This paper proposes a novel approach to visualize microcontroller program control flow by mapping program execution changes onto a space-filling curve for the purpose of anomaly detection as a means to detect adversarial activity. By leveraging the unique behavior of space-filling curves, capable of representing $\mathbf{n}$-dimensional data in higher dimensions while also preserving its locality, this study collects the points of inflection in the program from a microcontroller emulated on QEMU using the ARM General Debugger and visually represents it on a space-filling curve for the purpose of anomaly detection. Each data point on the space-filling curve represents a point of inflection with the attached color representing the point’s location in memory. Control flow trace images were generated for a simple repeating program, producing the same output after each iteration, and complex program, producing a different output after each iteration, for comparison. In this case, a trace’s beginning was determined to be the location at which the program started execution, and the end was when it returned to the same starting location. Two traces for each program were generated and visually compared. The findings showed that both generated trace images for the simple program were the exact same, while the two generated trace images for the complex program varied in length and color distribution. These findings demonstrate how program control flow can be converted into a visual representation capable of displaying anomalous behavior in program execution. The resulting data collected from the methodology described in this paper aims to improve the types of security measures available in embedded systems as a source of data for various machine learning anomaly detection techniques. We propose the conversion of program execution traces in to Space-filling curves as a source for cybersecurity evaluation of embedded system.