Wilfred Nilsen, Founder & CTO of Real Time Logic, has 28 years' experience in designing embedded software. Powered by a vision of connected embedded systems, he designed the Barracuda Application Server, tailoring it for the small footprint, real-time needs of embedded microprocessors.


's contributions
    • Getting started with embedded development can be difficult and expensive, but in this article I will show you how to spin up FreeRTOS and the lwIP TCP/IP stack on a WiFi chip with a secure embedded web server in less than 30 minutes on a super low cost device.

    • As an embedded engineer, chances are that you have already worked on an embedded web server and have an understanding of the HTTP protocol or even AJAX and REST protocols. Still, traditional methods for transferring data between the browser and device may not be the best option.

    • SMQ is an easy to use IoT (M2M) publish subscribe protocol designed and optimized for embedded systems providing instantaneous Edge Node connectivity.

    • Whoa, lots of questions. This post was meant as a short introduction. If you had navigated to GitHub, you would have seen the long list of supported RTOSs, TCP/IP stacks, etc.. You would have also seen that it can use lwIP without an RTOS, but that in my opinion really sucks big time. Embedded systems using networking (TCP or UDP) need to move to using an RTOS, period! SSI/CGI is old school. If you carefully pay attention to the information on GitHub, you will see that it includes a great reference example that teaches developers how to take advantage of WebSockets and replace the horrible SSI/CGI stuff, which will definitely not work if you ever intend to TLS enable your server. The 41K is for the web application, which is loaded on demand into the browser. This is super small for a modern web application. You can design something smaller, but then it will look as if it was designed in the 1990s. Maybe your customers are OK with that, but I think most users today demand something that looks a bit more professional.

    • Scaprile, This article focuses on embedded systems that require multi user capabilities, such as a PLC. A small microcontroller has limited memory and should focus on user interfaces that one person can use at a time. Having said that, a solution built around a WebSocket server will use less resources than a solution based on the traditional GET/POST web server concept. The reason for this is that a WebSocket server designed for a microcontroller is typically smaller than a web server and, in particular, the web based Single Page UI app/solution (client and server) built specifically for use with WebSockets will be much smaller than a traditional GET/POST solution. Check out the Minnow Server. This WebSocket server is also designed for being used with Single Page Applications, but targets small microcontrollers: Designing a web interface for device management that is using WebSockets for the communication is just easier and faster to design and build than using GET/POST/AJAX/REST.

    • Jean-Claude, Yes, the ESP8266 is a great choice for systems that simply need a small micro controller. However, this article focuses on larger embedded systems where multi user UI capabilities are required. An ESP8266 is not a good candidate for a multi user UI. Since you like the ESP8266, you should check out our easy to use web based FreeRTOS/lwIP ESP8266 IDE, which includes many secure protocol stacks and examples.

    • That is a good question. How safe is a Hardware Security Module (HSM) vs. a microcontroller where the JTAG fuse is physically blown? One would have to decap the chip and find a way to extract the firmware directly from the chip. Would it be possible to decap a Hardware Security Module? The negative with HMS is that it increases the production cost. One could make it very difficult to find the username/password combo even if a hacker managed to decap the chip and extract the firmware. A binary password would be very difficult to find in the firmware since one could not use a tool for finding it (searching the firmware). Encryption is in no way bulletproof regardless of method used to protect it. Encryption is about making it difficult and very expensive for a hacker to gain access.

    • Commercial entities can also use this solution. See the following page for details: However, we wanted to focus on the learning aspect in this article since many developers are unfamiliar with setting up a secure IoT solution. I also recommend viewing the following video which takes you through the entire process of setting up the chain of trust for your IoT solution. The video, which is available on YouTube, provides a practical example that you can follow and setup on your own computer for learning purposes. Video link: