Phaedsys Banner
Cost effective Safety Critical and High Reliability Embedded Systems Tools
| Analysis tools | Flora and Gareth on safer code|  FreeRTOS turns 15  |
  | IoT security an oxymoron |  Free BARR-C:2018 | how to hack embedded systems |
 
Visit us online
imageWell we are now in Meteorological Autumn and the summer is over. 
 
The Trade shows and conferences re start and people make announcements.  We have a couple.  
 
We are now the UK distributor for AbsInt, high end code analysis tools.  
 
Razorcat  have a new version of Tessy Unit test tool and Percepio have a new version of Tracealyzer. 
 
Barr has a new embedded C standard for Free! 

We are at the What's New in Electronics show and Embedded Live conference at the NEC
 
So it is a busy and interesting autumn.
PhaedruS SystemS
AbsInt Code analysis tools in the UK
image
imageWe are now working with AbsInt to distribute their code validation tools in the UK, The suite comprising a Rule checker, Stack Analyser, Time weaver, Timing Profiler, Value Analyser, Runtime Analyser and worst case time analyser. Also a mathematically verified compiler front end can ensure the robustness and correct execution of C and C++ source code for critical systems.  
 
See the AbsInt range of code analysis, rule checkers, stack, timing and worse case timing tools here.
http://www.phaedsys.com/principals/absint/index.html
 
Far sighted Flora
image
imageFlora has had some real problems with the planned CoreSight configuration article (postponed till later). However she has revisited something that is often overlooked and almost universally under-rated - JTAG memory access.
 
It sounds a bit boring (read memory, write memory, rinse, and repeat) but read this tutorial to uncover some clever things that have been overlaid on top of this.  
 
 
Tessy is now at V4 with Fault injection, test scripts, code metrics
image
imageFault injection is a proven method for subjecting the software especially of safety-critical applications to documented tests. For a proven 100% statement coverage, error situations can now be tested completely automatically in TESSY 4.1 with the help of the "Fault Injection" function without changing the source code. 
 
Fault injections are created based on unreached branches of the function flow graph. In regression testing, fault injections are automatically placed in the correct location in the source code even after code changes.

 
Bruce Schneier will kill the world with one button
image
imageGareth  Greenwood, our security blogger,  was intrigued by the new book by Bruce Schneier  entitled "Press here to Kill everyone", about security or usually the lack of it on connected devices and has mused on the current situation that you may not even know that an unsafe device was connected to your system.  

Your network is probably less than 6 degrees of separation from an open port a hacker is connected to. … http://www.phaedsys.com/library/blog/016GG03.html
Tracealyzer at V4  
image
imagePercepio have upgraded their Tracealyzer over the summer to  V4.2!!

Tracealyzer version 4.2 features a completely rewritten main trace view, and adds support for, among other things, Wittenstein SafeRTOS and tracing via ST-LINK debug probes.
Tz  V4.2also brings official support for running on Linux, so embedded developers using Linux hosts are now able to upgrade to the new generation of Tracealyzer features.
 
Click here to read more
Percepio FREE for Universities
image
Universities and collages interested in applying for a free Tracealyzer site license should send a mail to mailto:mailto@info@phaedsys.com?subject=percepio-academic-support including basic information such as name of school or institution, size of computer lab(s), and a short description of how they intend to use Tracealyzer in their courses. Detailed instructions can be found on the Tracealyzer licensing page.

Tracealyzer has been used in all sorts of student projects, from space vehicles (Luleå University of Technology, Sweden) and electric race cars (OTH Amberg-Weide, Germany) to AWS-connected sensor networks (BITS, Pilani, India – our most recent sponsorship at the time of writing). All in all, Percepio has supported more than 200 schools and students all over the world with Tracealyzer licenses; a selection of schools is currently listed on Percepio's Partners page.
Free RTOS Turns 15
image
imageFreeRTOS has grown up and for many  seems like it was here all along. 
 
However there are two versions of FreeRTOS:
 
The Original one which is now owned by AWS (Amazon)  https://aws.amazon.com/freertos/   Written by Richard Barry.
 
The other is OPENRTOS® or SAFERTOS®.  https://www.highintegritysystems.com/embedded-rtos-for-iot/  From Wittenstein where Richard was Head of Innovation for nearly 2 decades
 
So far the two streams have been in lockstep

I enquired of both Richard Barry  (FreeRTOS/AWS) and  Andrew Longhurst  (Wittenstein) as to if the FreeRTOS and Open RTOS would stay in step as previously. The answer from both was "Yes" though AWS has added additional libraries and Wittenstein do a Safety Critical version.   Percepio support both with Tracealyzer and are AWS partners.  
BARR-C:2018  Embedded C coding Standard
image
imageThe Barr Group have issued the 2018 version of BARR-C. This one references MISRA-C:2012 Rev1 so there are no incompatibilities between BARR-C:2018 and MISRA-C:2012 Rev 1.
 
MISRA-C:2012:Rev1? It is MISRA-C:2012 with all the current amendments and addendums rolled in to one document  rather than all the add on PDF's on the MISRA web site. It will be published shortly.

That said BARR-C treads where MISRA-C fears to go: code style. There are rules on code layout and style. Whilst none of the rules are wrong some might argue that particular style is not right for them. 

BARR-C is pdf on FREE DOWNLOAD from here
What's New in Electronics?
image

Several studies have pointed out that in the computing & electronics industries 80+% of the things you will work on, or with, during your career will not have been invented before you leave university.  
If you think you don't need trade shows  read this 

Also the article on page 16 from this magazine https://www.kitplus.com/magazine/ from another high-tech industry  (essential if you are in media electronics)  the sentiments are similar. 
 
Despite how much is on the 'net even with videos you can't beat a face to face meeting like WNIE.
 
You will see things you were not looking for, that you didn't know existed.  You will get conversations you won't get on web forums, a day at a trade show is worth (at least) two in the office.
IOT Security Hackers Course
image
imageAfter The Blog before the summer on IoT Security , or rather the severe lack of security in most consumer IoT devices  Rob from  www.hardware-hacking.co.uk      called to say  "we have a course scheduled for 20/21 Sept in Central London"  It seems  CSS Ltd designed and written and IoT Pen Testing/Hacking/Security course from scratch to address many of the issues raised in the article. The course is 2 days very practical, although some theory is inevitable given the subject matter. Apparently "no soldering skills are needed!"  
 
The course demonstrates a methodology for evaluating new IoT projects from a pen testing perspective, Techniques for determining potential susceptible interfaces. Students actively, in labs, using logic analysers capture data from UART,SPI,I2C etc and decode the signals. The joys of leaving boot loaders interruptible and techniques forcing the loader to drop to prompts is covered in detail. How to  access &  manipulate values in RAM to effect code execution resulting in root access without knowing the password, flash memory extraction and use of basic tools such as flashrom, hex editors, strings etc are explored and finally we look at mitigation strategies to reduce the attack surface and remove the device from the low hanging fruit category. The final test is to deface the LCD in as may ways as you can discover, some are harder than others. email info@hardware-hacking.co.uk for more information
image
imageAs you can see we were busy over the summer and we have more to tell you over the Autumn  Don't forget that whilst there are only 97 actual days to Christmas there are 99 Internet  shopping days.  See https://days.to/christmas/2018  to annoy the hell out of your colleagues. 
 
As always we can do a gift wrapped Worst Case Timing Analyser for your loved ones. Though that may be asking for trouble….
Forward this email
Forward
 
Tel: 0808 1800 358Email usVisit us online
PhaedruS SystemS Ltd, 96 Brambling, Tamworth, Staffs, B77 5PG, UK
Registered in England with Company Number 04120771
learn more about  newzapp email marketing This message was sent to chrisg5@phaedsys.com by PhaedruS SystemS Ltd using newzapp email marketing. Follow this link to .