Software security assurance for embedded software is a big challenge. This article on embedded systems and automobile security summarizes it nicely: White hats are increasingly looking beyond PCs and data centres for security vulnerabilities that have plagued the computer industry for decades and focusing on products like cars, medical devices and electricity meters that run on tiny computers embedded in those products. For embedded software teams to become the target of hackers is a big change. While website owners and developers of cloud applications or PC software are used to all this attention from hackers,Read More »
Over the past few years I’ve talked to a number of customers in the embedded software and medical devices industries, and I continue to see a significant number of these organizations either moving to, or planning on moving to agile development processes. With all of the inherent challenges for agile in these organizations such as standards/regulatory compliance, hardware changes and integration, security issues, etc. I must say that I’m a little shocked that customers are moving away from their current processes towards something like agile. Add to this the fact that the Agile Manifesto specificallyRead More »
Continuing the discussion about the embedded community moving to muticore/hetrogeneous hardware from watch out here comes multicore, embedded software development teams have historically been shielded from mulitcore issues. This is due to the specialized functionality of many embedded application classes and the inherent serialized nature of the C language. Muticore is an ambiguous term for software developers and one they don’t really use; software developers think in terms of threads/processes and concurrency, not how many cores or processors are available on the target. Concurrency is not a new topic either as Mark Smotherman captured in a history of multithreading, it has been aRead More »
Just wrapped up a successful 2 day Embedded System Engineering conference in Stuttgart, Germany. This “all-German” show had just shy of 600 attendees, as well as about 60 individuals (representing the 20 or so companies exhibiting), so this was considered very good by the show organizers (who by the way did a fantastic job… the food here, for example, was as good as I’ve ever seen for such an event). The Klocwork booth was shared with our good friends at Emenda, and we had a choice spot that allowed a good flow of people. WeRead More »
In a previous posts I reviewed the Top 5 C/C++ and Top 5 C# quality bugs that I that I see time and time again looking at customer code. I wrote my Java Top 5 with an embedded programming focus and the folks at www.embedded.com decided to publish it on their site. Here’s a snippet below and the full Top 5 Java bugs article can be found here. While C dominates as the programming language of choice for embedded development, the use of Java is definitely on the rise. In fact, according to a recentRead More »
Overall a good show at ESC. Always well run and put together. In terms of vendors we had some great discussions especially with Electric Cloud. We managed to see a great demo of ElectricInsight. ElectricInsight is very visual giving you an incredible view of the structure of a software build. Not only a tool to help you visualize the impact of adding nodes to ElectricAccelerator cluster but it helps with diagnosing your build problems in seconds. Really cool dependency analysis with a click of a button. In the end there is no doubt the economyRead More »
Good first day at ESC Boston2009. Gwyn and Alen presented a well attended talk on using source code analysis (SCA) to improve developer productivity. Key takeaways from the presentation: How SCA will impact your development velocity Quick history on SCA – talked about lint and the general evolution of the technology How the information generated by static code analysis can be used to solve a variety of development challenge Demo of where SCA fits from a code review, refactoring and bug detection standpoint Interesting change from past presentations where most people now understand the basicsRead More »
When you need to find and fix bugs fast, a powerful debugger like TotalView is a real asset and now, you have the opportunity to help make TotalView even better...
Knowing the component parts of a bug helps solve them smartly and efficiently. Read on for part two of how to be a better debugger...
Take a look back at our series of unique, interactive, and practical webinars which brings you up to date on the latest application security trends and up to speed on...