Programming

Some Thoughts on Securing IoT Devices

Tags: Cryptography, Embedded, Programming, Security

Security in the Internet of Things (IoT) leaves much to be desired. Some of the recent DDoS attacks such as those through Mirai on DNS provider Dyn or on popular security site KrebsonSecurity have been possible due to weak security measures in things like network connected cameras. There are many reasons why the situation is what it is today, but that will not be the topic of this entry. While we have seen some initiatives, notably the security guidelines (PDF) by NIST and some comments made by Bruce Schneier, I feel that this leaves a lot of people wondering what practical measures to take to secure their devices. Many companies in the IoT are start-ups lacking a proper understanding of what security in the embedded field entails, and might lack (or didn't plan for) the budget to hire dedicated security people. The goal of this blog entry are to (hopefully) lift the veil on some of the methodologies that should be employed to create more secure IoT systems from a very practical point of view.

IOT

Standard Peripherals Library vs CMSIS vs HAL vs Low Level Library

Tags: ARM, C, Electronics, Embedded, Programming

The STM32 line of microcontrollers offer a bunch of features in a nice package at reasonable cost, something I like. What I don't like as much are the development libraries around it provided by ST. For this reason, most of the time I stick to writing code using the 'Cortex Microcontroller Software Interface Standard' (CMSIS) and the datasheet, and this works nicely but can be slow to develop. While it's still my personal favorite, I recently checked out the other options to see where things are going to do the prep work for some ports of older projects built using the 'Standard Peripherals Library' to newer processors such as the STM32L4.

 

Microcontroller

 

Anyone Can Code...

Tags: Other, Programming

Every time I hear the "everybody can code" line...

Anyone Can Code

Flashing STM32L15X EEPROM with STLink under Linux

Tags: Embedded, Linux, Programming

For a while now I've been evaluating some 32-bit micro controllers for a future product. One of them was the STM32L15x series. There are some handy development boards available such as the Nucleo boards. Since we need to have the ability to program processors from Linux for our small production line, tool support is one of the checkboxes that need to be ticked.

For the STM32 series, flashing the microcontroller can be done through GDB, OpenOCD, and the STLink tool. One issue that arose however was the need to program the EEPROM available on the STM32L series. This requirement comes from need to generate and program different EEPROM content on a per board basis at the production line. Doing that requires a few tweaks that are documented below...

Solutions

 

On Processes and Threads

Tags: C, Computer Architecture, Linux, Programming

Some time ago I followed an interesting discussion on a board where people were discussing multi-core software development. During the course of the discussion it became apparent that there is a lot of confusion and misconceptions about a 'process' and a 'thread' as they exist on e.g., a Linux system. Both are applicable to make use of multi-core systems, but they do so in different ways. Even though the exact distinction while compared to early definitions of the terms has perhaps become somewhat blurred, the two remain separate entities which can complement each other perfectly. In this post I'm going to try and illustrate the similarities and differences, and show you some real life scenarios of both. Keep in mind that we will be making some generalizations - and there are lots of examples where these generalizations do not directly apply, or where there are other possible implementations of the cited examples. Going into these would turn this blog entry into an entire book...

Multiprocess

Kickstarter - Part Deux

Tags: Embedded, GPS, Programming

In the spirit of "never give up, never surrender", we're back with a Kickstarter project! Just like the previous one, it has to do with GPS and location, but this time we focus on a particular application: bike security and tracking. We're doing this project in partnership with Cycling Boom.

 

 

New Horizons for Embedded

Tags: Computer, Embedded, Programming, School

Well, maybe not that new - but definitely something that is getting more and more important. 

The embedded development toolbox is rapidly expanding, and it is becoming harder and harder to find people skilled in these tools. Starting from the university, 'embedded' is considered hard and not as 'cool' as traditional software development. Why spend hours hacking away and reading datasheet to get to blink a LED and send 'hello world' over a UART when you could build rich graphical programs with web technologies or mobile? The fact that embedded development requires a wide skill set going from electronics, process control, signal processing to software, to Matlab means that substantial time is required to form a good base on which to build the required specialized skill sets. Not many people are willing to do that. 

For your future career

Tags: Embedded, Programming, School

 From a recent LinkedIn thread (didn't correct spelling, but you get the idea):

Need suggestion for future career

Hello all, I'm looking for a new job, but now I'm really confused. My friends suggest me for iOS/Android development, 'cause that are the most popular and easy to get started. But for me, that's not cool, not challenging and not exciting at all. No offents. Most of them are SNS and incredible easy on programing. I was tired some hardware R&D company, didn't goes well, very little salary or named "R&D" in fact "Copy and Paste"(and some company just told me that "BEc not under consideration"). I love embedded C programming, but looks my country didn't (nobody interested in teach newbie), it's too hard to improve my skill without product R&D. Should I follow my firend's advice to became a framework based SDE, or other way out?

It is not just this one person, but plenty of other young people struggle with this, in a variety of different fields. I replied with a 5 step 'program' to the question, and it seems that others appreciated it as well. I'm reproducing it here just in case it disappears from LinkedIn...

Kids these days...

Tags: Embedded, Programming, School

Recently I've noticed an increasing amount of questions in several LinkedIn groups I joined regarding people new in the field asking questions which are easily found using a basic internet search. Furthermore, we have students and others ask questions with regard to degrees and experience in the field. After replying to dozens of posts like that, I thought it would be good to condense the information spread across several groups into one blog post as a reference for future questions.

While the groups in question are particularly focused on embedded engineering, operating systems and software engineering, I assume similar posts are present in other groups. Hopefully, some will find their way to this blog and find the information in this post useful. I'm sure this phenomenon isn't limited to LinkedIn groups either...

Men in Black Orange

Dealing with Passwords

Tags: Cryptography, Programming, Security

After the recent leaks of password hashes from LinkedIn and others, I thought it would be a good idea to write down some 'best practices' in how to properly deal with user passwords and sensitive data. This entry is by no means complete, nor is it the be all, end all there is to say about the topic. What it does try to do is give a decent starting point to eliminate basic mistakes which could lead to embarrasment later one. If you're developing a new website, or bringing another one up to date or are otherwise working with users and passwords, these tips might be of help. Let's start...

X-Ray Key

Syndicate content