What we've been reading in September
Here are the articles, videos, and tools that we’ve been excited about this August and September.
We hope you enjoy these links, and we look forward to hearing what you’ve been reading in the comments.
Articles & Learning
- RIOT Summit 2020
The RIOT-OS RTOS puts on a conference every year, and they just published all the content from this year’s gathering.
- Insights from Writing an Embedded IoT App (Almost) Entirely in Rust by Louis Thiery
A post on EmbeddedArtistry detailing the experience and structure of writing an embedded application in Rust.
- Visualization of stateless UART/SPI exported call sequences by Aleksandr Koltsoff
A creative post detailing how one can use a spare UART or SPI interface, a simple tracer, and a set of Python scripts to visualize tracing data using Chrome’s built-in Trace Event profiling tool.
- Linux Plumbers Conference 2020 Recordings
The Linux Plumbers from the 2020 Linux Plumbers Conference
Tons and tons of content from this year’s Linux Plumber’s conference. Notable recordings relevant to the embedded space are the talk Using Zephyr, Linux and Greybus for IoT by Chris Fried and this snippet from one of the GNU Tools Track talking about GCC’s new
-fanalyzeroption presented by the author of the feature.
- How to Implement Firmware CI/CD with Docker by Daniel Lindeman
Simple article about using Docker for building and testing by an engineer from Very, an IoT services company behind the Nerves framework.
- What’s Wrong with MQTT by John S Rinaldi
John digs into why he believes MQTT isn’t the answer that everyone is looking for when it comes to protocols for low power, low bandwidth devices.
- A Field Guide to CoAP — Part 1 by Jonathan Beri
Jonathan writes about the Constrained Application Protocol (CoAP) in the first of a four-part series on the topic. A very good overview and is a good follow-up read to the post above.
- Stopping Bugs: Seven Layers of Defense by Matthew Eshleman
A good overview of the layers of the development process where bugs should be caught, starting from the requirements and specs to the customer (ouch).
- Preview PineTime Watch Faces in your Web Browser with WebAssembly by Lee Lup Yuen
Another incredible and detailed post about developing for the PineTime watch. This time, Lee cross-compiles his embedded LVGL-based GUI applications with Emscripten and then into WebAssembly so that he can develop quickly in the browser! The post is complete with a start-to-finish CI workflow built with Github Actions.
- Introduction to Embedded Linux Security - part 1 by Sergio Prado
An excellent overview of Embedded Linux Security fundamentals including encryption, secure boot, and key storage. As mentioned in a previous blogroll post, subscribe to Sergio’s blog. It’s fantastic.
- A practical guide for cracking AES-128 encrypted firmware updates by Mark Kirschenbaum
A walk-through post about performing a Side Channel Attack (SCA) using Chipwhisperer Hardware.
- Cortex-M – Debugging runtime memory corruption
A great guide on using the Memory Protection Unit (MPU) and Data Watchpoint and Trace Unit (DWT) to catch memory corruption at runtime. The post predates Chris’ post on the topic.
- Separation Between WiFi And Bluetooth Broken By The Spectra Co-Existence Attack by Jiska Classen and Francesco Gringoli
A talk given at DEF CON Safe Mode detailing Spectra, a new attack on combo WiFi/Bluetooth chips that can achieve a denial of service attack.
- CMU 18-642: Embedded Software Engineering
Completely public course from CMU on embedded software engineering. Worth linking again and again.
- DEF CON Safe Mode - Christopher Wade - Beyond Root
- 12 things I learned today about linkers
- Delayed printf for real-time logging
- Hands-On RTOS with Microcontrollers (book) by Brian Amos
A new (relatively) book for the embedded ecosystem. The table of contents looks thorough and uses modern software and tools such as an STM32, FreeRTOS, and a JLink.
- Fun with LCDs and Visual Cryptography by Max Justicz
- Mecrisp Forth on STM32 Microcontroller by Josh Stone
A video showing Mecrisp Forth running on an STM32F1 purchased from AliExpress for $2. It moves quickly, has a bread board in the bottom left of the screen, and Josh seems to be an Emacs user.
- CASIO FX-880P Personal Computer Teardown by Neil Panchal
A teardown of a classic calculator from the 80’s to bring back the nostalgia feelings.
- Considerations for Updating the Bootloader Over-the-Air (OTA) by Drew Moseley from Mender
An article discussing high-level concepts for bootloader designs from a simple one, to multi-stage, to Mender’s own approach.
- Using Github Codespaces for Embedded Development by Benjamin Cabé
A fun video showing how a developer could use the Github Codespaces feature (in beta) to develop for an STM32L4. It looks promising, and if it prevents us all from having to use 20 different IDE’s to do our job, that would be a win.
Neat Open Source Projects
- Knurling-rs by Ferrous Systems
A new project from the team at Ferrous Systems to bring better tooling to the Embedded Rust ecosystem. I imagine this will shape up to be similar to Platform.io, but targeted towards Rust.
MIT’s Scratch drag-and-drop coding environment meets embedded. The software development environment works on all major OS’s and works on a plethora of boards such as the Adafruit Circuit and Clue, and an ESP32. The repo can be found on Bitbucket.
- Glasgow Debug Tool
“Glasgow is a tool for exploring digital interfaces, aimed at embedded developers, reverse engineers, digital archivists, electronics hobbyists, and everyone else who wants to communicate to a wide selection of digital devices with high reliability and minimum hassle”
A simplistic RTOS that places itself between RTOS’s and task schedulers. It is small enough to run on the Arduino Uno and can even be installed through the Arduino Library Manager. If you are looking for something smaller that FreeRTOS, this might be it.
A popular graphics library for embedded systems that has it all. Bidirectional text support, internationalization, and subpixel font rendering.
- PARSEC (Platform AbstRaction for SECurity)
An attempt to build a common API on top of hardware security and cryptographic services, such as secure elements and HSM’s. Contributors include ARM, Docker, and Linaro, adopters include Ranger, Red Hat, and NXP.
A small and clean font rendering library that is roughly 3kB in code size, has antialiasing and kerning support, and can import .ttf fonts.
- Amazon releases more information on Sidewalk Protocol
Amazon gives us the details on its new Sidewalk (LoRa) network and how it plans to build this network over the millions of Alexa and Ring devices that consumers have purchased. The plan has been in the works for a while because even the 1st-gen Echo Dot (2016) can be a Sidewalk Bridge.
- Espressif ESP32: Bypassing Encrypted Secure Boot (CVE-2020-13629)
The final post in Raelize’s fault injection research on the ESP32 platform.
- Nvidia to buy Arm Holdings from SoftBank for $40 billion
We brought our popcorn. We hope you did too. 🍿🍿🍿
- BLURtooth vulnerability lets attackers overwrite Bluetooth authentication keys
A new man-in-the-middle attack exploit affecting BLE versions 4.2-5.0.
- Lattice Semiconductor Embraces Open Hardware, Launches “Community Sourced” Portal
Lattice Semiconductor publicly supports open hardware and has launched a page on their website showcasing boards built by the community.