On Target: Embedded Systems

As you probably know, Google is currently entrenched in a battle with Oracle over the use of Java in Android. The trial may be only a month old, but the war began with the original suit filed in August 2010 for alleged copyright and patent infringement related to the Java programming language. However, this case is not just about Google defending its use of the technology or simply lining its pockets. The outcome of this trial has the potential to cripple the Android ecosystem and other open source projects as well.

The copyright phase of the trial has the attention of the software community. On May 7, 2012 a jury ruled that Google had violated Oracle’s copyright on 37 APIs, but could not decide if the violation was an acceptable level of fair use. Judge William Alsup of the United States District Court for the Northern District of California has been tasked with ruling on the big question: Can the structure, sequence, and organization (SSO) of an API be covered under copyright law?

If Judge Alsup finds in favor of Google and decides that the SSO of an API cannot be copyrightable, Oracle will be rewarded a maximum of $150,000 in statutory damages for each of the two counts brought against Google.

However, a ruling in the opposing favor would send toxic ripples throughout the software industry. Google would be required to attain a license through Oracle and pay significant royalties so long as they continue to produce Android. Oracle would then have the ability to charge a licensing fee to all Android manufacturers. Whether Android remains free or not is critical not only to phone manufacturers, but to Android’s push into other embedded vertical markets as well. Android developers are already hesitant to venture beyond the smartphone/tablet arena because of the additional engineering work required to extend the Android platform beyond such applications, and licensing/royalty concerns would only amplify that hesitation.

The licensing requirement would resonate throughout open source projects. Regardless if the license is free or not, programmers may potentially steer away from using Java in favor of other programming platforms. Open source platforms like Linux would be in jeopardy because of their use of foreign APIs (portions of Linux APIs duplicate those from commercial software). To top things off, programmers would no longer be able to implement “clean room design” to reverse engineer and replicate software.

This case is far from over as appeals are expected to follow. Google has already moved for a mistrial as a result of the jury’s split verdict over the fair use question, over which Judge Alsup is currently deliberating.  For more information on litigation surrounding Android please see our past blog post: Will Legal Battles Jeopardize Android’s Rise to Dominate the Device Market? Stay tuned as VDC Research continues to follow Oracle v. Google. 

In a strategically important move driven by significant changes in embedded computing, ETAS recently announced their intent to acquire security solution provider ESCRYPT. Terms of the deal were not disclosed, but the modeling tool vendor confirmed that the acquisition is intended to strengthen the independent professional services division that they first established in January.
 
VDC’s View
 
Security has quickly emerged as the hot button issue within the embedded industry. As we’ve written about recently, the injection of connectivity requirements within many new device categories has left embedded engineering organizations recognizing a need for improved security, but often unsure of how best to harden their devices.
 
The automotive sector serves as a perfect example of how the evolution of a device category – and the resulting increase in security risks - can challenge the traditional ecosystem and engineering cultures. We see four key factors contributing to a rapidly rising security risk in the auto industry, many of which are common to other industries as well:

1. Cars are increasingly becoming Internet-enabled, in response to surging consumer demand for enhanced in-vehicle infotainment (IVI) and other new emerging applications.
2. Additionally, the growing interconnectivity of the various electronic control units (ECU) within vehicles is now providing a pathway for threats to move from system to system.
3. Automobile OEMs are generally siloed, with teams focused on the development of individual ECUs. As a result, insufficient attention is being given to the risk created by the interconnection of ECUs.
4. Security is an entirely new problem for automobile OEMS that their existing engineering organizations have little or no experience addressing.

Similar trends can be found in virtually every industry, as OEMs race to develop next-generation products that leverage sensing, processing, I/O technologies, and connectivity to enable innovative new features and create entirely new revenue streams. And without any relevant expertise in security, we see the need for products and services such as those offered by ETAS/ESCRYPT as acute.

As we look broadly across the embedded technology landscape and the emerging Internet of Things, we see OEMs struggling with the issue of security, and vendors large and small aggressively trying to establish themselves as the leading security solution provider.  These include Intel through its McAfee acquisition, IBM with its reorganization and establishment of a security solutions division, Mocana with its focus on securing the Internet of Things, Wind River with its formation of a security-focused professional services team, and many, many others. 

With this market dynamic in mind, VDC has just announced a new research program dedicated to exploring this topic in greater depth. Our Voice of the Customer: Security & The Internet of Things program will provide OEMs, IT managers, and operators alike with the information that they need to develop and implement robust security strategies that can address the challenges posed by today’s Internet of Things. To learn more, please contact us…

A Q&A with John Carbone, Vice President of Marketing, Express Logic

This interview is the first in a series that we look to conduct during the course of 2012 with embedded software solution providers to share views on their company, products, and state of the market.

VDC: Congratulations on the 15 year anniversary for Express Logic in the RTOS business.  Can you briefly introduce the company to our readers?

Carbone: Express Logic is a software company, focused on real-time operating systems (RTOS), related middleware, and development tools for embedded systems. Our ThreadX RTOS was introduced in 1997, and has been deployed in over 1.25 billion electronic products, including HP printers, Apple iPhones, Welch Allyn medical devices, and a host of other well-known products in the consumer, medical and industrial-control areas. Our technology is small, fast, real-time, and easy to use. Our products are licensed with full source code and are 100% royalty-free.

VDC: You recently reported a record banner year for product license sales for 2011. What were the drivers for this success?

Carbone: We believe the biggest factor was the large number of embedded development projects that were “re-activated” from previous suspensions at the onset of the economic downturn. Many companies, both new and repeat customers, funded projects that required an RTOS, and we were fortunate to have been selected by a good number of them, leading to our record revenue for 2011. We saw the beginning of this activity in late 2010, and it continued through 2011 to this day.

Also fueling our record sales in 2011 is the popularity of ARM’s Cortex-M3 and M4 architectures, for which ThreadX is an ideal fit and for which our royalty-free licensing is especially appealing. High-volume manufacturers of smartphones and other handheld devices that use Cortex-M3 and M4 also find our no-royalty licensing a great way to reduce their COGS.

VDC: Express Logic recently expanded the product engineering team in Shanghai, China. What’s the status of the move and what responsibilities will the Shanghai team have?

Carbone: Our engineering team in Shanghai, established during 2011, focuses on networking software. They develop high-performance drivers for our NetX Duo TCP/IP stack, enabling us to support the plethora of Ethernet controllers used in networked devices. The team, made up of university graduate researchers with excellent skills in embedded software development, is managed by our VP of Engineering, who is a native of Shanghai. This gives us a unique ability to interact with the team, and it has led to numerous successful projects even in this short period of time.

VDC: The ThreadX RTOS has been deployed in over a billion devices.  How does ThreadX scale to meet the engineering needs for such a broad spectrum of applications (from printers to cell phones to space probes)?

Carbone: ThreadX is much like a RISC architecture for software. We provide fundamental services, from which more complex operations can be constructed. Like a RISC processor, these services are designed to be extremely fast, so they can be combined and applied to a wide variety of applications without excessive overhead. This makes ThreadX efficient for both small and large requirements, much like RISC processors that now handle virtually all computing requirements in embedded systems.

VDC: The “Build versus Buy” dilemma has been a challenge facing engineering organizations for years.  How has the growing availability of low to no cost open source and other types of RTOS solutions affected the decision to migrate to commercially available and supported OS platforms?

Carbone: Certainly, there are applications that do not warrant an RTOS, but these are at the very low end of functionality, and are generally one-shot solutions for very specific, simple needs. Beyond these opportunities, we believe that a “build” decision is both inefficient and unnecessary, given the wealth of commercial offerings that are available. And, we believe that selection of a “free” or “low-cost” solution simply because of its price is misguided. Studies indicate that the benefits of a product that gets to market faster far outweigh any savings in acquisition cost. Developers should be alarmed by the fact that these same studies show that “free” offerings can slow time to market below the industry average, exposing the development team to the extremely painful and expensive cost of “free.”

The use of quality development tools and RTOS increase the likelihood of product success through faster time to market, greater product quality and reduced support costs. These benefits far outweigh any cost savings from DIY or “free” tools and RTOS use. So, in our opinion, either building in-house or using a “free” or “low-cost” solution, solely based on cost considerations, is unwise. We believe that the investment in selecting and using “the best tools for the job” pays many dividends through the production of better products, brought to market sooner than would be experienced with inferior tools.

More than once, teams, that elected to use low-cost tools due to lack of budget, have returned to us 6-18 months later after experiencing disappointing results. In such instances, the cost these customers incurred, both in extended development and loss of time to market, is incredibly unfortunate.

VDC: If you were to take a look a look into your crystal ball, how do see the opportunities for the embedded software market shaping up for 2012?

Carbone: I fully expect the global economy to continue its recovery, slowly but surely, and with that will come the spending that motivates manufacturing companies to develop new products for these buyers. I’m optimistic about the long-term, and I’m looking forward to another great year for Express Logic.

VDC: Thank you John.

Interested in participating in VDC’s “The Embedded Software Beat” series of interviews? Please reach out and let us know.

We wanted to let you know about an important new annual research program we are launching called The Voice of the Customer Series: Security & The Internet of Things. The series, which is based on extensive primary research of engineering organizations, solution vendors, and enterprise/IT and consumer behavior, will provide you with the information you need to formulate and implement a best-in-class security strategy.

We’ve designed this program to help senior OEM engineering managers responsible for product development and deployments and IT managers coordinating M2M and enterprise-to-device connectivity. This service will help them understand how organizations are approaching the big decisions of security risk management, technology and vendor selection, device deployment, and more. We will also be highlighting consumer awareness and perceptions regarding security across a range of device classes. Some of the issues we’ll be looking at during the next 12 months include:

• Engineering organizations’ perception of the growing threat of security issues as well as the steps they are taking to reduce the those risks
• Consumers’ perception of this risk and desire for security enhancements across a range of consumer devices as a means to better inform the security solution selection process for OEMs and Enterprise/IT organizations
• How the Internet of Things is impacting what network managers are doing today and what they should consider going forward as more embedded and mobile devices connect to their infrastructure
• Customer feedback on the vendor landscape for embedded and mobile device security solutions and accompanying analyses of some of the leading security solution vendors

Want to learn more? Click here to download the Research Outline.