Better Embedded System Software
Philip Koopman
Carnegie Mellon University
Edge Case Research
For Cindy, Moira, Brynn, and Ben.
First Edition, revised 2021.
Copyright 2010, 2021 by Philip Koopman
All rights reserved.
No part of this publication may be reproduced or transmitted in any form or by any means, including photocopy, scanning, recording, or any information storage and retrieval system, without permission in writing from the copyright holder. Use as a licensed, fee-paid e-book by the purchaser is permitted.
Warranty and disclaimers:
THE SOFTWARE LISTINGS AND OTHER INFORMATION IN THIS BOOK ARE PROVIDED AS IS AND ANY EXPRESS OR IMPLIED WARRANTIES ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR PUBLISHER BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, CONSEQUENTIAL, OR OTHER DAMAGES, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. THE INFORMATION AND SOFTWARE LISTINGS IN THIS BOOK ARE NOT INTENDED FOR USE IN LIFE CRITICAL OR OTHER CRITICAL APPLICATIONS. BY OPENING THIS BOOK, THE READER AGREES TO THESE TERMS AND ACCEPTS SOLE RESPONSIBILITY FOR ANY AND ALL DIRECT AND INDIRECT USES OF ITS CONTENTS.
Chapter List
Software Development Process
Requirements & Architecture
Design
Implementation
Verification & Validation
Critical System Properties
Preface
I wrote this book to help embedded software developers reduce risk and create better products. The topics and ideas are the distillation of more than a decade of experience performing 90+ design reviews on embedded system products across a range of industries. Every chapter in this book contains ideas and methods corresponding to the recommendations of design reviews on real embedded system products.
If you find even one chapter useful, that should make owning this book worthwhile. But, we hope that youll keep this book in your library and find many chapters that are useful in various future projects. To help you do this, the book is organized to let you dive into any chapter for a relatively self-contained chunk of good embedded software practice. Some chapters will be more helpful than others depending on your particular industry and project. Nobody can instantly start doing everything recommended by this book. But everyone can pick one or two ideas that will have quick payoff for making their products or development practices a little better. Note that this is primarily a concepts book, and not a cut-and-paste-the-code book.
This book can be used to supply readings for an advanced embedded systems course, although it is written as a professional book and not specifically as a textbook. We assume that the reader already knows the basics of embedded systems, and has some experience and maturity in design. Given that background, each chapter could be used as the basis for a lecture to guide students through the process of transforming from someone who merely writes code to someone who uses a methodical approach to designing embedded systems, with all their interlocking constraints and complex requirements.
If youre experienced at non-embedded software design, youll probably find some of these chapters familiar material. But there is significant coverage of embedded-specific topics youll find useful, especially in the sections on implementation and critical system properties.
If youre relatively new to writing software, you should probably read an introductory embedded software book before diving into this one. We assume youve seen the basics to creating embedded systems, such as reading data from sensors, driving actuators, creating interrupt handlers, implementing control loops, and working with assembly language. There are many intro-level books on the market, and any of the highly rated ones are a good way to get started. This book is intended to help you take the next steps beyond those basics.
Book Organization
The material in this book is organized into several sections:
- Software Development Process. (Chapters 2-4)
This discusses how formal the development process should be, with an emphasis on how much paper should be produced. Developers often try to avoid paperwork, but having some formality and some level of documentation can make a huge difference in your ability to succeed. We give you ways to create just enough paper to be useful, without going overboard. - Requirements and Architecture. (Chapters 5-11)
Every project has requirements and an architecture, whether they are written down or not. We discuss good ways to create and manage requirements, including both functional and non-functional requirements. We also discuss how to create a useful but simple architectural diagram, and how to achieve good modularity. - Design. (Chapters 12-15)
Software design is the part that goes between requirements+architecture and writing code. There are important benefits to getting things right at a higher level representation than source code. We discuss good techniques for representing designs (especially statecharts, which are under-used in the embedded systems industry), real time scheduling, and user interfaces. - Implementation. (Chapters 16-20)
While we all want to show our creativity, there are some common practices that can really make a difference in reducing risk and increasing our productivity. These include being extremely selective in the use of assembly language, using a consistent coding style, avoiding global variables, and using data concurrency techniques properly. We give you some economic ammunition to help fend off the nightmare of having to squeeze too much functionality into too small a processor. - Verification and Validation. (Chapters 21-25)
There is more to this topic than just testing! Your life can be made significantly easier by being clever about using compiler warnings, holding peer reviews, creating (and following) a test plan, tracking defects, and building in a way to keep run-time error logs. - Critical System Properties. (Chapters 26-30)
Embedded system failures can have dramatic consequences. We take you on a guided tour of techniques used to improve dependability, security, and safety. Additionally, we discuss how to get two of the most important aspects of critical systems right: watchdog timers and system resets.
For each chapter we provide a list of good starting points for further reading (if there are any we know of). They vary from academic papers to introductory tutorials in the trade press, but in each case they are the best places we know of to start. Beyond that, we recognize that the Web is where working developers get most of their information. But rather than list web sites that probably wont be there next year (or maybe even next week), we give search terms that tend to give hits on the most important topics covered by each chapter. Obviously we cant vouch for the accuracy of web sites you find this way! But weve tested each keyword phrase with several search engines and they tend to get you pointed in the right direction to understand more.
The introduction has more about the overall chapter organization. We hope youll find the book easy to navigate, and the organization helpful in quickly finding information you can put to use right away in your current and future projects.
There is a summary of take-away points from the book in the conclusions chapter, along with pointers to further information such as free on-line lectures by the author.
Acknowledgments
I want to thank the many embedded system designers who have been through the design reviews Ive held. Its very difficult having someone from outside come in to tell you everything you did wrong, or even just ways to improve. Im truly impressed by the many working engineers Ive met who eagerly seek criticism and do their best at product development.
Next page