1 2 3 Previous Next


302 posts

Insecure C?

We are at the dawn of a new era of connected embedded devices, broadly being marketed as the "Internet of Things" (IoT). The majority of these systems are likely to be programmed using C/C++. To date, much of the embedded world has been connected to propriety networks, however with the gold rush in to IoT we are not going to be able to rely on "Security through Obscurity". This is the first in a series of articles looking at some of the vulnerabilities at the programming language level.


This and many other issues are covered in the Feabhas Training course Secure Linux Programming

Integral data types in C

Due, mainly to history, the integer types in C can be a little confusing, but for simplicity and brevity I’ll consider the core integral types to be:

  • char
  • short
  • int
  • long
  • long long


In reality, of course, a short is a short int, but for this discussion I’ll keep to the generally accepted model of referencing them as they’re shown above.

Next we can apply signness to the types:

  • unsigned
  • signed

Again for simplicity I’m going to assume that a signed int is using 2’s compliment representation. Even though the standard allows for “Sign and Magnitude” and “1’s compliment” I don’t know any (mainstream) modern compiler not using 2’s compliment[1].

Next we have to look at the underlying data models. The actual sizes of the data types are implementation defined in <limits.h>, but the implementation values must be greater than or equal to:

  • A char is a minimum of 8 bits
  • A short is a minimum of 16 bits
  • An int is a minimum of 16 bits
  • A long is a minimum of 32 bits
  • A longlong is a minimum of 64 bits


Note the emphasis on the word “minimum”. However, it is also accepted that plain int’s “have the natural size suggested by the architecture of the execution environment”; thus on a 16-bit architecture a plain int would most likely be 16-bits, whereas on a 32-bit architecture they would be 32-bits.For the remainder of this discussion I will base my examples around a “ILP32LL” architecture, meaning that the int, long and pointer are 32-bits, char is 8, short is 16 and long long is 64 (e.g. ARMv7 architecture).Ideally, to help reduce some of this confusion we should be using the C99 platform independent types from <stdint.h> and <inttypes.h>, but for now I’ll still reference the base types.

What are the potential underlying problems?

The problems with integers occur in a number of ways, significantly:

  • Overflow
  • Underflow
  • Promotion/extension
  • Demotion/narrowing
  • Sign conversion


with the behaviour of each issue being dependent of the underlying types.

To continue reading please click here...

I have been thinking about embedded operating systems and how a developer chooses from the options available. My thoughts partly come from the presentation that I made at the ARM conference in Munich last week. But I am also interested in ARM’s announcements in this area at ARM TechCon the week before.

It seems to me that although it used to be very black and white, the rules are changing and shades of gray become apparent …

It is a broad generalisation to say that a system is either real time or it is not, but for many years this has ben accepted as a starting point, when considering the provision of an OS. It is important to appreciate that real time does not [necessarily] means fast – it means predictable or deterministic. A real time system is typically required to respond to external events in a tightly specified manner.

In recent years, we have begun to talk in terms of “hard” and “soft” real time, depending on how stringent the response time requirements are. For a hard real time system, a real time operating system [RTOS - such as the Mentor Embedded Nucleus RTOS] is an ideal choice, as it can deliver the required determinism. If a system has limited resources, an RTOS is also appropriate, as it can optimise their use – distributing the available CPU time efficiently, while not imposing a significant memory footprint...

To read the rest of this entry, visit the Colin Walls blog on Mentor Embedded.

Real time or not  What operating system makes sense  « The Colin Walls Blog.png

Apologies for missing two weeks - TechCon is done which means I can be here instead of here, there, and everywhere. For those who made it it was a pleasure to meet some of you at the Developer Workshop!


Anyway, back to business! This week's question comes from Quora.com:

"What is SecureBoot in ARM processors? How does it differ from UEFI SecureBoot to the ARM SecBoot?" - What is SecureBoot in ARM processors? How does it differ from UEFI SecureBoot to the ARM SecBoot? - Quora


As a brief background, a common attack on mobile devices is reprogramming the device firmware with a modified copy. For example, an attacker could modify the flash memory while the device is down so that the system boots their software instead of the intended one. Secure Boot uses cryptographic checks to make sure that the software images are all authorized versions and that no maliciously tampered code is allowed to execute. The other security strategies implemented include Chain of trust, which involves starting with a trusted piece of code and working its way down the chain to make sure every other piece is still authenticated, and storing the memory on the SoC so that it is more difficult to access.

-ARM Information Center

It differs from UEFI (Unified Extensible Firmware Interface) Secure Boot in that UEFI is made for PCs and replaces BIOS. Both serve essentially the same purpose of protecting the firmware at start up. If you want to read more I would suggest starting here: Unified Extensible Firmware Interface - Wikipedia, the free encyclopedia

AMP Audio.png

About one and an half years ago, a young tall innovative young man walked into DSP Concepts with a concept for an audio product. He wanted to make an audio augmenting device. He himself knows exactly what is needed because he needed hearing aids since childhood. DSP Concepts help him with concept and prototyping audio processing. Today he launches his product powered by a speedy Cortex-M4. His product allows for custom tuned sound to each individual hearing profile. We are so proud to have been a part of this endeavor. Today's ARM Cortex-M4 and Cortex-M7 can do so much for the audio space. You can check out this product at https://www.ampaudio.com/ .


Lori Kate Smith and Brad Nemire, you guys always champion products powered by ARM.  Here is another exciting one for you.


Another ARM conference

Posted by colinwalls Oct 7, 2014

Konferenz für ARM Systementwicklung  München  Home.png

Hot on the heals of ARM TechCon in California last week, I am off to another ARM-centric event on Thursday this week: the ARM Developers Conference in Munich, Germany. This timing was no coincidence. It was originally scheduled for early summer, but it was moved to take advantage of ARM’s announcements at TechCon.

I will be making a presentation titled “OS Selection for ARM-based Systems”. If you are not attending and want a copy of my slides, please email. As ARM announced a new OS, I wonder if there will be questions about that …

Incidentally, if you are attending, you might need to double check the location. When the event was first announced, the location was a hotel at the airport [as had been the case before]. However, when it was rescheduled it was also relocated to the Holiday Inn in Munich city center. I hope that nobody goes to the wrong venue!

ARM TechCon concludes today and it’s been a really good week. OK, the lines to register were a bit long but the organizers offered free beer on Thursday afternoon so, like I said, it’s been a really good week! It was good to see some of the new things coming out from our partners, with SEGGER Microcontroller, IAR Systems and Micrium all presenting their new strategies for IoT.


Micrium had a cool demonstration of their OS, middleware and µC/Probe tool (which works out of the box with Cypress PSoC devices by the way) with a powerful dashboard that was monitoring an impressive range of sensor feedback from a remote-controlled car. Why anyone would ever instrument their code with debugging messages, when you can monitor and modify parameters directly from µC/Probe (video) without the overhead of function calls, is a complete mystery to me!


IAR showed me their C-RUN (video) add-on for Embedded Workbench. It’s a nifty tool that detects and reports run-time application errors such as memory leaks, array boundary overflow, divide by zero and so on. The integration with Embedded Workbench is really well thought-out and so enabling the feature is just a project build option and the reporting is nicely presented in a tool-window.


It might be too late to visit the event (today is the last day) but I definitely recommend adding to your plans for next year. And all our partners have plenty of material about these new products, with really informative videos, on their web sites and inside the ARM Connected Community.

This week is the first, for me, of the major conferences in the embedded software space this Fall – the ARM TechCon. As usual, it takes place at the Santa Clara Convention Center in California. And, as usual, I will be attending.

The exhibition runs over two days: Wednesday and Thursday. I will be at the Mentor Graphics booth [#201] for most of the day on Thursday. So, if you want to stop by and say hello, you will be most welcome.

The conference continues on to Friday, when I have a paper at 2:30 entitled How to Measure RTOS Performance. If you are attending the event, do come along. If you want a copy of my slides or have any queries, please email.

A complete guide to the Mentor Graphics participation in ARM TechCon may be found here.

ARM are running an interesting activity at the show, in which sponsoring companies [like Mentor Graphics] have been invited to participate. A representative of each company will be provided with a FitBit movement tracker and real time logs of these people’s number of steps will be on display at the RAM booth. There are prizes for the most energetic. It seems that I was nominated to represent Mentor Graphics. Wish me luck!

I will be reporting and commenting during ARM TechCon on the major social media channels [links on my blog homepage]. If you have any questions or comments, do get in touch. Find me on Twitter: Colin Walls (@colin_walls) | Twitter

ARM TechCon is upon us again! And despite all the prep work we collectively put into it, the big industry event arrives faster than we always expect.


This year's edition is going to be busy. My colleague, Richard Goering, and I will be covering it from beginning to end. And our colleagues on the Cadence team will be working nonstop at the company's demo pods and in an excellent array of training sessions.


Goering has posted a handy guide to what's not to miss at ARM TechCon 2014 already. Frank Schirrmeister, who I swear never sleeps he's working so much, has posted his own guide to the major issues we'll address (think verification, low-power design, mixed-signal trends) during the event as well as key Cadence training sessions:  Getting a Glimpse at the Future Early – Cadence & ARM at ARM TechCon 2014!


And lastly, ARM TechCon 2014 marks the return of the celebrated ARM Step Challenge. Wearable Fitness Step Challenge Returns for ARM TechCon 2014. I'm honored to carry the Cadence banner for the second time this year. During the DAC challenge, I was lucky enough (oh, ok, I walked my butt off!) to make to the medals podium. The Aftermath of the ARM Step Challenge at DAC. This time around the competition is much broader (John Heinlein and Phil Dworsky, I'm still gunning for you!) and I don't have the luxury of being able to walk from home to the Santa Clara Convention Center (well, I could but it would take 14 hours each way).


So we'll see you at ARM TechCon and watch for updates here on the Connected Community!

ARM TechCon is just around the corner! We've been working on a fun developer workshop combining mbed and android (see here: Software Developers Workshop | ARM TechCon 2014). I've been testing the set-up this week and if you enjoy coding and playing with peripherals our workshop is going to be the place to be! If you are already signed up I'm looking forward to seeing you there! By now you should have been sent an email on your set up. Please try to have this working before the workshop starts.


Here is a step-by-step if you have never worked with mbed or Android before:


Set up of mbed side:


Setting up Eclipse:


Uploading to device:


Setting up app: Go to settings

  • Change server address to ansonworks.com
  • CoAP port: 26395
  • REST port: 24198
  • Domain should remain as domain
  • End point id is cop-0102 (or whatever name that pleases you)
  • Turn on MDS
  • Go back to main app
  • Connect to mbed BLE (mbed should be plugged in and running. It's working if LED1 has a little heart beat flashing)





Go to www.ansonworks.com:27164

User name: demo

password: demo







If you have any difficulties with the environment or any general questions feel free to message me and I will help you get up and running.


If not you can still register for the rest of the conference here: ARM TechCon Passes & Pricing | ARM TechCon 2014.



Nordic Semiconductor android_development Rod Crawford Desiree Joplin Matthew Du Puy Sam Grove Michael Koster

Random HW failures due to radiation strikes occur once every 100,000 odd hours per chip. Divide that by the number of hours we all drive our cars and the likelihood of some failure becomes real.

At ARM TechCon 2014, Joseph Yiu and I will be talking about features in the ARM Cortex-M processors that help mitigate these risks and enables building robust systems.


Please join us at: Session: Utilizing Features in a Cortex-M Processor to Create Robust Systems

Registration: Embedded Systems Week (ESWEEK) 2014

Venue: Jaypee Greens Golf & Spa Resort Greater Noida

Date & Time: 8 AM - 5 PM, Sunday, October 12th 2014


Note: Free Workshop Attendance for 20 faculty folk who have registered for ESWEEK 2014 (First come first serve).

Contact university@arm.com by Oct 1, 2014, with your ESWEEK 2014 Registration Details using your Official university/college Email ID.

The ARM University Program will conduct a faculty workshop around its flagship Lab-in-a-Box (LiB) based on the ARM Cortex-M0+ Freedom Board. This LiB targets courses on microprocessors and embedded systems and is part of our ongoing commitment to share ARM technology with academia globally. The LiB has been designed with academics in mind and will allow participants to gain first hand experience on how to teach the material in their own courses. The workshop will cover topics such as: interfacing with a microcontroller, memory mapped I/O register calls, code reuse to speed up system design and understanding various power modes.

Workshop Agenda:

  • Introduction to ARM Cortex-M0+ based KL25Z MCU on the Freedom Board
  • Setting up the board to work with Keil MDK-ARM software suite.
  • "Hello World" using the on-board RGB LED.
  • Spirit-level simulation using the on-board 3-axis accelerometer.
  • Proximity sensing using an IR LED and a photo-transistor.
  • Making power and energy measurements using an ultra capacitor.


  • Faculty attendees must come with their own laptops already installed with Keil MDK-ARM. This can be downloaded at Keil MDK-ARM.
  • Knowledge of embedded system design and experience in programming microcontrollers will be helpful.
  • Attendees are expected to make their own travel and stay arrangements.


If you require any further information please write to university@arm.com. We look forward to seeing you on the 12th of October!


Kickstarter at TechCon

Come and see my talk with Kickstarter at ARM TechCon next week. With over 1,800 technology Kickstarters successfully funded and ARM technology in many of them (you may remember Oculus VR: from Kickstarter to $2 billion...), I'm pretty excited to be talking with Nick Yulman of Kickstarter on Thursday, 2 October 12.30pm. Session: Kickstarter and ARM It's All About Opportunities


MakerCon New York 2014

Last week I had the privilege of speaking at MakerCon New York. MakerCon is by and for entrepreneurs, educators and start-ups emerging from the Maker Movement. I got to see some great talks including those from co-founder of Arduino, Massimo Banzi and also Raspberry Pi's head of hardware James Adams. If you're interested, you can even hear my perspective on how accessible technology is changing the Internet of Things in the talk I gave (below). Pity the Cortex-M7 was still under wraps at this point!

As you will see, I had fun comparing the Apollo Guidance Computer to a Cortex-M microcontroller...



There are few things worse than that sinking feeling in the pit of ones stomach when a prototype or production intent system is tested and lone and behold it is discovered that the battery life is far less than what is required.  Either through oversights in the design, size constraints, a rapid development cycle or any number of other circumstances the product and potentially the company is at risk of having nothing to sell.  Thankfully there are a number of embedded software techniques that can be used to help minimize the energy consumption of a microcontroller based system.

Before getting too far into the details of how to minimize power or how to analyze how much power the system uses, it is important to understand that in most low power systems, the microcontroller not only is one of the larger power consuming devices but also has the most flexibility to control how much energy it uses and even to some extent how other on-board devices use energy.  There are two primary types of power consumption within a microcontroller, static and dynamic.  Dynamic power is directly related to what the microcontroller is doing, switching ports, talking over USB, reading sensors, etc.  Static power on the other hand is the power that is used even if the microcontroller is placed into sleep mode, stops talking and is idle. 

Static power is inherent to the microcontroller manufacturing process and there is very little that can be done to affect it.  It is essentially the bottom baseline of energy consumption of the microcontroller which leaves the developer with only the dynamic power consumption to focus on.  Luckily, there is quite a bit that can be done in this area to minimize power consumption. 

First, effective use of sleep modes is absolutely critical.  Every microcontroller has at least three levels of operational modes, Run, Stop and Sleep.  An example of some sleep modes can be seen in Figure 1.  Advanced microcontrollers such as the ARM Cortex-M parts often have additional sub layers that include low-leakage power modes. The sleep modes start out being relatively straight forward to enter into and exit from but the most superficial of them save very little power.  The significant power savings comes from entering into the low leakage sleep modes but configuring them can be complex.  Understanding how to transition between them, how wake-up times affect the applications real-time performance and many other factors can make development interesting.




Figure 1 – Example Power Modes

Second, there are really exciting architecture related techniques that can be used to help a developer maximize the amount of time that is spent in a low power mode. For example, the use of Wait for Interrupt (WFI) can put the system to sleep until an interrupt fires and wakes the system up.  Another useful technique is using sleep on exit which forces the microcontroller into sleep mode immediately at the end of the interrupt service routine (ISR). This saves the ISR overhead from having to be executed on wake-up and power down, saving precious computing cycles that could have been spent in a low power state. 

Third, there are system level techniques such as using autonomous intelligent peripherals that can be configured to perform work on their own without the interaction of the CPU.  UARTs, Direct Memory Access (DMA) controllers and another of other peripherals are picking up the work load and only waking the power hungry core when it is necessary. Even then, using clock throttling strategies can also help minimize the power used by the system. 

These are just a few of the tools that are available to developers as they try to tame their systems and squeeze every milliamp hour possible out of their batteries. A great way to begin the journey of understanding how to use the ARM Cortex-M processor Cortex-M processor in a battery operated environment is to attend “Squeezing the most out of battery-life using the ARM® Cortex®-M Processors” at ARM TechCon on Friday October 3rd at 10:30. 

In the session, attendees with learn how to configure a Freescale Kinetis-L Freedom Board with an ARM Cortex-M0+ core, create a power mode API that utilizes the various power modes, in addition to learning about additional techniques that can be used to lower microcontroller energy usage.  The session will examine real world techniques and examples so that engineers can walk away with strategies that can be implemented on their own development projects with little effort.

Jacob Beningo is an embedded systems consultant and lecturer who specializes in the design of resource constrained and low energy devices. He works with companies to decrease costs and time to market while maintaining a quality and robust product. He is an avid tweeter, a tip and trick guru, a homebrew connoisseur and a fan of pineapple!  Feel free to contact him at jacob@beningo.com or at his website www.beningo.com

Once again, I am mining a backlog of interesting questions that came up during an online C++ class. Of course, as is inevitable, not all the questions are about [or at least specific to] C++…

What is the idea behind the provision of multiple constructors for a class?

A constructor is a function that is executed automatically when an instance of a class [an object] is created. It has the same name as the class itself. A constructor may optionally take one or more parameters, which are passed values in parentheses after the object name when it is declared. As with any function in C++, a constructor may be overloaded – there may be multiple variants with different combinations of parameters.

Imagine a class which handles angles in some way. Perhaps an object needs a starting angle. The value of an angle may be expressed in a number of ways – degrees/minutes/seconds and radians are the obvious options. So the class might look like this:

class angle_stuff { ... public: angle_stuff(float radians); angle_stuff(int degrees, int minutes=0, int seconds=0); ... }; 

One constructor handles radians and the other degrees etc. Note the use of default parameter values to provide further flexibility. So, possible object declarations are as follows:

angle_stuff first(3.141); // radians angle_stuff second(45, 30, 30); // degrees/minutes/seconds angle_stuff third(50, 11); // degrees/minutes angle_stuff fourth(90); // degrees

How does the double colon operator – :: – work?

To read the rest of this entry, visit the Colin Walls blog on Mentor Embedded.

Multiple constructors  the    operator and memory speed   more questions answered   Mentor Graphics.png

You can still purchase selectPSoC 4 silicon for $1.00 through the end of September. Cypress has been offering specially-created PSoC 4 part numbers from our Cypress Webstore or our catalog partner websites (Digikey, Mouser, Newark) for $1; however, this special ends in two weeks at the end of the month. The special promotion part numbers are listed below:PSoC_1Dollar.jpg


Promotion MPN Base MPN







Now is a great time to purchase your first PSoC 4 silicon for your prototype and accelerate your design to production.

This price is only valid through the specified catalog distributors. These special part numbers do not reflect in the Cypress Quoting System and cannot be quoted by any other distributor.

[re-posted from Cypress Developer Community]


Filter Blog

By date:
By tag: