Embedded Expertise

Embedded Notes newsletter >>

Fixed Price vs Time & Materials

A company considers hiring an external contractor for development work. The choice between Fixed Price and Time & Materials is examined from that perspective. The discussion often focuses on risk, trust, and budget control. In practice, the real issue is usually something else. The article explains when each model makes sense, and discusses why the […]

Security Is Built, Not Assessed

In the previous article, we explored why risk-based assessment alone does not secure products, and how misusing it can lead to paper security and false closure. This article focuses on the other side of the equation: what engineers actually do when they are responsible for shipping and maintaining real products in hostile environments, without losing […]

Risk-Based Assessment Does Not Secure Products

Recently, I’ve witnessed a growing number of risk-based cybersecurity assessment trainings emerge, while far fewer initiatives focus on practical cybersecurity engineering. As a result, many product owners and decision-makers are trained to think in terms of compliance, certification, and documented risk very early in a project, at the expense of concrete engineering practices that actually […]

The Desk KPI That Reveals Project Health

Walk into any embedded development team and you can often tell whether a project is healthy long before you speak to anyone. Forget the dashboards. Forget the planning meetings. Forget the beautifully formatted KPIs. Look at the desks. Boards with flying wires, improvised jigs, power supplies balanced on top of printouts, instruments left on, multi […]

Beyond the Firewall: From Perimetric to In-Depth Security

Most embedded products start life as proofs of concept, and their security often shows it. This article explains the difference between perimetric and volumetric security, why both are essential, and why cybersecurity must be built-in, not bolted on. Perimetric vs. Volumetric Security in Embedded Systems: Why Both Matter When I get my hands on an […]

Technicians Do It Better ❤️

Technicians Do It Better

In many companies, there’s a common belief: progress on a project always requires an engineer. But this assumption is often counterproductive. An engineer is not always the best person for every task. Quite the opposite: in many situations, it’s the technician who delivers faster, more reliable, and more cost-effective results. Engineers and Technicians: Different but […]

My Project Is Doomed. What Now?

Embedded projects can be wonderfully complex. High-speed electronics, kernels, drivers, protocols, deadlines… Sometimes it all plays together like a symphony. And sometimes… it doesn’t. If you’ve ever looked at your codebase, your hardware schematic, or your project schedule and thought “this is doomed”, you’re not alone. But fear not: where there’s life, there’s hope. Here […]

What I Learned From Dusty Tubes and Glowing Dials

Nixies

Hacking vintage electronics from the 1930s has become more than a hobby for me. It’s a return to fundamentals, a study in elegance, and an ongoing reminder of how much we’ve gained (and what we’ve lost) in modern design. Here’s what I’ve learned. Hi there, I’m Thierry Durand, founder of Embedded Expertise. Most of my […]

Code Reviews: How We Do It and Why It Works

At Embedded Expertise, we’ve already shared how we approach hardware design reviews. This time, let’s look at the software side and show how good code review practices help improve quality and teamwork. Over the years we’ve refined a simple, pragmatic approach to code reviews that fits perfectly with our embedded‑systems projects. This isn’t meant to […]

Immutability: The Cornerstone of Embedded Defense

Immutability means that something cannot be altered once it has been created or deployed. In cybersecurity, this property is highly desirable: if an attacker can’t modify a system, they can’t compromise it, at least not persistently. But immutability isn’t binary. There are degrees of it, ranging from absolute (hardware-enforced) to soft, policy-based protections. Each level […]