype of our Zero-Trust Platform for spacecraft, which secures mission-critical flight-control software in space, at the SpaceOps 2023 conference in Dubai. We also attended a spacecraft digitalization conference in Germany, connecting with industry leaders and staying up-to-date on the latest advancements.

- Event
- 24.02.2023
Visit Us at embedded world 2023!
Exciting news! We’re thrilled to announce that we’ll showcase our latest technological innovations and solutions at the [email protected] world booth (3A-325e) at embedded world 2023, which will take place from March 14th to 16th in Nuremberg, Germany.

- Know-how
- 31.01.2023
Hypervisor-assisted Debugging
Debugging options are often quite restricted when porting low-level software to an embedded device. Serial output and printing do not work, so what’s next? In this blog post, we go through typical problems and hypervisor-assisted debugging as a potential alternative.

- Event
- 09.12.2022
Workshop at escar Europe 2022
On 15.11.2022, we held a workshop on Trusted Computing at the escar Europe conference. In particular, the workshop focused on the requirements of Trusted Computing in automotive scenarios.

- News
- 26.11.2022
On the Upcoming EU Cyber Resilience Act
In this blog post, we introduce the recently published draft of the EU Cyber Resilience Act (CRA) which aims to substantially increase the cybersecurity of products sold in the European Union. Moreover, we discuss why the CRA regulations are especially costly to implement when products rely on open-source software.

- Know-how
- 20.09.2022
Managing Run-Time Vulnerabilities
Run-time vulnerabilities are a nasty problem of modern software engineering. In this post, we examine a number of approaches that have been proposed and implemented by the security community. Some approaches aim at preventing the existence of bugs, some others aim at finding the bugs before the code is deployed, and yet others aim at making existing bugs harder to exploit in the field.

- Know-how
- 01.08.2022
Webinar on Trusted Computing Technologies
SANCTUARY is proud to introduce its first free webinar on the basic concepts of Trusted Computing and which threats Trusted Execution Environments have to sustain.

- News
- 15.07.2022
On the New German Cybersecurity Agenda
The German BMI’s recently unveiled cybersecurity agenda calls for broadly promoting innovation, increasing risk awareness, and responding more quickly to cyber threats through closer ties with government agencies. However, these measures are too reactive.
- Use Cases
- 01.06.2022
Continuous Protection in Industry 4.0 with Sanctuary
In this blog post, we discuss the need for suitable security solutions in the context of smart industries and show how Sanctuary can support companies to enable the full potential of the fourth industrial revolution.

- Know-how
- 12.05.2022
Trusted Container Extensions for Container-based Confidential Computing
In this blog post, we introduce Trusted Container Extensions (TCX), a novel container security architecture we designed as part of our applied security research efforts.

- Know-how
- 07.02.2022
SafeTEE: Combining Safety and Security on ARM-based Microcontrollers
We are proud to announce that our paper on SafeTEE, a novel safety and security architecture for ARM-based microcontrollers, got accepted at DATE 2022!

- Event
- 19.01.2022
Confidential Edge Computing @ Horizon Cloud Summit
We just gave a talk about applying lessons learned from Confidential Cloud Computing to the Edge at the Horizon Cloud Summit 2021.

- Know-how
- 05.12.2021
Security Services: Secure Boot
Secure Boot is one of the powerful security services offered by Sanctuary, which can protect systems from rootkits and another advanced persistent threat (APT). This article explains the concept of secure boot and discusses different aspects of this technology.

- Know-how
- 18.09.2021
Security Architectures on the open RISC-V Platform
Our systematization of knowledge publication „In Hardware We Trust? From TPM to Enclave Computing on RISC-V“ which discusses RISC-V security architectures is published at the VLSI-SoC 2021 conference!
Our Partners and Sponsors
Sanctuary is funded by the Federal Ministry of Education and Research as part of the StartUpSecure funding program (funding number: 16KIS1417).