Events

April 2021, the “Embedded Code Quality and Software Development Efficiency Workshop” series, jointly hosted by Xcalibyte and RT-Thread, were held in Shenzhen, Shanghai and Beijing. At the three workshops, technical staff from both sides shared their development experience and technical knowledge accumulated over many years. Many industry IT professionals attended the meeting to listen, communicate face to face, discuss and learn together.

The rapidly expanding embedded systems market has become a hot topic, especially with the growth of IoT. The workshop consisted of four sessions, two of which were led by Xcalibyte. Technologists from Xcalibyte shared their insights on how to ensure software development efficiency and code quality in the face of increasingly complex demands, from the perspectives of vulnerability identification in Embedded Code.

Analysis and identification of typical vulnerabilities in embedded code

The first Xcalibyte session introduced typical code vulnerabilities within embedded systems. This included an explanation of common errors and potential code vulnerabilities caused by developers intentionally or unintentionally. The errors may cause data leakage, improper rights management and other significant security risks.

The full Presentation is available for downloading at the bottom of this article 

Examples included misuse of resources, poor memory management, the need to build Finite State Machines and the benefits of abstract modelling.

Abstract modeling can solve a lot of practical problems, such as code injection, resources that are not released, stack address illegally accessed and so on.

The second Xcalibyte session focused on common attacks for WASM, a popular assembly language, and the corresponding preventive measures.

The attendance in all locations were high and our team had to field many questions.

Download the full presentation here