250 posts categorized "Embedded System Engineering"


More Tales from the Road - VDC at ESC Silicon Valley 2015

ESC Silicon Valley 2015

In case you missed it, VDC’s IoT & Embedded Technology was recently in Santa Clara for the 2015 Embedded Systems Conference – Silicon Valley. We had the opportunity to meet with and get updates from a number of companies, both at the show and several nearby corporate headquarters. Vendors we spoke with were pleased with the volume and quality of the attendees and many training sessions operated at full capacity.

As we have for the past decade, VDC Research presented the annual Embeddy Award to the organization judged to have announced the most significant advance in the embedded software and hardware industries at ESC. VDC created and named the Embeddy to highlight the most cutting-edge product or service for embedded software developers and system engineers.  We heard several compelling updates vendors in the RTOS, tools, and processor segments. Upon final assessment, LDRA’s Tool Suite 9.5 was selected as the best in show. LDRA provides software for automated code analysis and software testing to the safety-, mission-, security-, and business-critical markets. The Embeddy award was presented on stage in conjunction with the ACE Awards, given by EETimes and EDN. 

LDRA awarded 2015 Embeddy Award


In the 9.5 release, LDRA further extends performance of the LDRA tool suite by improving Linux support and by introducing a clear ‘Uniview’ function to help users visualize software components and development artifacts,” commented André Girard, VDC Research’s Senior Analyst of IoT & Embedded Technologies. “But since advances in functionality are less valuable if the solution is hard to use, we feel advances to both functionality and usability in this release of the LDRA tool suite are particularly important.

Overall, VDC was pleased with the level of excitement at the show and believe UBM has found a successful format. We expect the continuation of a consistent approach will lead to increased vendor participation in upcoming ESC events. 



Lingering Thoughts from NIWeek 2015

VDC’s IoT and Embedded Technologies team recently attended NIWeek 2015 in Austin, TX. National Instruments (NI) put on an excellent conference and we had the opportunity to take in a great deal. There were inspiring and informative keynote presentations, great partner stories, the heat, interesting panel sessions, helpful one-on-one meetings with NI executives, the strange layout of the Austin Convention Center (it allegedly has a floor 2, but I’m not buying that), demos on the exhibit floor…and, well, did I mention the heat?

The IoT / IIoT Centric Focus of NIWeek

Regardless of the format – keynote, panels, demos, 1:1’s – much of the discussion tied into the Internet of Things, or the Industrial Internet of Things in NI parlance. This focus is well justified; with all due respect to Marc Andreessen, it is time to update his famous quote. Today, “IoT is eating the world.” In fact, a majority of engineers surveyed by VDC in 2014 were already leveraging the IoT. By 2017, 81% expect to use the IoT in their projects, which represents a truly remarkable shift in the engineering world!

Iot eating the word

National Instruments’ Position within the IoT

NI’s IIoT focus, and I believe it to be the right one for the company, is to provide their customers with distributed compute intelligence that would sit between the data generating nodes and the cloud or legacy enterprise systems in the IIoT architecture.

To date, media attention has focused disproportionally on greenfield IoT applications serving the home, business, and building automation. There’s a lot of innovation to be excited about in these devices, but they represent only a slice of the total available market for the IoT. NI is aiming at this broader IoT picture that includes countless applications in all of the traditionally embedded industries, like automotive, energy, medical, industrial, and others. Deployments into these markets will be brownfield opportunities needing to traverse complex environments and interact with a host of existing devices that vary in age and capability. Moreover, any new equipment will need to connect or integrate with numerous earlier M2M systems.

At NIWeek 2015, National Instruments demonstrated that their modular, platform-based portfolio has the functional capabilities, flexibility, and strong hardware/software integration necessary to support engineering organizations as they deploy the next generation of intelligent IIoT systems. The challenge however, is for NI to broaden the mindset held by many traditional customers. Engineers will need to more often consider their platforms as appropriate for deployed systems rather than only for development and test & measurement if NI is to advance their positioning in the IIoT ecosystem.


Under Pressure: Your Embedded System Needs to Modernize Requirements Management (RM)

Recording of This Webinar from VDC Research and Jama Software is Now Available

 New variables continue to emerge, making software development in both the embedded/systems and enterprise/IT domains more complex – and in many ways, more similar. For instance, the requirement to design software in accordance with regulatory mandates, which is increasingly common in the embedded industries, now also extends into several segments of the enterprise, such as banking. Likewise, the Cloud and IoT are becoming more of a focal point for technology and innovation in both realms. This is driving an explosion in new software-focused business plans, devices, categories, and features, which are more closely tied to high-value corporate and consumer activities. The future of connected, intelligent products – while providing new opportunities – also raises the expectations for continued content delivery and functionality evolution.

As reliance on software to deliver value and differentiation increases, the amount and range of employees involved in the management of software creation is expanding. More organizational stakeholders, including many who may lack direct software development experience, now need direct insight into the software development lifecycle in both embedded and enterprise organizations. And with this expanding pool of software development stakeholders, it’s increasingly important to ensure the proper  processes and the right tooling – like a formal requirements management solution – are in place to help facilitate effective communication and collaboration through the full development lifecycle. Among other changes, it will be critical for these tools to provide socially collaborative features, to automatically link critical development data from other tools, and to present it in an easy-to-comprehend format for all development stakeholders.

With the Shift from Project- to Product-Based Software Design Approaches, IT Developers More Closely Resemble Their Embedded Peers.

New Picture

The embedded – enterprise/IT convergence also includes organizational strategies for software development teams. Many IT groups are now trying to move from a project-based approach for software delivery to one that defines products and organizes teams around them. This organizational structure more closely resembles the typical configuration in embedded or systems development teams. While significant differences remain in place, we also see that decisions around tooling, programming languages, and development methodologies show similar signs of convergence between the embedded and enterprise development markets. As IT organizations continue to evolve, they will have a greater need for system lifecycle management tools focused on optimizing iterative development methodologies with capabilities such as contextual collaboration, impact analysis, and decision tracking over a traditional focus on formal reviews or approvals and change management.


To hear more about this and other pressures facing developers that raise the importance of requirements management solutions, I encourage you to listen to our recent webinar with Jama Software

Click here to for the webinar recording. To learn more about the research and products offered by VDC Research’s IoT and Embedded Software Development practice, click here.


VDC Research is attending Embedded World 2015!

Contact us ASAP to schedule a meeting

VDC will be making the trip across the Atlantic again this year to visit the largest embedded technology tradeshow of the year, Embedded World in Nuremberg, Germany. Last year, the conference boasted 26,700 visitors and 856 exhibiting companies!.

While we are at the conference, we welcome the opportunity to meet with attending vendors to learn more about their embedded solutions and any show-related (or other recent) announcements.

You can arrange a meeting time with VDC by contacting us directly.

For meetings contact:

André Girard, Senior Analyst, IoT & Embedded Technology, agirard@vdcresearch.com, 508.653.9000 x153; or
Steve Hoffenberg, Director, IoT & Embedded Technology, shoffenberg@vdcresearch.com, 508.653.9000 x143.

Haven't decided if you're attending Embedded World yet?

Please check out the Embedded World website for more information on the conference program as well as information on all of the companies that will be exhibiting.

We look forward to seeing you at the show!


Intel’s IoT Platform Extends Security Toward Edges

At a press and analyst event in San Francisco on December 9, Intel announced its “IoT Platform” reference model. The model is horizontal in scope, encompassing numerous technologies applicable to everything from edge devices to gateways to the cloud. In addition, it is intended to be a modular approach, such that Intel’s hardware and software components (including those from subsidiaries Wind River and McAfee) can be mixed with those of other vendors. For example, a customer could deploy its preferred gateway devices not limited to those based on Intel’s Moon Island design, while remaining compatible with Intel’s reference model. We won’t attempt to describe the entire Intel IoT Platform in this blog post, but we’ll focus on a couple of security aspects announced. (Readers can find the full Intel press release here.)

  Intel-McAfee Security Execs

Intel executives discuss IoT Platform security: (left to right) Lorie Wigle, VP of IoT Security Solutions; Steve Grobman, Intel Fellow and CTO for Security Platforms and Solutions; and Luis Blando, SVP of Intel Security Group [McAfee].

As part of the latest announcement, McAfee’s ePolicy Orchestrator (ePO) is being extended into IoT gateways. ePO is software for security management, enabling centralized deployment and control of security policies, as well as monitoring of endpoint security status. Previously, ePO was intended for enterprise IT networks, but the announcement means that it can now encompass a much wider range of industrial and commercial IoT networks. In VDC’s opinion, this could help ease integration between IT and OT (operational technology) departments when transitioning standalone OT systems into IoT systems. OT could maintain functional control over the gateways and edge devices, while IT institutes improved access control between the gateways and enterprise network assets.

A second notable security announcement was that Intel Security will now license its Enhanced Privacy Identity (EPID) technology to other silicon vendors. EPID is a form of remote anonymous attestation using asymmetric (public key and private key) cryptography, through which central systems can confirm the integrity and authentication credentials of remote devices, without those devices having to reveal their identities or those of their owners. (One common use for anonymous attestation is digital rights management for content protection.) Anonymous attestation requires security hardware, such as a CPU with a Trusted Platform Module (TPM) or Trusted Execution Environment (TEE), for which Intel of course is a prime supplier.

EPID can create groups of devices, where a single public key can work with multiple private keys, i.e. one assigned to each device within the group. The mathematics behind EPID is complex, but for those interested, we suggest checking out the article, “Enhanced Privacy ID: A Remote Anonymous Attestation Scheme for Hardware Devices,” by Intel’s Ernie Brickell and Jiangtao Li (Intel Technology Journal, Volume 13, Issue 2, 2009, pp. 96-111). The chart below from that article summarizes how EPID differs from other attestation technologies, including Direct Anonymous Attestation (DAA).

Chart source: Intel Technology Journal

Intel has not yet disclosed licensing terms for other chip makers to use EPID, and onerous or expensive terms could limit its acceptance. However, VDC believes that EPID could be applicable to many IoT scenarios where a central system needs to trust remote devices owned or operated by others. This type of function will become increasingly important as interested parties seek to extract shared or publicly provided data from private IoT devices.

Although numerous security technologies from many vendors are taking hold in the IoT, Intel is uniquely positioned in this market by virtue of its presence at both the network/system level (McAfee, Intel Server Systems) and the device level (Intel CPU hardware, Wind River software). Intel says, for example, that its existing McAfee Embedded Control software for application whitelisting is used by about 200 device manufacturers. Intel’s IoT Platform is the latest evidence that the company will remain a force to be reckoned with in IoT security.


Where's The Action On Security Concerns?

Recognition of Software Security Issues Are High; Mitigation is Not

I read an interesting report from Spiceworks recently about mobile security actions by IT departments...or perhaps, lack of actions might be more accurate. The report, which is free to download, shows that nearly all IT professionals are worried about security risks affecting mobile devices supported by their company. However, this level of concern vastly outweighs the level of action their organizations have actually taken to lessen security threats.

This central finding, while disappointing, does not come as a surprise. Year after year, we see a persistent gap between awareness of software security importance and the steps taken to mitigate these issues. To help inform our analysis of the software and systems development market, VDC conducts an extensive end-user survey of global development community. In 2014, only 7.7% of embedded engineers surveyed considered security “not at all important” on their current project; just 2% of enterprise/IT developers felt the same way. Yet 22% of the respondents in embedded and 12% from enterprise report their organization has taken no actions in response to security requirements on their current project.

Picture3 - ATVT security

Need to Close the Awareness – Action Gap

The potential financial and safety impacts of software vulnerabilities have been clearly demonstrated by several recent and very public cases. Incidents, such as those exposing customer data from major retailers and software-related automotive recalls can dominate news cycles, damage brand equity, and more importantly - risk lives.

A growing reliance on software for embedded device functionality and to manage financial data has raised the importance of actively addressing security considerations during software design. Unfortunately, the velocity of software innovation is outpacing the application of safeguards and challenges continue to mount. Code base volume and complexity continues to rise. Development teams are increasingly utilizing alternative code sources including open-source software to meet their time-to-market windows. The number of potential entry points for malicious activities is increasing exponentially as more connected devices are deployed as part of the Internet of Things (IoT).

Teams designing software for the IT or embedded markets should start testing for security vulnerabilities early in the development lifecycle when resolution is the least costly. We recommend static and binary analysis as effective tools for finding the most common security defects such as buffer overflows, resource leaks, and other vulnerabilities. Use of these solutions should be incorporated as part of a comprehensive testing regime. Undoubtedly, the ramifications of software vulnerabilities are too severe to leave addressed by manual processes or chance.


More insight and Recommendations

For further investigation and discussion about this and other important trends in the automated test and verification tool landscape, as well as other disruptive shifts in systems lifecycle management, please see our 2014 Software and System Lifecycle Management (SSLM) intelligence service.


VDC Research is Attending ARM TechCon 2014 in Santa Clara October 1-2

We are attending ARM TechCon 2014 in Santa Clata

ARM TechCon 2014 at the Santa Clara Convention Center is designed to facilitate collaborative design by connecting the hardware and software communities in one event. The event delivers a comprehensive forum created to ignite the development and optimization of future ARM-based embedded products. The conference includes about 75 intriguing sessions offering insight and education into new products, advanced development techniques, security issues, and much more. For more information about ARM TechCon 2014 and to register for the event, click here.

Contact us directly to schedule a meeting!

We would like to learn more about your company’s solutions and personal experiences, and we welcome the opportunity to meet attending vendors. VDC will be at the conference on Wednesday, October 1st and Thursday, October 2nd. Please contact us directly if you would like to arrange a meeting.

Contact Steve Hoffenberg, Director, M2M Embedded Software, VDC Research Group at shoffenberg@vdcresearch.com or 508.653.9000 x143.

About VDC Research

VDC has been covering the embedded systems market since 1994. To learn more about VDC’s coverage of Embedded Hardware & Platforms, check out our website here, and to see what other research and products are offered by VDC Research’s Embedded Hardware and Software practices, click here.


Tasktop unveils new Tricentis offering

Yesterday, at Tricentis Accelerate 2014, Tasktop previewed an upcoming release of Sync featuring increased integration of the Tricentis Tosca Testsuite across multiple software delivery disciplines and tools. Tasktop’s Sync platform provides authoring tools for tasks, data, workflow connectivity and integration between multiple Application Lifecycle Management solutions. Its new partner, Tricentis, is known for its software testing solutions to accelerate business innovation. The partnership between Tricentis and Tasktop represents an exciting advancement along the path of broader Agile and DevOps adoption within the software development industry.

The two companies first partnered in February 2014, to provide a combination of Tricentis Tosca Testsuite and Tasktop Sync. The new software offers a means of automated functional testing in Testsuite and a platform for collaborating across the multiple disciplines of software development with Sync. The evolution of software development has revealed a clear problem of the integration of tools across the design of software. The partnership of Tasktop and Tricentis is an example of a method of addressing this issue. Their tools enable collaboration and testing across different components, removing a disconnect that has hampered software development in the past. We think this software integration can help developers using Agile or DevOps methods to continue to deliver thoroughly tested solutions for customers more rapidly, ultimately lowering the risk of business failure.


Upcoming VDC Research reports

In the next few weeks, the VDC M2M and Embedded Software team will publish several reports analyzing important trends impacting the software and system development tool landscape such as the growing need for improved tooling integration. These reports, listed below, also provide VDC’s granular market estimates and growth forecasts through 2016.

  • Automated Test and Verification Tools
  • Software and System Modeling Tools
  • Requirements Management/Definition and Source/Change/Configuration Management tools

To learn more about the research and products offered by VDC Research’s Embedded Software & Tools practice, click here.


By Joseph Botsch, Research Assistant and

André Girard, Senior Analyst



VDC Embedded Jama Software Webinar

How to Understand Requirements Management to Develop and Deliver Faster

For Embedded Systems Developers, Time to Market is Critical. Learn the No. 1 Strategy to Develop and Deliver Faster.

During this free webinar on Wednesday, July 23 at 1:00pm ET / 10:00am PT, VDC Research analyst André Girard and Jama Software co-founder Derwyn Harris will present on the growing necessity for requirements management (RM) tools in the face of today’s increasingly complex code bases, distributed development teams, and stricter budgets.

OEMs are facing constant pressure for innovation even with tight budgets, and they are dedicating more of their resources towards software development. Despite the importance of well-written requirements in the software development lifecycle, usage rates of RM tools are still dangerously low, with only 23% of embedded engineers polled by VDC in 2014 indicating they were using a formal RM solution on their current project. To meet demands for an accelerated pace of software content creation, developers will need to better utilize RM tools to monitor and manage the development lifecycle from beginning to end.

This webinar will explore: 

  • How has the software development process changed? 
  • What challenges are OEMs facing today? 
  • How do RM tools help deal with these challenges? 
  • How can RM tools save time and money for OEMs?

Tune in to this webinar to learn the answer to these questions and more. Those who register for this webinar will also receive a free copy of VDC Research’s report, “Pinching Pennies on Requirements Management is Too Costly”, by André Girard.

Click here to register for the webinar. To learn more about the research and products offered by VDC Research’s Embedded Software & Tools practice, click here.


Patrick McGrath

Research Associate, VDC Research


IoT Necessitates Changes in Both People and Technology

The requirements of the devices composing the Internet of Things are changing rapidly. The embedded market no longer consists of dedicated-purpose devices that may or may not be connected. Engineering organizations and deploying enterprises must now design scalable system topologies that can integrate new devices and adapt to the IoT’s evolution. While these next-generation systems are required to facilitate downstream device/node management as well as efficient upstream data transfer and analytics, they must also do so dynamically, allowing for more intelligence and flexibility in node role and workloads within sub-network architectures.

This recognition of a need for change in legacy technologies can already be seen in the shift in programming languages used by embedded engineers. In the past five years, the percentage of engineers using Java in the embedded market has more than doubled. Embedded industry stalwarts such as C will certainly maintain a substantial footprint going forward given the existing software assets and expertise at OEMs, but the results confirm that the market is rapidly looking to new and/or multi-language development to satisfy the requirements of next-generation projects.


IoT Skill Set Gap Exacerbated by Existing Embedded Resource Gap

The existing embedded engineering resources unfortunately cannot keep pace with the IoT’s time-to-market and content creation requirements. Already this community has been struggling to meet the needs of pre-IoT development projects. Now, the industry is faced with a dynamic in which not only does it need more efficiency, but the existing population of embedded engineers also cannot scale organically to meet the new software content creation requirements. Today, there are just over 1 million embedded engineers globally, with only 35% of that community holding software engineering-specific primary roles. In order to adapt to the new IoT development demands and respond to this dearth of traditionally skilled resources, OEMs must look to new labor pools.

The global Java community, which is estimated to consist of approximately 9 million developers, offers an opportunity to draw upon an increasingly relevant labor and expertise pool. The value of traditional embedded engineering skill sets has already been partially devalued due to IoT system evolution. Now, knowledge of connectivity stacks and UI development often must be placed at a premium over skills such as footprint optimization. Furthermore, technology like Java’s virtual machines create an abstraction layer that can reduce hardware dependencies and the subsequent rework and optimization that would have previously required more traditional embedded firmware engineers. Despite the already rapid adoption of Java (by embedded standards), we believe that the impending blurring of the distinction between embedded and IT Java developers will reinforce the technology’s adoption and relevance going forward. The wide access to the existing ecosystem of Java tools and third-party software, combined with a growing embedded partner ecosystem spanning semiconductor/IP companies, tool, and hardware/system manufacturers will no doubt further reduce switching costs and any lingering reservations held within many embedded industries.

We will be exploring the business and technical impact of the IoT in a webcast tomorrow with Oracle:

Date: Thursday, June 19, 2014 

Time: 9:30 AM PDT, 12:30 PM EDT, 17:30 GMT

Join this webcast to learn about:

  • Driving both revenue opportunities and operational efficiencies for the IoT value chain
  • Leveraging Java to make devices more secure
  • How Java can help overcome resource gaps around intelligent connected devices
  • Suggestions on how to better manage fragmentation in embedded devices

Register here:


My Photo