Jonathan Lalou's Blog

Posts Tagged ‘EmbeddedSystems’

From Novice to Custom PCB

Embarking on a journey from minimal electronics knowledge to designing a custom printed circuit board (PCB) is a daunting yet rewarding endeavor. At OxidizeConf2024, Josh Junon from GitButler shared his nine-month odyssey of building a PCB with an STM32 microcontroller, powered by async Rust firmware. Josh’s candid narrative detailed his trials, errors, and eventual success in creating a component for kernel CI/CD testing pipelines, offering valuable lessons for software developers venturing into hardware.

With a strong software background but little electronics experience, Josh tackled the complexities of PCB design, from selecting components to soldering hair-thin parts. Using Rust’s async capabilities, he developed firmware that leveraged interrupts for efficient communication, integrating the PCB into a larger project. His story underscores Rust’s versatility in bridging software and hardware, enabling developers to create reliable, high-performance embedded systems without extensive hardware expertise.

Practical Lessons in Hardware Development

Josh’s presentation was a treasure trove of practical advice. He emphasized the importance of verifying component sizes early, as datasheets often understate their minuteness. For instance, selecting appropriately sized parts saved costs and prevented assembly errors. He also advised against prioritizing aesthetics, such as costly black solder masks, in favor of affordable green ones. These lessons, born from trial and error, highlight the importance of aligning hardware choices with project constraints, particularly for budget-conscious developers.

Rust’s async ecosystem, including libraries like embassy, facilitated Josh’s firmware development. The STM32F4 (or possibly F7) microcontroller, though potentially overpowered, provided a robust platform for his needs. By sharing his GitHub repository, Josh invites community feedback, fostering collaboration to refine his approach. His experience demonstrates how Rust’s safety guarantees and modern tooling can empower software developers to tackle hardware challenges effectively.

Balancing Cost and Learning

Cost management was a recurring theme in Josh’s journey. He cautioned against over-purchasing components and investing in expensive equipment early on, noting that basic tools suffice for initial projects. Custom stencil sizes, while tempting, added unnecessary costs, and Josh recommended reusing standard boards for versatility. Despite these challenges, the learning outcomes were profound, equipping Josh with skills in microcontrollers, interrupts, and embedded programming that enhanced his broader project.

Josh’s success highlights Rust’s role in democratizing hardware development. By leveraging Rust’s ecosystem and community resources, he transformed a side quest into a valuable contribution to kernel testing. His call to “just do it” inspires developers to explore hardware with Rust, proving that persistence and community support can yield remarkable results in unfamiliar domains.

Links:

• GitButler company website

Michal Grygarek and Martin Petr, embedded systems security experts at Accenture in Prague, reveal the vulnerabilities of eFuse-based memories used to store sensitive data like encryption keys. Their presentation explores the process of extracting confidential information from these chips using accessible tools, challenging the assumption that eFuse memories are inherently secure. Michal and Martin’s work underscores the need for enhanced protection mechanisms in embedded systems.

Decoding eFuse Vulnerabilities

Martin opens by explaining the role of eFuse memories in securing encryption keys and debugging interfaces. Traditionally considered robust, these memories are susceptible to physical attacks due to their readable properties. Martin details their journey, starting with chip decapsulation using household items like a wet stone, demonstrating that determined attackers can bypass protections without advanced equipment.

Reverse-Engineering Techniques

Michal delves into their methodology, which involved delayering chips to access eFuse data. Using a Scanning Electron Microscope (SEM) rented from a local university, they read encryption keys, breaking the confidentiality of encrypted flash memory. Their approach, supported by Accenture, highlights the ease of extracting sensitive data, as the physical destruction of the chip was not a barrier to recovering firmware.

Implications for Embedded Security

The duo emphasizes the broader implications, noting that eFuse vulnerabilities threaten devices relying on these memories for security. Martin addresses the misconception that delayering is prohibitively complex, showing that basic tools and minimal resources suffice. Their findings, including a giveaway of decapsulated ESP32 chips, encourage hands-on experimentation to understand these risks.

Strengthening Protection Mechanisms

Concluding, Michal advocates for advanced obfuscation techniques and alternative storage solutions to secure sensitive data. Their work, presented at DEF CON 32, calls for vendors to reassess eFuse reliance and implement robust safeguards. By sharing their techniques, Michal and Martin inspire the cybersecurity community to address these overlooked vulnerabilities in embedded systems.

Links:

• Accenture website

Revolutionizing Hardware Manufacturing

The landscape of hardware manufacturing has long been constrained by proprietary tools provided by chip vendors, often treated as opaque systems that limit developer control. Ryan Summers from Forged.dev delivered an engaging presentation at OxidizeConf2024, showcasing how Rust and the Probe.rs library are transforming hardware production processes. With a background in safety-critical embedded systems, including medical devices like neurostimulators, Ryan illustrated how Rust’s modern tooling empowers developers to achieve precise control over device programming, moving beyond the limitations of traditional black-box solutions.

Ryan’s talk focused on the production process for a hypothetical Bluetooth-enabled pacemaker, highlighting the need for meticulous device provisioning and testing. In traditional manufacturing, tasks like assigning serial numbers, calibrating sensors, and programming firmware rely on vendor-supplied binaries with limited customization options. Probe.rs, an open-source Rust library, changes this paradigm by offering fine-grained memory control, enabling developers to tailor device configurations and integrate them into automated production workflows. This approach ensures higher quality and reliability, particularly for safety-critical applications where failures are not an option.

The Power of Probe.rs

Central to Ryan’s presentation was the Probe.rs library, which redefines how developers interact with microcontrollers during production. Unlike vendor-supplied tools that restrict operations to basic flashing and erasing, Probe.rs provides a programmatic interface for memory manipulation and direct communication with devices. Ryan demonstrated how this enables tasks like assigning unique Bluetooth addresses and storing calibration data in external memory chips, streamlining the provisioning process. The library’s flexibility allows manufacturers to integrate these tasks into automated systems, reducing errors and improving efficiency.

Moreover, Probe.rs extends beyond manufacturing to support advanced use cases like embedded testing and performance profiling. Ryan highlighted the emerging embedded-test feature, which allows unit tests to run directly on hardware, a boon for validating safety-critical systems. By leveraging Rust’s type safety and memory guarantees, Probe.rs minimizes the risk of errors during programming, ensuring that devices meet stringent quality standards. This capability is particularly valuable in medical and automotive industries, where precision is paramount.

Scaling Production with Rust

Ryan also discussed scaling hardware production with Rust, addressing both small-scale and high-volume manufacturing. For safety-critical devices, such as pacemakers, every unit must undergo rigorous testing to detect defects like cold solder joints or short circuits. Probe.rs facilitates this by enabling automated testing workflows that integrate with production lines, ensuring consistent quality. Ryan noted that while some consumer markets may prioritize speed over quality, safety-critical sectors demand the precision that Rust and Probe.rs deliver.

For large-scale production, Ryan and Probe.rs founder Noah collaborated on Forged.dev Marinas, a tool designed to manage firmware deployment, serial number assignment, and cloud-based data storage. This solution caters to manufacturers needing to comply with regulations like FDA standards, ensuring traceability and accountability. Ryan’s insights underscored Rust’s potential to unify development and production processes, offering a cohesive ecosystem that contrasts with the fragmented tools of traditional manufacturing.

Links:

• Forged.dev company website

The Evolution of GUI Development

In the ever-evolving realm of graphical user interface (GUI) development, the quest for robust, safe, and efficient tools is paramount. David Vincze, a senior software engineer at Felgo, presented a compelling exploration of Slint as a Rust-based alternative to QML at OxidizeConf2024. With a background steeped in C++ and Qt, particularly in automotive instrument clusters, David shared his insights into how Slint offers a fresh perspective for developers accustomed to QML’s declarative approach within the Qt framework. His presentation illuminated the potential of Slint to address the limitations of QML, particularly its reliance on C++ and JavaScript, which can introduce runtime errors that challenge developers in safety-critical environments.

QML, a mature language with over a decade of use, has been a cornerstone for cross-platform GUI development, enabling developers to write a single codebase that runs on embedded, mobile, desktop, and web platforms. Its JSON-like syntax, coupled with reactive property bindings and JavaScript logic, simplifies prototyping and maintenance. However, David highlighted the inherent risks, such as performance bottlenecks due to JavaScript’s runtime interpretation and the dependency on the extensive Qt ecosystem, which can entail licensing costs. Slint, a newer toolkit built with Rust, emerges as a promising alternative, compiling to native code to catch errors at build time, thus enhancing reliability for embedded systems.

Comparing Slint and QML

David’s analysis centered on a practical comparison between Slint and QML, drawing from a demo weather application and home automation UI developed at Felgo. This project, available on Felgo’s GitHub as the Rusty Weather App, reimplemented a QML-based application in Slint, showcasing its multiplatform capabilities on desktop, embedded Raspberry devices, and Android. The comparison revealed striking similarities in their declarative syntax, with both languages using component-based structures to define UI elements. However, Slint’s code is notably more compact, and its components can be exported to native code, offering greater integration flexibility compared to QML’s C++-centric approach.

A key differentiator is Slint’s compilation to native code, which eliminates runtime errors common in QML’s JavaScript logic. This is particularly advantageous for embedded systems, where performance and reliability are critical. David demonstrated how Slint’s lightweight runtime and reactive property bindings mirror QML’s strengths but leverage Rust’s memory safety to prevent common programming errors. However, Slint lacks some of QML’s advanced features, such as multimedia support, 3D rendering, and automated UI testing, which are still in development. Despite these gaps, Slint’s rapid evolution, with frequent releases, signals its potential to rival QML in the future.

Challenges and Opportunities in Transitioning

Transitioning from QML to Slint presents both opportunities and challenges. David emphasized Slint’s benefits, including its integration with Rust’s ecosystem, which offers a robust package manager (Cargo) and seamless cross-compilation. The Slint VS Code extension, with its live preview feature, accelerates development by allowing real-time UI modifications without recompilation. This contrasts with QML’s reliance on tools like Qt Creator, which, while comprehensive, tie developers to the Qt ecosystem. Slint’s open-source nature and multi-language APIs (supporting Rust, C++, JavaScript, and Python) further enhance its appeal for diverse projects.

However, David acknowledged challenges, particularly in areas like internationalization, where Slint’s reliance on the Gettext library complicates translation processes compared to Qt’s well-established framework. Features like multi-window support and internal timers are also underdeveloped in Slint, posing hurdles for developers accustomed to QML’s mature ecosystem. Despite these, David advocated for Slint’s adoption in Rust-centric projects, citing its predictability and performance advantages, especially for embedded development. The community’s active development and planned UI testing support suggest that Slint’s limitations may soon be addressed, making it a compelling choice for forward-thinking developers.

Links:

• Felgo company website

Crafting Safe Interfaces for Embedded Systems

In the domain of embedded systems, where reliability and efficiency are paramount, Rust has emerged as a powerful tool for building robust software. At OxidizeConf2024, Sojan James from Acsia Technologies delivered an engaging presentation on creating Rust bindings for ThreadX, a compact real-time operating system (RTOS) tailored for microcontrollers. With nearly two decades of experience in C programming and a passion for Rust since 2018, Sojan shared his journey of developing bindings that bridge ThreadX’s C-based architecture with Rust’s safety guarantees, offering practical strategies for embedded developers.

ThreadX, known for its lightweight footprint and static memory allocation, is widely used in automotive digital cockpits and other resource-constrained environments. Sojan’s goal was to create a safe Rust API over ThreadX’s C interfaces, enabling developers to leverage Rust’s type safety and ownership model. His approach involved generating unsafe bindings, wrapping them in a safe abstraction layer, and building sample applications on an STM32 microcontroller. This process, completed primarily during a week-long Christmas project, demonstrates Rust’s potential to enhance embedded development with minimal overhead.

Strategies for Binding Development

Sojan outlined a systematic approach to developing Rust bindings for ThreadX. The first step was creating unsafe bindings to interface with ThreadX’s C API, using Rust’s foreign function interface (FFI) to call C functions directly. This required careful handling of callbacks and memory management, as ThreadX’s static allocation model aligns well with Rust’s borrow checker. Sojan emphasized the importance of reviewing the generated bindings to identify areas where Rust’s ownership semantics could expose architectural inconsistencies, though he noted ThreadX’s maturity minimized such issues.

To create a safe API, Sojan wrapped the unsafe bindings in Rust structs and enums, introducing a typed channel interface for message passing. For example, he demonstrated a queue of type Event, an enum ensuring type safety at compile time. This approach prevents common errors, such as mixing incompatible data types, enhancing reliability in safety-critical applications like automotive systems. A demo on an STM32 showcased two tasks communicating via a 64-byte queue within a 2KB block pool, highlighting the practical application of these bindings in real-world scenarios.

Future Directions and Community Engagement

While Sojan’s bindings are functional, challenges remain, particularly with ThreadX’s timer callbacks, which lack a context pointer, complicating Rust’s safe abstraction. He plans to address this by exploring alternative callback mechanisms or additional abstractions. The bindings, hosted on GitHub, are open for community contributions, reflecting Sojan’s commitment to collaborative development. At Acsia, Rust is being integrated into automotive platforms, including an R&D project, signaling its growing adoption in the industry.

Sojan’s work underscores Rust’s potential to modernize embedded development, offering memory safety without sacrificing performance. By sharing his code and inviting contributions, he fosters a community-driven approach to refining these bindings. As Rust gains traction in automotive and other embedded domains, Sojan’s strategies provide a blueprint for developers seeking to integrate modern programming paradigms with established RTOS platforms, paving the way for safer, more efficient systems.

Links:

• Acsia Technologies company website
• ThreadX Rust bindings repository

Lecturers

Jose Antonio Lorenzo Fernandez, a PhD in physics turned software engineer, works at Lhings Technologies, specializing in Java EE and embedded programming. His transition from academia to industry reflects a passion for applying technical expertise to practical problems. Jose Pereda, a researcher at the University of Valladolid, Spain, focuses on embedded systems and IoT development, contributing to open-source projects that bridge hardware and software innovation.

Abstract

The Internet of Things (IoT) has revolutionized device connectivity, but developers often grapple with complex networking challenges, such as configuring routers, handling firewalls, and managing protocols. Presented at Devoxx France 2014, this lecture demonstrates how Lhings, a cloud-based platform, simplifies IoT development by abstracting connectivity issues, allowing developers to focus on device functionality. Through a live coding session, Jose Antonio Lorenzo Fernandez and Jose Pereda showcase how to connect Java-capable devices using open hardware and Lhings, eliminating boilerplate networking code. The talk explores Lhings’ core concepts—device management, secure communication, and web-based control panels—and highlights its scalability and reliability. By analyzing the platform’s architecture and practical applications, it provides a comprehensive guide for developers building IoT services, emphasizing rapid prototyping and real-world deployment.

The IoT Connectivity Challenge

The proliferation of affordable open hardware, such as Raspberry Pi and Arduino, has democratized IoT development, enabling rapid prototyping of smart devices. However, connectivity remains a significant hurdle. Residential routers, NAT configurations, and diverse protocols like MQTT or CoAP require extensive setup, diverting focus from core functionality. Lorenzo Fernandez explains that developers often spend disproportionate time on networking code, handling tasks like port forwarding or secure socket implementation, which can delay projects and introduce errors.

Lhings addresses this by providing a cloud-based platform that manages device communication, abstracting low-level details. Devices register with Lhings, which handles routing, security, and interoperability, allowing developers to focus on application logic. Pereda emphasizes that this approach mirrors the simplicity of web APIs, making IoT development accessible even to those without networking expertise.

Live Coding: Connecting Devices with Lhings

The speakers demonstrate Lhings through a live coding session, connecting a Java-capable Raspberry Pi to a sensor network. The setup involves minimal code, as Lhings’ SDK abstracts networking:

import com.lhings.client.LhingsDevice;

public class SensorDevice {
    public static void main(String[] args) {
        LhingsDevice device = new LhingsDevice("Sensor1", "API_KEY");
        device.connect();
        device.sendEvent("temperature", 25.5);
    }
}

This code registers a device named “Sensor1” with Lhings, connects to the cloud, and sends a temperature reading. No networking code—such as socket management or firewall configuration—is required. The platform uses encrypted WebSocket connections, ensuring security without developer intervention.

The demo extends to a web control panel, automatically generated by Lhings, where users can monitor and control devices. Pereda shows how adding a new device, such as a smart light, requires only a few lines of code, highlighting scalability. The panel supports real-time updates, allowing remote control via a browser, akin to a smart home dashboard.

Lhings’ Architecture and Features

Lhings operates as a cloud middleware, sitting between devices and end-users. Devices communicate via a lightweight SDK, available for Java, Python, and C++, supporting platforms like Raspberry Pi and Arduino. The platform handles message routing, ensuring devices behind NATs or firewalls remain accessible. Security is baked in, with all communications encrypted using TLS, addressing common IoT vulnerabilities.

Scalability is a key strength: adding devices involves registering them with unique API keys, with no upper limit on device count. The platform’s reliability stems from its distributed architecture, tested by thousands of users globally. Lorenzo Fernandez notes that Lhings supports bidirectional communication, enabling servers to push commands to devices, a feature critical for applications like home automation.

Practical Applications and Benefits

The talk showcases real-world use cases, such as a smart thermostat system where sensors report temperature and a server adjusts settings remotely. This eliminates the need for local network configuration, as devices connect to Lhings’ cloud over standard internet protocols. The web control panel provides instant access, making it ideal for rapid prototyping or production-grade systems.

Benefits include reduced development time, enhanced security, and ease of scaling. By abstracting networking, Lhings allows developers to focus on device logic—e.g., sensor algorithms or UI design—while the platform handles connectivity and management. The open-source SDK and GitHub-hosted examples further lower barriers, encouraging community contributions.

Challenges and Considerations

While powerful, Lhings requires an internet connection, limiting its use in offline scenarios. Pereda acknowledges that latency-sensitive applications, such as real-time robotics, may need local processing alongside Lhings’ cloud capabilities. The platform’s dependency on a proprietary service also raises questions about vendor lock-in, though its open SDK mitigates this by supporting custom integrations.

Conclusion: Empowering IoT Innovation

Lhings transforms IoT development by removing connectivity barriers, enabling developers to build robust services with minimal effort. The live demo at DevoxxFR2014 illustrates its practicality, from prototyping to deployment. As IoT adoption grows, platforms like Lhings will play a critical role in making smart devices accessible and secure, empowering developers to innovate without wrestling with networking complexities.

Links

• Lecture video
• Lhings official site
• GitHub repository for Lhings SDK
• Raspberry Pi official site