Embedded systems technologies are at the core of many products and applications, for example, ones as used in smart homes or modern cars. These technologies enable new functional features which in turn improve also non-functional aspects such as environmental efficiency. Especially, their inter-connection and coupling with existing networks — here in particular to the internet — allows for an unprecedented boost. At the same time security concerns become consequential since respective security breaches may have dire consequences that range from theft and/or tampering of intellectual property over to malfunctions that can result in threats of safety. This paper presents a survey of software approaches used to prevent reverse engineering, defend against malicious modifications, and to ensure integrity of embedded systems software. The presented methods focus on mechanisms for post development stages that can be used to add/improve security features of existing products. Furthermore, different kind of targets are taken into consideration, separating the introduced security features in regard to their applicability for standalone and OS-based embedded systems.
New applications relying on embedded systems technologies often come with an increased number of features and functionalities. For instance, improved safety, reliability, usability or reduced power consumption are commonly encountered aspects. Those in turn, however, come usually at the cost of increased complexity. Managing the latter can become challenging, especially when looking at (worst-case) execution times or memory usage of embedded systems. In particular, many applications, e.g., safety-critical or real-time applications, require knowledge about the worst-case execution time and stack usage to make a clear statement on important system parameters such as the overall performance or schedulability with regard to critical deadlines. Assessing these properties require elaborate tool support and profound knowledge and skills of the developers. In this paper, an evaluation of static analysis tools and the required steps to integrate these in a existing development environment is presented. The toolchain is either considered to be offline or deployed within a cloud-based integrated development environment. The cloud-approach enables ubiquitous access to the results and a unique visualization across multiple platforms. Additionally, the results are demonstrated along with a small use case.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.