Software Development

Discover how SSL/TLS fortifies embedded devices against modern security threats in our latest ECN magazine article. Stay protected.

Software developers love writing new code. There’s something thrilling and exciting about designing creative, efficient solutions to new problems. Given the chance, many would rather write something new than reuse existing code, but despite what developers want, rewriting an entire codebase is not always good for business. At the other end of the spectrum, most... View Article

Cardinal Peak is currently developing an embedded product for a customer whose business is innovative lighting products. We have chosen to base the embedded system on Linux because it includes a wealth of infrastructure, it is open source and royalty free, and we have substantial experience with it. The embedded system is configured with an... View Article

I’ve got a new blog post up at EE Times, talking about how to architect the network communications protocols for Internet-of-Things devices: Crafting a communications software stack tailored to the needs of your Internet of Things design is crucial — and not necessarily easy, given that options are continually evolving. Read the whole thing here.

I recently read this article by John Carbone about using UDP in embedded systems. The advice in the article is accurate, but there are some other issues to consider when designing UDP based protocols in embedded systems that Carbone did not address. I wanted to tackle them here. First and foremost: UDP datagrams are trivial... View Article

Harness Joy’s Law: Collaborate with diverse thinkers for innovative engineering solutions. Engage Cardinal Peak for expert consulting on your design challenges.

Hash-based message authentication code, or HMAC, is an important building block for proving that data transmitted between the components of a system has not been tampered with. It is a widely used cryptographic technology. I recently came across its use in an RFID system.

Out of the box, Chromecast has no idea who I am, or what my available content is. In a few simple steps I'm up and running with my content. I didn't even enter my username and password! How did Google do that? The answer involves a protocol called oAuth.

Attacks that are initially restricted to the realm of esoteric, government-backed spooks become accessible over time to run-of-the-mill cybercriminals. Take, for example, the Linux.Darlloz worm, which attacks embedded devices and is interesting for a couple of reasons. First, it propagates by exploiting a vulnerability that was patched in May 2012. But the firmware images on many embedded devices are much older than that. The second reason I find it particularly interesting is it targets PHP, a scripting language largely used for web development.

One of my partners pointed this Slate article out to me about healthcare.gov. It is clear at this point that there have been a ton of embarrassing problems with the rollout of this site. I don’t want to get into the politics of health care, but I do find it interesting to look at what... View Article

A simple way to avoid mutex-locking issues is to not use mutexes. This post describes a simple technique for passing objects between threads in a thread-safe manner without mutexes, which makes the entire class of possible mutex-related errors impossible to implement!

CRC stands for Cyclic Redundancy Check — an error-detecting code used to determine if a block of data has been corrupted. The mathematics behind CRCs may initially appear daunting, but don’t have to be. Our engineer presents an alternative explanation useful to the software implementor of CRCs.