Developing software for a safety-related embedded system for the first time
I spend most of my working life with organisations that develop software for high-reliability, real-time embedded systems. Some of these systems are created in compliance with IEC 61508, ISO 26262, DO-178C or similar international standards.
When working with organisations that are developing software for their first safety-related design, I’m often asked to identify the key issues that distinguish this process from the techniques used to develop “ordinary” embedded software.
...“Smarter” cars, unintended acceleration – and unintended consequences
In this article, I consider some recent press reports relating to embedded software in the automotive sector.
In The Times newspaper (London, 2015-10-16) the imminent arrival of Tesla cars that “use autopilot technology to park themselves and change lane without intervention from the driver” was noted.
By most definitions, the Tesla design incorporates what is sometimes called “Artificial Intelligence” (AI).Others might label it a “Smart” (or at least “Smarter”)...
Coding Step 3 - High-Level Requirements
Articles in this series:
- Coding Step 0 - Development Environments
- Coding Step 1 - Hello World and Makefiles
- Coding Step 2- Source Control
- Coding Step 3 - High-Level Requirements
- Coding Step 4 - Design
If this series of articles has been light on one thing it's 'coding'. If it's been light on two things the second is 'embedded'. In three articles I haven't gotten past Hello World on a desktop PC. That changes (slowly) with this article. In this article I'll...
Lessons Learned from Embedded Code Reviews (Including Some Surprises)
My software team recently finished a round of code reviews for some of our motor controller code. I learned a lot from the experience, most notably why you would want to have code reviews in the first place.
My background is originally from the medical device industry. In the United States, software in medical devices gets a lot of scrutiny from the Food and Drug Administration, and for good reason; it’s a place for complexity to hide latent bugs. (Can you say “
Dark Corners of C - The Comma Operator
I've been programming in C for 16 years or so and the language has existed for much much longer than that. You might think that there'd be nothing left to surprise me after so long - but you'd be wrong. Imagine my surprise the first time I saw a line of code that looked something like this:
if (!dry_run && ((stdout_closed = true), close_stream (stdout) != 0))My mind couldn't parse it - what's a comma doing in there (after...
Ten Little Algorithms, Part 4: Topological Sort
Other articles in this series:
- Part 1: Russian Peasant Multiplication
- Part 2: The Single-Pole Low-Pass Filter
- Part 3: Welford's Method (And Friends)
- Part 5: Quadratic Extremum Interpolation and Chandrupatla's Method
- Part 6: Green’s Theorem and Swept-Area Detection
Today we’re going to take a break from my usual focus on signal processing or numerical algorithms, and focus on...
Important Programming Concepts (Even on Embedded Systems) Part VI : Abstraction
Earlier articles:
- Part I: Idempotence
- Part II: Immutability
- Part III: Volatility
- Part IV: Singletons
- Part V: State Machines
We have come to the last part of the Important Programming Concepts series, on abstraction. I thought I might also talk about why there isn’t a Part VII, but decided it would distract from this article — so if you want to know the reason, along with what’s next,
Coding Step 2 - Source Control
Articles in this series:
- Coding Step 0 - Development Environments
- Coding Step 1 - Hello World and Makefiles
- Coding Step 2 - Source Control
- Coding Step 3 - High-Level Requirements
- Coding Step 4 - Design
When I first started out in programming, version control was not an introductory topic. Not in the least because it required a 'server' (ie, a computer which a teenaged me couldn't afford) but because it seemed difficult and only useful to teams rather than...
Coding Step 1 - Hello World and Makefiles
Articles in this series:
- Coding Step 0 - Development Environments
- Coding Step 1 - Hello World and Makefiles
- Coding Step 2 - Source Control
- Coding Step 3 - High-Level Requirements
- Coding Step 4 - Design
Step 0 discussed how to install GCC and the make utility with the expectation of writing and compiling your first C program. In this article, I discuss how to use those tools we installed last time. Specifically, how to use GCC to compile a C program and...
Important Programming Concepts (Even on Embedded Systems) Part V: State Machines
Other articles in this series:
- Part I: Idempotence
- Part II: Immutability
- Part III: Volatility
- Part IV: Singletons
- Part VI: Abstraction
Oh, hell, this article just had to be about state machines, didn’t it? State machines! Those damned little circles and arrows and q’s.
Yeah, I know you don’t like them. They bring back bad memories from University, those Mealy and Moore machines with their state transition tables, the ones you had to write up...
From bare-metal to RTOS: 5 Reasons to use an RTOS
Developers can come up with amazing and convoluted reasons to not use an RTOS. I have heard excuses ranging from they are too expensive (despite open source solutions) all the way to they aren’t efficient and use too much memory. In some circumstances some excuses are justified but there are many reasons why a developer should look to an RTOS to help with their real-time scheduling needs.
From bare-metal to RTOS Quick LinksTenderfoot: Embedded Software and Firmware Specialties
Once upon a time (seven years ago) I answered a question on Stack Overflow. Then Stephane suggested I turn that answer into a blog post. Great idea! This post dives deeper into the original question: “Is it possible to fragment this field (embedded software and firmware) into sub-fields?”
This post represents a detailed and updated response to my original Stack Overflow answer. I hope this post provides guidance and useful information to the “tenderfoots” in the...
Video-Based STEM Embedded Systems Curriculum, Part 1
Contents:- Introduction
- Adapting To Your Circumstances
- Suggested Policies
- The Video Educators
- Equipment, Books, and Supplies
- Lesson Summary
- Suggested Teaching Method
Video-Based STEM Embedded Systems Curriculum, Part 2
Contents:- Introduction
- Lesson Plan 1: Introducing Arduino
- Lesson Plan 2: Circuit Drawings With Fritzing
- Lesson Plan 3: Basic Electronics
- Coming Soon
This post continues from part 1. It contains the first three lesson plans.
Lesson Plan 1: Introducing ArduinoThis lesson is first because Arduino is the simplest programming environment, yet allows lots of interaction with hardware. In...
Embedded Firmware Refactoring, Optimisation and Migration
Legacy products are often based on older hardware platforms which often become under-powered or run out of memory which constrains further product development. Customers are always looking for new features and improved performance but often either don’t want to invest in new hardware or need to retain the current field population of devices.
These are ongoing challenges for any product manufacturer, but are particularly highlighted in embedded systems where product...
Jaywalking Around the Compiler
Our team had another code review recently. I looked at one of the files, and bolted upright in horror when I saw a function that looked sort of like this:
void some_function(SOMEDATA_T *psomedata) { asm volatile("push CORCON"); CORCON = 0x00E2; do_some_other_stuff(psomedata); asm volatile("pop CORCON"); }There is a serious bug here — do you see what it is?
Review: Modern Software Engineering
This is actually a review of 3 books by Dave Farley, because they really form a set:
- Modern Software Engineering: Doing What Works to Build Better Software Faster (just released for 2022, 224 pages)
- Continuous Delivery: Reliable Software Releases through Build, Test, and Deployment Automation (co-authored with Jez Humble, 2011, 463 pages)
- Continuous Delivery Pipelines: How To Build Better Software Faster (2021,...
Who needs source code?
Many developers feel that the supplying source code is essential for licensed software components. There are other perspectives, including the possibility of it being an actual disadvantage. Even the definition of source code has some vagueness.
Stand-by or boot-up
Many factors affect the usability of devices - a key one is how long it takes to start up.
Tracing code and checking timings
Debugging resource limited systemsApplications writers that write code on large systems have it easy. Well, perhaps not easy, but certainly easier. There are some things that they don't have to worry about and there is a huge array of tools available to them when it comes time to debug. The have choices in their toolsets, lots of choices. They also have a large selection of available methods for getting debugging information out to them such as log files, proc entries, pop up dialog boxes or...
STM32 VS Code Extension Under The Hood
VS Code is becoming the "go to" environment for many developers. Increasingly, toolchain providers are publishing VS Code extensions and ST has recently followed suit. Additionally, CMake is significantly growing in popularity, with many projects adopting it for its ease of use and flexibility. This video shows how the STM32 VS Code extension works under the hood and how to get more out of it.
Specifically, we'll review the CMake files generated by the VS Code extension and how to modify...
AI at the Edge - Can I run a neural network in a resource-constrained device?
Hello Related Communities,
This is my first time blogging since joining Stephane in November. He and I were at Embedded World together and he asked me to write about some of the important trends as they relate to all of you. I expect to post others in the near future, but the biggest trend in the embedded space was all of the activity around artificial intelligence (AI) at the edge.
This trend caught me a bit by surprise. I have been doing a lot of reading about AI over the last...
Simulating Your Embedded Project on Your Computer (Part 2)
Having a simulation of your embedded project is like having a superpower that improves the quality and pace of your development ten times over! To be useful, though, it can't take longer to develop the simulation than it takes to develop the application code and for many simulation techniques "the juice isn't worth the squeeze"! In the last article, I showed you how to use the terminal (i.e. printf/getchar) to easily make a completely functional simulation. In this article, we'll take simulation to the next level, either in terms of realism (by using virtual hardware) or in terms of user experience (by using a GUI to simulate our hardware, instead of using the terminal).
Short Circuit Execution vs. Unit Testing
The key to effective communication is to say what you mean and avoid ambiguity. Words and phrases with multiple meanings can confuse your audience and hinder communication. That’s why so many programmers prefer writing code to writing specifications: written human language introduces ambiguity and subsequently, confusion. Code only has one interpretation, period. This doesn’t, however, ensure that the right message is getting through. Code can, indeed, only do one thing,...
Scorchers, Part 2: Unknown Bugs and Popcorn
This is a short article about diminishing returns in the context of software releases.
Those of you who have been working professionally on software or firmware have probably faced this dilemma before. The scrum masters of the world will probably harp on terms like the Definition of Done and the Minimum Viable Product. Blah blah blah. In simple terms, how do you know when your product is ready to release? This is both an easy and a difficult question to answer.
What makes...
Video-Based STEM Embedded Systems Curriculum, Part 1
Contents:- Introduction
- Adapting To Your Circumstances
- Suggested Policies
- The Video Educators
- Equipment, Books, and Supplies
- Lesson Summary
- Suggested Teaching Method
++i and i++ : what’s the difference?
Although the ++ and -- operators are well known, there are facets of their operation and implementation that are less familiar to many developers.
Embedded Toolbox: Source Code Whitespace Cleanup
In this installment of my "Embedded Toolbox" series, I would like to share with you the free source code cleanup utility called QClean for cleaning whitespace in your source files, header files, makefiles, linker scripts, etc.
You probably wonder why you might need such a utility? In fact, the common thinking is that compilers (C, C++, etc.) ignore whitespace anyway, so why bother? But, as a professional software developer you should not ignore whitespace, because it can cause all sorts...
The three laws of safe embedded systems
This short article is part of an ongoing series in which I aim to explore some techniques that may be useful for developers and organisations that are beginning their first safety-related embedded project.
Lightweight hardware abstraction
Some lessons are tougher than others to master. You would think that hard fought battles would be easier to remember, but sometimes it just does not work that way. Recently, I was asked to pick-up a project that had been managed by another employee. The project was yet another cost reduction project. The hardware group was tasked with updating a currently shipping product, to reduce the existing failure rate, while at the same time to remove cost from the...