To secure digital assets, a tasteful integration of a variety of technologies and processes is necessary. Tamper-resistance is being increasingly used as an important piece of a more comprehensive security system. It provides an effective barrier to entry and protects digital assets in the embedded systems from most people and most attacks. Embedded systems pose unique security challenges because they are largely used in relationships where one party wants to put a secure, embedded device, in the hands of another, with the assurance that the second party cannot modify/hack the device. First, we outline the major attacks that threaten the security of an embedded system. The vulnerability landscape of an embedded system is a vast expanse of attacks. A good understanding of the threats is necessary so that countermeasures can be devised to protect against threats that pose the greatest risk. Second, we present countermeasures and discuss their effectiveness in protecting the crown jewels of an embedded system: boot code, operating system software and embedded hardware. A clear understanding of attacks and countermeasures enables a system architect to make rational investment decisions in designing a secure, embedded system.