Embedded

Sonia Grego, scientist and innovator who runs Duke's Smart Toilet Lab and founded Coprata, discusses using toilets and simple at-home tests to monitor gut health and detect outbreaks. She talks about engineering challenges of handling stool, field testing in diverse settings, privacy and prototype design for smart toilets, and why kits may come before fully integrated devices.

Kenneth Finnegan, a senior solutions architect who builds community-run internet infrastructure, shares lively stories from running an internet exchange, free DNS and caching projects. He talks about BGP, CDNs, subsea cables, carrier hotels, and why small volunteer-run systems matter. Expect networking lore, hobbyist antics, and practical tips for embedded developers learning distributed systems.

They debate practical uses and pitfalls of AI tools for coding and diagrams. They give concrete tips for new managers and talk about moving from engineering to people management. They compare learning with books, audiobooks, and libraries. They discuss choosing microcontrollers and point listeners to local embedded communities and conferences.

Mark Omo, an engineering director specializing in embedded security, and James Rowley, a senior security engineer, dive into the world of safecracking and vulnerability discovery. They share insights from their DEF CON talk on exploiting SecureRAM locks, including their techniques like CodeSnatch for firmware extraction. The duo discusses the failures in security engineering, the ethical dilemmas faced, and emphasizes the importance of public disclosure in improving safety. Their engaging anecdotes about legal pushback and industry practices make this conversation a must-listen for anyone interested in cybersecurity.

James Cameron, a scientist and software developer with a diverse background in telescope operations and educational tech, shares his fascinating journey in astronomy. He discusses the significance of the Anglo-Australian Telescope and its impressive four-meter mirror. Listeners get insights into the daily challenges of diagnostics, maintenance, and software upgrades in observatory operations. Cameron also humorously reflects on wildlife encounters at the observatory, including snakes and ladybug infestations, while offering career advice on skill diversification and engineering.

Nathan Jones and Chris Svec give Chris and Elecia their 2025 performance review. Donations went to Elevate Tutoring, an organization that provides funding and support to low-income and first-generation college students as well as free STEM tutoring for underserved schools. Embedded has already sent in the match to the donations for a total of over $5000. Here is a list of all Embedded.fm episodes. We mentioned the Foldscope, a small but mighty microscope. Also, mentioned was the book If I Only Changed the Software, Why is the Phone on Fire? The show this week is sponsored by us. And you. Please consider supporting Embedded.fm on Ko-fi or Patreon. Or tell a friend about the show. Transcript

Sophi Kravitz joined us to talk about art, science, and engineering. You can see Messages from Space on Sophi's website /sophikravitz.com). A subset of the artwork had a short stay for a demo at Chabot Space & Science Center. The completed work will be shown in 2026. Sophi mentioned collaborating with two sonic environment artists Sofy Yuditskaya and Ria Rajan. Geiger–Müller tube is an ionizing radiation detector. Cosmic rays move through space at nearly the speed of light, generally originating far away and long ago. You can also see them in a cloud chamber, like the one at San Francisco's Exploratorium. We also talked about using sculpting in Blender (there are many online video introductions). Sophi does EE consulting and system quality checking at her company Greenlight. The show this week is sponsored by us. And you. Please consider supporting Embedded.fm on Ko-fi or Patreon. Or tell a friend about the show. Transcript

Nick Kartsioukas joined us to talk about security in embedded systems. Common Vulnerabilities and Exposures (CVE) is the primary database to check your software libraries, tools, and OSs: cve.org. Open Worldwide Application Security Project (OWASP, owasp.org) has information on how to improve security in all kinds of applications, including embedded application security. There are also cheatsheets, Nick particularly recommends Software Supply Chain Security - OWASP Cheat Sheet. Wait, what is supply chain security? Nick suggested a nice article on github.com: it is about your code and tools including firmware update, a common weak point in embedded device security. Want to try out some security work? There are capture the flag (CTF) challenges including the Microcorruption CTF (microcorruption.com) which is embedded security related. We also talked about the SANS Holiday Hack Challenge (also see Prior SANS Holiday Hack Challenges). This episode is brought to you by RunSafe Security. Working with C or C++ in your embedded projects? RunSafe Security helps you build safer, more resilient devices with build-time SBOM generation, vulnerability identification, and patented code hardening. Their Load-time Function Randomization stops the exploit of memory-based attacks, something we all know is much needed. Learn more at RunSafeSecurity.com/embeddedfm. Some other sites that have good information embedded security: This World Of Ours by James Mickens is an easy read about threat modelling Cybersecurity and Infrastructure Security Agency (CISA) is at cisa.gov and, among other things, they describe SBOMs in great detail National Institute of Standards and Technology (NIST) also provides guidance: Internet of Things (IoT) | NIST NIST Cybersecurity for IoT Program NIST SP800-213 IoT Device Cybersecurity Guidance for the Federal Government: Establishing IoT Device Cybersecurity Requirements There is a group of universities and organizations doing research into embedded security: National Science Foundation Center for Hardware and Embedded Systems Security and Trust (CHEST). Descriptive overview and the site is nsfchest.org European Telecommunications Standards Institute (ETSI) - Consumer IoT Security Camera Ubiquiti configuration issue (what not to do) Finally, Nick mentioned Stop The Bleed which provides training on how you can control bleeding, a leading cause of death. They even have a podcast (and we know you like those). Elecia followed up with Community Emergency Response Teams (CERT). Call your local fire department and ask about training near you! Transcript

Philip Koopman joined us to talk about embedded systems becoming embodied and intelligent. We focus on the safety considerations of making an intelligent and embodied device. Phil's new book is Embodied AI Safety: Reimagining safety engineering for artificial intelligence in physical systems. It uses robotaxis as an example as it discusses safety, security, human/computer interface, AI, and a bit of legal theory for tort negligence. If you'd like a taster, Phil gave a wonderful summary in his video: Keynote Talk: Embodied AI Safety This new book is intended for a wider (less devotedly technical) audience than his book How Safe Is Safe Enough?: Measuring and Predicting Autonomous Vehicle Safety. Phil was last on the show in episode 473: Math Is Not the Answer where we spoke about his book Understanding Checksums and Cyclic Redundancy Checks Transcript Thank you! This episode is sponsored by you, our listeners! If you'd like to become members and get ad-free episodes as well as bonus shows, sign up at Patreon or Ko-Fi. Thanks for listening.

Jason Turner, an author and C++ trainer known for his C++ Weekly YouTube series, dives into the world of programming puzzles. He discusses his new book, which introduces complex programming concepts through engaging puzzles for all ages. With insights on the evolution of C++ features and the importance of teaching without jargon, Jason emphasizes the joy of learning via play. He also shares anecdotes from his travels and cultural experiences that shape his teaching approach, advocating for clearer communication and accessibility in programming education.