PDA

View Full Version : IDEA:portable binaries could be very usefull



ippisl
06-01-2013, 09:24 AM
When talking with professional developers about the arduino , their biggest problem is IP protection. Since the licensing terms of the arduino only talk about a need for updating core libraries, and if arduino developer community are also OK with it , i think a solution for portable binaries[1] could enable a combination of application code protection but library update.

This possibly make the arduino a potential platform for many professional developers, which is great because it'll help the community. It will also let more people use arduino in commercial designs. And the teensy 3 is perfect for this goal(great price and price/performance and peripherals).

Of course it all depends on community acceptance.

Thanks , and best regards.

[1]How to implement portable binaries on an MCU :
http://www.microcontrollercentral.com/author.asp?section_id=2473&doc_id=264102&

adrianfreed
06-01-2013, 02:51 PM
How does your solution differ from the classical dynamic loading model:
http://en.wikipedia.org/wiki/Dynamic_loading ?

ippisl
06-01-2013, 04:49 PM
How does your solution differ from the classical dynamic loading model:
http://en.wikipedia.org/wiki/Dynamic_loading ?

As far a i know , dynamic loading wasn't available on microcontrollers, and this is just a method to implement something similar on them.

PaulStoffregen
06-01-2013, 05:14 PM
I hear a lot of requests for a lot of different types of features, but I believe this is the very first time I've heard this specific pseudo-dynamic binary loading. So far, I really don't understand what value such binary loading really adds.

adrianfreed
06-01-2013, 05:19 PM
We used it in the late 1970's on the microcontrollers of the day. The C compiler
I wrote for the 6809 took advantage of the relatively new feature of offset reference instructions
that made it very efficient. It was quite common to "page" code dynamically into larger applications
from floppy disk in those days when a full OS wasn't available. If I remember correctly this is how
the Fairlight CMI worked.

adrianfreed
06-01-2013, 05:29 PM
The "modern" take on this developed by my colleagues at the Parlab is sejits http://www.armandofox.com/geek/home/sejits/ In many situations dynamic synthesis of code of this sort will beat C or C++ in performance. This makes executable binary representations of programs the least interesting in terms of performance and reliability.

It is hard to see how the millions of applications in embedded control in the "internet of things" space can be written without source code sharing. How can we demonstrate safety and security without access to the source code? Only a few really large companies (like Toyota) will be able to afford to warrant their code privately. This is different from Desktop OS and applications where the norm is low quality programming because you can just "reboot" or "relaunch".
For more of this: http://www.terraswarm.org

adrianfreed
06-01-2013, 05:42 PM
It looks to me like Tyler Gilbert is suggesting we go down this road well traveled: http://en.wikipedia.org/wiki/OS-9

"As a consequence of early pervasive design decisions taking advantage of the easily used reentrant object code capabilities of the 6809 processor, programs intended for OS-9 are required to be reentrant; compilers produce reentrant code automatically and assemblers for OS-9 offer considerable support for it. OS-9 also uses position independent code and data because the 6809 also supported it directly; compilers and assemblers supported position independence. The OS-9 kernel loads programs (including shared code), and allocates data, wherever sufficient free space is available in the memory map. This allows the entire OS and all applications to be placed in ROM or Flash memory, and eases memory management requirements when programs are loaded into RAM and run. Programs, device drivers, and I/O managers under OS-9 are all 'modules' and can be dynamically loaded and unloaded (subject to link counts) as needed."

This is not surprising since this development was part of the transition from 8-bit to 16/32-bit processors. Presumably it wont take this generation as long to (re) discover operating systems, group semaphores and some of the other gems missing in Arduinoland, e.g., http://tessellation.cs.berkeley.edu

ippisl
06-01-2013, 05:48 PM
Paul,

The biggest barrier for professionals to use the arduino is the need to share object code. They view it as sharing of IP they worked hard on(even it's not source code) , increasing the risk of cloning and just avoid it.

If some mechanism was both compatible with the arduino licensing terms(which require ability to upgrade core libraries) and the need to protect personal IP as strongly as possible, it will probably help some of them use the arduino for commercial products.

I view this pseudo dynamic loading as a way to store personal IP binaries in protected flash , while offering the ability to the user to install updated libraries and keeping in line with the arduino license.

ippisl
06-01-2013, 05:58 PM
Adrian

No doubt that open source delivers less buggy systems.

But people have to use this open source in commercial systems, and currently they don't.

Isn't it better just to create a huge amount of high quality open source libraries, with most of the code and the hardest to verify code(say security code) will be open. And use some closed source code , but as little as possible ? And that this will be widely deployed ?

PaulStoffregen
06-01-2013, 06:05 PM
But people have to use this open source in commercial systems, and currently they don't.


Perhaps they do, and simply disregard the license?

I know code I've published has ended up in lots of unexpected places.

ippisl
06-01-2013, 06:25 PM
Some probably do and disregard the license.

But for many(maybe most) mcu developers the legal risks of doing are so are something they're not willing to make, especially that they can use something like mbed(even tough it has smaller community and libs).

adrianfreed
06-01-2013, 07:50 PM
I can't agree that open source delivers less buggy systems. Large companies with flight safety or vehicle safety challenges
hire the smartest eyes and tool builders they can find and their verification tools give a level of confidence that has no equivalent
in the open source world (except perhaps for the few that avail themselves of http://ptolemy.berkeley.edu/ptolemyII/).

The LGPL is a curious choice by the Arduino team: " The LGPL does, however, require you to make available object files that allow for the relinking of the firmware against updated versions of the Arduino core and libraries. "
The problem is that even if people did make this relinking easy (the ArduinoIDE doesn't), you wouldn't be able to trust a newly relinked program
to have the same behavior as before or the desired behavior. Allowing people to relink would reduce the safety of embedded systems. My advice to commercial developers is to use the DIY ecosystem for agile development of prototypes and then carefully engineer the production device
using sound software and hardware engineering practice. Professional developers can very quickly identify numerous problems with a cursory
glance at the Arduino core and libraries.

linuxgeek
06-01-2013, 08:41 PM
Correct me if I'm wrong, but the requirement is that one has to provide object files for linking. This is identical to the requirements of nvidia for providing their proprietary drivers to load from the kernel. Right? Or is dynamic loading available in linux, qualitatively different than linking object files with arduino?

If nvidia is providing drivers and comfortable with protecting their IP, would it be any different with arduino?

Is it a concern of someone using the object files in another product, or de-compliling the object files, or alter the product with new code?

I do think it's a worthy goal to have arduino to not only be used for prototyping, but also thru to the end product.
As I see it, open-source works really well for common needs. And lots of people need a MCU to talk to stuff (sensors, ADC, SPI, i2c, relays, etc).
Lots of people need an operating system (linux), and lots of people need an office suite (libreoffice), a web stack (apache) and those projects have done very well.
When you get to uncommon needs (niche products), copy-left does not work as well. In these areas, opensourcing the IP may prevent one from having any commercial viability. Of course niche products, sometimes become pervasive, and sometimes they may get opensourced, which would be easier if you started with a opensource codebase.

I can imagine that some industries may require restrictions on allowing changing of firmware. But I imagine that there's a way to prevent someone from flashing the firmware, while still allowing the producer to flash it. Such as having to provide a key (which would not need to be opensourced) to flash the firmware. I don't know how hard that would be to implement.

ippisl
06-01-2013, 08:44 PM
Adrian,

1. You're right than safety systems have the best code, but it's a unique development environment. But for a large percentage of casual usage systems the open source model offers a better model with less bugs.

2. The LGPL is a weird choice, i agree. It would be very hard to trust a relinked program.And whoever does it carries the responsibility. But most people won't use it , especially if you give some warning or removal of warranty.

But that's the licensing it has.

3. Yes the arduino is far from optimal but with the capabilities of today's mcu's it's less important for many tasks.

But is it more buggy ? Even firmware code you get from microcontroller companies is pretty buggy , so hopefully the arduino with the many eyes who pass over it , is less so ?

ippisl
06-01-2013, 09:25 PM
linuxgeek,

Nvidia does release object files but they still control the hardware(pretty hard to build) so it's harder to copy them.

I think one fear is straight cloning using the object files

Anyway, i'm just saying what other embedded developers i talked to told about the arduino: they don't like the IP protection given under the license.

And one way to solve this is this idea.

adrianfreed
06-02-2013, 12:08 AM
Another way is to rewrite the Arduino core and libraries and offer it with a less restrictive license.

You could name it Freeduino after me.

Oops! Somebody already took my name and used it for something else.

linuxgeek
06-02-2013, 05:57 AM
I imagine Paul has gotten pretty close to rewriting most of everything by now. He could release his code under a different license. Of course I have no idea how he would feel about a different license, but I think he mentioned considering forking arduino at one point. It wouldn't take too many commercial contributors to fill in the missing pieces.