Government-Sponsored Hacking of Embedded Systems

Everywhere you look these days, it is readily apparent that embedded systems of all types are under attack by hackers. In just one example from the last few weeks, researchers at Kaspersky Lab (a Moscow-headquartered maker of anti-virus and other software security products) published a report documenting a specific pernicious and malicious attack against “virtually all hard drive firmware”. […]

Read More

A Look Back at the Audi 5000 and Unintended Acceleration

I was in high school in the late 1980’s when NHTSA (pronounced “nit-suh”), Transport Canada, and others studied complaints of unintended acceleration in Audi 5000 vehicles. Looking back on the Audi issues, and in light of my own recent role as an expert investigating complaints of unintended acceleration in Toyota vehicles, there appears to be a fundamental contradiction between […]

Read More

Lethal Software Defects: Patriot Missile Failure

During the Gulf War, twenty-eight U.S. soldiers were killed and almost one hundred others were wounded when a nearby Patriot missile defense system failed to properly track a Scud missile launched from Iraq. The cause of the failure was later found to be a programming error in the computer embedded in the Patriot’s weapons control system. On February […]

Read More

An Update on Toyota and Unintended Acceleration

In early 2011, I wrote a couple of blog posts (here and here) as well as a later article (here) describing my initial thoughts on skimming NASA’s official report on its analysis of Toyota’s electronic throttle control system. Half a year later, I was contacted and retained by attorneys for numerous parties involved in suing Toyota for personal injuries and […]

Read More

Introducing Barr Group

In the ten months since forming Barr Group, I have received many questions about the new company. As we enter the new year, I thought it a good time to use this blog post to answer the most frequently asked questions, such as: What does Barr Group do? Who are Barr Group’s clients? How is Barr […]

Read More

How to Combine Volatile with Struct

C’s volatile keyword is a qualifier that can be used to declare a variable in such a way that the compiler will never optimize away any of the reads and writes. Though there are several important types of variables to declare volatile, this obscure keyword is especially valuable when you are interacting with hardware peripheral registers and such […]

Read More

Where in the World is Michael Barr?

Dear reader, it has been over six months since my last blog post. My apologies for being absent without leave from this blog and from my Firmware Update e-newsletter. I have never been as busy, professionally, as over the past 14 months. I recognize I have been quiet for too long for many of you and note […]

Read More

Building Reliable and Secure Embedded Systems

In this era of 140 characters or less, it has been well and concisely stated that, “RELIABILITY concerns ACCIDENTAL errors causing failures, whereas SECURITY concerns INTENTIONAL errors causing failures.” In this column I expand on this statement, especially as regards the design of embedded systems and their place in our network-connected and safety-concious modern world. […]

Read More

Combining C’s volatile and const Keywords

Does it ever make sense to declare a variable in C or C++ as both volatile (i.e., “ever-changing”) and const (“read-only”)? If so, why? And how should you combine volatile and const properly? One of the most consistently popular articles on the Netrino website is about C’s volatile keyword. The volatile keyword, like const, is a type […]

Read More

Firmware Forensics: Best Practices in Embedded Software Source Code Discovery

Software has become ubiquitous, embedded as it is into the fabric of our lives in literally billions of new (non-computer) products per year, from microwave ovens to electronic throttle controls. When products controlled by software are the subject of litigation, whether for infringement of intellectual property rights or product liability, it is imperative to analyze […]

Read More