The three laws of safe embedded systems
This short article is part of an ongoing series in which I aim to explore some techniques that may be useful for developers and organisations that are beginning their first safety-related embedded project.
Developing software for a safety-related embedded system for the first time
I spend most of my working life with organisations that develop software for high-reliability, real-time embedded systems. Some of these systems are created in compliance with IEC 61508, ISO 26262, DO-178C or similar international standards.
When working with organisations that are developing software for their first safety-related design, I’m often asked to identify the key issues that distinguish this process from the techniques used to develop “ordinary” embedded software.
...“Smarter” cars, unintended acceleration – and unintended consequences
In this article, I consider some recent press reports relating to embedded software in the automotive sector.
In The Times newspaper (London, 2015-10-16) the imminent arrival of Tesla cars that “use autopilot technology to park themselves and change lane without intervention from the driver” was noted.
By most definitions, the Tesla design incorporates what is sometimes called “Artificial Intelligence” (AI).Others might label it a “Smart” (or at least “Smarter”)...
Coding Step 3 - High-Level Requirements
Articles in this series:
- Coding Step 0 - Development Environments
- Coding Step 1 - Hello World and Makefiles
- Coding Step 2- Source Control
- Coding Step 3 - High-Level Requirements
- Coding Step 4 - Design
If this series of articles has been light on one thing it's 'coding'. If it's been light on two things the second is 'embedded'. In three articles I haven't gotten past Hello World on a desktop PC. That changes (slowly) with this article. In this article I'll...
Lessons Learned from Embedded Code Reviews (Including Some Surprises)
My software team recently finished a round of code reviews for some of our motor controller code. I learned a lot from the experience, most notably why you would want to have code reviews in the first place.
My background is originally from the medical device industry. In the United States, software in medical devices gets a lot of scrutiny from the Food and Drug Administration, and for good reason; it’s a place for complexity to hide latent bugs. (Can you say “
Dark Corners of C - The Comma Operator
I've been programming in C for 16 years or so and the language has existed for much much longer than that. You might think that there'd be nothing left to surprise me after so long - but you'd be wrong. Imagine my surprise the first time I saw a line of code that looked something like this:
if (!dry_run && ((stdout_closed = true), close_stream (stdout) != 0))My mind couldn't parse it - what's a comma doing in there (after...
Ten Little Algorithms, Part 4: Topological Sort
Other articles in this series:
- Part 1: Russian Peasant Multiplication
- Part 2: The Single-Pole Low-Pass Filter
- Part 3: Welford's Method (And Friends)
- Part 5: Quadratic Extremum Interpolation and Chandrupatla's Method
- Part 6: Green’s Theorem and Swept-Area Detection
Today we’re going to take a break from my usual focus on signal processing or numerical algorithms, and focus on...
Important Programming Concepts (Even on Embedded Systems) Part VI : Abstraction
Earlier articles:
- Part I: Idempotence
- Part II: Immutability
- Part III: Volatility
- Part IV: Singletons
- Part V: State Machines
We have come to the last part of the Important Programming Concepts series, on abstraction. I thought I might also talk about why there isn’t a Part VII, but decided it would distract from this article — so if you want to know the reason, along with what’s next,
Coding Step 2 - Source Control
Articles in this series:
- Coding Step 0 - Development Environments
- Coding Step 1 - Hello World and Makefiles
- Coding Step 2 - Source Control
- Coding Step 3 - High-Level Requirements
- Coding Step 4 - Design
When I first started out in programming, version control was not an introductory topic. Not in the least because it required a 'server' (ie, a computer which a teenaged me couldn't afford) but because it seemed difficult and only useful to teams rather than...
Coding Step 1 - Hello World and Makefiles
Articles in this series:
- Coding Step 0 - Development Environments
- Coding Step 1 - Hello World and Makefiles
- Coding Step 2 - Source Control
- Coding Step 3 - High-Level Requirements
- Coding Step 4 - Design
Step 0 discussed how to install GCC and the make utility with the expectation of writing and compiling your first C program. In this article, I discuss how to use those tools we installed last time. Specifically, how to use GCC to compile a C program and...
Mutex vs. Semaphore - Part 1
It never ceases to amaze me how often I see postings in forums asking the difference between a semaphore and a mutex. Probably what baffles me more is that over 90% of the time the responses given are either incorrect or missing the key differences. The most often quoted response is that of the “The Toilet Example (c) Copyright 2005, Niclas Winquist” . This summarises the differences as:
- A mutex is really a semaphore with value 1
No, no, and no again....
Remember Y2K?
There was fear that the turn of the century at the end of 1999 would cause problems with many embedded systems. There is evidence that the same issue may occur in 2038.
Thumb Rules for Effective Meetings
Meetings are unavoidable at any work place. At most occasions, meetings can be frustrating. We all face meeting-nightmares in our professional life.
I worked on a project, where none of the team-members were ever interested in any kind of group discussion or formal communication. At early stages of the project, no one wanted to be a part of decision making process. During middle-stages of the project, no one wanted to share any status updates or discuss any critical issues. And finally when...
10 Software Tools You Should Know
Unless you're designing small analog electronic circuits, it's pretty hard these days to get things done in embedded systems design without the help of computers. I thought I'd share a list of software tools that help me get my job done. Most of these are free or inexpensive. Most of them are also for working with software. If you never have to design, read, or edit any software, then you're one of a few people that won't benefit from reading this.
Disclaimer: the "best" software...
Jaywalking Around the Compiler
Our team had another code review recently. I looked at one of the files, and bolted upright in horror when I saw a function that looked sort of like this:
void some_function(SOMEDATA_T *psomedata) { asm volatile("push CORCON"); CORCON = 0x00E2; do_some_other_stuff(psomedata); asm volatile("pop CORCON"); }There is a serious bug here — do you see what it is?
A wireless door monitor based on the BANO framework
IntroductionI have been thinking for a while about a system to monitor the states of my flat and my garage doors from a remote place. Functionnaly, I wanted to monitor the state of my doors from a remote place. A typical situation is when I leave for holidays, but it can also be useful from the work office. To do so, I would centralize the information on a server connected on the Internet that I could query using a web browser. The server itself would be located in the appartement, where...
Dumb Embedded System Mistakes: Running The Wrong Code
ContentsReview: Modern Software Engineering
This is actually a review of 3 books by Dave Farley, because they really form a set:
- Modern Software Engineering: Doing What Works to Build Better Software Faster (just released for 2022, 224 pages)
- Continuous Delivery: Reliable Software Releases through Build, Test, and Deployment Automation (co-authored with Jez Humble, 2011, 463 pages)
- Continuous Delivery Pipelines: How To Build Better Software Faster (2021,...
Short Circuit Execution vs. Unit Testing
The key to effective communication is to say what you mean and avoid ambiguity. Words and phrases with multiple meanings can confuse your audience and hinder communication. That’s why so many programmers prefer writing code to writing specifications: written human language introduces ambiguity and subsequently, confusion. Code only has one interpretation, period. This doesn’t, however, ensure that the right message is getting through. Code can, indeed, only do one thing,...
Dark Corners of C - The Comma Operator
I've been programming in C for 16 years or so and the language has existed for much much longer than that. You might think that there'd be nothing left to surprise me after so long - but you'd be wrong. Imagine my surprise the first time I saw a line of code that looked something like this:
if (!dry_run && ((stdout_closed = true), close_stream (stdout) != 0))My mind couldn't parse it - what's a comma doing in there (after...
Getting Started With Zephyr: West Manifest Customization
IntroductionThe Zephyr Project RTOS (https://zephyrproject.org/), or simply “Zephyr” as it is known colloquially, is an increasingly popular real-time operating system due to its native support for over 450 boards and countless peripherals. When starting with any embedded software project, the first task is to start from a known baseline. This can include cloning a repository from source control, which can be the case with embedded Linux, or downloading a zip file representing a...
Deeply embedded design example - Logic replacement
I have always believed that some of the low-cost, low-pin count, low-resource microprocessors would make an excellent choice for the replacement of discrete logic components. In these cases the deeply embedded microprocessor would become less of a general purpose computer and more of a logic replacement, providing a prescribed function with no connection to the outside world. In a world of bigger, faster and more expensive, it is a pleasant change of pace...
Vala applications on Embedded Linux: maybe a clever choice [part 1]
Vala is a sexy, open source, high level programming language that appeared in 2006, it counts with a modern typing system, is object oriented, compiled and statically typed, it has a almost identical syntax to C# and is maintained by GNOME. The language was created as a power abstraction of the GLib and GTK libraries, two considerably lightweight and powerful libraries written in C, and it is used in projects such as GNOME Clocks, Shotwell, GXml and Elementary OS.
namespace...Surprising Linux Real Time Scheduler Behavior
I have recently been helping with embedded software design and development for a data acquisition and visualization device. The software executes within an embedded Linux context and consists of various animated user interfaces rendering the acquired data.
The data is received via a UART and a SPI connection. During project development we noticed poor UART data latency issues during heavy user interface animations. For this product to properly meet its acquisition requirements, the UART...
C++ on microcontrollers 3 – a first shot at an hc595 class with 8 output pins
This blog series is about the use of C++ for modern microcontrollers. My plan is to show the gradual development of a basic I/O library. I will introduce the object-oriented C++ features that are used step by step, to provide a gentle yet practical introduction into C++ for C programmers. Reader input is very much appreciated, you might even steer me in the direction you find most interesting.
In the first part of...
Embedded Firmware Refactoring, Optimisation and Migration
Legacy products are often based on older hardware platforms which often become under-powered or run out of memory which constrains further product development. Customers are always looking for new features and improved performance but often either don’t want to invest in new hardware or need to retain the current field population of devices.
These are ongoing challenges for any product manufacturer, but are particularly highlighted in embedded systems where product...
The Hardest Bug I Never Solved
I agreed to four hours.
Four hours to help hunt down and kill a bug. A terrible malicious bug that was eating away at this project, wreaking havoc upon the foundations of a critical feature, and draining time randomly from every one of eight firmware engineers on this project. Quite honestly, I can’t remember the last time it took more than an hour or two for me to locate, isolate, and fix a firmware bug. Surely I could help find and solve this issue within four...
Review: Modern Software Engineering
This is actually a review of 3 books by Dave Farley, because they really form a set:
- Modern Software Engineering: Doing What Works to Build Better Software Faster (just released for 2022, 224 pages)
- Continuous Delivery: Reliable Software Releases through Build, Test, and Deployment Automation (co-authored with Jez Humble, 2011, 463 pages)
- Continuous Delivery Pipelines: How To Build Better Software Faster (2021,...
3 Overlooked Embedded Software Elements
Have you ever wondered, while you and your team are busy writing software if the foundation of how embedded software systems are built has changed and left you in the dust? What if while you were busily focusing on getting your product out the door, fighting bugs, and dealing with supply issues, there were techniques and processes that you completely overlooked that could save the day? I’ve found three elements embedded software teams often underutilize that could dramatically improve...
Getting Started With Zephyr: Kconfig
In this blog post, we briefly look at Kconfig, one of the core pieces of the Zephyr infrastructure. Kconfig allows embedded software developers to turn specific subsystems on or off within Zephyr efficiently and control their behavior. We also learn how we can practically use Kconfig to control the features of our application using the two most common mechanisms.