Isolated Partitioning of Firmware Improves IoT Device Security

There are two methods for improving IoT device security: secure partitioning and secure coding. The latter seems to have gained favor, not only for cloud software, but also for IoT device firmware. This may be because there has not been an effective firmware partitioning solution for microcontroller-based devices using memory protection units (MPUs). We are … Continue reading Isolated Partitioning of Firmware Improves IoT Device Security

Heap for C++ Partitions

The Problem As embedded systems become more eclectic, they are likely to include third-party C++ code. This is especially true since the third-party code may not have been written for embedded systems. C++ poses a problem for partitioned embedded systems (Ref. 1). As discussed in Ref. 2, it is best to use mutexes for heap … Continue reading Heap for C++ Partitions

Let’s KISS

Keep It Simple Stupid has been the motto of many engineers, dating back to Kelly Johnson, who coined the KISS acronym at the Lockheed Skunk Works in the 1960s. It means that simpler designs are better. What we first create is usually complicated. Refactoring it makes it simpler and simpler. This is better because it … Continue reading Let’s KISS

Visio for Engineers

I had a terrible time when I first started using Visio. I found it to be non-intuitive and frustrating to use. In retrospect this was probably due to my being an engineer and the creators of Visio being graphic artists. What was intuitive to them was not intuitive to me. Over time, I have learned … Continue reading Visio for Engineers

Ten Windows

I recently read Viewpoint: IoT and the cybersecurity industry’s hardware blind spot by Shahram Mossayebi. It is well-written and informative. Although the Hardware Root of Trust (HRoT) based upon immutable device identity, as discussed in this article, may be essential, I don’t think it is the complete solution for security of IoT devices. It does nothing … Continue reading Ten Windows

The Engineering Funnel

Salesmen and Marketeers are fond of the Sales Funnel. Basically, it represents a sales process wherein a prospect starts at the top of the funnel with many options to chose from. Under the skillful guidance of the salesman, who is deploying the marvelous materials of the marketeer, the prospect eliminates options as he moves down … Continue reading The Engineering Funnel

Using Heaps in Embedded Systems

I recently read an interesting heap article (Ref. 1) posted on embedded.com. While I largely agree with its author, Colin Walls, I thought it would be interesting to elaborate on some of his points. Heaps are becoming common in embedded systems due to growth in complexity and due to bringing in third-party software that was … Continue reading Using Heaps in Embedded Systems

Blocking USB Threats

Factory threats are escalating at a staggering rate. Honeywell has written a helpful report (Ref. 1) on how USB devices are being used to circumvent the air gap that protects most factories. This is becoming a serious industrial cybersecurity problem. One type of USB device is specifically designed to inject a trojan horse into a … Continue reading Blocking USB Threats

Improving IoT Device Security

I just read a very good article, Supply Chain Security Guidance, by the staff at Finite State, Inc. This article brings home the massive impact upon embedded devices that President Biden’s Executive Order on Improving the Nation’s Cybersecurity will have. I think it is clear from this article that very few existing connected devices are … Continue reading Improving IoT Device Security

MPU Extension

In any real project using a secure RTOS with a Memory Protection Unit (MPU), you are likely to run out of MPU slots for at least some tasks. One group of culprits is peripheral drivers, which tend to require multiple IO regions. If you have only one region to give to your task, you may … Continue reading MPU Extension