Security is a critical challenge for modern embedded, mobile, and IoT devices. One the one hand, these devices contain sensitive assets that must be protected from unauthorized access. On the other hand, high design complexity, aggressive time-to-market, and a complex, global supply-chain provide numerous opportunities for introduction of errors, vulnerabilities, and security backdoors that can be exploited on-field to compromise the device. In this paper we look at some of the security challenges in this era: questions on the root of trust and certification challenges in mobile and embedded devices, conflicts and trade-offs between security and functional debug, and vulnerability results from widespread application of electronic design automation (EDA) tools for system synthesis.