These are my own personal views and not those of my company Phaedrus Systems see www.phaedsys.com which is where the full version of this column, with links etc, resides under the Documents tab.

 

Well it seems like 2008/9 was a fast receding bad dream, well almost, there is the occasional flashback.  Some events and shows are still down but most seem to be back to 2007 levels and the industry seems to be moving again and projects starting or at least the breaks coming off.

 

Actually it has got to an interesting dilemma for some. I understand that some silicon companies have full order book to the end of the year; unless they [re-] open their mothballed Fabs… which is an expensive decision in either direction.

 

It has got so bad that people are actually counterfeiting MCU chips!  Spakrfun in the US managed to buy a whole reel of fake Atmel AVRs from a Far East supplier and it appears from other comments it appears this is not an isolated incident. So as I have said so many times before use trusted suppliers and if it seems too good to be true it probably is. Nothing is free in this life.

 

Another story came my way that highlights some of the problems enforcing software licenses. In the case mentioned in the item  The author of the SW has said: “All current development of AKRip has been discontinued due to increasing amounts of license violations.“  This was for some LGPL code. So it seems that whilst many are using GPL code they are not adhering to the GPL License terms. For some it is simply because the “know” Open source is “free” and like everyone else does not bother to read the License. (I mean how many of you have read the EULA for the SW on the machine you are using now?)  However I think many cases are intentional and not a simple misunderstanding.

 

There has been enough about the GPL V2/V3 licences in the technical press for no one to claim ignorance, even without the license that comes with the SW.   If you want to use SW you must abide by the licence.  How much the stricter enforcement of the GPL license(s) will affect use of Open Source in the market remains to be seen.  For many commercial users the GPL can be more restrictive than most commercial licenses.

 

 Whilst on about dubious activities: I came across a story about hacking automotive systems.  Well this has been going on for a while (eg “chipping”) but the concern now is that with so many networks in a car it is possible to change most parameters in a car system, and with rf links, from outside the vehicle. There are many proposals for signalling to and from vehicles around.  We are getting into science fiction territory but every time some one says that It becomes science fact and a commercial reality six months later…

 

I lost the link I was going to refer to and when I looked for it on line the amount of hits I got is worrying. Not just for automotive hacks and security holes but factories and plant in general. 

 

The problem is that at one time viruses and hacking was on large mainframes and any networking was by telephone lines and some leased lines. Then things moved to PC’s, which whilst time consuming usually did not have any physical effect in the real world.  In those days embedded systems were immune as they were black boxes, running bespoke systems that whilst they did physical things in the real world were not usually networked to any thing else.

 

Now large numbers of embedded systems are now networked, or at least have communications to the outside world. They have standard interfaces such as TCP/IP, USB and CAN bus.  This makes it far easier to get a connection and start hacking, often from somewhere remote, into the equipment.  So not only do embedded Engineers need to work on reliability and safety but security too.

 

When ISO started the WG23 Vulnerabilities panel some years ago to look into Language Vulnerabilities the US was focusing on “security”, largely because post 9/11 funding was easier for anything with the word “security” in it, and the rest of the world was looking at it more from the safety and reliability angle. Now whilst there is a huge overlap there are some differences.  One is more a case of: anything that could go wrong will do, by chance. The other is: If can some one intentionally exploit a weakness they will do. We are not just talking buffer overflow. 

 

Now more than ever it is time start proper software engineering. Testing inputs and returns, range checking and assume not only “if it can go wrong it will” but that some one might intentionally try and exploit weaknesses.

 

There was a bit of a scare along these lines recently when it became public that Google whilst taking the photos for it’s street level mapping had also been picking up wi-fi. They had said that they were picking up SSID’s and MAC addresses but no data. Now it transpires that they had been picking up data from unprotected networks.

 

I can not understand why this was even a story. Surely everyone by now uses strong encryption does not broadcast an SSID, if they don’t need to, and turns off their wifi when not in use?  Last year I suggested that offices should set their wi-fi to switch off outside office hours and home users should turn off when everyone is at work  and do not use DHCP but manual addressing with strict MAC binding.

 

Going back to the point on doing it right I see Jack Gansels column for EE times looks at peoples favourite tools…  It is worth musing over that after the compiler comes the debugger then the osiloscope, IDE, JTAG, Logic analiser and ICE. Right at the bottom of the list is SW testing tools, UML/graphic design tools and static analysers.  This is frightening!!   The favourite tools are the “bug hunters” not the tools that stop the problems before they become bugs.

 

UML tools usually have rule checkers in them to prove the design.  Static analysers remove many problems before compiling.   SW testing tools usually unit and system testers can also prove the system. If used properly they can isolate any problems very quickly. Especially if most of the problems have been removed by “running” the UML (or other) models and running good static analysis.

 

I must admit I have a soft spot for ICE or Emulators  (less so for the restricted JTAG/BDM debuggers) as in many cases you can use them with unit and system test tools and often stand alone with their own (usually C like) control language to test in real time on the hardware.

 

If we are going to build software with an eye on security as well as reliability and safety then we need to build it correctly and not just throw it together and then bug hunt and hope we are better at it than lady luck and “the enemy”.

 

This does point back to the many times I have written about licensing software and embedded engineers to show proficiency. “licensed Engineers” September 2003 Standards Who cares?  June 2004 and several times since.

 

I note that when the US  FDA’s Center for Devices and Radiological Health (CDRH) reported that in 2006, 21% of all medical device recalls were for software defects – it is also estimated that one-in-three software-based products is recalled see http://www.embeddedforecast.com/emf-briefs.php

 

Apparently now a bill now before the USA Senate  by Senators Edward Kennedy and Chuck Grassley  that would require senior officers or directors of drug and medical device companies to certify under penalty of perjury that all information submitted for a products approval is accurate and in compliance with federal regulations. Product applications later found to have contained false or misleading information would be subject to stiff fines (up to $5,000,000), assessed both to companies and their senior officers, who, in addition, could face jail  sentences of up to 20 years.

 

Well that looks very similar to the UK Corporate Manslaughter Act that came into force two years ago that requires a duty of care  by a company to make sure things are done properly and imposes fines and gaol sentences on directors and senior managers. This is for any Manslaughter as opposed to a Murder.  So unlike the US Bill that is for medical software the UK one applies to any involuntary death. So should for example a death caused by a car accelerating or failing to stop due to software the manufacturers, as in individual directors, could be put in court and imprisoned for Manslaughter, rather than a fine for the company.

 

It is high time that software engineering grew up and started Engineering properly and not playing about like a lot of undergraduates.   Software directly affects far too many lives in significant and important ways not to get it right.

 

Finally I was going to let you know have the “Power Point Ban” went at a recent UK conference…  Well most presenters did use power point. It is impossible to quickly draw, clearly enough, many of the diagrams and charts that people needed to do. So it is not power point (or the predecessor the View-foil for OHP) that is the problem. It is just a tool. The problem is those who put in the “usual corporate slides” or the marketing or product pitches thinly disguised as a technical presentation.  It is up to the delegates to vote LOUDLY with your feet, attendance and emails to the organisers to stop this and get things changed much as it is up to the event organisers.

 

Next month I intend to have a round up of where we are for ISO C, C++, 61508, the 26262 [Draft] and the MISRA standards. All of them seem to be on the move somewhat at the moment.

 

 

As usual any comments, money, praise or death threats to chills@phaedsys.com

 

 

Author Details and contact

 

Eur Ing Chris Hills BSc CEng MIET MBCS MIEEE  FRGS   FRSA is a Technical Specialist and can be reached at This Contact

 

Copyright Chris A Hills  2003 -2008
The right of Chris A Hills to be identified as the author of this work has been asserted by him in accordance with the Copyright, Designs and Patents Act 1988