October 2017

Welcome to the October 2017 edition of the Embedded Artistry Newsletter! This is a monthly newsletter of curated and original content to help you build better embedded systems. This newsletter is intended to supplement the website and covers topics not mentioned there.

This month we'll be covering:

  • The BlueBorne Bluetooth vulnerability
  • DARPA funds embedded initiatives
  • A helpful introductory RTOS series
  • Amazon launches an FPGA cloud
  • A terrible security flaw discovered in pacemakers
  • Limiting the number of characters printf displays

The BlueBorne Bluetooth Vulnerability

Armis Labs recently announced a series of eight attack vectors that endanger the majority of our Bluetooth devices, including Android, iOS (pre-10.0), Windows, and Linux. The threat is dubbed "BlueBorne", a blend between Bluetooth and airborne. Affected devices are vulnerable to BlueBorne as long as Bluetooth is enabled, even if the device is not discoverable and not paired to the attacker's device. BlueBorne does not require any action to be completed by the user, and the user may never know his device has been compromised. The disclosed vulnerabilities are fully operational and enable a variety of attacks, such as arbitrary code execution, man-in-the-middle, and information leakage.

Bluetooth is a nearly ubiquitous technology and Armis estimates that over 8.2 billion devices may already be affected. Popular libraries like BlueZ which is used on a variety of PC and embedded systems are compromised. It is recommended to turn off Bluetooth when you are not using it until the vulnerabilities have been addressed. Ensure your software is up-to-date and keep an eye out for software updates on your Bluetooth-enabled systems. If you are building a Bluetooth-enabled system, review the technical paper and ensure that your design is not suspect to the disclosed vulnerabilities.

For more on BlueBorne:

DARPA Funds Embedded Initiatives

DARPA has announced that it is providing funding for six new programs with an embedded focus. DARPA is focusing the new initiatives on researching new materials and integration techniques, improving circuit design tools, and creating new system architectures for microelectronics. The programs that sound the most exciting are in the Materials and Integration category: "Three-dimensional Monolithic System-on-a-chip" (3DSoC) and "Foundations Required for Novel Compute" (FRANC).

3DSoC is aimed at improving speeds and reducing power consumption by transitioning from a 2D circuit layout to a 3D circuit layout. By constructing microelectronic circuits in 3D space (e.g. in a cube) we can create novel design strategies and arrangements for our circuits and chips. Migrating to a 3D circuit arrangement is expected to improve logic density, increase computational speed, optimize for size, and reduce power.

FRANC is looking to overturn John von Neumann's computer architecture model which separates the memory and processing blocks. Computations are often limited by the speed at which data can be moved back-and-forth between the processor and memory. As a result, memory transfer speeds are a major bottleneck in many systems. FRANC's aim is to address this bottleneck by developing a new method for handling memory and logic in a combined manner.

It's exciting to see DARPA inducing major changes in our microelectronic circuits and system architectures. Innovations like these will have a significant impact on our industry in the coming decades.

More on DARPA's new initiatives:

An Introductory RTOS Series

The embedded guru Colin Walls has been working on a series called RTOS Revealed. This series of articles is a great way to learn more about real-time and OS concepts, multi-threaded scheduling, and how to use an RTOS. Colin covers basic RTOS concepts and dives into the Nucleus SE RTOS to provide concrete examples. I recommend reviewing the entire series if you are new to the embedded systems space.

Here's the current lineup of articles:

New articles in the series are released on a monthly cadence.

Amazon Launches an FPGA Cloud

Xilinx and Amazon have partnered to launch customizable FPGA instances in the AWS Cloud for applications that can benefit from hardware acceleration. These instances are built on the Xilinx Virtex UltraScale+ FPGAs and can include up to eight FPGAs per instance. Amazon also provides an FPGA Hardware Developer Kit (HDK) to simplify development of FPGA instances.

A Terrible Flaw Discovered in Pacemakers

465,000 U.S. patients have been told to visit a clinic to receive a firmware update for their St. Jude pacemakers. The firmware contains a security flaw which allows hackers within radio range to take control of a pacemaker. This is one more example demonstrating that security must be a crucial aspect of embedded systems design and development. Taking security shortcuts never pays.

Limiting the Number of Characters printf Displays

I originally hesitated about sharing this tip, but I've found myself repeatedly it: You can control how many characters printf spits out for the %s symbol by specifying a precision.

There are two options for controlling the length. You can specify the maximum using a fixed value:

// Fixed precision in the format string
const char * mystr = "This string is definitely longer than what we want to print.";
printf("Here are first 5 chars only: %.5s\n", mystr);

You can also control the length programmatically by using an asterisk (*) in the format string instead of the length. The length is then specified as an argument and is placed ahead of the string you want to print.

// Only 5 characters printed. When using %.*s, add an argument to specify the length before your string
printf("Here are the first 5 characters: %.*s\n", 5, mystr);

Website Updates

This month, the website went through a total visual redesign!

Old pages such as "Around the Web" have been split out into separate pages to provide better categorization:

I've also added some new pages in the "About" section:

These were the most popular articles in September:

  1. Installing Clang/LLVM on OSX
  2. Circular Buffers in C/C++
  3. C++11 Fixed Point Arithmetic Library
  4. An Overview of C++ STL Containers
  5. std::string vs C-strings

Goodbye to a Dear Friend

We lost our dear companion and beloved mascot Jensen to stomach cancer. She will be sorely missed.


Thanks for Reading!

Have any feedback, suggestions, interesting articles, or resources to recommend to other developers? Respond to this email and let me know!