Wilfred Nilsen, Founder & CTO of Real Time Logic, has 28 years' experience in designing embedded software. Powered by a vision of connected embedded systems, he designed the Barracuda Application Server, tailoring it for the small footprint, real-time needs of embedded microprocessors.


's contributions
    • As an embedded engineer, chances are that you have already worked on an embedded web server and have an understanding of the HTTP protocol or even AJAX and REST protocols. Still, traditional methods for transferring data between the browser and device may not be the best option.

    • SMQ is an easy to use IoT (M2M) publish subscribe protocol designed and optimized for embedded systems providing instantaneous Edge Node connectivity.

    • Scaprile, This article focuses on embedded systems that require multi user capabilities, such as a PLC. A small microcontroller has limited memory and should focus on user interfaces that one person can use at a time. Having said that, a solution built around a WebSocket server will use less resources than a solution based on the traditional GET/POST web server concept. The reason for this is that a WebSocket server designed for a microcontroller is typically smaller than a web server and, in particular, the web based Single Page UI app/solution (client and server) built specifically for use with WebSockets will be much smaller than a traditional GET/POST solution. Check out the Minnow Server. This WebSocket server is also designed for being used with Single Page Applications, but targets small microcontrollers: Designing a web interface for device management that is using WebSockets for the communication is just easier and faster to design and build than using GET/POST/AJAX/REST.

    • Jean-Claude, Yes, the ESP8266 is a great choice for systems that simply need a small micro controller. However, this article focuses on larger embedded systems where multi user UI capabilities are required. An ESP8266 is not a good candidate for a multi user UI. Since you like the ESP8266, you should check out our easy to use web based FreeRTOS/lwIP ESP8266 IDE, which includes many secure protocol stacks and examples.

    • That is a good question. How safe is a Hardware Security Module (HSM) vs. a microcontroller where the JTAG fuse is physically blown? One would have to decap the chip and find a way to extract the firmware directly from the chip. Would it be possible to decap a Hardware Security Module? The negative with HMS is that it increases the production cost. One could make it very difficult to find the username/password combo even if a hacker managed to decap the chip and extract the firmware. A binary password would be very difficult to find in the firmware since one could not use a tool for finding it (searching the firmware). Encryption is in no way bulletproof regardless of method used to protect it. Encryption is about making it difficult and very expensive for a hacker to gain access.

    • Commercial entities can also use this solution. See the following page for details: However, we wanted to focus on the learning aspect in this article since many developers are unfamiliar with setting up a secure IoT solution. I also recommend viewing the following video which takes you through the entire process of setting up the chain of trust for your IoT solution. The video, which is available on YouTube, provides a practical example that you can follow and setup on your own computer for learning purposes. Video link: