I am a pretty frequent user of LinkedIn — as I do like the style of the network much more than for example Xing, and I feel like it has a much more active community. And I get spammed a lot with advertisements about security appliance, firewall, identify management systems, and so on. But what most people do not know: Security, no matter if it is a firewall, VPN appliance or ballot system — it always starts at the firmware level. Let’s learn how to build such a system — and why security always starts in the firmware.

Image for post
Image for post
Photo by Miltiadis Fragkidis on Unsplash

Security Engineers tend to speak about the chain of trust. This means that a system which has various components need to build the security on top of each other, chaining the trustworthiness through the complete system. And this chain always has a so called trust anchor, the root of trust. The root of trust is the one code block, binary or hardware part in your system you need to trust, in order to build up a chain of trust. Let’s do an example…


Image for post
Image for post
Photo by Nick Fewings on Unsplash

From time to time — it happens: Someone broke the master branch. Depending on the project size, regression testing can be very hard and exhausting. And after a couple of merged commits one does notice that one of the last 50 commits did introduce a regression and the upstream master branch is broken.

Finding this commit which introduced the regression is hard and exhausting if you do it by hand e.g. test one commit after another. This might be something you can do if you have, let’s say five commits between a known working configuration and not working configuration. You just go through the commits one by one and check if the error is already there or not. But what can you do if there are.. …


Image for post
Image for post
Photo by Adi Goldstein on Unsplash

Today I’d like to share some advanced concepts in C with you. I encounter these concepts which are nice features but are rarely used, or at least I don’t see them often used. Today we will discuss…

Structures

It appears to me, that very few people either use structures or know what they are and good for.

A structure creates a data type that can be used to group items of possibly different types into a single type.

Structures are more about readability. We can group variables that belong together. Let’s assume you need to handle someone’s address. …


Image for post
Image for post
Photo by Jim Wilson on Unsplash

A lot of developers struggling with undoing commits in git. From time to time, one accidentally commits changes that should not be in the tree. I like to show you how to undo these changes, either locally or remotely.

Basically a file can be in three different states. It can be untracked, unstaged or staged. Untracked files have never been added to the tree yet — meaning they are completely new. Unstaged files are files that have already been in the tree but have been modified. These modified changes can be added to the next state files that can be in, the staged files. Staged files are those which go into the next commit. …


Image for post
Image for post

Intel is one of the biggest semiconductors in the world and inventor of the x86 architecture. In the last years, Intel invented a couple of Trust Technologies. One of the first was the Intel Management Engine, called Intel ME.

Intel Management Engine

The Intel Management Engine is an autonomous part within the Platform Controller Hub (PCH) on your mainboard, which can control everything: Turning your computer on/off and log into your computer regardless if an operating system is installed or not. The Intel ME firmware resides in the internal flash which sits on each mainboard. When the CPU starts, it loads the firmware into the PCH. Without the Intel ME, your computer or server system will not be able to boot. …


Image for post
Image for post
Picture taken from Unsplash

2020 will be an exciting year for the Embedded Systems/Hardware Programmers. In the server/desktop world, Intel will release their new Whitley/Ice Lake chipsets, AMD has their new Ryzen processor waiting to be released, RISC-V gains more traction and Intel confirms Apple switching to ARM CPUs for their desktop/MacBooks product line.

With more and more IoT applications, the MCU markets tend to grow again. Thus the demand for Embedded Systems Engineers will be higher than ever before. These are the upcoming trends in the low-level programming segment.

Programming Languages

When we talk about writing code that runs close to the hardware layer, the top language is C. When we switched 25 years ago from Assembly to C, the transitions were slow and demanding. C, and sometimes C++, is still the top programming language you should learn in 2020 if you want to jump in the field of embedded programming. …


Image for post
Image for post
Git Log in the Shell

Every coder knows it and has to, or loves to work with it — Git. Git changes the way I worked — and who does not remember the endless Ctrl-Z presses to get back to the working state before you rewrote the whole code base.

Git is a version-control system which lets you track your changes in the code while developing software. It is useful when you work in teams, but also when you are working alone — git is a must IMHO.

When I started my new job a couple of months ago, I thought I already know my way around git. I always tend to use a graphical user interface like Sourcetree for Git, but for various reasons I switched from MacOS to Linux and unfortunately I had to switch to the terminal to work with Git. Looking back, this was one of the best decisions I was forced to make ever. My new Co-workers showed me some minor tricks and improvements so that I work faster and more secure in combination with Git and the terminal which I like to share. …


Image for post
Image for post
Photo by Alex Holyoake on Unsplash

Firmware is the most powerful software that runs on a platform. It can tear your security concerns apart if configured wrongly, and it can prevent your platform from booting if written faulty. So it should be more important what is running on the lowest level of hardware on your platform. There are several alternatives for the Basic Input Output System (BIOS) your server or laptop is running right now.

BIOS is dead since 10 years ago.

Nowadays the Firmware — this is how you actually call it — can be built upon various frameworks. Most of the firmware today supports the Unified Extensible Firmware Interface(UEFI) standard which has been published in 2007 by Intel, AMD, Microsoft, and other PC manufactures. …


Image for post
Image for post

Roughly one year after receiving my university degree I had the chance to get a job as a team leader in a startup, which might be the best decision I ever made — at least when I look back. When you read articles about what a team leader does, it always states something like “Monitor the process of the team and keeps track of the deadlines”. I agree that this is important, but natural by the role itself. Here is what I learned from jumping straight into the cold leadership water.

How it all started

By the time I started my job, I was the fourth person to be employed. I had no experience yet in leading a team, or even a single person. When I started my role as the software lead the team consisted of two students and myself. When you start off with such a small team, I did not really feel like a leading position. I mean — how could I be a leader if I got nearly no experience in my working life. So I decided to be as open-minded as possible, sharing the little experience that I already earned through internships and one year of work. …


Image for post
Image for post

What is coreboot?

coreboot is an open source firmware alternative which aims to replace your standard BIOS or UEFI. The overall philosophy of coreboot is: Do as much as needed, then jump straight payload. But wait.. what actually is your firmware good for? And what is a payload? Let”s do a short recap before we jump straight into coreboot.

In the book “Embedded Firmware Solutions” by Jiming Sun, Marc Jones, and Vincent Zimmer, firmware is defined as following: “Firmware is the layer of software between hardware and the OS”.

Firmware in general is a piece of software that runs on a very low level. It is not encapsulated by any OS or framework. A lot of devices have firmware on it, like: HDDs, SSDs, Graphics Cards, Ethernet Cards, Remote Controls, Smart TVs and of course computers. In this series, we will focus on firmware for computers/embedded devices. Typically the firmware does the hardware initialization and then hands over the control to the operation system. Nowadays, this isn’t true anymore. Most of the time, parts of the firmware have to stay active in order to provide certain functionalities. We will not go into too much detail on this now(Taking notes that I have to write a much more detailed article about coreboot/firmware in general). Just remember for now: Firmware does the hardware initialization of the device. …

About

Christian Walter

Firmware Developer, Tech Enthusiasts. If you have questions about firmware — write me to christian.walter@9elements.com

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store