editor's blog
Subscribe Now

A Vote for Java

I don’t know this for sure, but I can imagine that some marketing folks at STMicroelectronics were less than thrilled by the high-profile Java issues ricocheting through the airwaves a couple weeks ago. My colleague Jim Turley engendered some back-and-forth with his analysis of the appropriateness of Java in embedded systems in particular.

It was not but a few days after this had barely disappeared from the headlines that ST announced their STM32Java development kit for developing Java applications on embedded systems. Such an announcement might have been routine on any other week. (Of course, had it been routine, you might not be reading about it here…)

I just had to check in with ST’s Michael Markowitz; the question was just sitting there like a lonely technical support hotline agent with no calls in the queue: “Ask me!” The issue, of course, is security. Will using Java in white goods ultimately allow the dryer to infect the washing machine? Could a WiFi-enabled cordless drill be instructed by a trench-coat-wearing lurker behind the boxwood to stop drilling the furniture and turn on its master instead? Could a smart showerhead be maliciously configured by an unauthorized plumber to broadcast pictures to the Internet?

OK, I didn’t ask those questions specifically. It’s early, OK? I’m still not far into my cuppa Joe, blundering about a bit in that happy gray zone between waking and sleeping. But I did ask for comment regarding the blaring warnings that were still echoing off the hillsides. Having checked with the team, Michael responded  that, as far as they could tell, the issue wasn’t intrinsic to Java specifically, but rather was related to “a badly programmed library, that… allows a program to access another program on the host machine,… crossing the ‘sand box.’” Having no such concept in its architecture, STM32Java would therefore not be affected.

So the simple answer would then be, “Not an issue.” Of course, this deals specifically with the one vulnerability identified in the latest brouhaha. There are those that take issue with Java generically: this doesn’t address that. But, given the amount of opinion and philosophy that accompanies this debate, I can only conclude that there are no fundamental facts to settle the issue one way or another. It would seem that abandoning Java on computers would be reasonably disruptive; if it migrates onto embedded systems in a universal way, we’ll be just that much more strongly wedded to it.

ST, at the very least, is moving forward undeterred. You can read more about it in their release.

Leave a Reply

featured blogs
Mar 20, 2019
Over the past few years, 3D modeling capabilites on Samtec.com have progressed immensely. We’ve gone from a small library of static files to a massive library of dynamically generated models, that can be downloaded as virtually any file type, in just a few seconds. Thou...
Mar 20, 2019
One big highlight of the RSA conference is always The Cryptographers' Panel. This year the panel was: Ronald Rivest, the R of RSA. Whitfield Diffie, legendary cryptographer. Paul Kocher, who... [[ Click on the title to access the full blog on the Cadence Community site....
Mar 19, 2019
Deeper Dive into Non-Trivial Bug Escapes and Safety Critical Designs This blog is a continuation of a series of blogs related to the 2018 Wilson Research Group Functional Verification Study (click here).  In my previous blog (click here), I presented verification results fin...
Jan 25, 2019
Let'€™s face it: We'€™re addicted to SRAM. It'€™s big, it'€™s power-hungry, but it'€™s fast. And no matter how much we complain about it, we still use it. Because we don'€™t have anything better in the mainstream yet. We'€™ve looked at attempts to improve conven...