Random numbers -- really, truly random numbers -- play a very important role in security. Unfortunately, they are also common sources of non-random behavior, as in the Arizona Lottery drawing.
Learn practical and easy-to-apply software process improvements that even the smallest design teams can use to make firmware easier to code, debug and test, with a tools cost of less than $600.
On May 3, 2017, Barr Group CTO and software expert Michael Barr delivered this keynote about the safety and security of Internet of Things devices at the Embedded Systems Conference in Boston.
In a recent DDoS attack, devices such as webcams and DVRs were used to launch an attack on domain service provider, Dyn. The enormity of this event brings to light the importance of securing all devices capable of connecting to the Internet.
The safety and security of every embedded system is dependent upon proper operation of the stack (or stacks, if there are multiple). If a stack overflow occurs, a major or minor malfunction is very likely to follow. Despite this, the stack in the majority of embedded systems is sized based on nothing more than a hunch. As well, run-time stack monitoring is too seldom used.
Unexpected power loss and software bugs can undermine the reliability of non-volatile data. Fortunately, there are various ways to make non-volatile data resilient to such corruption.
This second article on enforceable coding standards for embedded systems adds a set of additional bug-killing rules for using certain C keywords and naming global variables.