Compiler Black-Box Testing and Peculiar Bugs Encountered

In our line of work, where we create tests for compilers based on the C and C++ standards, we encounter bugs all the time since no single compiler is fault-less. In this talk, we will discuss our methodology for requirements-based testing followed by a discussion of some interesting bugs we have encountered in our day-to-day endeavors along with their stories. It sometimes happens that a test failure is due to some hidden undefined behavior. However, it's not unprecedented to encounter a component of some tool-chain showing erroneous behavior that conflicts with the language expectations, which is why we examine each scenario carefully. Having gathered a couple interesting instances of such examinations and their findings, we would love to present them!

A Sneak Peek into Quantum Compilers and Embedded Systems

This talk will briefly explain the current landscape of quantum computing, focusing on the quantum computing compilers that enable efficient quantum algorithms implementation in the embedded systems. To this end, the talk will explicitly focus on C++ code snippets to showcase optimization techniques and highlight compiler-specific features.cenario carefully. Having gathered a couple interesting instances of such examinations and their findings, we would love to present them!

tdd for Microcontrollers

With test-driven development, you first write a test and only then begin with the implementation. Studies show that this approach reduces both the development time and the error rate. The presentation shows how the TDD approach can be effectively applied to microcontroller-based projects. To this end, the dual-target approach developed by James Grenning will first be presented. However, for hardware-related code, such as drivers, this approach has limitations that are not practical. In the talk, dual targeting is therefore supplemented by open loop tests. The external microcontroller interfaces (GPIO, CAN, I2C, ...) are conceptually replaced by mocks and stubs known from the unittest. With this addition, a practical embedded TDD workflow is created. The advantages of test-driven development can then be used for the complete microcontroller development. Benefits and special features Why does TDD bring enormous benefits for embedded development in particular? How can a dual-target approach be built based on open source solutions?What advantages do commercial solutions offer? Structure: - Introduction TDD and what it means for Embedded - Introduction: Dual-Target Testing - Off-Target Testing - Practical Realization - Risks and limitations - Limitations due to hardware reference - On-Target Testing - Practical realization - Driver Testing - Classical approach in dual-target approach - Useful addition of special test hardware - All TDD steps shown for a practical driver

IoT in Standard C++ with C++OS on Raspberry Pico W

Last year Detlef Vollmann presented a "wireless speaker" that wasn't wireless as the network didn't work.

This year the network works :-)
But the gist of the presentation will be the networking API proposed for C++.
This API proposes three differnt classes of interfaces:
- synchronous
- asynchronous based on std::execution
- asynchronous based on coroutines (which falls out of the previous one).

C++OS implements all of these interfaces. The presentation will show how these interfaces work and wil present working examples of all of these on Raspberry Pico W.

Utilizing Yocto to create a Research Target for Intrusion Detection

If we take a look into the Web Security domain, we find a wide landscape of tools and targets for educational purposes.  For example the Metasploitables from Rapid7 are provided as Virtual machines. Newbies with interests in Security just need to download, execute and start exploiting.

For the area of embedded devices we find guidelines like the OWASP top 10 for IoT devices, but no education examples to exploit and learn. So in this talk I present a way to close this gap with Yocto.

First we will take a short walk through the necessary setup and how to build a custom embedded Linux distribution with vulnerable software. In the second part I show how this can be used for security research with the example of behavioral intrusion detection.

Rest APIs with C++ - The CrowCpp Project

The CrowCpp Project (https://crowcpp.org/master/) is an easy to use Library for REST APIs, the talk give an introduction into the topic and into the Crow Library. A sample with a small REST API and also with a simple web interface will be explained and shown. I took over maintenance of the Crow Project in the beginning of the year.


Impact of Automotice Ethernet on Embedded Software Development

I am Ahmed Ibrahim, a software engineer from Solid Sands. My work primarily involves compiler and library testing and qualification, conducted daily at our Amsterdam office. I consistently work with C and C++ in the context of software testing, deriving requirements for both languages and enhancing our native test suites. Through our efforts, several applications and customers experience significant improvements in software quality and functional standards. I am honored, excited, and interested in contributing to the emBO++ conference!

Nix(OS) in Reliable Embedded Systems

Let's dive into the world of Nix and NixOS and see how they can turbocharge your embedded systems development. Nix is a real game-changer, making it a breeze to set up your environment and get started on projects with just one command. No more messing around with Docker or VMs!
In addition to providing plain development environments, Nix's unique approach to building and packaging software makes it super easy to switch between compilers and toolchains, so you can build for multiple platforms without breaking a sweat.
Need a custom embedded Linux system? NixOS has got you covered with its endless customization options. Just pick and choose the features you want, and you're good to go! Nixpkgs is the world's largest and freshest package repository and they're all guaranteed to work consistently across different Linux distributions and platforms like macOS and Windows WSL. Plus, Nix facilitates always reproducible builds, so you can be confident in the integrity of your software. Join us on this journey to unlock the full potential of your embedded systems projects with Nix. It's time to revolutionize the way you develop, build, and deploy!

#embedded reflections

Compile-time reflection is the key ingredient to generic/fast code, especially useful in the embedded domain. C++23 has finally made a step into adding introspection support to the language, but are there reflection capabilities available already? In this talk we will explore why reflection is crucial when writing generic/fast code as well as what's possible with modern C++ already. Will also deep dive into what will be available with C++23 and beyond. Audiences will be exposed to template meta-programming techniques which enables reflection without language support and which also allow new programming paradigms such as design by introspection. We will also go through techniques and practical applications of introspection in the embedded world, its trade-offs and future directions. At the end of this talk audiences will have better understanding on practical application of reflection in embedded domain, template meta-programming techniques behind it and the future direction of reflection in C++. Let's get ready to #embed compile time reflection at emBO++ 2024!


Open-Source RTOS tracing with Orbuculum

During this talk we will take deep dive into rarely visted but interesting world of FreeRTOS internals and ARM debuging capabilities. Using open-source tools: Orbuculum and TraceCompass I will show how to extract useful information and build RTOS tracing analysis.

Analyzing ARM Cortex-M Firmware with the Perfetto Trace Processor

This talk introduces the debug functionality inside ARM Cortex-M microcontrollers DWT, ITM, and ETM as well as the formatters SWO and TPIU.
Together with instrumentation examples of the NuttX RTOS as used in the PX4 Autopilot project, we explore each data stream individually from source generation to formatting to reception via a debug probe to a conversion process into the Perfetto trace format via the open-source [Auterion Embedded Debug Tools](https://github.com/Auterion/embedded-debug-tools/tree/main/ext/orbetto).

We now have a complete picture of the firmware execution including the state of all threads, IRQs, workqueues, semaphores, heap, and DMA channels as well as call stacks for each thread and IRQ.
Then we use the PerfettoSQL to query metrics out of the trace for the purpose of validating our assumptions about the firmware and prevent future regressions.

The Futility of Rigorous CPU Security Measures

CPU security is often compromised by design, but vendors are addressing these issues. However, enhanced security CPUs are costly and complex, and their effectiveness is undermined by insecure supply chains. A loss of control over the production process increases the likelihood of losing control over the product itself. This talk explores strategies to regain control over intellectual property in external production environments.



Hands on with freestanding hacking emBO

In this talk we will be visited by three ghosts: The ghost of emBO++ past, the ghost of emBO++ present and the ghost of emBO++ yet to come. Let us hope we like what we see or at least it is not too late to change.
The first ghost will take us back to 2018, where the vision was presented for the freestancing proposal, a single unified proposal to get all the
things into the standard that can be used in bare metal and kernel work.
The second ghost will show us how long we have come, what has made it through to C++23 and the change in direction. We will take a look at
what is actually possible with the standard today and what work is being done.
The third ghost will show us what is coming in the future. Both in terms of proposals, but also with an experimental fork of GCC, that incorporates the coming changes

Regression Testing for Real-Time-Constraints

Each realtime system has different time constraints. Those constraints are usually defined on the beginning of development process. Verification of them is usually done at some milestones because it is time consuming to check. When at this stage some violation is found the software needs to be optimized. In this talk you will see how verification process can be moved to beginning of the development and run as part of the CI to spot violation just after introduction. This way it is possible to optimize when necessary and don't over optimize because of uncertaint


"Those who can't do, teach!" - Embracing this cliché, I've been orchestrating the "Introduction to Programming" course at the Technical University of Bochum for the last five years. Initially, I inherited a set of course materials from my predecessor, which, let's face it, set a bar I was determined to either meet or, ambitiously, lower. Over these five years, with an eclectic mix of students—each graced with my guidance for a year—I've taken the liberty of "modifying" the course material after every lecture.

In this talk, I aim to drag you through my curriculum with the explicit goal of harvesting overwhelmingly destructive feedback from you. Considering you're the brave souls employing my former students, I'm eager to hear your unfiltered thoughts. What essential skills did I forget to include, which topics are taught in a bewildering order, or what portions of my curriculum should be unceremoniously dumped? Let's dive into the chaos of my teaching approach, shall we?