Embedded System Lecture Notes and Presentations

Prof. Phil Koopman, Carnegie Mellon University

This is a unified listing my lecture materials on a variety of topics from my Carnege Mellon University courses, keynote lectures, and other talks I've given. Please see the copyright notice at the end of this page before e-mailing about use.

Also see my other content distribution sites:

Selected talk and webinar slides

18-642: Embedded Software Engineering

Code quality, safety, security. (Last update Fall 2018.)

  Slides YouTube
1 Course Administration   Course mechanics
2 Software Development Processes   Waterfall; swiss cheese model; lessons learned in software; V model; design vs. code; agile methods; agile for embedded
3 Course Overview Safety+Security Overview Challenges of embedded code; it only takes one line of bad code; problems with large scale production; your products live or die by their software; considering the worst case; designing for safety; security matters; industrial controls as targets; designing for security; testing isn't enough
Fiat Chrysler jeep hack; Ford Mytouch update; Toyota UA code quality; Heartbleed; Nest thermostats; Honda UA recall; Samsung keyboard bug; hospital infusion pumps; LIFX smart lightbulbs; German steel mill hack; Ukraine power hack; SCADA attack data; Shodan; traffic light control vulnerability; hydroelectric plant vulnerability; zero-day shopping list
4 Modal Code/Statecharts   Statechart elements; statechart example; statechart implementation
5 Requirements   Ariane 5 flight 501; rules for good requirements; problematic requirements; extra-functional requirements; requirements approaches; ambiguity
6 Code Style/Humans Style Making code easy to read; good code hygiene; avoiding premature optimization; coding style
7 Code Style/Language Language Use Pitfalls and problems with C; language use guidelines and analysis tools; using language wisely (strong typing); Mars Climate Orbiter; deviations & legacy code
8 Peer Reviews Peer Reviews Effective code quality practices, peer review efficiency and effectiveness; Fagan inspections; rules for peer review; review report; perspective-based reviews; review checklist; case study; economics of peer review. Peer Review Checklist
9 Unit Testing   Black box testing; white box testing; unit testing strategies; MCDC coverage; unit testing frameworks (cunit)
10 Spaghetti Code Spaghetti McCabe Cyclomatic Complexity (MCC); SCC; Spaghetti Factor (SF)
11 Global Variables Globals Global vs. static variables; avoiding and removing globals
12 Toyota UA Case Study Toyota UA Case study of Toyota UA
13 Stack Overflow Stack Overflow Stack overflow mechanics; memory corruption; stack sentinels; static analysis; memory protection; avoid recursion
14 SW Architecture & HLD   High Level Design (HLD); boxes and arrows; sequence diagrams (SD); statechart to SD relationship; 2011 Health Plan chart
15 Integration Testing   Integration test approaches; tracing integration tests to SDs; network message testing; using SDs to generate unit tests
16 Testing Quality Testing Quality Smoke testing, exploratory testing; methodical test coverage; types of testing; testing philosophy; coverage; testing resources
17 System-Level Test System Level Test First bug story; effective test plans; testing won't find all bugs; F-22 Raptor date line bug; bug farms; risks of bad software
18 SQA isn't testing   SQA elements; audits; SQA as coaching staff; cost of defect fixes over project cycle
19 Lifecycle CM   A400M crash; version control; configuration management; long lifecycles
20 Traceability Traceability Traceability across the V; examples; best practices
21 Date Time Management Date Time Keeping time; time terminology; clock synchronization; time zones; DST; local time; sunrise/sunset; mobility and time; date line; GMT/UTC; leap years; leap seconds; time rollovers; Zune leap year bug; internationalization.
22 Floating Point Pitfalls   Floating point formats; special values; NaN and robots; roundoff errors; Patriot Missile mishap
23 Process Key Metrics Key Metrics Tester to developer ratio; code productivity; peer review effectiveness
24 Maintenance Maintenance Bug fix cycle; bug prioritization; maintenance as a large cost driver; technical debt
25 Dependability Dependability Dependability; availability; Windows 2000 server crash; reliability; serial and parallel reliability; example reliability calculation; other aspects of dependability
26 Critical Systems Critical Systems Safety critical vs. mission critical; worst case and safety; HVAC malfunction hazard; Safety Integrity Levels (SIL); Bhopal; IEC 61508; fleet exposure
27 Safety Overview Software Safety Overview Defense in depth; safety principles; safety culture; Challenger mishap; Therac 25
28 Race Conditions Concurrency and Race Conditions Therac 25; race condition example; disabling interrupts; mutex; blocking time; priority inversion; priority inheritance; Mars Pathfinder
29 Safety Plan Safety Plan Safety plan elements; functional safety approaches; hazards & risks; safety goals & safety requirements; FMEA; FTA; safety case (GSN)
30 Safety Requirements Safety Requirements Identifying safety-related requirements; safety envelope; Doer/Checker pattern
31 Single Points of Failure Single Points of Failure Fault containment regions (FCR); Toyota UA single point failure; multi-channel pattern; monitor pattern; safety gate pattern; correlated & accumulated faults
32 SIL Isolation SIL Isolation Isolating different SILs, mixed-SIL interference sources; mitigating cross-SIL interference; isolation and security; CarShark hack
33 Data Integrity   Sources of faults; soft errors; Hamming distance; parity; mirroring; SECDED; checksum; CRC
34 Redundancy Management Redundancy Management Bellingham WA gasoline pipeline mishap; redundancy for availability; redundancy for fault detection; Ariane 5 Flight 501; fail operational; triplex modular redundancy (TMR) 2-of-3 pattern; dual 2-of-2 pattern; high-SIL Doer/Checker pattern; diagnostic effectiveness and proof tests
35 Safety Architecture Patterns Safety Architecture Patterns Supplemental lecture with more detail on patterns: low SIL; self-diagnosis; partitioning; fail operational; voting; fail silent; dual 2-of-2; Ariane 5 Flight 501; fail silent patterns (low, high, mixed SIL); high availability mixed SIL pattern
36 Cryptography Cryptography Confusion & diffusion; Caesar cipher; frequency analysis; Enigma; Lorenz & Colossus; DES; AES; public key cryptography; secure hashing; digital signatures; certificates; PKI; encrypting vs. signing for firmware update
37 Security Threats   Stuxnet; attack motivation; attacker threat levels; DirectTV piracy; operational environment; porous firewalls; Davis Besse incident; BlueSniper rifle; integrity; authentication; secrecy; privacy; LG Smart TV privacy; DoS/DDos; feature activation; St. Jude pacemaker recall
38 Security Plan Security Plan Security plan elements; Target Attack; security requirements; threats; vulnerabilities; mitigation; validation
39 Security Vulnerabilities   Exploit vs. attack; Kettle spambot; weak passwords; master passwords; crypto key length; Mirai botnet attack; crypto mistakes; LIFX revisited; CarShark revisited; chip peels; hidden functionality; counterfeit systems; cloud connected devices; embedded-specific attacks
40 Security Mitigation Validation   Password strength; storing passwords & salt/pepper/key stretching; Adobe password hack; least privilege; Jeep firewall hack; secure update; secure boot; encryption vs. signing revisited; penetration testing; code analysis; other security approaches; rubber hose attack
41 Security Pitfalls Security Pitfalls Konami code; security via obscurity; hotel lock USB hack; Kerckhoff's principle; hospital WPA setup hack; DECSS; Lodz tram attack; proper use of cryptography; zero day exploits; security snake oil; realities of in-system firewalls; aircraft infotainment and firewalls; zombie road sign hack


Live course site http://www.ece.cmu.edu/~ece642/ might have some more recent lectures. Please see the copyright notice

18-348: Embedded System Engineering

Microcontroller hardware, software, I/O, coding techniques, with coverage of 9S12 microcontroller. (Last taught Spring 2016.)

  1. Course Intro Background
  2. Embedded Hardware
  3. Microcontroller Instruction Set - Part 1
  4. Microcontroller Instruction Set - Part 2
  5. Engineering Process Design Techniques
  6. Embedded Language Use
  7. Coding Tricks; Multiprecision Math; Reviews
  8. Memory and Memory Bus
  9. Economics, Code Optimization, and Fixed Point
  10. Debug Test
  11. Serial Ports
  12. Time; Timer/Counters; Watchdog Timers
  13. Interrupts
  14. Interrupt Cyclic Task Response Timing
  15. Preemptive Context Switching
  16. Concurrency
  17. Scheduling
  18. Digital to Analog, PWM
  19. Analog Inputs
  20. Other I/O
  21. Control
  22. RTOS Selection; Why Software Quality Matters
  23. System Resets, Robustness Power Management
  24. Checksums and CRCs
  25. Bluetooth CAN

18-649: Distributed Embedded Systems

Software process, distributed systems, embedded networks, critical systems. (Last taught Fall 2015.)

  1. Course Overview Introduction
  2. Elevators as a distributed embedded application
  3. Requirements and Methodical Engineering
  4. UML-Based Design Process
  5. End-to-end design example
  6. Distributed + Embedded Systems; Event Triggered vs. Time Triggered
  7. Reviews Software Process
  8. Embedded Software Testing
  9. Verification, Validation Certification
  10. Embedded System Engineering Economics
  11. Embedded Communication Protocols
  12. CAN Protocol
  13. CAN Performance
  14. End-To-End System Scheduling
  15. Embedded Internet Embedded Security
  16. Distributed Timekeeping
  17. Dependability/Reliability
  18. Critical Systems Software Safety
  19. Critical Systems Engineering
  20. Humans as a System Component
  21. FlexRay Protocol
  22. Ethics Societal Impact
  23. Time Triggered Protocol (TTP)

Additional reading list. (Note that "local" links are probably non-functional.)

18-548: Memory Hierarchy

Memory hiearchy from cache out to virtual memory. (Last taught Fall 1998.)

  1. Introduction & Overview
  2. Key Concepts
  3. Physical Memory Architecture
  4. Cache Organization & Access
  5. Virtual Memory Architecture
  6. Cache Data Organization
  7. Associativity
  8. Data Management Policies
  9. Memory Devices & Chip Area
  10. Multilevel Strategies
  11. System-Level Effects on Performance
  12. Tuning Software for Speed
  13. Main Memory Architecture
  14. Main Memory Performance
  15. Storage Systems
  16. Vector Architecture
  17. Vector Performance
  18. Buses
  19. Multiprocessor Coherence
  20. Fault Tolerance in the Memory Hierarchy

Copyright notice: These materials are copyrighted by Philip Koopman in the year indicated on the materials. Downloading and viewing materials for personal use is acceptable with no further permission. Use in academic settings, informal lunch-and-learn study groups, and so on is acceptable with no further permission provided attribution is made to me as author of the material. For-profit training use (i.e., someone is getting paid to deliver the training) requires permission and a fee, except for small snippets (e.g., no more than one slide from a lecture) that fall under Fair Use copyright doctrine. Posting on public web sites, including slide sharing services, video services, and course note sites is strictly prohibited unless I, the author, personally do the upload myself. These are historical lecture slides and might not represent my current opinions on various topics due to newly available research and experience. Due to lack of time and resources I do not attempt to keep the technical content of historical lectures up to date, but pointing out any substantive errors for future correction on a time-available basis is appreciated. If you plan to make substantive use of this material in your teaching I'd be happy to hear about it, but non-profit teaching, including use in university courses, use does not require additional permission. In general I don't have time to respond to queries already handled by this copyright notice. This information is provided as-is, and proper use is your responsibility. For other queries please contact: koopman@cmu.edu