Nick Kartsioukas joined us to talk about security in embedded systems. Common Vulnerabilities and Exposures (CVE) is the primary database to check your software libraries, tools, and OSs: cve.org. Open Worldwide Application Security Project (OWASP, owasp.org) has information on how to improve security in all kinds of applications, including embedded application security. There are also cheatsheets, Nick particularly recommends Software Supply Chain Security - OWASP Cheat Sheet. Wait, what is supply chain security? Nick suggested a nice article on github.com: it is about your code and tools including firmware update, a common weak point in embedded device security. Want to try out some security work? There are capture the flag (CTF) challenges including the Microcorruption CTF (microcorruption.com) which is embedded security related. We also talked about the SANS Holiday Hack Challenge (also see Prior SANS Holiday Hack Challenges). This episode is brought to you by RunSafe Security. Working with C or C++ in your embedded projects? RunSafe Security helps you build safer, more resilient devices with build-time SBOM generation, vulnerability identification, and patented code hardening. Their Load-time Function Randomization stops the exploit of memory-based attacks, something we all know is much needed. Learn more at RunSafeSecurity.com/embeddedfm. Some other sites that have good information embedded security: This World Of Ours by James Mickens is an easy read about threat modelling Cybersecurity and Infrastructure Security Agency (CISA) is at cisa.gov and, among other things, they describe SBOMs in great detail National Institute of Standards and Technology (NIST) also provides guidance: Internet of Things (IoT) | NIST NIST Cybersecurity for IoT Program NIST SP800-213 IoT Device Cybersecurity Guidance for the Federal Government: Establishing IoT Device Cybersecurity Requirements There is a group of universities and organizations doing research into embedded security: National Science Foundation Center for Hardware and Embedded Systems Security and Trust (CHEST). Descriptive overview and the site is nsfchest.org European Telecommunications Standards Institute (ETSI) - Consumer IoT Security Camera Ubiquiti configuration issue (what not to do) Finally, Nick mentioned Stop The Bleed which provides training on how you can control bleeding, a leading cause of death. They even have a podcast (and we know you like those). Elecia followed up with Community Emergency Response Teams (CERT). Call your local fire department and ask about training near you! Transcript
--------
1:10:23
--------
1:10:23
514: Just Turn Off All the Computers
Philip Koopman joined us to talk about embedded systems becoming embodied and intelligent. We focus on the safety considerations of making an intelligent and embodied device. Phil's new book is Embodied AI Safety: Reimagining safety engineering for artificial intelligence in physical systems. It uses robotaxis as an example as it discusses safety, security, human/computer interface, AI, and a bit of legal theory for tort negligence. If you'd like a taster, Phil gave a wonderful summary in his video: Keynote Talk: Embodied AI Safety This new book is intended for a wider (less devotedly technical) audience than his book How Safe Is Safe Enough?: Measuring and Predicting Autonomous Vehicle Safety. Phil was last on the show in episode 473: Math Is Not the Answer where we spoke about his book Understanding Checksums and Cyclic Redundancy Checks Transcript Thank you! This episode is sponsored by you, our listeners! If you'd like to become members and get ad-free episodes as well as bonus shows, sign up at Patreon or Ko-Fi. Thanks for listening.
--------
1:10:04
--------
1:10:04
513: I'm Sorry You Learned Something
Jason Turner of C++ Weekly and Empty Crate spoke with us about the joy of puzzles, the changing directions of an interesting career, and the C++ programming language. I mean, of course we talked about C++. But only a little. Jason recently published Programming Puzzles Big Book: 400 pages of fun for ages 7-99, a book of puzzles for the logically minded. It teaches programming concepts as engaging puzzles: recursion, binary, assembly, Lisp, regular expressions. You may not know what you are learning but you'll likely find you know a lot more about how computers work afterward. For the puzzles, paper is better than electronic. But you can also get the electronic version on LeanPub (which is better if you like to get lost in Wikipedia links). This is not Jason's first puzzle book, he's made them for C++ Object Lifetime and Copy and Reference (see his Amazon and LeanPub author page for other books as well). If you want to catch up on C++, check out C++ Weekly With Jason Turner - YouTube. Note the playlists are useful if you are looking for a deep dive on a particular topic. If you want to get more out of C++ in your organization, Jason's consulting company is Empty Crate. His contact page is there as well (or look for lefticus on most social media platforms). Transcript If you're interested in how 3D printing is changing design engineering, Mouser Electronics has some great resources to check out. Their Empowering Innovation Together platform is taking a deep dive into additive manufacturing—covering smarter production, faster prototyping, and breakthrough materials that move ideas beyond prototypes into real-world products. You'll find podcasts, expert articles, and videos that keep you informed and inspired. Sound like your thing? Head to Mouser.com/empowering-innovation and explore.
--------
1:17:20
--------
1:17:20
512: What if I Didn't Stop?
Katherine "Smalls" Connell spoke with us about making thin and flexible circuits, making stretchable electronics, and running a successful Kickstarter. Katherine's Kickstarter: Sprite Lights LED Body Art (light-up tattoo). Katherine shares her makes, describing her build process for companion robots and other projects. You can find her as The Small Wonder on Hackster.io and Hackaday.io. She often goes by Smalls on other social media. We talked about a paper on making stretchable circuits: Silicone devices: A scalable DIY approach for fabricating self-contained multi-layered soft circuits using microfluidics. Transcript If you're interested in how 3D printing is changing design engineering, Mouser Electronics has some great resources to check out. Their Empowering Innovation Together platform is taking a deep dive into additive manufacturing—covering smarter production, faster prototyping, and breakthrough materials that move ideas beyond prototypes into real-world products. You'll find podcasts, expert articles, and videos that keep you informed and inspired. Sound like your thing? Head to Mouser.com/empowering-innovation and explore.
--------
1:05:30
--------
1:05:30
511: Forty Trillion Divides
Chris and Elecia talk about the show overflowing to another bit, fight over vim vs nano, consider awards, discuss writing (and self-motivation), consider linear algebra on AI cores, encourage remote device quality assurance, describe design documentation, review timer multipliers, and consider changing chip vendors. A list of all Embedded Episodes Support the show and get goodies: Patreon/embedded and Ko-fi.com/embedded Data-Driven Science and Engineering book (currently on chapter 8 and working through the Control Bootcamp playlist) Not mentioned but related to the Cozy Science announcement: Elecia found Sleeping World, a 10-episode podcast that is nicely soothing and science. Transcript If you're interested in how 3D printing is changing design engineering, Mouser Electronics has some great resources to check out. Their Empowering Innovation Together platform is taking a deep dive into additive manufacturing—covering smarter production, faster prototyping, and breakthrough materials that move ideas beyond prototypes into real-world products. You'll find podcasts, expert articles, and videos that keep you informed and inspired. Sound like your thing? Head to Mouser.com/empowering-innovation and explore.
I am Elecia White alongside Christopher White. We're here to chat about the interests, careers, and lives of engineers, artists, educators and makers. Our diverse guest list includes names you may have heard and engineers working quietly in the trenches. Either way, they are knowledgeable, enthusiastic, and inspiring.
We'd love to share our enthusiasm for science, technology, engineering, art, and math (STEAM).
Netherlands