Series : Bridging Software Craftsmanship and Bare-Metal Firmware (Trusted Firmware – A)

Part 1: The Foundations of Firmware Construction Introduction: What is Software Construction? In this inaugural part of our series on Trusted Firmware-A (TF-A), we begin by examining Software Construction, the central, hands-on activity of creating software. While "coding" is often used as a shorthand, true construction involves substantial professional judgment. It is not merely the mechanical… Continue reading Series : Bridging Software Craftsmanship and Bare-Metal Firmware (Trusted Firmware – A) →

Firmware Security and the Importance of Constant-Time Programming (Part – 2)

Understanding Constant-Time String Comparison: A Deep Dive Constant-time comparison of strings is an important security measure that helps maintain the consistent execution time for a string comparison operation, no matter what strings are being input. This supposedly minor detail goes a long way in avoiding timing attacks, which are a side-channel attack group that takes… Continue reading Firmware Security and the Importance of Constant-Time Programming (Part – 2) →

Firmware Security and the Importance of Constant-Time Programming (Part – 1)

Introduction Low-level software that communicates with hardware directly in the form of firmware is a critical element of modern computing platforms. Firmware initializes hardware, handles system resources, and delivers a secure environment for operating systems and applications. Firmware is the attack point of first contact, however, as it sits on a privileged plane within system… Continue reading Firmware Security and the Importance of Constant-Time Programming (Part – 1) →

Engineering Practices: Code Owners Craft, Reviewers Polish

In this comprehensive guide to code reviews, the importance of maintaining code health while balancing progress and quality is emphasized. The attainable nature of healthy code is highlighted, along with effective techniques for juggling speed and excellence. This guide is designed to help keep the codebase in top shape and ensure productivity within the team.… Continue reading Engineering Practices: Code Owners Craft, Reviewers Polish →

[Micro Learning] Interrupt Stack in Zephyr RISC V

Introduction The _interrupt_stack is a critical component in managing interrupt handling within the Zephyr RTOS for the RISCV32 architecture. Its primary purpose is to provide a dedicated and isolated stack for Interrupt Service Routines (ISRs), ensuring that they operate independently of thread-specific stacks. This separation is vital for preventing data corruption, improving real-time performance, and… Continue reading [Micro Learning] Interrupt Stack in Zephyr RISC V →