How-to articles about the design of secure embedded systems.
Random numbers -- really, truly random numbers -- play a very important role in security. Unfortunately, they are also common sources of non-random behavior, as in the Arizona Lottery drawing.
Learn practical and easy-to-apply software process improvements that even the smallest design teams can use to make firmware easier to code, debug and test, with a tools cost of less than $600.
On May 3, 2017, Barr Group CTO and software expert Michael Barr delivered this keynote about the safety and security of Internet of Things devices at the Embedded Systems Conference in Boston.
In a recent DDoS attack, devices such as webcams and DVRs were used to launch an attack on domain service provider, Dyn. The enormity of this event brings to light the importance of securing all devices capable of connecting to the Internet.
The safety and security of every embedded system is dependent upon proper operation of the stack (or stacks, if there are multiple). If a stack overflow occurs, a major or minor malfunction is very likely to follow. Despite this, the stack in the majority of embedded systems is sized based on nothing more than a hunch. As well, run-time stack monitoring is too seldom used.
Unexpected power loss and software bugs can undermine the reliability of non-volatile data. Fortunately, there are various ways to make non-volatile data resilient to such corruption.
Understanding software and hardware bugs in other embedded systems can help you identify, diagnose, and fix bugs in your own.
State machines are perhaps the most effective method for developing robust event-driven code for embedded systems.
A C coding standard can help keep bugs out of embedded software by leveraging common language features and development tools.
This second article on enforceable coding standards for embedded systems adds a set of additional bug-killing rules for using certain C keywords and naming global variables.
Barr Group's 2016 Embedded Systems Safety & Security Survey had participation from more than 2,500 embedded systems design engineers and revealed a number of interesting trends in the embedded industry.
It’s a fact: When you create code, you create bugs. Listen in as we present the finer points of Test-Driven Development (TDD) - a game-changing approach to embedded software development that can greatly reduce bugs early in the development process. TDD is not a debugging technique but rather an approach to proactively preventing defects.
As Internet connectivity advances, the transportation, automotive, medical device, smart grid and other industry sectors have become more dependent on embedded software. But is software reliable?
As if debugging traditional PC/server software or even smartphone apps wasn't hard enough, debugging embedded software adds significant challenges.
A number of embedded systems, such as medical devices and printers, feature replaceable components designed to be installed new, consumed through one or more cycles of product use, and ultimately disposed.
With thoughtful design, user interfaces for embedded systems can avoid some user errors altogether and helpfully guide the user through the rest.
For embedded software developers, the most significant improvements to the C programming language made in the ISO C99 standard update are in the new <stdint.h> header file. Learn the typedef names for the new fixed width integer data types, to make hardware interfacing in C easier.
In the market for a real-time operating system (RTOS)? This article provides an overview of RTOSes and how you can select the best one for your project.
Language specifications, including those for C and C++, are often loosely written. A static analysis tool called lint can help you find dangerous and non-portable constructs in your code before your compiler turns them into run-time bugs.
Memory leaks can be particularly risky for long-running embedded systems. Here are some tools to identify, track, and analyze memory leaks in embedded C and C++ programs.
Embedded systems programmers often value the assert() macro. This article explores the underlying definition of this handy macro, to show you how to roll your own.
The assert() macro is one of those simple tools that would not seem to merit an entire article, but I have come across an alarming number of engineers who have not heard of it or do not use it.
To keep a watchdog timer from resetting your system, you've got to kick it regularly. But that's not all there is to watchdog science. We will examine the use and testing of a watchdog, as well as the integration of a watchdog into a multitasking environment.
CRCs are among the best checksums available to detect and/or correct errors in communications transmissions. This article shows how to implement an efficient CRC in C or C++.
Many common types of data transmission errors cannot be detected by additive checksums. This article describes a stronger type of checksum known as a CRC.
What if data is lost or corrupted in transit? Communication protocols usually attempt to detect such errors automatically. To do that they use checksums.
