Please downloadPlease download images to give correct formatting OR Click here for on-line graphical version
Phaedsys Banner
Cost effective Safety Critical and High Reliability Embedded Systems Tools
 |  People | Shadow People  | Small People |
 | Happy Fruit | vulnerabilities | more Security |  interesting reading |
Visit us online
Where did summer go?
 
Welcome back. Already in Britain we have autumn settling in. The leaves are turning strong winds are blowing, schools are back and next week many universities begin Freshers' Week.
 
In the supermarkets the Christmas offers are appearing and almost every pub and restaurant is urging you to book your Christmas party. However, between now and then there is a lot happening and next month we have some exciting news for you
PhaedruS SystemS
Gay subversion
Following on from the "Raspberry Pi is gay" campaign (see https://www.change.org/p/boycott-raspberry-pi-foundation ) we were sent another example of how the gay community is subverting the electronics industry. Thanks Ted!
.gay cable
 
Tracealyzer Action
The summer hasn't slowed down Percepio. They have released a Maker's Edition of Tracealyzer for hobby developers and makers, at 75% off list price. It can only be used for non-commercial projects, but there is a low-cost upgrade route if your hobby product looks as though it can make money for you. More info at 
 
Alan Hawse, evangelist and 26-year veteran at Cypress Semiconductors, has published a series of informative blog post detailing how you can integrate Percepio Tracealyzer into Cypress' developer toolset - PSoC Creator. Much of what he writes has value for other targets, so check out the first post at IoT Expert ( https://iotexpert.com/2017/07/18/percepio-tracealyzer-psoc-4200m/and follow the links to later blog
 
Percepio is beginning a series of blogs on Tracealyzer Power Users - If you are using Tracealyzer and would e interested in participating in an email-based interview, please contact me. (email to  
mailto:info@phaedsys.com?subject=Percepio interview )  Percepio will be happy to mention your company (or not).
 
And if you are using ST's STM32 microcontroller and an  RTOS,  Tracealyzer is now available  for you!!
Free Money with Tracealyzer
Acash research group at Mälardalen University in Sweden, is investigating how RTOS trace tools like Percepio Tracealyzer can be extended for testing purposes and automatically detect bugs related to concurrency and timing. They are looking for examples of real world bugs. Percepio wants to help them, so if you have RTOS traces, recorded with Tracealyzer, showing a bug or performance issue, send your trace file and a description of the bug to info@percepio.com.

The description must explain what the problem is (the symptoms) and how it
appears in Tracealyzer. In return, every contribution accepted by Percepio will be rewarded with a $25 gift certificate from amazon.com (terms and conditions apply, see details
here). 
Killer car wash?
Anothercar wash example of people connecting to the Internet without thinking things through appeared just after we sent out our last newsletter. Car wash maker PDQ has a built-in web server to allow the wash operator to carry out remote monitoring.
 Two researchers logged into a car wash (using password 12345) and discovered that they could potentially override safety to the extent that they could crush a car with the washer's doors or push in the roof with the overhead brush bar. See more at 
 
Claude Shannon
ClaudeclaudeShannon Shannon, who, in a paper, A Mathematical Theory of Communication
(http://math.harvard.edu/~ctm/home/text/others/shannon/entropy/entropy.pdf) effectively created Information Theory, is the subject of a new biography.
 
In Scientific American https://blogs.scientificamerican.com/cross-check/profile-of-claude-shannon-inventor-of-information-theory/  there is a profile of the man, who apparently was remembered at Bell Labs as much for juggling while riding a unicycle through the corridors as for his contribution to electronics (his PhD was on how Boolean Logic could be applied to electronic circuits) and Information Theory.
Segger's busy summer
Segger has had a busy summer. They have released a free add-on that will enable an FTP server on a host machine, letting you quickly and easily exchange information with a target embedded device using the embOS/IP FTP server.
 
To make that communication even easier, there is new IP-over-USB technology. This means that accessing a web server on a target device can be pure plug and playsi
 
Clock synchronisation is increasingly necessary for connected devices, and the new PTP software module is an implementation of IEEE 1588-2008. The target device can use ethernet to connect to a reference clock and without hardware support PTP provides sub-millisecond synchronisation between target and reference, while 100ns is achievable with hardware support.
 
Embedded guru, Jacob Beningo, has upgraded from the J-Link Ultra to the J-Trace and has written a very positive review. He is also using the J-Trace in a webinar on Septmeber 27th
 https://register.gotowebinar.com/rt/5208590375299798273?source=Segger
How to make a project fail (2)
Following on from our last newsletter, Dilbert has, as so often, cracked it 
 
 Free Coding Standard
Michael Barr, whose Barr Group has argued strenuously for the use of tools in developing embedded systems, has decided to make his C Coding Standard available at no charge as part of Barr Group's bigger initiative to help engineers develop more secure products and to encourage engineers to follow the action plan that Michael Barr laid out during his ESC keynote earlier this year:
 
Action Plan:
#1. Don't ignore security
#2. Adopt Software best practices
#3. Use cryptography
#4. Secure the bootloader
#5. Defense in depth
 
The standard is available for download from https://barrgroup.com/Embedded-Systems/Books/Embedded-C-Coding-Standard . This is not a replacement for MISRA C guidelines, but a lighter touch, perhaps as an entry level route to implementing coding guidelines
Autonomous cars
The UK government has issued guidelines for the development of autonomous vehicles which "will ensure engineers developing smart vehicles will have to toughen up cyber protections and help design out hacking." There is a lot of good stuff in the Principles of cyber security for connected and automated vehicles, downloadable from https://www.gov.uk/government/publications/principles-of-cyber-security-for-connected-and-automated-vehicles
Crowds swat bugs
We recently discovered an organisation called Bugfinders (https://www.bugfinders.com/ ). It claims 55,000 testers around the world who carry out web testing, cutting testing time from weeks to hours. We don't know how good they are but if you have an application with a web interface you might want to give them a try.
Application Security
The National Institute of Standards and Technology (NIST) reports that 64% of software vulnerabilities stem from programming errors and not a lack of security features. PRQA has put together a webinar to help you resolve the issues that lead to insecure software. You can sign up at
Common sense on software
Colin Walls, of Mentor Graphics, is always a good resource for a common sense view of things. Two recent pieces are particularly interesting. For embedded Computing Design, he wrote Understand why you got (or didn't get) the RTOS business
 
In brief, a company captured an order for an RTOS, even though they were more expensive than their competitor.
 
Why? Because they realised, and said, that some parts of the requirements document were impossible. The purchasers had laid a trap in the requirements and the lower bidding company fell into it.
 
We would argue that the message here is that you should go with suppliers who go that extra yard to understand the problem you are trying to solve and match that with appropriate products, or send you elsewhere if they don't have an appropriate product
A second article, The value of software
(https://www10.edacafe.com/blogs/embeddedsoftware/2017/08/15/the-value-of-software/ ) looks at arguments over whether commercial software developers are ripping off their customers. Colin's view is that, in general, they are not and that customers, whether consumers or commercial organisations should think carefully about whether they should spend little/nothing, spend a lot, or break the law.
Security
Alan Grau of Icon Labs has written a long piece What's the difference Between Device Hardening and Security Appliances?
 (http://www.eedesignnewseurope.com/news/whats-difference-between-device-hardening-and-security-appliances? ) It is a look at the security requirements for IoT systems and how these can be met.
Forthcoming events
AESIN


HIS



IoTSF
Well – possibly the longest Newsletter we have ever written, and we still have still more material on the stack. In the next few weeks we will be making an announcement about an exciting new service that we have been working on for some time and which will be valuable to developers of systems meeting stringent standards. Watch this
space
Forward this email
Forward
 
Tel: 0808 1800 358Email usVisit us online
PhaedruS SystemS Ltd, 96 Brambling, Tamworth, Staffs, B77 5PG, UK
Registered in England with Company Number 04120771
learn more about  newzapp email marketing This message was sent to info@phaedsys.com by PhaedruS SystemS Ltd using newzapp email marketing. Follow this link to .