Home

LOCKING DOWN IoT EDGE PROCESSORS

Contents

1. Bluetooth 9 lt SILICON _ Microcontroller based FPGAs hit the mark By Ted Marena FPGA vendors have been purposely pushing a growing divide in FPGA architectures The main suppliers have gravitated to either SoC FPGAs with high performance application proces sors or offer low end FPGAs with no processor Applications such as server farms and high performance computing require ever growing increases in per formance To address this many SoC JTAG I O SPI I O Instruction System Controller ee AES256 SHA256 SRA PUF ECC NRPG In Application Programming Flash Freeze OSCS Figure 1 10 FPGAs are incorporating ARM A class application processors which are well suited for those applications The reality for a multitude of other applications is that these processors are more than what is required A class SoC FPGAs are often too expensive require too much software support burden because of the required operating system and feature higher power consumption Additionally EEE akmeo MicroController E Cortex m3 Subsystem MSS i AHB Bus Matrix ABM t WDT TSE MAC APB FPGA Fabric Motor Control IP Suite Block diagram of a multi axis motor control design the raw compute performance is often not required On the other end of the spectrum low end FPGAs with no hard microcon troller or processor can be limiting for numerous designs Low end FPGAs only offer
2. 1 Statement coverage SC How many statements of a program have been exercised 2 Decision coverage DC How many branches of a decision have been exercised this is actually a super set of statement coverage since for all branches of all deci sions to be covered all statements must also be covered 3 Modified condition decision cov erage MC DC This builds on decision coverage by making sure each of the sub conditions of a com plex decision is independently exer cised in both its true and false states These metrics have been widely recog nized as ways to measure the thorough ness of testing In particular industries such as automotive avionic and indus trial software have embraced these met rics in their software safety standards Higher criticality requires more thorough testing Notably these software safety stan dards do not mandate using state ment decision and MC DC coverage uniformly on all projects Instead each of the major industry software safety standards recommends using different levels of structural coverage depending on how critical the code is although the level of criticality is often determined in an industry specific way For instance DO 178C the software safety stan dard for the avionics industry uses the concept of software safety levels and mandates different levels of structural coverage analysis for each IEC 61508 a general industrial software safety standard defin
3. PMOD compatible interface 3 USB Micro A B Accelerometer Gyrometer amp mo m Temperature sensor Arduino compatible interface Analog Arduino compatible interface Power M2S010S SmartFusion2 secure SoC RN4020 Bluetooth Low Energy module Reset switch Bi filament user LEDs red green amber connector switches MAX20022 Power Management IC Figure 2 The motor control algorithm is not the only required function Often one or more communications interface and control I Os are required for a complete motor control design These interfaces are not high performance oriented and are ideal for a microcontroller such as the Cortex M3 to implement The com munication interfaces could be CAN bus SPI UART or other control buses Adding data security to a design The addition of data security requires a certificate and key exchange as well as implementing encryption and decryption algorithms on the data There are multiple data security hand shake exchanges and support for mul tiple formats is often required The exchange handshake is typically not time critical but each exchange algo rithm has different strings that need to be parsed various verification proto cols and multiple rounds of certificate checking With all of these procedures and the lack of time criticality it is ideal to implement the certificate and
4. Testing should rise from requirements Another commonality across industries in software safety stan dards is the belief that tests should emerge from requirements Software requirements should determine the desired inputs and outputs of a test If they don t the tests can become a parallel set of requirements and this leads to confusion and software errors Structural coverage cannot replace require ments as the basis of testing since coverage metrics cannot dictate how code should behave only that it be reachable during execution and given the abilities of debuggers reach able during execution can be a flexible concept Although complementary testing the effectiveness of exe cuting code and testing the completeness of requirements are two different things Test effectiveness as measured in structural coverage analysis looks at what parts of the code are exercised Test completeness which is sometimes called requirements coverage looks at whether or not the code has been tested for proper behavior for all requirements If a software program is built according to its requirements and if it contains no code unrelated to its requirements then Graph View Options Select Webote Links Help BB BE BB BE 44 49 wa Tunien Data GData ae a O 0 0 0 0 0 0 0 0 0 0 0 606 lt 060000 MO Branch Decision Covered Partial Branch Decision Coverage MJ Branch Decision not Covered FO
5. Program Options from that menu and then check the box that says Enable Low Voltage Programming This may already be checked but just highlight it anyway and click Apply Hit OK Hello World You re ready to roll and can start by run ning a basic Hello World program just to make sure everything is working properly on the board From the top nav igation menu go to Tools gt Embedded gt MPLAB Code Configurator Several windows will populate to the right of the Projects section with project and device resources a pin manager and a main dashboard The first thing you ll want to do is make sure that low voltage program ming is also enabled on the MCU and to do this just select System Module from the Project Resources window navigate to the Registers tab that appears in the main dashboard scroll down to Register CONFIG2 and change the LVP field from High voltage on MCLR VPP must be used for programming to Low voltage programming enabled LEDs s1 D4 D7 a RN4020 Bluetooth Module Footprint Potentiometer POT1 Now add a GPIO from the Device Resources window viewable under your project resources by finding GPIO GPIO and double clicking it This will add a GPIO to your project and open the Pin Manager window on the far right Open up the port for LED D7 that will run Hello World by closing the lock icon on the PIC16F1619 s RC5
6. Infineon and Trusted Computing Group Stefan Thom Microsoft and Trusted Computing Group Download the Embedded Computing Design app iTunes itun es iS67MQ Magzter opsy st ecd magzter 4 Embedded Computing Design November 2015 RESEARCH REVIEW An indusiry university development tools collaboration By Monique DeVoe Managing Editor Development tools are important in all stages of the embedded design process and research is no exception Limited bud gets can create extra challenges for universities and the lack of inexpensive but high quality tools is a challenge faced by many researchers including Dr Luciano Ost University of Leicester http le ac uk Lecturer Embedded Systems and Communications Research Group The lack of electronic design automation EDA tools combining model flexibility and fast and accurate evaluation of perfor mance power and reliability is one of the major challenges cur rently faced by embedded researchers Ost says adding that even expensive commercially available tools don t often meet modeling and simulation needs for emerging technologies Free open source tools especially those available to the research community can be highly beneficial for students learning the embedded ropes and for researchers looking to advance the field When companies and universities work together to share tools and knowledge in an open source format good things can happe
7. November 2015 to Curiosity and LED D7 will be statically lit in a matter of seconds PWM control With confidence that Curiosity s hard ware and all of your software are working correctly you can now move forward with building the PWM You ll be able to see the PWM in action by pulsating LED D6 in conjunction with the PWM s timer period so it s time to get configuring In the Device Resources window which should be located in the lower left of the MPLAB X interface add the PWM3 peripheral to your project by double clicking This will automatically add the Timer 2 TMR2 peripheral to your project as well Now that the appropriate resources have been added to your project you ll want to make sure that PWM3 is using TMR2 as the clock source It should default to TMR2 but just to be sure select PWM3 from the Project Resources window and under the Easy Setup tab make sure that the Enable PWM checkbox is marked and that Timer2 is populated in the Select a Timer field We won t need to adjust anything else in the PWM peripheral for our purposes so just leave all the values at their default settings At this point toggle over to the TMR2 peripheral under Project Resources where you ll be able to manipulate the clock and timer settings that will govern our PWM Make sure that the Enable Timer checkbox is ticked Since the PIC16F1619 system clock defaults to FOSC the system clock and oscillator
8. but for extra security some designers prefer to use a Separate discrete Watchdog component The challenge faced by embedded software developers is deciding when to notify the Watchdog that the system is still functional This is more complicated when using a pre emptive RTOS as the soft ware is broken down into individual Tasks operating independently Now the designer needs to consider carefully what constitutes a working system Basic Watchdog protection In a basic system the designer may choose to have a periodic Task that simply notifies the Watchdog at the required frequency In this scenario the system remains available providing the Task that refreshes the Watchdog operates at the correct frequency A complete systems crash or a failure within the Task notifying the Watchdog would cause the Watchdog to expire placing the system into a safe state However if the system fails ina way whereby the Task that notifies the Watchdog remains operational but other mis sion critical Tasks fail to operate the Watchdog would not place the system into a Safe state Improving robustness An improvement to this simple system would be to notify the Watchdog that the system is OK only if all Tasks have been active during the last Watchdog refresh time period In this case Tasks would register with a Monitor Task so that each time a Task runs it informs the Monitor Task When triggered the Monitor Task will check that al
9. software products to prevent tampering and theft of valuable IP 8 Gemalto s Sentinel Envelope part of the Sentinel LDK provides an encryption wrapper around embedded New approaches to feature monetization should provide mechanisms for protecting IP from piracy as well as entitlement management that opens new revenue streams for lol developers to executables data link libraries DLLs and other software data files so they can only be decrypted by authorized parties Figure 3 Hardware based encryption technologies such as AppOnChip can also be utilized for applica tions that require authenti cation via hardware tokens Once software IP is secure developers are able deploy software features to target devices with confidence enabled by the Entitlement Management System EMS built into the Sentinel LDK A web based solution built on an SAP backend the Embedded Computing Design November 2015 Topology of Monetization of Features using Remote Activation Customer re wi een Order Entry PPE PIOUS t LabVIEW TAR one ot re pF Cloud hosted Customer Third Party Hosted q Management At your office or an ERP CRM ai i j Sentinel EMS n AS Entitlement Management System Your Employee E a i f Licensing H e 7 z i Reporting Embedded Application Ses n SS Usage _ National Instruments LabVIEW application With control and man agement tech
10. which has its own identity If the TPM manufacturer makes an update to that code and provides an updated firmware to the TPM the question is do have to change the identity of this chip or not Is it still the same chip Yes it is but it does something else So the user of the product probably needs to get some notification that says there was a software update done to your device and the device may be better suited to run in the future because it was a worthy software update but it also could have been an attack If somebody managed to flash bad firmware into a TPM that voided all security then most certainly want to know about it Since TPMs have the same problem and pretty much any single chip loT solution has the same issue on a chip level how do we factor code into this on the lowest level So we essentially condensed the capability of the TPM down to the absolute bare minimum and that s a specification that we re writing right now called RTM or roots of trust for measurement that puts guide lines down for how identity is supposed to be done at a chip level and how immutable boot code is supposed to be done We are working with software manufacturers and MCU manufacturers today to build prototypes of chips like this The main drivers behind this undertaking are Microsoft and Google because we both have the same need of being able to interface with those chips and establish identities of those chips and what firmware is
11. GPIO pin that controls that LED From here select GPIO Module in the Project Resources window so we can configure LED D7 to illuminate when the application code is generated and flashed to Curiosity When you have that selected RC5 configuration options will appear in the PinManagerPaneViewer in the center dashboard and here you will want to check the box labeled Output as we re going to be outputting to LED D7 as well as the Start High box to indicate that the pin should start run ning on high Figure 1 Now hit Generate at the top of the main dashboard to generate the Hello World code A popup will appear advising you that MCC hasn t detected a main c file and ask if you would like to generate one Click Yes then hit the Make and Program Device button code box with downward arrow in the MPLAB X top toolbar The code will load 17 Embedded Agile Development Tools flats 4 _ CoE Projects CP firms Cisse af Services Figure 2 18 lt lt Res ounces T CAT CETEL 1 ELLELE m aF Package POP20 Beversve Pon Order mae ee aa aa Q search for modules Dingin MPLABS Code Conligarane Musber of files to be generated amp Checking for drwy T files in sedule Paro Code for Ped wae autcesafully generated Checking for drw files in module THERZ Code for THAI was successfully generated Code for System wad
12. Procesing File CALDRA Workarea C pp unr lighting wien trek po funnel laghting iym gih Processing bile Completed Lineruting URA embed bo pan Dynami Anahata for Cpp mine yhty gain Lamit comprised Code Coverage Stared Cpp tunnel lighting Wolem Code Coverage Completed External Practis Log Wirdoer Percentage Percentage Change Success Limit Failed oF LDRA s TBvision code coverage results are displayed inline with system file function name to give a detailed overview of which aspects of the system meet the expected code coverage levels or metrics Embedded Computing Design November 2015 approach is dangerous since software testing has the potential to become an endless undertaking Glennford Myers demonstrated this in 1976 in his book Software Reliability Principles and Practices when he showed that a 100 line program could have as many as 1 018 unique paths In the modern software development world software can grow as large as millions of lines of code This makes completely exhaus tive testing infeasible In addition it is often not just the soft ware development team that needs to be satisfied with the level of testing Customers may ask for evidence that the code was properly tested and regulatory authorities for safety critical industries such as avionics automotive and medical fields will want proof that there was sufficient checking for defects Therefore it is necessary to define a way o
13. ability to develop code against a TPM even though it is not secure So Microsoft is shipping a software TPM that has no security assur ances whatsoever but it provides all the mechanics and the inter faces to actually execute code and commands on the TPM itself So with the software you can bring up on this really really cheap board you can develop code based on this platform and then when you productize it you can take the same code and put it on a platform that has a secure version of a TPM or put a discrete TPM on the Raspberry Pi and then work with that The implementation at the bottom may change but since the interfaces are the same you don t have to make a dependency in your code development or go back to the drawing board with your code development because the interfaces are all thesame HANNA It s really important for loT in particular that we have this standardized interface in a variety of different implementations at different security and cost levels because that reflects the diversity of loT loT is not just the home it s also the smart factory it s also transportation and self driving cars and all these different application areas each one of which has a different level of security that may be needed Even within the home the level of security you need in a light bulb versus a front door lock is probably different But if you can have the same APIs the same interfaces and the same software run ning on all of those
14. and trademarks within Embedded Computing Design magazine are the Rosemary Kristoff President Headquarters ARIZONA rkristoff opensystemsmedia com 16626 E Avenue of the Fountains Ste 201 property of their respective owners iPad is a trademark of Apple Inc registered in the U S and other countries App Store is a service mark of Apple Inc ISSN Print 1542 6408 Online 1542 6459 John McHale Executive Vice President Fountain Hills AZ 85268 jmchale opensystemsmedia com Tel 480 967 5581 MICHIGAN 30233 Jefferson St Clair Shores MI 48082 Tel 586 415 6500 Rich Nass Executive Vice President rnass opensystemsmedia com ENVIROINK The inks used to print the body of this publication contain a minimum of 20 by weight renewable resources 6 Embedded Computing Design November 2015 A recent InfoWorld article proclaims The Internet of Things is not paying the rent In it Adobe s VP of Mobile Matt Asay cites data from VisionMobile and McKinsey amp Co to point out that less than 10 percent of loT developers are making enough to support a reasonably sized team and that developers need to get real about what they re selling and to whom which orobably involves a dull enterprise facing business This begs the question how do you make money in the loT In a column last year on hardware commoditization discussed the idea of loT as a Service wherein Internet of Things co
15. caller can essentially establish a trusted connection because the chip would do exactly the same thing it would be a shared derivation And now we have a shared secret on both sides that can be used to communicate with that chip If that chip is replaced or if the firmware is changed the chip will no longer belong to that key and therefore if attack your hardware or attempt to flash something malicious into your chip the key that know is good that use to talk to you no longer works for the other side can reestablish the connection and have to go through the attestation step again but at the end of the day have a secure channel into my piece of hardware That s the foundation for all of this What we have identified especially in the loT world is that if we use a generic operating system like Windows and Linux to build say a furnace we ll have many GPIO pins And let s imagine that there is a fuel control valve and there s an igniter If leave the policy of how these are supposed to interact with the dynamic operating system then an attacker of the operating system can monkey in between the fuel control valve or igniter and the operating system and unhinge the policy And if the policy a 4 10 2 5 Vi fe EMBEDDED Xo LUTIONS AS L A A hnalaai mt Technologic TT a in gt DESIGN YOUR SOLUTION TODAY CALL 480 837 5200 www embeddedARM com M TS 7250 V2 Single Board Computer Extensibl
16. can be changed by selecting the System Module under Project Resources leave the TMR2 clock source at FOSC 4 What you do want to modify though in order to observe the PWM function operating on LED D are the prescaler and postscaler ratios which help define the ratio of timer overflows to pulses These ratios along with other timer settings and clock configurations will obviously vary based on the control application but for the purposes of this build just max them out to 1 128 and 1 16 respectively in order to maximize the timer period so that the PWM pulses can be observed on the Curiosity board with the naked eye www embedded computing com In the Timer Period field enter a value of 4 s to push the timer period up further and leave everything else at its default setting This will give us a PWM period of roughly 260 ms on the high side for many control applications but you get the idea Figure 2 Back in the Pin Manager view on the right you will now notice that several resources have been added among them the PWM3 and TMR2 To enable the PWM we ll need to open up the RA2 pin by clicking the PMW3 lock there You don t need to link TMR2 since the PMW3 is already using that as a baseline Generate code Make and build pro gram Watch for LED D6 to pulsate At this point LED D7 should still be stati cally lit from the previous application with LED D pulsating next to it If you want to t
17. cost differential of outsourcing may appear vast due to those evaluating not including their employees time as cost nor appreciating that if internal staff take twice as long they effectively cost twice as much and a factor of two is usually understating the difference It s also easy to exclude the costs of financing that learning curve and investing in the latest tools that may well only be for a single project Far more importantly what if it all goes wrong A comparison like to use is your family vehicle s braking system Most of us won t mechanically touch our cars at all myself included but some fancy themselves as budding hobbyist mechanics Very few have such confidence in their success that they re willing to place their family s lives at risk by undertaking work on the brakes I ve no doubt that my cognitive abilities could eventually learn how to successfully undertake brake repair but the issue is that can t commit to the time to become an expert and unless was would never place my family s lives at risk through failure Replace brake repair with electronic design and family with project and hope I ve made my point Beyond avoiding the risk of losing important customers outsourcing frees up employees to focus on their own core competencies Maximum benefit and success at individual and company level is derived from dedicating time to your strengths Trying to save your business mo
18. free and management that facilitates the distri bution of software and services in such a manner that data or feature utilization can be monitored for appropriate billing Figure 2 1 gt loT INSIDER In a meeting with Aurelius Wosylus Director of Business Development at Gemalto www gemalto com earlier this summer was introduced to the company s Sentinel Licensing Development Kit LDK that addresses these challenges in multiple ways From a security and IP protection perspec tive the Sentinel LDK represents an evolution of Gemalto s licensing protection products into a single Cross Locking technology suite that allows developers to implement a com bination of hardware and or software based encryption In software keys are exchanged using the Sentinel Envelope a wrapper that uses code obfuscation and system level anti debugging among additional features to control access Feature Monetization The Basic Idea One Implementation Multiple Packages f e S Protected Software Single Application Binary Protect amp E 4 ngineer Release eo La E Os oo i Product Catalog Model Select Type ey Fax j i Product i Manager Track amp Report on Usage Manage Entitlements lll Evolve Often Figure 2 Integration with Gemalto Sentinel Call 3rd party DLL ce Lawview Graphical Source Code Sentinel a EXE or DLL s on Windows IP Protection Figure 3
19. it relies on services and licensing fees as the primary source of revenue genera tion With the Internet breeding a generation of developers and consumers that expect things for free or nearly free how do you ensure ROI In addition while the smartphone cable and utilities markets have matured to the point where providers can afford front end revenue hits on hardware in lieu of lucra tive service payouts over time in the fledgling loT it s hard to rely on commitments to long or even short term commitments at the expense of a large upfront payday Especially if you re a small loT startup asking a group of angel investors to risk bankrolling today s loT devices in exchange for the uncertain promise of tomorrow s data and software driven dollars seems like a prayer This leaves loT developers at a crossroads as although the increasing amount of value and a more economic approach to electronic system design is now rooted in software capitalizing on that value has largely been restricted to traditional hardware centric ROI models Figure 1 Management and control are key to monetizing loT By its very nature the loT is based on the real time or near real time delivery of software and services so getting capabilities to the end user is not the issue Rather the problem is one of con trol and management control that ensures IP can t be stolen or reverse engineered so potential users are able to take advantage of features for
20. ponents and the reference design examples enable the ability to add on an Arduino shield or Pmod peripherals When connecting to an Android phone using the Windows GUI a full data secu rity demonstration can be seen This data security design implements the key embeccedworld Exhibition amp Conference its a smarter world elektronik computersautomation dsa ENERGIE TECHNIK Solutions for a Smarter World 12 MEDIZIN wo elektronik DE DESIGNO ELEKTRONIK ear KNOW HOW FUR ENTWICKLER Elektronik automotive Helektronik exchange as well as encrypting the data between the SmartFusion2 FPGA and an Android smartphone There are a wide variety of general purpose applications that are ideally implemented in a microcontroller based SoC FPGA that enables solutions such as bridging I O expansion hardware acceleration protocol management and board initialization to be addressed Using a hardware solution with a refer ence design and a software GUI allows design ideas to quickly become reality Ted Marena is Director of SoC FPGA Products at Microsemi Microsemi www microsemi com MicrosemiSoC www linkedin com company microsemi www youtube com user MicrosemiCorp NurnbergMesse GmbH T 49 9 11 86 06 49 12 visitorservice nuernbergmesse de WEKA FACHMEDIEN GmbH T 49 89 2 55 56 13 49 info embedded world eu Embedded Computing Design November 2015 Embedded Agile Dev
21. soft microcontrollers and there is no accompanying peripherals or sub system If peripherals are required then Motor Controller Starter Kit SPI i 12C I eSRAM APB K MMUART J E CAN I Communication Interface USB Industrial Ethernet Motor BLDC Stepper IM Driver Encoder HALL Resolver ADC Level Translator Motor Driver ADC BLDC Stepper IM Embedded Computing Design November 2015 they must be created by using FPGA gates Low end FPGAs with a soft micro controller run very slow are inefficient due to the FPGA gates needed to create the microcontroller and subsystem offer no security and are developed on pro prietary architectures For a broad class of applications a hardened microcontroller based SoC FPGA is often the more effective solu tion A large amount of 32 bit micro controller architectures are produced each year because there are numerous applications that can use them Imagine if there was a microcontroller with a common subsystem of components and it also included a configurable block that could implement hardware accel eration tasks or other logic functions An ARM Cortex M3 SoC FPGA can be viewed as a microcontroller with con figurable hardware acceleration The hardware acceleration and implemen tation of logic functions are two key features where the FPGA fabric excels Combined an ARM Cortex M3 and an FPGA fabric allow an ideal division of labor for many tasks in a wide
22. story but the asset result is the same Real world factory view PLE examples The automotive market is finding a significant benefit with a factory view of PLE General Motors faces one of the most complex PLE challenges in terms of product complexity multiple options and high reliability They call this the Mega scale product line engi neering problem GM produces on average one vehicle every three sec onds somewhere around the world Each one is considered a member or variant of one single big family of vehi cles in the GM organization They are adopting BigLever solutions to address the massive feature variants their product line entails In the military market Lockheed Martin and Navy have adopted a fix it once initiative They have 100 ships and it s possible that a defect might go out and be found on a single ship Once found there is a cycle to fix it Later this same defect may pop up on another ship and the same effort hap pens PLE can facilitate a paradigm where you find it once fix it once then apply the fix across the entire product line that includes the feature with the defect This is an extremely valuable part of the solution The Lockheed Martin integrated weapons system is deployed in more than 100 ships By managing a single family of ships with variants as defined by a bill of features they can leverage the factory view of the PLE process They reported a 47M cost avoidanc
23. system This combination provides scalable capabilities for lol applications requiring persistent and efficient data storage retrieval and indexing ITTIA and Micrium www ittia com www micrium com embedded computing com p372056 Compact lightweight audio video processing engine Sensoray s 2960 Dragon audio video processing engine serves as a highly adaptable foundational building block that Sensoray can quickly customize to customers unique requirements The board comes in at 4 8 cm x 2 5 cm 1 9 x 1 and a weight of 6 2 g 22 0z The Dragon is capable of performing H 264 compression on captured 1920 x 1200 video at 30 frames per second or JPEG snapshots at up to 4096 x 3104 The board includes a controller and Stream router SD card interface six GPIOs USB Ethernet serial and 12C interface For device mode operation the board can be completely powered from the USB Controller functions include IP stream server file server HTTP server and camera control server Sensoray www sensoray com embedded computing com p373039 New embedded computing platforms featuring 6th generation Intel Core processors Advantech has announced a range of computing platforms using 6th generation Intel Core processors The boards offer improved CPI and graphics performance enhanced power and feature scalability and feature support for lol applications from edge devices through lol gateways and cloud The platforms in
24. then you ve reduced costs and put the security chip where it s needed for greater security SS WWADAND DDS WT WN SS NWT BBN SS NNN How does Trusted Brokered IO play into the whole root of trust concept IUUUIUIIILLUUUUUUCLLCLUUUUUULCLULUUUUUCUCLUUUUUUUCLCLULUUUUUUCLUCUUUUUCUUULCUUUUUCUCLCLUUUUUUUCLUUUUUUULCLULUUUUUUCLUCUUUUUUUULLUUUUUUUCLULUUUOUCLCLUUUUUCUCLUUUUUUUCUCLCUUUUUCLCLCCUUUUUUCUCUUUUUUUL THOM Over the last decade or so individual companies have been doing a more or less decent job of securing their own IP on a device in terms of making sure you cannot download their software or tamper with it but this is an individual approach for every manufacturer The SoC manufacturers give them the means to lock the flash down or turn the debug interface off but it s up to the developer to figure all of this out to figure out how to secure their solution That means that every device is handling this in a different way so for an operating system that wants to control all of these smaller loT devices it s impossible to look over a range of 20 devices and understand what s your identity how can interact with you what version of software are you running are you trusted or not and so on So we took a step back and looked at the TPM and the TPM has the same problem We re now below the TCG library specification When a discrete TPM manufacturer builds a chip the TPM library to a large degree is just code that runs on that chip
25. 8 Aarne info winsystems com P
26. Brazil a fast and flexible fault injector framework called OVPSim FIM was developed on the basis of OVPsim and presented at DFT 2015 www dfts org OVPSim FM enables users to identify and critical soft errors in multi and many core systems at an early design phase FCD Read about the FlexTiles project developed through Imperas University Program and Imperas s future plans at opsy st ImperasUniversity HX ADVERTISER INDEX Embedded GNenSystems media DESIGN Embedded Computing Design Editorial Creative Staff 9 Anaren Join the evolution Rich Nass Brand Director Rory Dear Technical Contributor rnass opensystemsmedia com rdear opensystemsmedia com 2 Annapolis Micro Systems Inc WILDSTAR OpenVPX Curt Senwae fer Editora Diretor David Diomede Creative Services Director ecosystem cschwaderer opensystemsmedia com ddiomede opensystemsmedia com Monique DeVoe Managing Editor Konrad Witte Senior Web Developer mdevoe opensystemsmedia com kwitte opensystemsmedia com Brandon Lewis Assistant Managing Editor Chris Rassiccia Graphic Designer blewis opensystemsmedia com crassiccia opensystemsmedia com 21 ATP Electronics Inc ATP Ruggedized lol NAND flash storage solutions 19 COMMELL Systems Corporation 5th gen Intel Core Sales Group HGH SBC Tom Varcie Sales Manager Regional Sales Managers tvarcie opensystemsmedia com Barbara Quinlan Southwest 23 Digital Voice Systems Inc AMBE 2 Vocoder chip 586 415 6500 bquinlan ope
27. Now for a regular consumer while the firmware TPM may be absolutely okay if you re running a device in govern ment or a government regulated enter prise the requirements might be much stronger in terms of tamper resistance and the possibility of attacking the root of trust Because at the end of the day we all know that everything can be lifted you just have to provide the right amount of money to actually get it out If all you have to protect is your iTunes password then a software or firmware TPM might be sufficient If you re pro tecting the social security numbers of half the country then you probably need something more And the interesting g lel 4 Developer Resources Pinout Designer o erer Meodvies Fle View Nep Pe Mang Propa Product Selector Hardware Resources Software Resourc E Toke Cr Center Frequent C Frequent Downloads Coments part here is that the TCG is working with so many different manufacturers that we have a lot different solutions that address the different market segments HANNA That s one of the nice things about the TPM is that you can buy prod ucts at different levels of assurance different levels of security that all imple ment those same APIs and the same operating system can work across those different products Whether it s a soft ware firmware or hardware TPM you re getting an increasing level of assur ance and at the high end would be a hardware
28. SoC FPGA is ideal to bridge between these custom peripherals and the rest of the design A microcontroller based SoC FPGA can be uniquely leveraged when additional peripherals are required The combination of the microcontroller and the FPGA fabric can implement bridging acceleration functions com munication protocol management I O expansion and control logic One example is a design that needs to add a custom display To interface to the dis play will require interface control logic image manipulation and also register configurations The ARM Cortex M3 can address the latter and do other house keeping tasks while the FPGA is best suited for interfacing to the display and modifying the image as necessary Avnet Electronics recently created a hard ware kit to demonstrate the power that a microcontroller based SoC can bring to the broad market Figure 2 A number of peripheral options can be used with this board because it has both Pmod con nectors and an Arduino shield connector set Other key features include onboard peripherals Bluetooth Low Energy BLE USB and a host of sensors and switches The board features the Microsemi SmartFusion2 SoC FPGA which includes a hard ARM Cortex M3 microcontroller and comprehensive subsystem An HDL and C code reference design Windows based software GUI and Android app are included with the architecture for added flexibility The Windows GUI can interface to all of the onboard com
29. Sonics innovations in IP design security and on chip networks visit www Sonicsinc com Sidebar 2 is You shall only ignite if the gas was turned on no more than three seconds ago it s a very important policy that needs to be enforced ALS What s on the horizon for TCG and its members LLL ih hh hb ssdd ec cids HANNA As co chair of the loT subgroup want to point out that we just released a document called Guidance for Securing loT Using TCG Technologies 1 That is an in depth technical document that explains how to use TCG technologies for securing loT and we have a companion document the architect s guide for securing loT 2 which provides a more high level overview a four pager suit able for briefing management and understanding the issue of how to secure lol from a high level And then we ve got a whole bunch of next gen efforts One is the Automotive Thin Profile that s spe cifically designed for lightweight automotive electronic control units ECUs but there are a whole bunch of next gen standards that we re working on specifically in the area of loT that address some of the challenges of loT that have not yet been standardized for example software and firmware updates There are some things that already can be done easily using the TPM to secure that but there are other things that really need a boost in capability so we re working actively on that THOM Microsoft has pu
30. US 2 identify aspects of the code that may need further testing 22 complete testing of the requirements should cause the tests to effectively exercise all of the code If there is code not exer cised by the tests this may be code that can be eliminated or it may be a missing requirement or it may be a flaw in the test In this way structural coverage analysis can provide feedback into the test design software implementation and require ments specification processes This relationship between exercising code and testing require ments also exists on the level of the individual requirement While from an evidence gathering perspective the high level totals of how many requirements and how much code has been tested is more interesting it is more often at the individual requirement testing level and the structural coverage analysis of that individual requirement testing where the most defects are identified and fixed Structural coverage analysis is often thought of as simply a target of achieving 100 percent of a metric but it is essential to examine individual tests and the structural coverage resulting from them This is especially true when the code being exer cised is based on the requirement being tested By examining the structural coverage of the code it is possible to determine the exact behavior of the code under test and compare it to the expected behavior based on the requirement being tested LDRA s TBvision give
31. a SDIO SATAII HD Audio Intel Celeron 31900 N2930 amp Atom E3845 SBC LE 37D 3 5 SBC LP 173 Pico ITX 120 120mm TI OMAP L138 DSP ARM SBC COMMELL DSP L138 SBC oe i i E LDS SATA USB2 0 10 100Mb Ethemet Stereo Codec 128M DDR R5232 Console 8GB SPI flash SD slot a Ready for U Boot TI Linux OVSDK TI DSP amp 57S BIOS PCIe Mini Car MPX 2515 MPX 24794G2 MPX 210D2 ECAN 2 08 Card 032 bitGPIO Card sDual Giga LAN MCP 2515 Creaco4794 Intel 1210 McP 2551 USB 2 0 IPMI MCTP Windows SDK Windows driver Windows driver www comme ll com tw General Information info commell com tw Welcome to be commell Distributor 19 Embedded Agile Development Tools SOFTWARE Testing the test How to use coverage metrics for more effective embedded software testin By John Thomas Timing is everything in software devel opment Just think about the timing of when a software defect is found Found after a release it can be a disaster compromising people s safety and costing millions Found before a release the defect can be reduced to merely an annoyance Cy Taea 957 WIS LORA Lid 19 Days Remaining Source View Congue Webate liia Help ig 3 Pi vira Fie xpicrer 4 0 Opp funnel laghting system d LOLopp d Dateevope i Lierrepe pap i Limpmod ligp i Lert ae ope a a Mpatie pp d yemira pp al hpa EBEDOBBBPBRBEBE Cle Virar Clas Sater 40 Cpp ton
32. a com OpenSystems Media Editorial Creative Staff F GNAL Military PROCESSING MOUSTRA KYliormtfactors PICMG VITArcnoosies EMBEDDED SYSTEMS John McHale Group Editorial Director PC 104 and Small Form Factors Military Embedded Systems Idaigle opensystemsmedia com PC 104 and Small Form Factors Iv Col or Edi PICMG Systems amp Technology Sal y Cole Senior Editor VITA Technologies Military Embedded Systems Signal Processing Design scole opensystemsmedia com jmchale opensystemsmedia com Brandon Lewis Assistant Managing Editor C Joe Pavlat Editorial Director a ea eye PICMG Systems amp Technology ema Get your free digital edition at jpavlat opensystemsmedia com Signal Processing Design embedded computing com emag oa blewis opensystemsmedia com Jerry Gipper Editorial Director wy VITA Technologies Jennifer Hesse Managing Editor i Subscriptions jgipper opensystemsmedia com VITA Technologies embedded computing com subscribe Steph Sweet Creative Director Joy Gilmore E cast Manager subscriptions opensystemsmedia com Joann Toth Contributing Designer Libel A Lisa Daigle Assistant Managing Editor Military Embedded Systems Mariana Iriarte Associate Editor Military Embedded Systems miriarte opensystemsmedia com N OpenSystems media Corporate opensystemsmedia com iq ee a Desig Patrick Hopper Publisher Wayne Kristoff CTO phopper opensystemsmedia com Emily Verhoeks Financial Assistant All registered brands
33. agged with an identifier that indicates whether or not it is secure In its most basic form this creates the equivalent of a simple firewall where for example transactions labeled with the TrustZone bit set are able to pass into specified secure areas of the chip such as the on chip ROM while non TrustZone authorized transactions have only limited access However in the context of integrated SoCs with shared resources such as memory this archi tecture can become quite complex both in terms of establishing mutual trust from a software perspective as well as in ensuring that containerized hardware blocks remain mutually secure but protected from other domains Drew Wingard CTO of IP design firm Sonics Inc explains how his company s NoC Lock technology augments the security provisions of TrustZone to further isolate SoC blocks in such scenarios helping minimize the risk of one compromised SoC block bringing down an entire chip Figure 1 We take the bit that ARM defined in TrustZone but we also allow security controllers that often exist on these chips to provide extra context information that also gets bundled with the transactions coming across the system to say this hardware block over here is participating in the streaming media container so when you look at whether it should get access to this part of memory you should consider that carefully Wingard says We can essentially provide extra tags and then the firewall we bu
34. ce to keep your cryptographic keys and a really special aspect of trusted computing something that can provide confidence in the integrity of the soft ware Something where you can say how can we have confidence that this device has not been infected How can we verify that remotely And how can we make sure that the secrets we really care about don t fall into the hands of malware That s really a special aspect of this Trusted Computing technology the ability to do those measurements and make sure that a particular device isn t infected and if it is to detect that and be able to recover without substantial harm The TCG defined the standards for a variety of different hardware secu rity components such as the Trusted Platform Module TPM self encrypting drives trusted network communications and the like And by defining standards for these it enables competition among the vendors that implement those stan dards and it enables the vendors who make use of those standards to do so in a vendor neutral manner so you can build into Windows as has been the case for the last several versions support for the TPM and start building on top of it to create more advanced capabilities like BitLocker That s the sort of thing that TCG does creating open standards for trusted computing which is just another way to say secure computing and we ve adapted over the years as new forms of computing and new applications of c
35. certified TPM You just decide based on your risk tolerance what level of security is most appropriate MN What does a TPM architecture look like LLL ixiiixixik bb hs bsbicicciccicccdcdccde HANNA Standard interfaces but as to the internals of how the TPM is imple mented that is up to the vendor to decide So long as it implements the standard interfaces in the standard Design Guides A Premium Support gt Complete G BSPs Software Library developer toradex com Reference Designs Pinout Designer lToradex Embedded Computing ARM Computer on Modules K Small Size Big Performance www toradex com Toradex Inc 219 1 Ave S Suite 410 Seattle WA 98104 I USA I seattle toradex com www embedded computing com AMD leverages Cortex A5 TrustZone as baseline for new Platform Security Processors The Trusted Computing Group maintains a number of liaison relationships with other industry organizations to ensure interoperability among them the International Standards Organization ISO the Industrial Internet Consortium IIC and Global Platforms the latter of which defines the Trusted Execution Environment standard that serves as the basis for ARM s TrustZone technology The advance of ARM SoCs in platforms ranging from mobile devices and wearables to embedded systems and server environments has grown the TrustZone ecosystem to one of the tech industry s largest as secure Tru
36. clude Computer On Modules COM MI 0 Extension Single Board Computer industrial motherboard and digital signage players The portfolio has been designed with an eye toward end to end lol from cost optimized lol devices and smart sensor boards to higher performance gateway products through cloud servers for high performance and reliability Advantech www advantech eu EmbCore embedded computing com p3 73040 EPIC Single Board Computers Rugged Stackable Form Factor Fanless 40 to 85 C Operation Small Form Factor Computers Intel Atom E3800 and i MX6 CPUs Fanless 40 to 85 C Operation PC 104 Single Board Computers Rugged Stackable Form Factor I O Modules and Power Supplies eoceooococoocoococoooocoocoocoooooocoocoocooooooooooo 8 Sometimes our off the shelf products are not the perfect fit Our appli Il n n cation engineers and in house design talent are ready to develop customized solutions for your system requirements Our stock products are accessible to use as building blocks for your next project Calling WinSystems connects you directly with an Application Engineer who is eyon ready to discuss customization options for firmware operating systems configurations and complete designs Team your engineers with ours to move your product from concept to e 00 reality faster GUA WinSystems 715 Stadium Drive Arlington Texas 76011 1008 J Phone 817 274 7553 Fax 817 548 135
37. ctline The feature catalog is a corporate wide asset that lists the available features for the product line Features describe things that are optional within the product family Product managers can choose to include or exclude any fea ture in the feature catalog for a given product within the product family The bill of features is a description the product manager puts together that details exactly what features go into the making of a specific product within the productline The BigLever Gears product configu rator takes the bill of features descrip tion and takes the asset descriptions that come from the supply chain to output a specific product asset subset for a specific version of the product Feature sai Shared PLE Asset Supersets Figure 1 14 This includes the product bill of mate rials test cases feature specifications documentation and anything else rel evant to the included features for this specific product The Gears configurator differentiates between assets needed for internal production and those that are included in the end product For example software source code and test cases are identified as assets needed to build the features included in the product but only the executable binary and no test cases are included in the final product delivery Applying factory point of view to PLE Figure 1 illustrates the factory based PLE approach as applied to the V model product l
38. curity Architect Microsoft and Trusted Computing Group why security must begin at the hardware level and explain how the TCG s Trusted Platform Module TPM and Trusted Brokered IO specifications are evolving to meet the requirements of the lol NN Give us some background on the Trusted Computing Group TCG LUUUIUUIIUILUUUUUUUCLUUUUUUUCLCLULUUUUUCLUCUUUUUCLUCLUUOUUCLUULUUUUUCLCLUUUUUUCLCLULUUUUUCLUCUUUUUCUUULUUUUUUUCUUOUUUUUL HANNA The TCG has been around about a dozen years and it was originally started by a group of IT security compa nies Microsoft IBM HP Intel AMD etc who are our founders and who recog nized at the time that something more than just software security is necessary to properly secure information technology They had the foresight to see at the time that the level of sophistication of attacks is always growing and we needed to pro vide the best security possible and do it through a standardized mechanism The original focus was on the PC because those were the days of Slammer and all those nasty PC malwares and worms The focus was how can we build into our PCs something that is going to be 24 pretty much impervious to these sorts of clever malware attacks Yes maybe you can crack the software and get into the operating system but no you re not going to be able to get into the TPM Then what we can do with the TPM once we have it things like strong identity and a pla
39. e per year using the BigLever PLE solution and dramatically increasing the produc tivity by using the Gears approach Sound PLE also results in competitive advantage Lockheed bought in and got good at this solution and as a result their productivity has increased dramati cally By leveraging the efficiencies in the process they can deploy projects at lower cost and deliver the same or a superior feature set In addition they have capacity to continue advancing and upgrading their capabilities In another example General Dynamics teamed with BigLever to create the win ning proposal for the U S Army Live Training Transformation Consolidated Product Line Management In this product line of training systems each soldier has a personal area network connected to a larger network of up to 2 000 soldiers This can be seen as an interesting Internet of Things loT appli cation They are monitoring all these data points during maneuvers to detect pat terns of activity of individuals and units that they can use as learning and training information to train soldiers on how to be effective and stay alive in the field Using the BigLever PLE solution the Army study produced audited numbers that project 600M in cost avoidance over 15 years What about small medium businesses SMBs The examples cited were from very large organizations with big budgets but Dr Krueger claims the factory view of PLE can still be cost effectiv
40. e PC 104 Embedded System with Customizable Features and Industrial Temps a 800 MHz or 1 GHz Marvell PXA166 ARM CPU 7512 MB DDR2 RAM 7 2 GB SLC eMMC Flash Storage Aa PC 104 Connector Qty 100 A 8k or 17k LUT FPGA 7 Dual Ethernet eee 31 99 TS ENC720 enclosure Qty 1 Starting at 165 Embedded systems that are built to endure We ve never discontinued a product in 30 years www embedded computing com PC 104 Peripherals _ Multi Function Daughter Cards Our Line of PC 104 Peripheral Boards Offer Maximum Functionality at Minimum Cost a Digital I O Boards A Ultra Long Range Wireless A Software Controlled Relays A Multi tech GSM GPRS HSPA modem boards Oty 100 A Intelligent battery back up 32 A Much more Qty 1 Starting at 30 Support every step of the way with open source vision Unique embedded solutions add value for our customers 21 Locking down shared resources in on chip networks with NoC Lock As mentioned in Sidebar 1 ARM TrustZone technology has been widely adopted in the tech industry as foundation for securing systems based on a Trusted Execution Environment Essentially the way TrustZone works is by adding a mode bit to the operating context of the processor that provides information on whether a given instruction is run in secure mode or non secure mode The TrustZone instruction set can t be run by regular programs and enables every transaction performed by the CPU to be t
41. e for start ups and small businesses alike The pricing scales by the number of people And smaller organizations are typically faster to adopt the process because there is less to change and fewer existing blocks to overcome Dr Krueger says In SMB organizations saving time for a few key people can make a world of difference in the orga nizations growth potential FCD 15 SOFTWARE Embedded Agile Development Tools Look Ma no code PWM control in under five minutes with Microchip Curiosity development board By Brandon Lewis Assistant Managing Editor Goal The following describes how to build a simple PWM for motor control applications on the Microchip Curiosity Development Board using the MPLAB X Integrated Development Environment IDE and MPLAB Code Configurator MCC software We begin with a basic bring up of Curiosity s onboard PIC16F1619 8 bit MCU running a Hello World program and continue to set up a PWM using a Timer based on an FOSC 4 clock All of this is done using the Microchip MCC without ever writing a single line of code Difficulty Level Beginner Hardware required gt Microchip Curiosity Development Board Outfitted with PIC16 L F161X MCUs Used here is the PIC16F1619 gt USB 2 0 A Male to Mini B Cable Software required gt Microchip MPLAB X IDE version 3 05 or later Used here is MPLAB X IDE version 3 10 Download from www microchip com pagehandle
42. ed lohting syste 20 Tonite oOo D umi TunneiDauctell A unie D rena A Tunnel Garucl arp Type amp TonnelDaticlaro amp Tunnel Datectquarclame Tunnel atacLampArributes A iieb 2 hii lane Cus Compose Type Geclarateonit Parameter Figure 1 20 This is why software testing has become an integral part of the development life cycle Indeed according to a 2012 survey by the Fraunhofter Esk Institute not only is testing an important part of the soft ware development process for most embedded systems developers it is the most difficult part as well Ea Code Coverage Cpp hare byhan 1 Dyner Configuration OHTI Lane A yp Buang lighting priem Testing can be difficult for many rea sons but one of the most fundamental challenges is measuring progress Failure to track progress during testing with reliable metrics can waste time and result in a lack of software quality It is tempting to try to ignore metrics and aim for testing everything yet this Rernentage Percentage Change Success Limit DOL7SB Level A EJ 4 Cpp_tunnel_lighting_system i Cellepp 4 Combined Coverage Run Statement Coverage Branch Decision Coverage Modified Condition Decision Coverage aa Ture DatactyctemDatic Code Coverage nests from fonecpe d m Combined Covenge Run Sateen Coverage da Daio d u Combined Coverage Run Panat r da Tae Daonet 2 Combined Coverage Run a eent Coverage THe oe irhier
43. elopment Tools The theory behind product line engineering By Curt Schwaderer Editorial Director SOFTWARE cschwaderer opensystemsmedia com At first glance product development may seem like the most complex component of the product life cycle However everything developed from the silicon circuit boards and software have features options and derivatives that need to be identified productized and maintained Managing the myriad of variations within a product line is often called product line engineering PLE In this column we ll explore PLE in more detail and look at a company with a unique paradigm and solution for lowering complexity and increasing reliability within product lines In order to be competitive in today s environment companies must deliver a product line not just a single product with a mentality that one size fits all What is product line engineering In general product line engineering PLE refers to the practice of cre ating an underlying architecture both hardware and software that describes the base platform The architecture describes the base commonality across the product line as well as planned vari ations PLE focuses on the process of engineering new products so it is pos sible to reuse product assets and flex ibly apply a subset of variations for a specific product with minimal cost and time spent A Carnegie Mellon SEI study in 2003 among many others has show
44. em module or unit level and can be accumulated toward a testing goal Code coverage should not be treated in isolation from requirements based testing Furthermore there may be tests that need to be performed beyond structural coverage analysis For instance testing race conditions and integer limit edge conditions can be valuable for detecting defects but they may not contribute www embedded computing com to your structural coverage goals Structural coverage anal ysis is designed to gauge the testing you have done and to guide your test planning but it should not be taken as a goal unto itself Beware Accumulating structural coverage without understanding the tests can provide a false sense of security that can be more dan gerous than inadequate testing Structural coverage analysis is not a magic bullet but a tool that needs to be used with intel ligence and care However it is a tool that when properly used can make tests more useful and more effective and provide evi dence of the testing process John Thomas is a Field Application Engineer for LDRA Ltd He graduated from Rutgers University Before working for LDRA John worked as a developer for several companies and was previously Project Manager for Castel Enterprises Ltd He joined LDRA in 2011 and has worked with LDRA clients on coverage testing target integration and requirements traceability LDRA Ltd www idra com Y ldra_technology in www linked
45. es safety integrity levels SIL and recommends different structural coverage metrics based on each level In all of these standards a common philosophy can be seen the safer the code must be the greater the thoroughness of required testing The exact definition of what software safety means depends on the concerns expe riences and regulatory pressures for ATP Electronics Inc ATP Ruggedized loT NAND Flash Storage Solutions Transportation ald A ae E Retail DA G Healthcare Y Utilities Safety amp Security l 100 tested for long term reliability e Frequent small file write applications ATP Advanced wear leveling amp block management algorithms Endurance Protection ATP Life Monitor SMART Tool e Read intensive applications ATP AutoRefresh Read Disturb Protection e Power Failure Protection PowerProtector Power Cycling RDT Linux Based pair ey E P WER OX a j REFRESH PROTECTOR montron S M A R T LJ ucts a P ATA lil Pro a ssp Sil Pro MM 2260 2242 VA Slim SATA CFast ATP Electronics Inc TEL 1 408 732 5000 FAX 1 408 732 5055 loT Solutions sales atpinc com Alliance www atpinc com 21 Embedded Agile Development Tools the particular industry but this general principle of matching higher levels of safety required with greater levels of structural coverage required remains constant across the standards
46. f measuring sufficient testing and it needs to be done in a way that can be measured objectively to satisfy all stake holders in the development process For effective software testing devel opers need to address how to measure the testing process how to determine how much testing is enough and how development teams can most stra tegically ensure that the software application they developed has been adequately tested What is code coverage Structural code coverage analysis is a way of looking at what parts of the logical structure of a program have been exercised or covered during test execution The logical structure depends on the code coverage metric being used For example Entry Point coverage looks at which function calls or entry points have been exercised in a test Likewise Dynamic Dataflow coverage looks at what parts of the data flow have been exercised While different structural coverage metrics examine code from different angles they all share a common purpose to give meaningful insight into the testing pro cess by showing how much of the code is tested and which parts of the code have been exercised Figure 1 Specialized structural coverage metrics can serve special use cases for testing www embedded computing com such as analyzing data and control cou pling However for measuring general test effectiveness three code coverage metrics have found wide industry usage
47. factory view of the engineering process Think of an analogy of a factory Dr Krueger says Assembling and pro ducing requirements and specifications is one dimension Think about the things coming into the factory the traditional artifacts like technical specifications subsystem designed bills of material software user documentation calibra tion data test cases certifications The list is long We want to get really good at reusing these artifacts Dr Krueger cites a familiar example of the user s manual in the glove box of an automobile Open the manual up and it s full of things that say if you have this kind of option do this otherwise do that Dr Krueger says Most of the time have no idea if that option is on my car If PLE can customize the product auto down to the user s manual in the glove box so we don t have to guess at these if then state ments things are cleaner and easier Two key abstractions BigLever uses two key abstractions in their PLE solution a feature catalog and a bill of features These abstractions are key to corporate success in managing the PLE process 13 Embedded Agile Development Tools The key to success here is at a cor porate level everyone in the organi zation buys into the utilization and management of the feature catalog for a product line and a bill of features must exist for each unique product within the produ
48. he key dilemma facing decision makers from start ups to SMEs to corporate behemoths In smaller scale organisations the temptation to want to do every thing themselves may well stem from their inception when start up funds were tight the last burden the fledgling CEO wanted to incur were additional expenses The attraction of taking on learning a new task himself or delegating internal staff to do the same was naturally strong and speak from personal experience in describing how hard it can be to move away from that mindset started in the embedded industry on the bottom rung of the proverbial ladder As time progressed quickly earned numerous promotions and whilst performing new tasks continued to simul taneously undertake my technically previous roles Additionally as new responsibilities were generated tasks well outside my pri mary remit I foolishly enthusiastically blindly volunteered myself describe this not as some nostalgic self contemplation but to draw you to the undeniable parallel this dilemma has at both the individual and organisational level eventually found myself working unsustainably long hours to encompass this unmanage able workload had thrust upon myself Far more importantly than the overall volume of work was the increasing detraction from my own core competency which began to impact my personal suc cess and has a parallel effect at the organisational level One poignant example come acr
49. ife cycle The V model demon strates the relationships between each phase of the development cycle and its associated testing phase The diagram shows a feature catalog that informs a collection of assets that can be managed according to the features of the product line These may be a long list of engineering artifacts bill of materials descriptions software system require ments test cases and wiring harness instructions are some of the common artifacts in an automotive product The feature descriptions go into the PLE process and are used to engineer the feature profiles that cause the products to come out You ll notice in the diagram the comprehensive nature of the feature catalog as it feeds into both the devel opment engineering and testing phases of the V model In order to create a specific product we need a way to filter all these assets How do we know what to do within the configurator This is where the bill of features specifications come in If the feature list includes a feature the configurator will include that in the assets based on the bill of features The configurator uses the bill of fea tures to associate the pieces within the feature profiles to know what to include exclude from the assets This drives every engineer working on their part of the system to think about how their assets get used on all the variants Product A Asset Subsets Asset Subsets Product N Asset Subsets A featu
50. ild called NoC Lock interrogates the nature of the transaction is it a read or a write which hardware block does it come from which security domain does it believe that it s part of and is it secure or not and then compares that against the firewall of the program to determine whether or not access should be allowed First of all from the ground up we re imple SonicsGN security Firewalls menting flexible param eterizable configurable containers so that you can have multiple mutu ally secure domains for minimizing the risk of BETTY compromising the entire mm system he continues Secondly we do all of our enforcement at the shared resource so at the target rather than the initiator side which has both a simpler soft ware model and actually Figure 1 protects better against attacks This implemen tation can also support protected reprogramming as well as exported or dynamically fused settings so that we can perfectly match the customer s security needs That has the benefit of allowing them to minimize their risk profile but it also turns out that sometimes this can simplify what a secure boot process looks like gt SecureSoC Sonics NoC Lock Security gt TrustZone capable Sonics NoC Lock technology implements individual firewalls at each target destination on an SoC such as SRAM to minimize the risk of one compromised subsystem infecting the entire chip For more information on
51. in com company Idra limited www youtube com user Idraltd Digital Voice Systems Inc new AMBE 2 Vocoder chip delivers high quality voice at low cost Voice Compression Rates from 2 0 to 9 6 kbps Forward Error Correction FEC with Viterbi Decoder Noise Suppression and CNI Half Duplex operation Ta With Half Duplex operation and DVSI s latest technology the AMBE 4020 is optimized for harsh mobile communication environments Built in codec Low power consumption No licensing fees Small LQFP or BGA package Hardware development kit available Ideal for land mobile radio Voice Over IP and record playback applications DIGITAL VOICE SYSTEMS INC The Speech Compression Specialists AMBE 4020 978 392 0002 Www dvsinc com 23 K 9 STRATEGIES UA Hardware Security ENSURING TRUST IN IOT WITH TRUSTED PLATFORM MODULES AND TRUSTED BROKERED IO While connecting previously isolated devices on the Internet of Things lol yields countless possibilities it has also forced industry to reconsider how these seemingly harmless edge systems could be leveraged with malicious intent if not properly secured In this interview with thought leaders from the Trusted Computing Group TCG Steve Hanna of Infineon and Stefan Thom of Microsoft discuss Steve Hanna Senior Principal Infineon and Trusted Computing Group Stefan Thom Principal Software Development Engineer and Platform Se
52. key exchange in a microcontroller such as a Cortex M3 The appropriate code can be called and executed depending on The Avnet SmartFusion2 KickStart Kit the handshake exchange requested Once the keys are exchanged and both devices are trusted the data commu nication will need to be encrypted and decrypted There are many wired and wireless communication speeds and protocols and depending on the link speed performance is usually needed for the data encryption and decryp tion When performance throughput is needed it is recommended to imple ment it in the FPGA fabric The trans mitting device would implement an encryption algorithm such as AES 256 triple DES RSA or similar and the receiving device would implement the same decryption algorithm If the data link performance is not critical the Cortex M3 could implement the encryption and decryption However the FPGA fabric is ideally suited when higher throughput is needed Adding custom peripherals to a design Although processors and microcon trollers offer common peripherals numerous designs require custom interfaces Many medical industrial and embedded designs often need to 1 FPGA SoC add additional interfaces and open bus interface connectors address this issue Two of the more popular periph eral bus connectors are the peripheral module Pmod and the Arduino shield There are many peripheral designs that leverage these connectors and a
53. ks to implement deterministic processes across devices without polling or interrupts establish inter processor commu nication as wellas access device applications The Murmuration software framework is an intuitive yet powerful way to develop on hybrid and multi core real time embedded systems Sheldon Instruments is highly committed to significant software support and building our foundations and software libraries that allow customers to more quickly integrate our hardware products Into their overall platform and application gt Sheldon Instruments NS SHELDON sheldoninstruments com gt d INSTRUMENTS SPECIAL ADVERTISING SECTION Watchdog strategies for RTOS enabled embedded systems By Andrew Longhurst Business Development Manager WITTENSTEIN high integrity systems A Watchdog timer is an electronic timer that is used to detect and recover from errors within embedded systems The basic prin ciple of the Watchdog timer is simple but effective Within a spe cific time period the system has to notify the Watchdog that it is still operational If the Watchdog does not receive this notification then it assumes there has been a failure and places the system into a known state Typically the Watchdog will reset the processor However for systems that are more complex the Watchdog may have to trigger a series of operations to place the system into a known safe state Many processors support on chip Watchdog functionality
54. l reg istered Tasks have operated during the last time period if they have the Monitor Task will notify the Watchdog that the system remains operational To manage Tasks operating at a higher or lower fre quency than the Watchdog refresh rate the designer would need to include a time profile for all Tasks For each Watchdog refresh period the Monitor Task would confirm that only the expected scheduled Tasks have been active In some systems however Knowing the Task is still opera tional does not provide sufficient assurance that the system is still operating correctly In these systems the operation of critical code sections must be monitored as well as the Tasks they are found within To complete the temporal monitoring of events an addi tional enhancement would be to monitor the response time of Interrupt Service Routines ISR Here the Monitor Task would measure the actual time it takes to process the response from the time the ISR is triggered to the time when the overall opera tion has completed By monitoring the timing profile of individual Tasks critical code sections and ISR response times the designer has a high level of assurance that the Watchdog notification mechanism is working as expected However the complexity of the Monitor Task has increased significantly Sophisticated Task monitoring The Checkpoints Safety Component from WITTENSTEIN high integ rity systems is a software component that provides thi
55. mpa nies could potentially transition away from one off loT platform sales and into business models that allow for accretive growth by means of data and feature monetization In this cloud based approach companies could establish service plans or provide additional features to end users similar to how your cell phone or cable company operate generating recurring streams of income Business Model Versatility Traditional Sales Models x Product Sale Update upgrade sale Maintenance Consumable re fill Renewal Traditional product centric business models limit the earning capacity of Internet of Things lol solutions as they are typically earmarked by a single income phase followed by extended periods of service and maintenance costs www embedded computing com loT INSIDER amp gt So how do you make money in lol By Brandon Lewis Assistant Managing Editor blewis opensystemsmedia com that continue to flow after the initial platform sale or perhaps giveaway to help offset ongoing maintenance service and sup port costs Furthermore this paradigm permits a new way of thinking about the product development life cycle as rather than offering a portfolio of hardware platforms each with different features engineered into individual SKUs software can be uti lized to enhance or reduce functionality on a given platform or set of platforms by turning capabilities on or off However one setback of this model is that
56. n for the future of embedded computing Imperas www imperas com provides tools and solutions for embedded software development debug and test and has been working with universities around the world with its Imperas University Program which provides academic and research institutions access to tools and virtual platform models The Imperas University Program encourages participation in the embedded systems community in three ways use on research projects use in the classroom and sharing of virtual platform models through the Open Virtual Platforms OVP Library says Duncan Graham University Program Manager at Imperas The OVP initiative www ovpworld org provides researchers access to a library of more than 150 CPU models and more than 200 peripheral and platform models as well as Extendable Platform Kits EPKs all open source and distributed using the Apache open source license Libraries like this are very helpful to researchers like Ost who are working with the cutting edge of processing technology The description of processors i e register or gate level is rarely available to universities and commercial licenses are www embedded computing com mdevoe opensystemsmedia com quite expensive Ost says Having free tools with different state of the art processor models allows the exploration of new system architectures Imperas launched OVP in 2008 providing free access for aca demic users
57. n that PLE can have several benefits including higher productivity within the organiza tion higher quality products faster time to market and lower labor requirements Challenges implementing efficient PLE PLE is not something a brute force process can solve For example a rather simplistic embedded system with www embedded computing com a circuit board that can be purchased with two CPU options and software with three add on features yields six possible product variations With each feature addition two additional product varia tions are created Adding connectivity variations to this example creates an M x N x O variations problem With each additional variable the product variations can quickly grow out of con trol causing duplication increased development and test time and even less reliable products There is significant complexity to man aging all these variations The example above was simple Applying the same principles to autonomous vehicles that have a variety of options for radars cam eras sensors and electronic steering makes this a tremendous challenge The theory behind PLE Systems and software PLE creates and maintains a portfolio of related products using a shared set of engineering assets and an efficient means of production talked with Dr Charles Krueger CEO of BigLever Software www biglever com about their approach to PLE Dr Krueger says their PLE solutions take a
58. ne Aui Development E Board the board a human friendly name For the purposes of this exercise just call it Curiosity Hit Next At this point we have to select a compiler You should have already downloaded and installed Microchip s XC8 compiler either the free or the Pro version The Pro version offers some enhanced opti mization features and if you d like to try it out Microchip offers a free 60 day trial But for the purposes of this project the free version will work just fine Select the XC8 compiler from the Compiler Toolchains folder Hit Next Now you re going to name your project Call it CuriosityPWM Leave all the default settings as they are and click Finish A project folder should now appear in a column on the left of the MPLAB X interface Before getting started on the actual application you have to configure the project to support low voltage program ming which allows you to program the MCU without a 12 V power supply To do this simply right click on your project and select Properties from the subse quent dropdown A popup window will appear that has a list of Categories on the left Under the Conf default parent click Starter Kit PKOB The www embedded computing com Devic Bih Push i Button mTouch Button 3 options on the right side of the window will change revealing a dropdown next to the heading Option categories Choose
59. nect a 5V power supply the left two pins connect 3 3V You re now ready to program Open the Microchip MPLAB X IDE from your appli cations folder and click New Project in the upper left corner of the inter face or select it from the File drop down menu Doing so will open a New Project window From the Microchip Embedded folder double click Standalone Project This will direct you to the next step in the project wizard which prompts you to select a device The Curiosity develop ment board comes stock with the 8 bit PIC16F1619 microcontroller so select it by either typing the model number into the Device dropdown or by selecting Mid Range 8 bit MCUs PIC10 12 16 MCP in the Family field and then opening the Device dropdown and scrolling until you find the PIC16F1619 Hit Next You ll be prompted to select a debug header but you can leave that with its default settings so click Next again In the next step of the Wizard you ll be asked to select a tool so navigate to Curiosity FN XXXXXX under the Microchip Starter Kits folder and double click This will generate a popup window that allows you to give Embedded Computing Design November 2015 Master Clear USB Connector ee ee J2 on back Microchip gt if Ones amp mikroBus Header Curiosity Do VA eo in Cl Lo see a Pg HOE bs ms z r I l T m mags Tamm set
60. ney by avoiding out sourcing may end up costing you far more than that project ever would ECD 3 NOVEMBER 2015 COMPUTING NOL 13 E S 1G N embedded computing com 8 embedded_comp N opsy st ECDLinkedin CE CEE C E C Bas C E CEC Departments 3 Tracking Trends Rory Dear Technical Contributor Why companies should focus on their core competency h Research Review Monique DeVoe Managing Editor An industry university development tools collaboration 7 loT Insider Brandon Lewis Assistant Managing Editor So how do you make money in lol 31 Editor s Silicon Choice Microcontroller based FPGAs hit the mark 1 By Ted Marena Microsemi Web Extras Amazon launches lol platform embedded responds with off the shelf dev kits 1 The theory behind product line engineering By Brandon Lewis Assistant Managing Editor By Curt Schwaderer Editorial Director opsy st Amazonlol 1 Look Ma no code PWM control in under five The search for a simpler more cost effective way to minutes with Microchip Curiosity development board implement USB 3 0 functionality By Brandon Lewis Assistant Managing Editor By Gordon Lunn and Lee Chee Fe FTDI Chip opsy s USB3FTDI Testing the test How to use coverage metrics for more effective embedded software testing By John Thomas LDRA Ltd DOWNLOAD THE APP Strategies Ensuring trust in lol with Trusted Platform Modules and Trusted Brokered l0 Q amp A with Steve Hanna
61. nologies serving as the founda tion developers can take a new approach to product definition that reduces hardware dependency and enables innovative software reporting Pay per use Pre paid Post paid Standard _ Application Figure 4 be used to support pre pay post pay and pay per use models EMS allows software updates to be remotely pushed to target users and devices while also retrieving usage metrics that make flexible licensing models possible including pay per use pre pay and post pay In addition usage data can also provide insight into the behavior users exhibit when interacting with various products which in turn can be leveraged for future R amp D marketing and so on Figure 4 shows an example soft ware monetization architecture using the Sentinel LDK and JOIN THE EVOLUTION 1905 y Learn more Get mobile smart in 3 easy steps Get your AIR for Wiced Smart dev kit at your distributor of choice a Anaren See our website for a Rea current list Develop your wireless link and basic app using our exclusive Atmosphere development tool With our AIR for Wiced Smart module on board proceed in record time to a prototype and final mobile app development www embedded computing com The EMS features of Gemalto s Sentinel LDK permit flexible remote software licensing through reporting that can chip BCM20737 packaging and licensing models many of
62. nsystemsmedia com delivers high quality voice at low cost Rebecca Barker Strategic Account Manager 480 236 8818 rbarker opensystemsmedia com Denis Seger Southern California l 281 724 8021 dseger opensystemsmedia com 12 Embedded World Get up to speed with the latest Eric Henry Strategic Account Manager 760 518 5222 developments in your industry ehenry opensystemsmedia com Sydele Starr Northern California 541 760 5361 sstarr opensystemsmedia com Kathleen Wackowski Strategic Account Manager 775 299 4148 kwackowski opensystemsmedia com Twyla Sulesky Strategic Account Manager California 978 888 7367 tsulesky opensystemsmedia com 408 779 0005 29 Sheldon Instruments Improving inter processor communication with software framework l Asia Pacific Sales 27 Technologic Systems Superior embedded solutions Elvi Lee Account Manager elvi aceforum com tw 25 Toradex Engineering resources at your finger tips Reprints late M ad D at Contact Wyndell Hamilton Wright s Media wHamilton wrightsmedia com 281 419 5725 32 WinSystems Inc Thinking beyond the board 30 WITTENSTEIN HighIntegrity Systems Watchdog Rory Dear Technical Contributor Christian Hoelscher Account Manager Europe strategies for RTOS enabled embedded systems rdear opensystemsmedia com christian hoelscher husonmedia com James Rhoades Brown Europe Gerry Rhoades Brown Account Manager Europe james rhoadesbrown husonmedia com gerry rhoadesbrown husonmedi
63. omputing have come along such as the Internet of Things loT Embedded Computing Design November 2015 NNS How would you define a hardware root of trust such as a M CLA HANNA This is one of those things where people can argue about the nuances of the language but the gist of it is this a hardware root of trust is a fundamental capability upon which security has to be built In order to have confidence in that hardware root of trust you need to implement it in a way that s really trustworthy That s why the TCG has defined certain standard roots of trust a root of trust for measurement a root of trust for storage andso on and so forth defined how they work what the interfaces are and then created the TPM certification program for a TPM implementing these certain roots of trust and meeting these certain security requirements through what s called the Common Criteria Security Evaluation an independent and impartial evaluation of the security of the TPM THOM A hardware root of trust also comes in different flavors So the stuff that we re doing on Windows for phones where Qualcomm is providing a firmware TPM which is a software flavor of secu rity where there is no discrete TPM card that has been inspected obviously when you evaluate the security of a TPM with the discrete part you get a lot stronger guarantees that are enforced in silicon rather than just by some software modus that the TPM operates on
64. or communication with software framework Sheldon Instruments has a long history of being an embed ded systems leader supplying hardware and software We took notice of our customer needs early on and created QuVIEW a graphical embedded DSP software programming language that was a first of its kind when introduced in 1993 Building on our years of experience with QuVIEW and oth er platforms Sheldon Instruments is redefining embedded software programming development through our new soft ware framework Murmuration murmuration marme rashen o the uncanny coordination of individual units working as a whole www embedded computing com Murmuration is a real time embedded software frame work that enables quick efficient and seamless commu nication between multiple embedded technologies With today s embedded hardware one is likely to find solutions using multiple technologies to achieve the desired results for any given application As is the case with FPGAs and DSPs both will have one or more processing cores that will need to communicate through an array of complex communication interfaces This makes Inter Processor Communication IPC and data exchange a significant de sign challenge in modern embedded computing The Murmuration register map is the only a priori knowledge required between devices for communication and synchroniza tion Through the Murmuration registers devices can synchro nize cloc
65. oss daily is companies involved in electronics often blindly insist on undertaking elec tronic design in house This may well stem from the same we ll do everything attitude of the earlier cited start up CEO and in fairness this is understandable after all he set out to create an electronics company and this is an electronics task isn t it Perhaps once upon a time when the technology and tools were that much simpler this would hold true The reality today is electronics has exploded into an unfathomable number of highly specialist areas most notably for us an entire ecosystem of embedded computing The danger comes when those out side of that specific skills sohere through lack of understanding of the complexities involved have the temptation to attempt to undertake such design alone www embedded computing com Doing so necessitates pushing inexperienced personnel up a very sharp learning curve and leaving them to the wolves to overcome the numerous challenges long since understood and resolved by existing specialists with decades of training and experience It involves significant cost be that for hiring new employees or training existing ones and buying the latest tools time and of course risk With project competition greater than ever these are the three fundamental aspects one rarely has room to play with Interestingly the primary objection to outsourcing such work sometimes alongside pride is cost The
66. pt here is to respect the feature catalog and develop accord ingly All experts are still doing their jobs but they are doing so realizing there are different flavors defined by the feature catalog The second important discipline involves a portfolio team This is the team that is deciding which specific features are to be included for a given product instance These people are assembling according to the feature catalog and in some cases clustering by sub families of these features The configurator operates on each of the bill of features and a unique V model pops out and pulls out the right assets automatically so every feature specified www embedded computing com to be in the product will be included Once this process has been followed the automation of assembly and produc tion enables additional efficiencies At the end of the day the PLE process can bring an enormous increase in effi ciencies resulting in competitive advan tage from the process itself in addition to the feature set PLE and Agile development The V model example may cause the impression that PLE is only applicable to the waterfall mode but Dr Krueger says that PLE is development agnostic Agile processes still have assets defini tion of done user stories sprint reviews and these assets can be handled in the same way within the factory view of PLE Dr Krueger says The develop ment of each feature may be coming from a user
67. r en us family mplabx gt MPLAB XC Compiler Used here is MPLAB XC8 Compiler version 1 35 Download from www microchip com pagehandler en us devtools mplabxc home html gt MPLAB Code Configurator version 2 25 plugin Download 16 from www microchip com mymicrochip filehandler aspx ddocname en5 6270 Recommended platforms gt Windows x86 x64 gt Linux 32 bit and Linux 64 bit 32 bit compatibility libraries required gt Mac Versions 10 X Support documentation gt www microchip com curiosity gt www microchip com support Cost estimate gt Microchip Curiosity Development Board 20 Before tax shipping amp handling Available from multiple distributors and www microchipdirect com gt USB 2 0 A Male to Mini B Cable 5 Rough estimate Available from multiple distributors Powering the board and setting up a project After downloading and installing the necessary software on your computer installation instructions can be found at www microchip com curiosity plug the USB 2 0 Mini cable into the J2 connector located on the bottom of your Curiosity board Doing so will illuminate the green LED D2 located near the center of the board to indicate that Curiosity is pow ered on as well as LED D1 in the bottom left corner signifying that a 3 3V power supply is available on the board If you haven t already move the shunt jumper to the right two pins of the J12 jumper to con
68. re catalog informs a collection of assets that can be managed according to the features of the product line Embedded Computing Design November 2015 of these products within the family Engineers become skilled at specifying these feature based variations and that results in efficiencies up and down the V model We want all the engineers to create features by accepting the single source of truth throughout the product family Dr Krueger says Anywhere there is variability the organization needs to make sure there is a single common understanding of what the varying fea tures are In order for the process to work there must be an organizational view of PLE Dr Krueger mentions when they begin working with a company often they are changing the fundamentals of how the organization does their engineering The BigLever goal is to elevate the organi zation to this factory point of view The new engineering mindset is they are cre ating artifacts that get put into the fac tory But the training permeates across all disciplines of the organization in order to be effective The first level of decision involves the feature catalog what features do the organization want to support Orchestration between engineering product management and executive management is critical here Once the feature catalog is set and the proper bill of features development is understood engineers can be turned loose The key conce
69. running in those chips STMicro on the other side is involved to build the first prototype implementation of this in hardware What this builds is a platform foundation where if you imagine there is some bootrom code in the MCU and that bootrom code executes every time you turn it on there is no way to power on around it What this code does is take an identity from a register and hash the code that is stored in the chip into the register so we get an identity that consists of the hardware ID and the software After this operation is done the hardware ID is made unavailable and then the code jumps to the actual application code that is flashed to the device The application can now use this compound identity with any caller and say look this is my identity It can give the hash of the identity of chip and code to the caller but since it does not have access to the identity anymore it cannot derive any fake identity or fake a different software on the same hardware The caller will take the digest of the compound identity and send that to the manufacturer and say here is what the chip claims to be Is this a trusted piece of hardware with a trusted piece of software on it That would allow the manufacturer to then say Yes recognize the software because know how the measurement is calculated and it will give a key back and the key is a derivative of the compound identity specifically for the caller Now the
70. s an interactive flowgraph view of the individual procedures so developers can focus on which procedures provide coverage and Embedded Computing Design November 2015 This approach reduces false negatives due to environmental factors or other parts of the code compensating for the incor rect code In addition if there is an incorrect behavior struc tural coverage analysis often provides insight into the cause of the incorrect behavior as well When using structural coverage analysis to understand code behavior in this detailed manner it is vital to be able to overlay the structural coverage analysis results on top of the analysis of the structure of the code This overlay helps transform raw structural coverage information into a meaningful under standing of what is going on in the code Figure 2 Set coverage goals at unit and systems levels Often structural coverage analysis goals might be set at both the unit and system level Unit level structural cov erage is achieved through tests at the unit level based on requirements for that unit On the other hand system level coverage goals will often start with coverage from tests on higher level requirements Yet if only high level tests are used for the system level coverage analysis there are frequently holes in the coverage The causes of these holes can vary In some cases holes in the coverage may be due to defensive programming practices required by a coding standard but the
71. s sophisti cated Task monitoring capability ensuring the scheduling of tasks is occurring as intended The Checkpoints mechanism allows the user to specify timing toler ances for critical sections of code This can be used to ensure that gt Periodic Tasks run within tolerances Sections of processing within Tasks complete gt ISR execution to Handler Task processing completes with allowable tolerances gt Complex functionality involving multiple tasks completes within allowable tolerances Vv Individual Checkpoints can specify their own callback function or the system error hook can be activated gt Single shot and Periodic checkpoints can be created gt Periodic checkpoints can operate in fixed or relative timing modes Checkpoints is available with a full Design Assurance Pack sup porting certification to IEC 61508 SIL 3 and is delivered fully inte erated with either SafeRTOS or SafeRTOS CORE PDA WITTENSTEIN WITTENSTEIN high integrity systems www highintegritysystems com Embedded Computing Design November 2015 Embedded database teams with RTOS for lol applications ITTIA announced ITTIA DB SQL integration with the Micrium pC 0S Il and uC OS III real time operating systems The database solution persistent data storage provides reliability scalability and shared access In addition the nC OS file system uC FS provides a portable file system that can be used with or without an operating
72. se coverage holes can be based on important functionality implemented from requirements as well In particular structural coverage holes may appear when the code is based on requirements that can only be tested through conditions that are difficult or impossible to create on a high level An example of this type of scenario is a function level check for file system failure While inducing file system failure in general may be possible it can be highly challenging to time the file system failure so that it occurs during that function s execution Moreover doing this in a repeatable way for future regression testing can be even more difficult In situations like this using a lower level test that examines the code in isolation may be necessary For this reason structural coverage measured from higher level tests is usually com bined with structural coverage from lower level tests when gathering metrics for achieving testing goals Metrics such as statement decision or MC DC coverage do not guarantee that software is defect free As mentioned before truly exhaustive testing can be impossible or at least infeasible Structural coverage metrics can however provide a greater sense of the reliability of code and greater confi dence in testing Since structural coverage analysis gives insight into testing activities by showing how much of the code is tested and which parts of the code have been exercised it can be per formed at the syst
73. stZone IP blocks integrate with Cortex A class proces sors and extending throughout systems via the AMBA AXI bus After embarking on an ambidextrous strategy in 2014 that encompasses both x86 and ARM based solutions AMD has been quick to implement TrustZone technology across its portfolio for example in its 6th generation APUs that offload security functions to dedicated Cortex A5 cores capable of scaling to meet the size power and performance require ments of embedded systems As Diane Stapley Director of IHV Alliances at AMD notes this platform security processor PSP implementation of hardware security has become a necessity particularly as computation evolves to meet the requirements of mobile cloud and the loT A hardware root of trust in a CPU is the way to go Stapley says Integrating a Cortex A5 in APUs is a dedicated space for cryptographic acceleration that is fed by firmware and pro vides access to APls for the hardware One of the things that has been done with the core is on chip dedicated buses and memory space so when you take 1 O off device or through a system there are methods for using hardware based encryp tion and checksum operations This can be used for secure transactions in the loT space which implies communications across what would be an open channel When we looked at the A5 it was a tradeoff of space on the die and performance power and as you can imagine we wanted a scalable architect
74. successfully generated E a o a o o O o o a E E ir ROO SS EHON COP ttn Generation cadjcd tacs stas Interrupt Manager Please reseaber to enable the Peripheral and Global Interrupts in your code Interrupt Manager Please remesber to enable the Peripheral and Global Interrupts in your code i a Es EB triste code Contigeratce Pin Manage irian Cade Configurator Fin Manage S Pin Manage ait Pounce Fin Manager 3 EH linitialize M Enable Timer Tires Chock Timer Period Clock Source Bi e Permi M i Period Value teto lt OnFF oc OMFF EEEREN EEA Podtataler pe Timar Porbod us s ECES atie Prevcaler Polarity Ext Reset Soane Enable Prescalar O P Syne Control Mode Enable iori Syrie Start Reset Option Enable Timer Intermapt Callback Fumgiion Rare x Tomer Periced Search for modules p ae GENETELLON storied same Musher of filet toa be generated amp Checking for drv T files in aodule Pweg Code for Pes was successfully generated Checking for drw files in module THRE Code for THAZ was successfully generated Code for Systea wad successfully generated SOO SECO OF aqaarrrerervTT FrTTT FF F tte Dene ration caded nanan The timer period will vary significantly based on the parameters of your motor control application but for the purposes of having our PWM visibly report on LED D6 we will configure ours to more than 4 seconds Embedded Computing Design
75. t a lot of emphasis on the communication protocol AllJoyn and what we re looking at now is to use AllJoyn on the chip to take for example the attestation data or the identity data and represent that as AllJoyn objects on the chip Then the device manufacturer can add more capa bilities and define them as AllJoyn procedures or signals that are com municated through the encrypted channel that is established with the device key So we re coming to something that looks very much like an Arduino platform where you have an operating system and your AllJoyn layer and your RTM and your root of trust on the chip and all the app developer does is provide the AllJoyn code on top of it Then we can connect this thing to a Windows computer or Linux computer over any serial link and the operating system can just plug this into the AllJoyn root and any application in the vicinity or on the local machine can interact with this trusted device If it understands how RTM works it can essentially obtain the identity attain the measurement and then go estab lish the key it can securely work with So RTM and AllJoyn in that manner provide a wonderful relationship together because they enable each other to bring trust to the device Microsoft is really making sure that where our operating system runs we have the necessary hardware to ensure secure solu tions and in return that provides value for the entire industry There s open source developmen
76. t for TPM code that then could also be picked up by alternate operating systems that want to take advantage of a hardware TPM or firmware TPM that may be present on a device So all in all we re making sure that this wild beach party that is loT today gets some adult supervision We re putting the foundation down to actually build something trustworthy with those devices EC References 1 Trusted Computing Group Guidance for Securing lol Using TCG Technology Version 1 0 2015 TCG http opsy st TCGloTSecurityGuidance 2 Trusted Computing Group Architect s Guide loT Security 2015 TCG http opsy st TCGloTArchitectGuide Steve Hanna is Senior Principal at Infineon and Co Chair of the Embedded Systems Work Group for the Trusted Computing Group Stefan Thom is Principal Software Development Engineer and Platform Security Architect at Microsoft and the Trusted Computing Group s member representative for loT Trusted Computing Group www trustedcomputinggroup org Y TrustedComputin in www linkedin com groups Trusted Computing Group 4555624 www youtube com user TCGadmin Infineon www infineon com Internet_of_Things Y lnfineon4Engi 3 plus google com Infineon4engineers www youtube com user InfineonTechnologies Microsoft www microsoft com InternetOfYourThings Y MicrosoftloT in www linkedin com company microsoft EMBEDDED SOFTWARE EXECUTIVE SPEAKOUT Improving inter process
77. tm ped 1 ed COMPUTING DESIGN Connecting Silicon Software and Strategies for Intelligent Systems LOCKING DOWN lol EDGE lt PROCESSORS PG 24 AN INDUSTRY UNIVERSITY DEV TOOLS COLLABORATION PG 5 HOW TO GUIDE PWM CONTROL WITH MICROCHIP S CURIOSITY DEV BOARD PG 16 Annapolis Micro Systems The FPGA Systems Performance Leader FPGA Processing Boards Open VPX Storage 1to3 Up to 8 TBytes Per Slot Altera Stratix V or 4 8 GBytes Xilinx Virtex 6 or 7 Per Second FPGAs per Slot cenni Input Output a t a a Modules t Include Sigint COMINT Quad 130 age aha MSps etwor thru Analysis Quad 550 a MSps A D mage 1 5 GSps thru Processing 5 0 GSps A D _ p N Quad 600 MSps D A i Exploration Dual 1 5 E Financial and GSps Genomic thru 3 Algorithms 1 to 40 Gbit Switch Ethernet l 1 to 40 Gbit SDR to FDR 3 Ethernet Infiniband hy SDR to FDR Infiniband Oo Ni Chassis i 7 4 6 or 12 Slot nhapows Micro cia Up to 14G 190 Admiral Cochrane Drive Suite 130 Annapolis Maryland USA 21401 wtlinfo annapmicro com USA 410 841 2514 www annapmicro com lt gt By Rory Dear Technical Contributor TRACKING TRENDS Why companies should focus on their core competenc rdear opensystemsmedia com When something is outside a company s core competency it s time to outsource in order to save time money and risk To outsource or not to outsource is t
78. to the model libraries in addition to APls the OVPsim simulator and to the OVP Forum for technical ques tions and discussions for academic users Users can also share their models platforms and tools they develop In 2010 the Imperas University Program formalized and expanded the OVP program providing access to Imperas Multiprocessor Multicore Software Design Kits M SDK and QuantumLeap Parallel Simulation Accelerator tools Ost has found the tools provided through the Imperas University Program to be helpful for his research He and his research team focus on multi and many core embedded systems specifically runtime management techniques for performance energy effi ciency and reliability improvement that must be conducted at the application operating system or architectural level He uses system modeling tools and languages like SystemC as well as vir tual platform simulation tools like Imperas OVPsim which help Ost and his team work with increasingly complex processors and software architectures The high speed simulation and debugging capabilities of Imperas tools facilitate us to extend FreeRTOS to support novel runtime techniques as well as to promote instruction driven performance and power models Ost says Ost also notes that free tools also facilitate collaborative proj ects between universities and external industry partners In col laboration with the Federal University of Rio Grande do Sul UFRGS in
79. ure she continues We can use the core and modules around it for crypto and firmware based TPMs that can scale up and down and it gives us a common base for our hardware root of trust which is valuable for archi tects and our partners For software partners products based on the same core become write once run anywhere because the APIs are common and can be written to almost all other TrustZone products because those APIs are common as well The Trusted Execution Environment leveraged in AMD s PSP offerings is licensed from Trustonic an industry partnership that emphasizes mobile security though over the next year the company has plans to expand this functionality to its client server graphics and embedded product lines under the AMD Platform Security Processor umbrella For more information visit www trustonic com or the AMD website Sidebar 1 ways passes the appropriate tests including potentially security certification then how you implement it is up to you and that s where we enable innovation Some companies might already have some secure processing capability some chip that they can use for this purpose Others might be starting from scratch THOM The bandwidth of the implemented security goes from the Common Criteria certified devices all the way to the Raspberry Pi 2 and the Raspberry Pi doesn t provide any security However we want to make sure that developers who sit on that platform have the
80. urn LED D7 off at this point deselect the RC5 lock in the MCC Pin Manager regenerate the code and remake rebuild the application Conclusion If you haven t noticed not only have we not written a single line of code to generate a working PWM con trol application but we also haven t checked a datasheet once This is pos sible because MCC loaded in all of the PIC16F1619 MCU and Curiosity board parameters when we configured our project saving time that would have been spent poring through PDFs If you re interested in exploring additional capabilities Curiosity includes a footprint for the RN4020 Bluetooth module as well as application specific add on boards from MikroElektronka www mikroe com click called Clicks that connect through the mikroBUS socket and can also be configured using MCC Additionally a 3 0 beta version of the MCC is now available on the Microchip website www microchip com mcc that adds additional algorithm libraries and networking stacks to enable more complete builds with min imal coding effort ECD For more detailed instructions read an extended version of this article or watch a video demonstration at opsy st MicrochipPWMDemo Q COMMELL Advanced and reliable IPC products 5th Gen Intel Core i7 i5 i3 SBC LE 37E 3 5 SBC LP 174 Pico ITX 100 72mmn Qseven CPU Module Jew QE E70 _ a Intel J1900 N2930 E3845 a u DDR3 2 or 4GB on board a USB3 0 USB2 0
81. variety of applications Partitioning design examples with processor and FPGA fabric A microcontroller is ideal for slower speed serial tasks because of the archi tecture and requirement to access memory for instructions An FPGA fabric is ideal for parallel processed func tions that are more time critical When partitioning a design in this manner it becomes clear which functions each component should implement For example one of the main challenges of controlling multiple motors is the requirement for a deterministic response of the motor control loops To ensure a reliable design each motor must be ser viced within a tight deterministic time with no wide timing variation Because the multi axis motor control algorithm is a time critical function it should reside in the FPGA fabric The FPGA is ideal to implement the control loops with tight deterministic timing Figure 1 is a block diagram of a multi axis motor control design The bulk of the motor control algorithm is in the FPGA fabric while the slower speed interfaces are connected to the ARM Cortex M3 www embedded computing com PMOD compatible interface 1 MAX44009 Ambient Light Sensor PMOD compatible interface 2 Arduino compatible interface MSBs IO banks select 2 5V or 3 3V User test pins Arduino compatible interface LSBs USB to quad UART for JTAG and USB serial
82. which can provide recurring revenue streams A pragmatic approach to the bottom line In my travels around the embedded industry the general consensus is that while con sumer loT is currently driving about 80 percent of loT s hype the enterprise industrial loT will amount to 80 percent of its actual value However nebulous projections like this don t answer the core question of how loT companies will survive whatever the flavor Software monetization strategies are a big step toward getting black figures on the bottom line sooner rather than later ECD EEHEEHE ERROR RE Evolve to app based control with AIR for Wiced Smart If you re ready to evolve from fixed control panels populated with dials buttons keypads and LCD displays to mobile app based control of your embedded product check out Anaren s AIR for Wiced Smart module featuring Broadcom s Wiced Smart Bluetooth Not only does our small footprint SMT and pre certified all in one module save you the time effort and trouble of designing your own radio It s supported by our industry exclusive Atmosphere development ecosystem that lets you develop your basic embedded code and app code in one easy to use development tool for a far speedier product development cycle and time to market Follow the steps at left to join the evolution right now www anaren com AIRforWiced 800 411 6596 In Europe 44 2392 232392 Anaren What ll we think of next

Download Pdf Manuals

Related Search

Related Contents

Pfister F-048-VNKK Use and Care Manual  pond phosvec  Mechanical CPR device with variable resuscitation protocol  JSSG-10_CE Manual Cover_20090114  intext:Bedienungsanleitung filetype:pdf  CAMEL50  Aussie VANTAGE 6122S8X641 User's Manual  Wireless Speakers  

Copyright © All rights reserved. Failed to retrieve file