Control-flow attacks targeting software on embedded systems are becoming increasingly prevalent. In particular, return-oriented programming attacks exploit software vulnerabilities of embedded software to induce malicious program actions without requiring the attacker to inject any malicious code. Remote attestation is a mechanism that allows establishing trust in embedded devices. Unfortunately, most existing attestation schemes are static. That is, they only report the state of the software that was initially loaded thereby missing detection of control-flow attacks. In this talk, we elaborate on the different classes of control-flow attacks and present recent research on control-flow attestation for embedded systems software to detect these attacks. We discuss the application of control-flow attestation in the context of cyber-physical applications such as an open syringe pump. Lastly, we elaborate on open challenges and hardware support for control-flow attestation.