United Business Media EE Times




Search

HOMELATEST NEWSSEMICONDUCTORSMOST POPULARMARKET INTELLIGENCE UNITFORUMSDESIGNNEW PRODUCTSCAREERSBLOGSCONTACTEVENTSSIGN UP!RSS

 

Embedded tools train an eye on security







Arun Subbarao
EE Times
(09/06/2004 9:00 AM EDT)

One of the most important trends affecting embedded-systems design is the need for security and safety, as highlighted by the events of 9/11 and the continuing vulnerability of cyberspace. As embedded designers incorporate more security and safety needs into devices, embedded tools will have to evolve to provide capabilities needed both for product development and process management. These adaptations can be seen in safety-critical design where system event-tracing tools are adapting to operating-system designs that involve time-space partitioning or virtual machines. Other tools affected by these new designs involve static analysis, code coverage, requirements management and configuration management, to name but a few.

One technique that is used often in safety-critical and secure design involves static resource reservations and fault-isolation mechanisms using time-space partitioning. This mechanism involves the creation of brick-wall partitioning of memory, time and device resources, which ensures that applications can execute in an environment that is strictly partitioned, highly protected and completely isolated from other applications. Embedded designs based on these "virtual machines" rely on several types of analyses to ensure safe operation of such embedded systems. Some of the most important analysis techniques include code coverage, static analysis and system timing.

Code-coverage analysis is a technique used to assess the extent of software code that is effectively tested. A tool typically instruments the software under analysis to track and report the percentage of "code coverage" achieved under test conditions. The analysis may include statement coverage, decision coverage or modified-condition decision coverage, each providing increasing levels of test coverage for the tested software.

Dead code exhumed
This analysis in the absence of an automated tool is, at best, extremely cumbersome. However, automated code-coverage analysis tools do exist in the market that greatly ease the burden of assessing code coverage. These tools provide an invaluable mechanism that helps designers uncover dead code (code that is never executed), which is an obvious area of vulnerability in safety-critical and secure designs.

A related area to code coverage is static analysis of code. Static analysis is a technique used to analyze code prior to execution to detect and fix incorrect code constructs such as buffer overflow and memory leaks. In the context of a secure embedded design, this technique takes on increased significance since incorrect code constructs may be security vulnerabilities exploitable by malicious code. Several static analysis tools exist to help developers detect common code errors, but very few, if any, specifically address static analysis for detecting security vulnerabilities.

Unfortunately, the approach to security in commercial environments has been to encounter a security attack and then attempt to fix the problem. This approach, often referred to as "penetrate and patch," creates significant problems for sensitive applications and may be disastrous for critical infrastructure applications. Unless the security analysis of code can be included as part of the development process, the penetrate-and-patch model will continue to dominate software design. Moving beyond it can only be achieved by automating security analysis through innovative techniques in embedded tools.

Timing and memory analysis
Another area of safety-critical design that has affected tool innovation is timing and memory analysis. Safety-critical and secure designs using hard-partitioned, real-time operating systems depend on fixed cyclic time scheduling to increase determinism and reduce CPU starvation for key applications. These designs also depend on fixed resource allocation for different applications to reduce denial-of-service scenarios through resource exhaustion. But it is a challenge for system integrators to build a system using the appropriate parameters for time and memory allocation.

Highly accurate event-tracing tools are invaluable for designing secure and safety-critical apps.

These types of applications can benefit from an event-tracing tool that can show dynamic memory usage as well as timing events like context switches on a per-partition basis. Such a tool can provide a high-accuracy timing and memory analysis capability that is invaluable for system integrators designing safety-critical and secure applications. It also allows system integrators to assess the fault-isolation capabilities of the system by injecting software faults into specific partitions.

In addition to the tools used for product development, safety-critical and secure designs also a significant level of process management. Certification standards such as RTCA DO178B and Common Criteria for Safety and Security, respectively, have several specifications for requirement traceability and management, configuration management, trusted distribution and maintenance of products. Some of the tools for requirements traceability and configuration management already exist in the market, whereas other areas of process management are not yet supported by commercial tools. This will continue to be an area where newer embedded tools will assist in transitioning the process-intensive development from government applications to commercial designs.

As these tools evolve for secure and safety-critical designs, two other concerns will come to the forefront: integration and interoperability. The advent of integrated development environments (IDEs) has ensured that a developer has seamless access to all tools necessary for development in one integrated workbench. The success of additional tools that may be introduced into the software-development life cycle will depend on seamless integration with embedded IDEs.

Once integrated, these tools will need to interoperate to sustain productivity and ensure minimal time-to-market impact for embedded development.

Arun Subbarao (asubbarao@lnxw.com) is director of technology and product development at LynuxWorks Inc. (SanJose, Calif.).










  Free Subscription to EE Times
First Name Last Name
Company Name Title
Email address
  Click here for your Free Subscription to EETimes Europe
 
CAREER CENTER
Ready for a change?
SEARCH JOBS
SPONSOR

RECENT JOB POSTINGS
CAREER NEWS
10 Search Engines You Don't Know About
Go beyond Google and get vertical. These specialized search sites will help you find the business information you need -- fast.

For more great jobs, career related news, features and services, please visit EETimes' Career Center.


All White Papers »   


 

FEATURED TOPIC



ADDITIONAL TOPICS



Home | About | Editorial Calendar | Feedback | Subscriptions | Newsletter | Media Kit | Contact | Reprints|  RSS|   Digital|  Mobile
Network Websites
International
Network Features




All materials on this site Copyright © 2009 TechInsights, a Division of United Business Media LLC All rights reserved.
Privacy Statement | Your California Privacy Rights | Terms of Service | About