Safe and secure software development for embedded systems
The architect, MIT professor, and author Nicholas Negroponte once stated: “Like air and drinking water, being digital will be noticed only by its absence, not its presence.”
This article originally appeared in the June'22 magazine issue of Electronic Specifier Design – see ES's Magazine Archives for more featured publications.
Negroponte makes a valid point, and digital technology is invisible when working well. However, when it disappears or experiences problems – such as those related to safety or security issues – the digital world changes from a positive to a negative. Javier Perez, Perforce Software discusses.
While embedded systems do, of course, still involve hardware, software is the fuel that makes everything happen and brings together all the different elements. For that reason, ensuring that embedded systems are as safe and secure as possible must be a priority, and that needs to start with development, which is the point at which many flaws occur.
C and C++ help embedded design
While various programming languages are used to develop embedded systems, C and C++ are the predominant languages of choice. Not only do they support far greater scope for innovations, they also help engineers to overcome limitations in computing resources for processing, memory, and power, as well as help keep codebase sizes under control.
C++ has become the powerhouse for millions of embedded systems around the globe, even though it needs more computing resources than C. Furthermore, there’s also embedded C++ (EC++) as a subset of the C++ language that allows size and speed efficiencies with the main functionality of the whole C++ language.
Microprocessors today are often preloaded with C++ compilers, making it even easier to start coding. This is not to say that other languages are not viable, but it is recommended that embedded software teams use C or C++.
Coding for embedded systems is like no other application
Since many embedded systems are missionor safety-critical (such as medical devices, automotive, and aerospace), safety and security are an even higher priority than, for example, a home entertainment system. Therefore, in addition to resource limitations, fault-tolerance, reliability, and no downtime are critical to design.
Security in embedded devices is about reducing the number of vulnerabilities. Severity levels vary, with the more severe vulnerabilities representing higher risk of critical exploitation. In embedded systems and IoT devices, most vulnerabilities relate to memory buffer overflows, resource leaks, improper access control, cryptographic issues, and code injections.
The challenge is that even the most experienced software developer can inadvertently introduce vulnerabilities. Arguably, that is even more possible with C and C++ due to the greater room for memory-related vulnerabilities. Additionally, security has traditionally not been top-of-mind in software development.
Better software security development is multi-faceted
While better security may seem daunting, multiple techniques and tools are available. For example, coding standards – such as MISRA, AUTOSAR, and CERT – have been created and improved over time to help increase the software security, quality, reliability, and maintainability. Coding standards assist with compliance for functional safety standards (and in many cases are required), such as the functional safety standards ISO/SAE 21434, ISO 26262, IEC 61508, ISO 13849, and IEC 61061.
This may sound like extra work for an already busy project team. However, static analysis is often used because it can identify coding vulnerabilities in the source code, as well as apply rules and recommendations stated in coding standards. Also known as static application security testing, (or SAST), static analysis can scan and analyse millions of lines of source code based on the corresponding programming language and framework used.
Who knows what the next few years will bring, but it is safe to predict that the digital world will become even more connected and sophisticated. While no one can claim it is an easy overnight fix, there are various tools and techniques available to make current and future embedded and IoT systems safer and more secure.