New approaches for embedded development

The idea for this posting started when I read New approaches to dominate in embedded development article. Then I found some ther related articles and here is the result: long article.

Embedded devices, or embedded systems, are specialized computer systems that constitute components of larger electromechanical systems with which they interface. The advent of low-cost wireless connectivity is altering many things in embedded development: With a connection to the Internet, an embedded device can gain access to essentially unlimited processing power and memory in cloud service – and at the same time you need to worry about communication issues like breaks connections, latency and security issues.

Those issues are espcecially in the center of the development of popular Internet of Things device and adding connectivity to existing embedded systems. All this means that the whole nature of the embedded development effort is going to change. A new generation of programmers are already making more and more embedded systems. Rather than living and breathing C/C++, the new generation prefers more high-level, abstract languages (like Java, Python, JavaScript etc.). Instead of trying to craft each design to optimize for cost, code size, and performance, the new generation wants to create application code that is separate from an underlying platform that handles all the routine details. Memory is cheap, so code size is only a minor issue in many applications.

Historically, a typical embedded system has been designed as a control-dominated system using only a state-oriented model, such as FSMs. However, the trend in embedded systems design in recent years has been towards highly distributed architectures with support for concurrency, data and control flow, and scalable distributed computations. For example computer networks, modern industrial control systems, electronics in modern car,Internet of Things system fall to this category. This implies that a different approach is necessary.

Companies are also marketing to embedded developers in new ways. Ultra-low cost development boards to woo makers, hobbyists, students, and entrepreneurs on a shoestring budget to a processor architecture for prototyping and experimentation have already become common.If you look under the hood of any connected embedded consumer or mobile device, in addition to the OS you will find a variety of middleware applications. As hardware becomes powerful and cheap enough that the inefficiencies of platform-based products become moot. Leaders with Embedded systems development lifecycle management solutions speak out on new approaches available today in developing advanced products and systems.

Traditional approaches

C/C++

Tradionally embedded developers have been living and breathing C/C++. For a variety of reasons, the vast majority of embedded toolchains are designed to support C as the primary language. If you want to write embedded software for more than just a few hobbyist platforms, your going to need to learn C. Very many embedded systems operating systems, including Linux Kernel, are written using C language. C can be translated very easily and literally to assembly, which allows programmers to do low level things without the restrictions of assembly. When you need to optimize for cost, code size, and performance the typical choice of language is C. Still C is today used for maximum efficiency instead of C++.

C++ is very much alike C, with more features, and lots of good stuff, while not having many drawbacks, except fror it complexity. The had been for years suspicion C++ is somehow unsuitable for use in small embedded systems. At some time many 8- and 16-bit processors were lacking a C++ compiler, that may be a concern, but there are now 32-bit microcontrollers available for under a dollar supported by mature C++ compilers.Today C++ is used a lot more in embedded systems. There are many factors that may contribute to this, including more powerful processors, more challenging applications, and more familiarity with object-oriented languages.

And if you use suitable C++ subset for coding, you can make applications that work even on quite tiny processors, let the Arduino system be an example of that: You’re writing in C/C++, using a library of functions with a fairly consistent API. There is no “Arduino language” and your “.ino” files are three lines away from being standard C++.

Today C++ has not displaced C. Both of the languages are widely used, sometimes even within one system – for example in embedded Linux system that runs C++ application. When you write a C or C++ programs for modern Embedded Linux you typically use GCC compiler toolchain to do compilation and make file to manage compilation process.

Most organization put considerable focus on software quality, but software security is different. When the security is very much talked about topic todays embedded systems, the security of the programs written using C/C++ becomes sometimes a debated subject. Embedded development presents the challenge of coding in a language that’s inherently insecure; and quality assurance does little to ensure security. The truth is that majority of today’s Internet connected systems have their networking fuctionality written using C even of the actual application layer is written using some other methods.

Java

Java is a general-purpose computer programming language that is concurrent, class-based and object-oriented.The language derives much of its syntax from C and C++, but it has fewer low-level facilities than either of them. Java is intended to let application developers “write once, run anywhere” (WORA), meaning that compiled Java code can run on all platforms that support Java without the need for recompilation.Java applications are typically compiled to bytecode that can run on any Java virtual machine (JVM) regardless of computer architecture. Java is one of the most popular programming languages in use, particularly for client-server web applications. In addition to those it is widely used in mobile phones (Java apps in feature phones,) and some embedded applications. Some common examples include SIM cards, VOIP phones, Blu-ray Disc players, televisions, utility meters, healthcare gateways, industrial controls, and countless other devices.

Some experts point out that Java is still a viable option for IoT programming. Think of the industrial Internet as the merger of embedded software development and the enterprise. In that area, Java has a number of key advantages: first is skills – there are lots of Java developers out there, and that is an important factor when selecting technology. Second is maturity and stability – when you have devices which are going to be remotely managed and provisioned for a decade, Java’s stability and care about backwards compatibility become very important. Third is the scale of the Java ecosystem – thousands of companies already base their business on Java, ranging from Gemalto using JavaCard on their SIM cards to the largest of the enterprise software vendors.

Although in the past some differences existed between embedded Java and traditional PC based Java solutions, the only difference now is that embedded Java code in these embedded systems is mainly contained in constrained memory, such as flash memory. A complete convergence has taken place since 2010, and now Java software components running on large systems can run directly with no recompilation at all on design-to-cost mass-production devices (consumers, industrial, white goods, healthcare, metering, smart markets in general,…) Java for embedded devices (Java Embedded) is generally integrated by the device manufacturers. It is NOT available for download or installation by consumers. Originally Java was tightly controlled by Sun (now Oracle), but in 2007 Sun relicensed most of its Java technologies under the GNU General Public License. Others have also developed alternative implementations of these Sun technologies, such as the GNU Compiler for Java (bytecode compiler), GNU Classpath (standard libraries), and IcedTea-Web (browser plugin for applets).

My feelings with Java is that if your embedded systems platform supports Java and you know hot to code Java, then it could be a good tool. If your platform does not have ready Java support, adding it could be quite a bit of work.

 

Increasing trends

Databases

Embedded databases are coming more and more to the embedded devices. If you look under the hood of any connected embedded consumer or mobile device, in addition to the OS you will find a variety of middleware applications. One of the most important and most ubiquitous of these is the embedded database. An embedded database system is a database management system (DBMS) which is tightly integrated with an application software that requires access to stored data, such that the database system is “hidden” from the application’s end-user and requires little or no ongoing maintenance.

There are many possible databases. First choice is what kind of database you need. The main choices are SQL databases and simpler key-storage databases (also called NoSQL).

SQLite is the Database chosen by virtually all mobile operating systems. For example Android and iOS ship with SQLite. It is also built into for example Firefox web browser. It is also often used with PHP. So SQLite is probably a pretty safe bet if you need relational database for an embedded system that needs to support SQL commands and does not need to store huge amounts of data (no need to modify database with millions of lines of data).

If you do not need relational database and you need very high performance, you need probably to look somewhere else.Berkeley DB (BDB) is a software library intended to provide a high-performance embedded database for key/value data. Berkeley DB is written in Cwith API bindings for many languages. BDB stores arbitrary key/data pairs as byte arrays. There also many other key/value database systems.

RTA (Run Time Access) gives easy runtime access to your program’s internal structures, arrays, and linked-lists as tables in a database. When using RTA, your UI programs think they are talking to a PostgreSQL database (PostgreSQL bindings for C and PHP work, as does command line tool psql), but instead of normal database file you are actually accessing internals of your software.

Software quality

Building quality into embedded software doesn’t happen by accident. Quality must be built-in from the beginning. Software startup checklist gives quality a head start article is a checklist for embedded software developers to make sure they kick-off their embedded software implementation phase the right way, with quality in mind

Safety

Traditional methods for achieving safety properties mostly originate from hardware-dominated systems. Nowdays more and more functionality is built using software – including safety critical functions. Software-intensive embedded systems require new approaches for safety. Embedded Software Can Kill But Are We Designing Safely?

IEC, FDA, FAA, NHTSA, SAE, IEEE, MISRA, and other professional agencies and societies work to create safety standards for engineering design. But are we following them? A survey of embedded design practices leads to some disturbing inferences about safety.Barr Group’s recent annual Embedded Systems Safety & Security Survey indicate that we all need to be concerned: Only 67 percent are designing to relevant safety standards, while 22 percent stated that they are not—and 11 percent did not even know if they were designing to a standard or not.

If you were the user of a safety-critical embedded device and learned that the designers had not followed best practices and safety standards in the design of the device, how worried would you be? I know I would be anxious, and quite frankly. This is quite disturbing.

Security

The advent of low-cost wireless connectivity is altering many things in embedded development – it has added to your list of worries need to worry about communication issues like breaks connections, latency and security issues. Understanding security is one thing; applying that understanding in a complete and consistent fashion to meet security goals is quite another. Embedded development presents the challenge of coding in a language that’s inherently insecure; and quality assurance does little to ensure security.

Developing Secure Embedded Software white paper  explains why some commonly used approaches to security typically fail:

MISCONCEPTION 1: SECURITY BY OBSCURITY IS A VALID STRATEGY
MISCONCEPTION 2: SECURITY FEATURES EQUAL SECURE SOFTWARE
MISCONCEPTION 3: RELIABILITY AND SAFETY EQUAL SECURITY
MISCONCEPTION 4: DEFENSIVE PROGRAMMING GUARANTEES SECURITY

Many organizations are only now becoming aware of the need to incorporate security into their software development lifecycle.

Some techniques for building security to embedded systems:

Use secure communications protocols and use VPN to secure communications
The use of Public Key Infrastructure (PKI) for boot-time and code authentication
Establishing a “chain of trust”
Process separation to partition critical code and memory spaces
Leveraging safety-certified code
Hardware enforced system partitioning with a trusted execution environment
Plan the system so that it can be easily and safely upgraded when needed

Flood of new languages

Rather than living and breathing C/C++, the new generation prefers more high-level, abstract languages (like Java, Python, JavaScript etc.). So there is a huge push to use interpreted and scripting also in embedded systems. Increased hardware performance on embedded devices combined with embedded Linux has made the use of many scripting languages good tools for implementing different parts of embedded applications (for example web user interface). Nowadays it is common to find embedded hardware devices, based on Raspberry Pi for instance, that are accessible via a network, run Linux and come with Apache and PHP installed on the device.  There are also many other relevant languages

One workable solution, especially for embedded Linux systems is that part of the activities organized by totetuettu is a C program instead of scripting languages ​​(Scripting). This enables editing operation simply script files by editing without the need to turn the whole system software again.  Scripting languages ​​are also tools that can be implemented, for example, a Web user interface more easily than with C / C ++ language. An empirical study found scripting languages (such as Python) more productive than conventional languages (such as C and Java) for a programming problem involving string manipulation and search in a dictionary.

Scripting languages ​​have been around for a couple of decades Linux and Unix server world standard tools. the proliferation of embedded Linux and resources to merge systems (memory, processor power) growth has made them a very viable tool for many embedded systems – for example, industrial systems, telecommunications equipment, IoT gateway, etc . Some of the command language is suitable for up well even in quite small embedded environments.
I have used with embedded systems successfully mm. Bash, AWK, PHP, Python and Lua scripting languages. It works really well and is really easy to make custom code quickly .It doesn’t require a complicated IDE; all you really need is a terminal – but if you want there are many IDEs that can be used.
High-level, dynamically typed languages, such as Python, Ruby and JavaScript. They’re easy—and even fun—to use. They lend themselves to code that easily can be reused and maintained.

There are some thing that needs to be considered when using scripting languages. Sometimes lack of static checking vs a regular compiler can cause problems to be thrown at run-time. But it is better off practicing “strong testing” than relying on strong typing. Other ownsides of these languages is that they tend to execute more slowly than static languages like C/C++, but for very many aplications they are more than adequate. Once you know your way around dynamic languages, as well the frameworks built in them, you get a sense of what runs quickly and what doesn’t.

Bash and other shell scipting

Shell commands are the native language of any Linux system. With the thousands of commands available for the command line user, how can you remember them all? The answer is, you don’t. The real power of the computer is its ability to do the work for you – the power of the shell script is the way to easily to automate things by writing scripts. Shell scripts are collections of Linux command line commands that are stored in a file. The shell can read this file and act on the commands as if they were typed at the keyboard.In addition to that shell also provides a variety of useful programming features that you are familar on other programming langauge (if, for, regex, etc..). Your scripts can be truly powerful. Creating a script extremely straight forward: It can be created by opening a separate editor such or you can do it through a terminal editor such as VI (or preferably some else more user friendly terminal editor). Many things on modern Linux systems rely on using scripts (for example starting and stopping different Linux services at right way).

One of the most useful tools when developing from within a Linux environment is the use of shell scripting. Scripting can help aid in setting up environment variables, performing repetitive and complex tasks and ensuring that errors are kept to a minimum. Since scripts are ran from within the terminal, any command or function that can be performed manually from a terminal can also be automated!

The most common type of shell script is a bash script. Bash is a commonly used scripting language for shell scripts. In BASH scripts (shell scripts written in BASH) users can use more than just BASH to write the script. There are commands that allow users to embed other scripting languages into a BASH script.

There are also other shells. For example many small embedded systems use BusyBox. BusyBox providesis software that provides several stripped-down Unix tools in a single executable file (more than 300 common command). It runs in a variety of POSIX environments such as Linux, Android and FreeeBSD. BusyBox become the de facto standard core user space toolset for embedded Linux devices and Linux distribution installers.

Shell scripting is a very powerful tool that I used a lot in Linux systems, both embedded systems and servers.

Lua

Lua is a lightweight  cross-platform multi-paradigm programming language designed primarily for embedded systems and clients. Lua was originally designed in 1993 as a language for extending software applications to meet the increasing demand for customization at the time. It provided the basic facilities of most procedural programming languages. Lua is intended to be embedded into other applications, and provides a C API for this purpose.

Lua has found many uses in many fields. For example in video game development, Lua is widely used as a scripting language by game programmers. Wireshark network packet analyzer allows protocol dissectors and post-dissector taps to be written in Lua – this is a good way to analyze your custom protocols.

There are also many embedded applications. LuCI, the default web interface for OpenWrt, is written primarily in Lua. NodeMCU is an open source hardware platform, which can run Lua directly on the ESP8266 Wi-Fi SoC. I have tested NodeMcu and found it very nice system.

PHP

PHP is a server-side HTML embedded scripting language. It provides web developers with a full suite of tools for building dynamic websites but can also be used as a general-purpose programming language. Nowadays it is common to find embedded hardware devices, based on Raspberry Pi for instance, that are accessible via a network, run Linux and come with Apache and PHP installed on the device. So on such enviroment is a good idea to take advantage of those built-in features for the applications they are good – for building web user interface. PHP is often embedded into HTML code, or it can be used in combination with various web template systems, web content management system and web frameworks. PHP code is usually processed by a PHP interpreter implemented as a module in the web server or as a Common Gateway Interface (CGI) executable.

Python

Python is a widely used high-level, general-purpose, interpreted, dynamic programming language. Its design philosophy emphasizes code readability. Python interpreters are available for installation on many operating systems, allowing Python code execution on a wide variety of systems. Many operating systems include Python as a standard component; the language ships for example with most Linux distributions.

Python is a multi-paradigm programming language: object-oriented programming and structured programming are fully supported, and there are a number of language features which support functional programming and aspect-oriented programming,  Many other paradigms are supported using extensions, including design by contract and logic programming.

Python is a remarkably powerful dynamic programming language that is used in a wide variety of application domains. Since 2003, Python has consistently ranked in the top ten most popular programming languages as measured by the TIOBE Programming Community Index. Large organizations that make use of Python include Google, Yahoo!, CERN, NASA. Python is used successfully in thousands of real world business applications around globally, including many large and mission-critical systems such as YouTube.com and Google.com.

Python was designed to be highly extensible. Libraries like NumPy, SciPy and Matplotlib allow the effective use of Python in scientific computing. Python is intended to be a highly readable language. Python can also be embedded in existing applications and hasbeen successfully embedded in a number of software products as a scripting language. Python can serve as a scripting language for web applications, e.g., via mod_wsgi for the Apache web server.

Python can be used in embedded, small or minimal hardware devices. Some modern embedded devices have enough memory and a fast enough CPU to run a typical Linux-based environment, for example, and running CPython on such devices is mostly a matter of compilation (or cross-compilation) and tuning. Various efforts have been made to make CPython more usable for embedded applications.

For more limited embedded devices, a re-engineered or adapted version of CPython, might be appropriateExamples of such implementations include the following: PyMite, Tiny Python, Viper. Sometimes the embedded environment is just too restrictive to support a Python virtual machine. In such cases, various Python tools can be employed for prototyping, with the eventual application or system code being generated and deployed on the device. Also MicroPython and tinypy have been ported Python to various small microcontrollers and architectures. Real world applications include Telit GSM/GPRS modules that allow writing the controlling application directly in a high-level open-sourced language: Python.

Python on embedded platforms? It is quick to develop apps, quick to debug – really easy to make custom code quickly. Sometimes lack of static checking vs a regular compiler can cause problems to be thrown at run-time. To avoid those try to have 100% test coverage. pychecker is a very useful too also which will catch quite a lot of common errors. The only downsides for embedded work is that sometimes python can be slow and sometimes it uses a lot of memory (relatively speaking). An empirical study found scripting languages (such as Python) more productive than conventional languages (such as C and Java) for a programming problem involving string manipulation and search in a dictionary. Memory consumption was often “better than Java and not much worse than C or C++”.

JavaScript and node.js

JavaScript is a very popular high-level language. Love it or hate it, JavaScript is a popular programming language for many, mainly because it’s so incredibly easy to learn. JavaScript’s reputation for providing users with beautiful, interactive websites isn’t where its usefulness ends. Nowadays, it’s also used to create mobile applications, cross-platform desktop software, and thanks to Node.js, it’s even capable of creating and running servers and databases!  There is huge community of developers. JavaScript is a high-level language.

Its event-driven architecture fits perfectly with how the world operates – we live in an event-driven world. This event-driven modality is also efficient when it comes to sensors.

Regardless of the obvious benefits, there is still, understandably, some debate as to whether JavaScript is really up to the task to replace traditional C/C++ software in Internet connected embedded systems.

It doesn’t require a complicated IDE; all you really need is a terminal.

JavaScript is a high-level language. While this usually means that it’s more human-readable and therefore more user-friendly, the downside is that this can also make it somewhat slower. Being slower definitely means that it may not be suitable for situations where timing and speed are critical.

JavaScript is already in embedded boards. You can run JavaScipt on Raspberry Pi and BeagleBone. There are also severa other popular JavaScript-enabled development boards to help get you started: The Espruino is a small microcontroller that runs JavaScript. The Tessel 2 is a development board that comes with integrated wi-fi, an ethernet port, two USB ports, and companion source library downloadable via the Node Package Manager. The Kinoma Create, dubbed the “JavaScript powered Internet of Things construction kit.”The best part is that, depending on the needs of your device, you can even compile your JavaScript code into C!

JavaScript for embedded systems is still in its infancy, but we suspect that some major advancements are on the horizon.We for example see a surprising amount of projects using Node.js.Node.js is an open-source, cross-platform runtime environment for developing server-side Web applications. Node.js has an event-driven architecture capable of asynchronous I/O that allows highly scalable servers without using threading, by using a simplified model of event-driven programming that uses callbacks to signal the completion of a task. The runtime environment interprets JavaScript using Google‘s V8 JavaScript engine.Node.js allows the creation of Web servers and networking tools using JavaScript and a collection of “modules” that handle various core functionality. Node.js’ package ecosystem, npm, is the largest ecosystem of open source libraries in the world. Modern desktop IDEs provide editing and debugging features specifically for Node.js applications

JXcore is a fork of Node.js targeting mobile devices and IoTs. JXcore is a framework for developing applications for mobile and embedded devices using JavaScript and leveraging the Node ecosystem (110,000 modules and counting)!

Why is it worth exploring node.js development in an embedded environment? JavaScript is a widely known language that was designed to deal with user interaction in a browser.The reasons to use Node.js for hardware are simple: it’s standardized, event driven, and has very high productivity: it’s dynamically typed, which makes it faster to write — perfectly suited for getting a hardware prototype out the door. For building a complete end-to-end IoT system, JavaScript is very portable programming system. Typically an IoT projects require “things” to communicate with other “things” or applications. The huge number of modules available in Node.js makes it easier to generate interfaces – For example, the HTTP module allows you to create easily an HTTP server that can easily map the GET method specific URLs to your software function calls. If your embedded platform has ready made Node.js support available, you should definately consider using it.

Future trends

According to New approaches to dominate in embedded development article there will be several camps of embedded development in the future:

One camp will be the traditional embedded developer, working as always to craft designs for specific applications that require the fine tuning. These are most likely to be high-performance, low-volume systems or else fixed-function, high-volume systems where cost is everything.

Another camp might be the embedded developer who is creating a platform on which other developers will build applications. These platforms might be general-purpose designs like the Arduino, or specialty designs such as a virtual PLC system.

This third camp is likely to become huge: Traditional embedded development cannot produce new designs in the quantities and at the rate needed to deliver the 50 billion IoT devices predicted by 2020.

Transition will take time. The enviroment is different than computer and mobile world. There are too many application areas with too widely varying requirements for a one-size-fits-all platform to arise.

But the shift will happen as hardware becomes powerful and cheap enough that the inefficiencies of platform-based products become moot.

 

Sources

Most important information sources:

New approaches to dominate in embedded development

A New Approach for Distributed Computing in Embedded Systems

New Approaches to Systems Engineering and Embedded Software Development

Lua (programming language)

Embracing Java for the Internet of Things

Node.js

Wikipedia Node.js

Writing Shell Scripts

Embedded Linux – Shell Scripting 101

Embedded Linux – Shell Scripting 102

Embedding Other Languages in BASH Scripts

PHP Integration with Embedded Hardware Device Sensors – PHP Classes blog

PHP

Python (programming language)

JavaScript: The Perfect Language for the Internet of Things (IoT)

Node.js for Embedded Systems

Embedded Python

MicroPython – Embedded Pytho

Anyone using Python for embedded projects?

Telit Programming Python

JavaScript: The Perfect Language for the Internet of Things (IoT)

MICROCONTROLLERS AND NODE.JS, NATURALLY

Node.js for Embedded Systems

Why node.js?

Node.JS Appliances on Embedded Linux Devices

The smartest way to program smart things: Node.js

Embedded Software Can Kill But Are We Designing Safely?

DEVELOPING SECURE EMBEDDED SOFTWARE

 

 

 

1,687 Comments

  1. Tomi Engdahl says:

    Safeguarding boot code and other critical data: how little-known data protection settings in NOR Flash can help improve system reliability
    http://www.electronics-know-how.com/article/2701/safeguarding-boot-code-and-other-critical-data-how-little-known-data-protection-settings-in-nor-flash-can-help-improve-system-reliability

    This article describes a number of features of the operation of SpiFlash NOR Flash memories from Winbond which may be used to protect critical data. These protection features help designers to avoid the risk that their system will be disabled because of bit errors caused by noise, or because a host SoC mistakenly overwrites critical data.

    SPI NOR Flash is the electronics design engineer’s favourite memory type for low-density, high-reliability storage of application code and data in embedded systems with a storage requirement of up to 512Mbits.

    To facilitate broad adoption across the industry, NOR Flash memory technology follows certain standards, for instance governing the serial interface to a host microcontroller or SoC. One of these standard features is the way in which NOR Flash allows the system designer to configure protection of stored data. Protection may be applied to a specified fraction of the entire memory array in which mission-critical data is stored: most often, this is boot code, since if boot code were impaired or lost, the entire system would be disabled.

    Protection helps to ensure that data in protected blocks is not corrupted, for instance by noise, or mistakenly erased and overwritten by a faulty operation implemented by the host system. If an Erase or Program command specifies a memory region that contains a protected block, this command will be ignored. In other words, protected blocks are tagged as Read-only memory.

    The way in which the standard approach to data protection was implemented many years ago in NOR Flash has more recently, however, begun to constrain designers’ flexibility in their use of the higher-density memory devices available today.

    Increase in protected block sizes

    When the data protection function was created many years ago, NOR Flash memory densities were much smaller than they are today. At that time, just three Block Protection (BP) bits in the Flash IC’s status register were enough to specify the portion of the total memory array that needed to be protected. In a Winbond NOR Flash memory device’s datasheet, these status register bits are shown as BP0, BP1 and BP2. These three bits give eight options for selecting the size of the protected region, from as little as 1/64th of the array to as much as ½.

    Reply
  2. Tomi Engdahl says:

    The 5 Biggest Challenges Facing Embedded Software Developers in IoT
    https://www.designnews.com/content/5-biggest-challenges-facing-embedded-software-developers-iot/144800967159182?ADTRK=UBM&elq_mid=5232&elq_cid=876648

    The traditional, disconnected developer is finding that there are several new challenges that need to be addressed in order to be successful.

    Challenge #1 – Connectivity
    Challenge #2 – Over the Air-Updates
    Challenge #3 – Security
    Challenge #4 – Debugging
    Challenge #5 – The Rate of Change

    Reply
  3. Tomi Engdahl says:

    Using an ASIC vs. a CPU for motion control
    https://www.machinedesign.com/motion-control/using-asic-vs-cpu-motion-control?code=NipponER1-08222018&utm_rid=CPG05000002750211&utm_campaign=19312&utm_medium=email&elq2=a166616e74ff492d92c3a0ed611d94e1

    Good acceleration/deceleration control ensures quick, accurate positioning and fast settling. Linear and S-curve accel/decel can be used in tandem to lower demand on the motor. Is it better to use a CPU or an ASIC chip for these motion profiles?

    Reply
  4. Tomi Engdahl says:

    Is Software Necessary?
    https://semiengineering.com/is-software-necessary/

    Hardware has a love-hate relationship with software, especially when it comes to system-level verification. When is software required, and when does it get in the way?

    Hardware must be capable of running any software. While that might have been a good mantra when chips were relatively simple, it becomes an impossible verification task when dealing with SoCs that contain dozens of deeply embedded processors. When does it become necessary to use production software and what problems can that get you into?

    When verification targets such as power are added, it becomes a lot more complicated as one phone modem vendor found out a few years back. Its chip experienced overheating problems in one phone but operated quite satisfactorily in a rival’s phone. Was this a flaw in the verification strategy and avoidable, or is this kind of event likely to become more common?

    A key question here is how much software needs to be executed pre-silicon? “Software has a defined effect on hardware,” points out Russell Klein, technical director for Mentor, a Siemens Business. “Specifically, software drives a sequence of transactions into the hardware. In any given verification, some of those transactions are going to be important, but many of them are superfluous.”

    Types of software
    Not all software is created equal. “Everything relies on software, firmware or middleware,” says Rupert Baines, CEO for UltraSoC. “Almost always software will be running on multiple devices, quite often devices of different architectures or interacting in very difficult, complex, unpredictable ways.”

    But there are other ways to look at the functionality provided by software. “Application-level software directs traffic around a system at a high level, such as RTOS-based application software,” says Gordon Allan, product manager at Mentor. “At the lowest level, such as a DSP codec way down in the pipeline, there is really nothing going on without this software. Then there is an intermediate level that I call structural software where it is intrinsic to the operation. Nothing happens without that software and it is hard to replace with a different representation because it is not algorithmic in nature. It is more like logic that happens to be implemented in software.”

    How much software?
    The amount of software required depends on the verification task. “Are we looking for bugs in the RTL or are we verifying the firmware?”

    And you can’t afford to avoid firmware verification. “We have very good tools for working on the hardware, and it’s getting to be quite unusual to have a chip fail because of a wiring or logic problem,” says Baines. “However, increasingly we hear about products that three, six or nine months late because of firmware issues.”

    But firmware can change. Does that mean we have to redo all of the associated verification? Perhaps not, but you have to have confidence in the lower levels and that means we cannot forget about a solid hierarchical verification foundation.

    “We can start with simulation and move to emulation and end up with a lot of confidence in the lower layers,” says Baines. “Then we can move up a level of abstraction and stop thinking about absolute timing and signals and race conditions, and start thinking about transactions and system level while moving into emulation and then prototyping. It does become viable to run a complete software stack of something—not at real speed—a savage fraction of real speed. But it is real software, and that gives you a huge head start on the verification and debugging process. Because it is not in real time, it means there will be a lot of issues that you do not see, but you do get a lot of confidence.”

    Reply
  5. Tomi Engdahl says:

    Latest and Greatest Embedded C Coding Standard
    https://www.eeweb.com/profile/max-maxfield/articles/latest-and-greatest-embedded-c-coding-standard

    BARR-C:2018 is fully harmonized with MISRA C:2012. Many firmware developers choose to combine bug-killing stylistic rules from the BARR-C standard with safety guidelines from MISRA C.

    https://barrgroup.com/Embedded-Systems/Books/Embedded-C-Coding-Standard

    Reply
  6. Tomi Engdahl says:

    ChaiScript
    http://chaiscript.com/

    an easy to use embedded scripting language for C++

    There are no external tools required, no preprocessor, no libraries, just your C++14 compliant compiler.

    ChaiScript is fully tested for 32bit and 64bit on Windows (MSVC2013), clang++ and g++.

    Reply
  7. Tomi Engdahl says:

    Duktape
    https://duktape.org/

    Duktape is an embeddable Javascript engine, with a focus on portability and compact footprint.

    Duktape is easy to integrate into a C/C++ project: add duktape.c, duktape.h, and duk_config.h to your build, and use the Duktape API to call ECMAScript functions from C code and vice versa.

    Reply
  8. Tomi Engdahl says:

    The adaption of multicore SoCs has created a type of convergence where it is now easier build a UI with both safety critical and non-safety critical functionality.

    But complexity ensues. Because of increasing heterogeneous multicore hardware availability with even more powerful options, it’s important to create a UI that also enables cost savings and protects product line profitability.

    Reply
  9. Tomi Engdahl says:

    Master the unending software development lifecycle of connected systems—or it will master you
    https://www.embedded.com/design/prototyping-and-development/4461080/Master-the-unending-software-development-lifecycle-of-connected-systems—or-it-will-master-you

    If you’re developing safety-critical software, you understand the importance of bi-directional requirements traceability to ensure that the design reflects the requirements, that the software implementation reflects the design and that the test processes confirm the correct implementation of that software. You also know how painful requirements changes can be because of the need to identify changing code and any testing to be repeated.

    Until now, that cycle has concluded with product release. Sure, there might be tweaks in response to field conditions but the business of development was essentially over. Then came the connected car, the Industrial Internet of Things (IIoT) and the remote monitoring of medical devices. For these and other connected systems, requirements don’t just change in an orderly manner during development. They change without warning, whenever a bad actor finds a new vulnerability or develops a new hack. And requirements keep on changing not just through the lifetime of the product, but as for long as it is in the field.

    Whenever changes become necessary, revised code needs to be reanalyzed statically and all impacted unit and integration tests need to be re-run (regression tested).

    Reply
  10. Tomi Engdahl says:

    It’s Time to Use a Safer C
    C and C++ remain the leading languages employed in embedded systems, but challenges persist when it comes to safety-related applications.
    https://www.electronicdesign.com/automotive/it-s-time-use-safer-c?Issue=ED-004_20180920_ED-004_502&sfvc4enews=42&cl=article_1_b&utm_rid=CPG05000002750211&utm_campaign=20059&utm_medium=email&elq2=7b2ab861314843cfb5d24bbf58efbaf6

    a Microsoft Research paper on Checked C: Making C Safe by Extension, by Archibald Samuel Elliott, University of Washington, Andrew Ruef and Michael Hicks, University of Maryland, and David Tarditi, Microsoft Research, for the IEEE Cybersecurity Development Conference 2018, it piqued my interest. The implementation of Checked C is done using LLVM extensions and is available on GitHub. Like many research papers, it presents a small model, compared to a commercial product, along with statistics, justification, and so on.

    Checked C is a combination of static- and dynamic-analysis techniques designed to support spatial safety. The name is actually a misnomer, as the system targets C++ using Checked C templates for pointers. It’s focused on “backward-compatibility, incremental conversion, developer control, and enabling highly performant code.”

    Of course, the additional annotation and checking isn’t free. The dynamic runtime aspect adds about an 8.6% overhead. However, benchmarks showed less than a 1% impact, indicating that much of the overhead is in areas that aren’t executed constantly.

    The system adds _Ptr and _Array_ptr templates as well as _Checked and _Unchecked type annotations. These allow the system to do more static checking to minimize runtime support.

    Checked C also addresses zero/null terminated (nt) strings. These strings are used throughout C and C++ programs. Unfortunately, they’re also the most error-prone aspects of C and C++ with buffer overruns being common due to a missing or overwritten terminator.

    Checked C: Making C Safe by Extension
    https://www.microsoft.com/en-us/research/uploads/prod/2018/09/checkedc-secdev2018-preprint.pdf

    Vulnerabilities that compromise memory safety are at the heart of
    many attacks. Memory safety has two aspects. Temporal safety
    is ensured when memory is never used after it is freed. Spatial
    safety is ensured when any pointer dereference is always within
    the memory allocated to that pointer. Buffer overruns—a spatial
    safety violation—still constitute a frequent and pernicious source
    of vulnerability, despite their long history. During the period
    2012–2018, buffer overruns were the source of 9.7% to 18.4%
    of CVEs reported in the NIST vulnerability database [1], with
    the highest numbers occurring in 2017. During that time, buffer
    overruns were the leading single cause of CVEs

    Reply
  11. Tomi Engdahl says:

    Realizing 5G Sub-6-GHz Massive MIMO Using GaN
    https://www.mwrf.com/semiconductors/realizing-5g-sub-6-ghz-massive-mimo-using-gan?NL=MWRF-001&Issue=MWRF-001_20180920_MWRF-001_285&sfvc4enews=42&cl=article_2_b&utm_rid=CPG05000002750211&utm_campaign=20077&utm_medium=email&elq2=6ab19dc429d44163abb02f42493c7bac

    Gallium-nitride technology figures to play a significant role in sub-6-GHz 5G applications to help achieve goals like higher data rates.

    By 2021, it’s estimated that more people will have mobile phones (5.5 billion) than running water (5.3 billion). Bandwidth-hungry video will further increase the demands on mobile networks, accounting for 78% of mobile traffic.1 5G networks using massive multiple-input, multiple-output (MIMO) technology will be key to supporting this growth. It’s expected that 5G mobile connections will grow from just 5 million in 2019 to nearly 600 million by 2023, according to Strategy Analytics.2

    Reply
  12. Tomi Engdahl says:

    What Embedded Developers Need to Know About Open Source
    https://www.designnews.com/electronics-test/what-embedded-developers-need-know-about-open-source/18899820459494?ADTRK=UBM&elq_mid=5733&elq_cid=876648

    Ahead of his talk at ESC Minneapolis, Rod Cope, CTO of Rogue Wave Software, spoke with us about how open source code ends up in devices without anyone noticing and what every embedded engineer needs to know before bringing open source into a project.

    Microsoft’s recent acquisition of GitHub, the largest repository of open-source software on the Internet, was only the latest in a trend that has been happening in open source software since about 2016. Specifically, large companies and even governments have begun to embrace open source in their workflows. In 2016, the Obama administration even established a Federal Source Code policy for government agencies to improve access to their source code.

    Design News: When we’re talking about open source, are there specific or unique considerations for embedded developers?

    Rod Cope: There are two main ones. One is related to the legal aspects and the licensing of the open source itself. I’ve done a lot of talks over the last five or six years to embedded audiences—in particular at ESC and other conferences. And this is one thing that keeps coming up because embedded developers aren’t always aware that they’re using open source.

    The other aspect is related to security. I think that’s a big one that is becoming more and more popular. People making embedded devices put code on a device, they ship it out, and they think it’s a one time effort. They don’t think that it has to be maintained in the sense that the software, if it hasn’t been updated and patched for security issues, is basically just a huge source of vulnerabilities and could lead to all kinds of problems.

    Developers really need to have the mindset that security is not a one time thing. It’s an ongoing thing. So how do we offer remote updates or ways to facilitate changes in any device—certainly, ones running Linux or anything sophisticated on them? That’s got to be taken into account. But a lot of times, it’s not.

    Reply
  13. Tomi Engdahl says:

    Security in Manufacturing: Closing the Backdoor in IoT Products
    https://www.electronicdesign.com/industrial-automation/security-manufacturing-closing-backdoor-iot-products?NL=ED-005&Issue=ED-005_20181010_ED-005_960&sfvc4enews=42&cl=article_1_b&utm_rid=CPG05000002750211&utm_campaign=20552&utm_medium=email&elq2=d377f14133be4428bd2dca77e29475c2

    This article explores the potential attacks that can occur in the process of designing, building, and testing IoT systems, as well as methods for preventing these attacks.

    Reply
  14. Tomi Engdahl says:

    Long-Lived Electronics Requires Careful Design
    https://www.designnews.com/content/long-lived-electronics-requires-careful-design/2012293459562?ADTRK=UBM&elq_mid=6003&elq_cid=876648

    Building the electronic systems that control heavy equipment requires that engineers take a long view in design and development.

    Reply
  15. Tomi Engdahl says:

    Top 5 Smallest Microcontrollers
    http://www.theorycircuit.com/top-5-smallest-microcontrollers/

    Here we have listed each microcontrollers with their bit size, package size and some important internal perpherals. each and every micro controllers has unique features and desired applications refer datasheet for more details.

    Reply
  16. Tomi Engdahl says:

    Make with Ada with AdaCore
    https://www.hackster.io/contests/adacore

    Are you ready to develop a project to the highest levels of safety, security and reliability? If so, Make with Ada is the challenge for you! We’re calling on embedded developers across the globe to build cool embedded applications using the Ada and SPARK programming languages and are offering over $8000 in total prizes.

    Reply
  17. Tomi Engdahl says:

    Connected Devices Need More Secure Memory
    https://www.eetimes.com/document.asp?doc_id=1333884

    Emerging use cases are revealing the many ways memory technologies can be an avenue for threat actors to create havoc, whether for stealing data or sending malicious instructions.

    Security features in memory aren’t new, of course. The “s” in SD card initially stood for “secure,” but the SD Association hasn’t really emphasized it for a decade, while electrically erasable programmable read-only memory (EEPROM) has long been used for applications that need embedded security such as credit cards, SIM cards and key-less entry systems, among others.

    Reply
  18. Tomi Engdahl says:

    It’s challenging selecting an operating system for your embedded device.

    This paper covers the top 5 considerations:

    Does the design need an operating system at all?
    Why is a custom implementation rarely a wise choice?
    RTOS or Linux?
    How do you compare the performance of different RTOS products? Data sheets are not enough!
    What about multi-core? How does this impact your selection

    https://www.mentor.com/embedded-software/resources/overview/five-things-you-need-to-know-before-selecting-an-rtos-30a8d58e-d0b1-4a71-8852-9ea0ac964dd6?uuid=30a8d58e-d0b1-4a71-8852-9ea0ac964dd6&clp=1&contactid=1&PC=L&c=2018_10_29_esd_5_things_about_rtos_wp_all

    Reply
  19. Tomi Engdahl says:

    Time to Say Goodbye to Arduino and Go On to Micropython/ Adafruit Circuitpython?
    https://www.youtube.com/watch?v=m1miwCJtxeM

    Python seems to be the fastest growing programming language. It is also widely used to program Raspberry Pis, and it is on the verge to become available on our small microcontrollers. Has the time come to leave the Arduino IDE and go on? Time for a closer look.

    Topics covered:
    - Language (Micropython/ Adafruit CircuitPython vs C++
    - Parts of the Hardware and programming interface (SAMD21/SAMD51)
    - Libraries
    - Documentation and Community

    Reply
  20. Tomi Engdahl says:

    Complex electronic systems always carry a risk of failure, as does complex software. An embedded system may be designed to monitor possible failure conditions and either prevent the failure from occurring or mitigate the damage.

    Reply
  21. Tomi Engdahl says:

    Many projects have the goal to achieve 100% test coverage of the code. In particular if you work according to a Safety Standard like ISO 26262 or IEC 61508.

    By doing unit tests, you can ensure that so-called regression faults will not occur in future builds, e.g. if you change code A so that function B fails, you would discover such an error.

    With unit test you detect errors early, and hence unit tests are considered to be more cost-effective than integration testing, system testing or functional testing.

    Reply
  22. Tomi Engdahl says:

    Running Go directly on an Arduino Uno – the sequel

    https://m.youtube.com/watch?v=O14xLzxKjug&t=24s

    Reply
  23. Tomi Engdahl says:

    How to Build a Low-tech Website?
    https://solar.lowtechmagazine.com/2018/09/how-to-build-a-lowtech-website/

    Our new blog is designed to radically reduce the energy use associated with accessing our content

    Reply
  24. Tomi Engdahl says:

    Solo Is the World’s First Open Source FIDO2 Hardware Key for 2FA
    https://blog.hackster.io/solo-is-the-worlds-first-open-source-fido2-hardware-key-for-2fa-44ca081018d2

    Virtually every computer security expert will tell you the same thing: you should be using two-factor authentication (2FA) to log into websites and services.

    Reply
  25. Tomi Engdahl says:

    8 Strategies to Develop a New Product
    https://blog.hackster.io/8-strategies-to-develop-a-new-product-40c4c51a34ea

    There are multiple ways for you to develop a new physical product and bring it to market. However, the strategy that is best for you depends on your specific experience, your product, your team, and your finances. There is no strategy to develop a product that is best for everyone under every situation.

    Reply
  26. Tomi Engdahl says:

    Selecting an RTOS top 5 considerations:

    Does the design need an operating system at all?
    Why is a custom implementation rarely a wise choice?
    RTOS or Linux?
    How do you compare the performance of different RTOS products? Data sheets are not enough!
    What about multi-core? How does this impact your selection
    Consideration of these top 5 issues will help you to select the right operating system

    Reply
  27. Tomi Engdahl says:

    Looking Beyond The CPU
    https://semiengineering.com/looking-beyond-the-cpu/

    While CPUs continue to evolve, performance is no longer limited to a single processor type or process geometry.

    Reply
  28. Tomi Engdahl says:

    Bare Metal Programming
    https://semiengineering.com/bare-metal-programming/

    New requirements for visibility drive different options, particularly for safety and security.

    As the need for safety and security grows across application areas such as automotive, industrial, and in the cloud, the semiconductor industry is searching for the best ways to protect these systems. The big question is whether it is better to build security and safety into hardware, into software, or both.

    The answer isn’t entirely clear yet, but one of the options under consideration is something of a middle ground—software that runs directly on the chip, rather than being written to application programming interfaces in an operating system. This kind of bare-metal programming includes everything from real-time operating systems and drivers to Type 1 virtual machines. It is extremely fast and reliable, because it doesn’t have to go various software abstraction layers, but it’s also difficult to develop for a modern chip.

    In the early days of embedded systems development, software was rather minimal, and often something of an afterthought

    “As complexity increased, the single software engineer became a team,” Walls said. “Different team members would have different types of expertise. Those with good hardware knowledge would encapsulate that expertise in software modules, which provided a clean interface and concealed the complexity of hardware interaction. These modules were termed drivers.”

    With increasingly powerful microprocessors/microcontrollers and larger memories, the need for a rational program structure drove the adoption of real-time operating systems (RTOSes) that enabled the use of a multi-tasking model. It was a natural progression for the drivers to become part of the RTOS.

    Bare metal software
    When developing an embedded system, an early decision to make is whether to employ an RTOS or not. Many engineers give this very little thought because they are used to coding on top of an operating system. An RTOS is code written on bare metal, and it’s an important choice for design teams.

    The simplest structure for an embedded application is an infinite loop—do something, do something else, do something else, then repeat.

    “This simplicity has real value, as the behavior of the code is quite predictable,” Walls said.

    Programming challenges and options
    Although the largest proportion of modern embedded software designs are implemented utilizing an OS of some kind, there are a couple of circumstances when doing without—programming on bare metal—may be a reasonable decision. This could include situations where the application is extremely simple and is implemented, perhaps, on a low-end processor. It also could include situations where there is a need to extract every last cycle of CPU power for the application, and the overhead introduced by an OS is unacceptable.

    In both cases, thought must be given to possible future enhancements to the software. If further development is likely, starting out with a scalable program structure is a worthwhile investment, Walls said.

    Reply
  29. Tomi Engdahl says:

    The Great OS Migration
    https://www.datalight.com/blog/2018/10/30/the-great-os-migration/

    Microsoft ended extended support for Windows Embedded CE 6.0 earlier this year, and plans to end support for all Windows Embedded products in the next five years.[1] We’ve spoken with many customers who used a Microsoft solution and are considering a migration to Linux. What will they encounter?

    Updates and Testing

    For embedded designs, security and current updates are a must. To handle this challenge in the WinCE environment, Microsoft released security patches and updates, some of which caused additional new problems. In Linux, new kernels are released 3-4 times per year, though a new kernel usually contains a lot more than just a security patch.

    To keep embedded customers current, each new release needs to be tested. It can also be distributed, if the device is designed to accept field updates. The testing burden for Linux is larger than that of Windows Embedded, and occurs more frequently if you want to stay up to date on kernel releases.

    Support and Accountability

    According to 2017, Embedded Market Study by EE Times[2], Embedded Linux is the most used operating system. This isn’t a huge surprise given the increasing popularity of Linux overall. There are many benefits to using Linux (like a flavor for every project and a large development community[3]). By contrast, Windows Embedded Compact Edition is supported by one company.

    Reply
  30. Tomi Engdahl says:

    Making Sure A Heterogeneous Design Will Work
    Why the addition of multiple processing elements and memories is causing so much consternation.
    https://semiengineering.com/making-sure-a-heterogeneous-design-will-work/

    Reply
  31. Tomi Engdahl says:

    Speeding up flash-based embedded applications
    https://www.embedded.com/electronics-blogs/the-embedded-frontier/4461348/Speeding-up-flash-based-embedded-applications

    Most modern embedded software applications are stored and executed from flash memory. Flash provides an inexpensive and fast storage medium for microcontroller-based applications. These applications though are often real-time applications where execution time and deterministic behavior are paramount. While flash memory is fast, it’s not as fast as executing code from RAM. In order to speed up the execution time of flash-based applications, developers can selectively choose critical functions and execute them from RAM to get an extra speed boost.

    There are typically three steps that a developer needs to follow in order to execute a function from RAM. These include:

    Creating a RAM region in the linker for functions

    Specifying which functions should be stored in RAM

    Copying the functions into RAM at start-up.

    Let’s examine this process in detail.

    Reply
  32. Tomi Engdahl says:

    The historical concerns about whether software debug is practical on emulators no longer apply. You can exercise your computing platform thoroughly before tape-out. And software developers can shift sharply to the left to begin software development long before silicon availability and even before FPGA prototypes are available.

    Using Software to Find Hardware Bugs
    https://www.mentor.com/products/fv/resources/overview/using-software-to-find-hardware-bugs-e5b9a05c-e927-4643-9ee9-67c1c913c8b1?uuid=e5b9a05c-e927-4643-9ee9-67c1c913c8b1&clp=1&contactid=1&PC=L&c=2018_12_11_veloce_ed_using_sw_to_find_hw_

    There’s a basic law of nature that applies to any computing chip, whether a processor, microcontroller, or system-on-chip: software always uncovers hardware bugs.

    There’s not one project I’ve been involved with where this hasn’t proven to be true. If you’re unlucky enough that the software uncovers a bug after you’ve made chips, then what happens next depends on the severity of the problem.

    Reply
  33. Tomi Engdahl says:

    Debug Tops Verification Tasks
    https://semiengineering.com/debug-tops-verification-tasks/

    Time spent in debug on the rise; what needs to be fixed and why.

    Verification engineers are spending an increased percentage of their time in debug — 44%, according to a recent survey by the Wilson Research Group.

    There are a variety or reasons for this, including the fact that some SoCs are composed of hundreds of internally developed and externally purchased IP blocks and subsystems. New system architectures contribute to the mix, some of which are being developed to deal with an explosion of data. Add to that new packaging approaches, more complex interactions between different blocks and power domains, and an increasing emphasis on reliability for automotive and industrial applications, and the increased emphasis on debug begins to make sense.

    But debug also needs to be smarter, with more selective data handling to reduce the heavy loads. The one thing everyone is sure about is that catching bugs earlier reduces the overall design cost and time, and the fix is less disruptive.

    Reply
  34. Tomi Engdahl says:

    Thread Carefully: An Introduction To Concurrent Python
    https://hackaday.com/2018/12/18/thread-carefully-an-introduction-to-concurrent-python/

    The ability to execute code in parallel is crucial in a wide variety of scenarios. Concurrent programming is a key asset for web servers, producer/consumer models, batch number-crunching and pretty much any time an application is bottlenecked by a resource.

    Reply
  35. Tomi Engdahl says:

    Using FTDI Chips With Python
    https://hackaday.com/2018/12/19/using-ftdi-chips-with-python/

    FTDI are a company known for producing chips for USB applications. Most of us have a few USB-to serial adapters kicking about, and the vast majority of them run on FTDI hardware (or, if we’re honest, counterfeit copies). However, FTDI’s hardware has a whole lot more to offer, and [jayben] is here to show us all how to take advantage of it using Python.

    Programming FTDI devices in Python
    https://iosoft.blog/ftdi-python/

    FTDI chips are frequently used as USB-to-serial adaptors, but the newer devices have the ability to drive more complex protocols such as SPI and I2C.

    I like to use Python when first experimenting with new PC hardware, and there are some Python libraries for interfacing to FTDI chips, but I couldn’t find any real projects or complete worked examples.

    Reply
  36. Tomi Engdahl says:

    Real-time operating system crucial for spacecraft landing on Mars
    https://www.controleng.com/articles/real-time-operating-system-crucial-for-spacecraft-landing-on-mars/

    The VxWorks real-time operating system (RTOS) was crucial in helping ensure NASA’s InSight Spacecraft made a safe landing on the surface of the planet Mars. See video.

    NASA’s InSight Spacecraft, with the help of its VxWorks real-time operating system (RTOS), from Wind River, made its 12,300mph descent to Mars with a successful landing. With the Insight lander’s avionics system, which is based on VxWorks, InSight will be conducting science operations to gather data on how the planet formed, until Nov. 24, 2020 (which equates to one year and 40 days on Mars, or nearly two Earth years).

    Reply
  37. Tomi Engdahl says:

    Verify hardware:

    Your new IoT gadget looks great on paper and you have managed to transfer that seemingly perfect schematic image into real hardware. You have skillfully interlaced multiple subsystems, which consist of USARTs, EEPROMs, an intelligent touch display, and an encapsulated hardware-based TCP/IP processor. The ARM microcontroller you have chosen lies ready to utilize the components that are logically and electrically attached to its I/O pins.

    Reply
  38. Tomi Engdahl says:

    The Biggest Security Threats Facing Embedded Designers
    https://www.electronicdesign.com/iot/biggest-security-threats-facing-embedded-designers?PK=UM_Classics0112019&utm_rid=CPG05000002750211&utm_campaign=22610&utm_medium=email&elq2=13797a4da49945a79f1d9d4ea4eb6e84

    Software security alone is not enough to protect today’s networked devices and fielded systems. What is needed is a combination of software and hardware security.

    Embedded system designers face a number of threats to the applications that they develop for the IoT. One of the biggest threats comes from IoT subsystems that hackers can access, such as commercial networked HVAC systems, wireless base stations (e.g., small cells), implanted medical devices and their controllers, smart automobiles and the emerging networked transportation infrastructure, home and industrial-infrastructure network gateway systems, and remote industrial sensors.

    Factors that make IoT endpoints especially vulnerable to security threats include:

    • Networked: IoT endpoints may be remotely accessible from nearly anywhere in the world via the internet or other (e.g., phone) networks. Wireless connections, used in many IoT devices, are especially vulnerable.

    • Fielded: IoT devices are often physically accessible, as well as interconnected. This exposes them to additional hardware attacks that do not usually need to be considered for systems that may be networked but are physically protected by “guns, guards, and gates.”

    • Available: Samples are often easily available through purchase or theft that can be analyzed at the adversary’s leisure.

    Combining Hardware and Software to Secure the IoT

    Software security, alone, has proven relatively unsatisfactory in protecting networked devices against known and freshly discovered threats (so-called “zero day” vulnerabilities), and is totally inadequate for the additional threats posed to fielded systems. What is needed is a combination of software and hardware security. For example, today’s SoC FPGAs can be used to implement a hardware security scheme that complements the software and strengthens the system. Ideally, the hardware and software solution should combat three types of security: design security, hardware security, and data security.

    • Design security: This includes IP protection and ensuring that configuration bit streams and firmware are encrypted and protected. Designs need to incorporate a method to ensure that overbuilding or cloning of the design is not possible. Field updates to processor firmware or FPGA configurations need to be authenticated and the payload kept confidential.

    • Hardware security: Designers also need to certify that user-accessible devices are resistant to physical attacks. For example, differential power analysis (DPA) attacks can extract keys and other vital device information. System boot-up needs to be kept secure, not just from remote network-based attacks, but also where the adversary has physical access.

    • Data security: This element ensures that communications into and out of the system are authentic and secure, and sensitive data stored in the system cannot easily be extracted.

    Embedded-system program managers and development teams must design these types of protections into their products

    Key methods for achieving this goal include:

    • Risk assessment
    • Protection planning
    • Attack scenario testing
    • Side-channel analysis and mitigation

    Reply
  39. Tomi Engdahl says:

    Getting started with chaos engineering: 3 top reads in 2018
    https://opensource.com/article/18/12/getting-started-chaos-engineering?sc_cid=7016000000127ECAAY

    Learn how to build more performant, safe, and secure systems with chaos engineering

    Reply
  40. Tomi Engdahl says:

    Directly Executing Chunks of Memory: Function Pointers In C
    https://hackaday.com/2018/05/02/directly-executing-chunks-of-memory-function-pointers-in-c/

    In the first part of this series, we covered the basics of pointers in C, and went on to more complex arrangements and pointer arithmetic in the second part. Both times, we focused solely on pointers representing data in memory.

    Reply

Leave a Reply to Tomi Engdahl Cancel reply

Your email address will not be published. Required fields are marked *

*

*