by Gary Mintchell | Dec 9, 2025 | Embedded Control, Security
I met a new neighbor the other day. We talked a bit about what we had done in our prior employment lives. Turns out she has a friend who gave her a copy of his book. She loaned Software Test Attacks to Break Mobile and Embedded Devices by Jon Duncan Hagar to me to read. It’s 10 years old, but it seems quite contemporary. (Not that I’ve done any embedded systems programming for decades.) The book is also thorough.
After reading through it, this press release dropped into my mailbox about yet another report from a security company. If they don’t scare you into taking action on software security, they’ve overestimated their impact. Using AI as a programming assistant is all the rage currently. Reports indicate that there are good uses, but also that you had best not use AI-generated code as your final build.
This 2025 report investigates AI adoption and the security of AI-generated code in critical embedded systems. It is certainly timely.
RunSafe Security, a pioneer of cyberhardening technology for embedded systems across critical infrastructure, announced the release of its 2025 report, AI in Embedded Systems: AI Is Here. Security Isn’t. The report is a snapshot of how artificial intelligence (AI) usage is unfolding across embedded software development and provides insights into what the data means for engineering, product, and security leaders who are integrating AI into their workflows.
Surveying more than 200 professionals throughout the US, UK, and Germany who work on embedded systems in critical infrastructure, the report reveals that AI-generated code is already running in production across medical devices, industrial control systems, automotive platforms, and energy infrastructure. The report finds that AI has quickly moved from an experimental curiosity to an operational reality in embedded systems development. While adoption races forward, security concerns loom large.
Here follows the obligatory quote.
“AI will transform embedded systems development with teams deploying AI-generated code at scale across critical infrastructure, and we see this trend accelerating,” said Joseph M. Saunders, Founder and CEO of RunSafe Security. “Our report reveals an industry at an inflection point, where transformation is happening faster than security practices have evolved. Organizations that navigate it successfully will be those that maintain the same rigor with AI-generated code that they’ve traditionally applied to human-written code while also recognizing that AI introduces new patterns, risks, and security requirements. At RunSafe Security, we provide greater visibility into software and risk so organizations can properly manage their security while deploying AI in embedded systems.”
RunSafe Security’s report highlights the following key findings:
- AI is already widely used in embedded software development workflows:
- 80.5% of respondents currently use AI tools in embedded development
- 83.5% have deployed AI-generated code to production systems
- 93.5% expect usage to increase over the next two years
- Risk from AI-generated code is widely recognized, but framed as manageable if organizations modernize:
- 53% of respondents cited security as their top concern with AI-generated code
- 73% rated cybersecurity risk as moderate or higher
- Runtime resilience is a central pillar of embedded security:
- Runtime protection for AI-generated embedded software is rated “highly important” by most respondents
- 91% of respondents plan to increase investment in embedded software security over the next two years
- 60% already use runtime protections to address memory safety vulnerabilities
Click on the Follow button at the bottom of the page to subscribe to a weekly email update of posts. Click on the mail icon to subscribe to additional email thoughts.
by Gary Mintchell | Dec 8, 2025 | Robots
I just listened to two tech guys on a podcast talking about Google as a full stack AI company with its Gemini plus its own TPU chips—no reliance on Nvidia’s GPUs. Contrast with OpenAI, which only owns the software. It depends upon Nvidia for the chips and others to build the massive data centers.
Then, I receive a press release relative to industrial robotics where they tout—Bringing a new meaning to the term full-stack company, Flexiv’s own AMR platform makes the company’s entire hardware and software stack fully in-house.
Flexiv designs and builds general-purpose robotics. The company has designed an autonomous mobile vehicle product that mashes up with its robotics. Therefore, “full-stack”. Interesting. And probably useful.
Flexiv, a global leader in general-purpose robotics, is proud to announce the launch of the Flexiv Mobile Robot (FMR) 300, the company’s first self-developed autonomous mobile robot platform. Engineered to expand the operating space of Flexiv’s adaptive robots and eliminate the limitations of stationary workspaces, the FMR 300 represents a major milestone in mobile manipulation and next generation factory automation.
A few of the necessary features:
Featuring a compact footprint of 31 by 24 inches and a height of 34 inches, along with a payload capacity of 600 pounds, the FMR 300 allows customers to deploy advanced adaptive robotic solutions in space constrained environments.
Powered by a 72 Ah lithium-iron battery, the FMR 300 can operate for up to eight hours under typical workloads. If the platform detects that its battery needs recharging, it can autonomously navigate to its charging dock, enabling true “lights-out” operational capability.
When used in conjunction with a Rizon-series adaptive robot, positional errors caused by platform movement or workpiece misalignment can be compensated for as a Rizon robot can use its force sensitivity to “feel out” the exact location of the workpiece. This eliminates the need for computer vision and controlled lighting, enabling reliable operation in dynamic, unstructured environments where conventional AMR–cobot solutions typically fail.
The FMR 300 features high precision laser SLAM navigation, two-wheel differential motion control, and built in collision detection to ensure safe human robot interaction. If necessary, the platform can also incorporate computer vision for enhanced collision avoidance in crowded or highly dynamic workplaces.
One-stop Shop:
From programming software to robot arms, grippers, and now AMRs, Flexiv’s entire portfolio is developed in house. This not only makes creating complex automation solutions easier but also reduces commissioning time and troubleshooting.
by Gary Mintchell | Dec 3, 2025 | Security
Jennifer Faylor from Inductive Automation wrote this blog—Ignition 8.3 Pro Tips: Supercharge System Security—a few weeks ago offering some security tips for users of Ignition. There’s more. Check out the blog for the entire essay.
She begins, “In honor of Cybersecurity Awareness Month, this blog will delve into some of the Ignition 8.3 features that help you better secure your systems.”
The new industrial Secrets Management feature in Ignition 8.3 enables you to store secrets securely and protect them from unauthorized parties — a game-changer if you’re looking to boost SCADA password security. And coming soon in Ignition, you’ll also be able to integrate with third-party secrets management platforms such as HashiCorp Vault.
With Ignition 8.3, you get multiple layers of control system threat protection that align with the latest industrial cybersecurity standards to keep your data and assets safe. To highlight some of the new features: we’ve expanded functionality for LDAP authentication security by enabling extra LDAP attributes to be defined for the Active Directory, AD/Database Hybrid, and AD/Internal Hybrid user sources. We’ve also added two additional properties for nested group membership lookup and group role attributes for the Active Directory user source. Three new properties are now available for Ignition Internal Authentication: “Prohibit Password,” “Prohibit Username,” and “Maximum Consecutive Repeated Characters.” And the Administrator role is now automatically listed under the Authenticated/Roles security level when installing a fresh gateway.
The new security features also enable integrators to have visibility of a system’s configuration, while still maintaining good security for the system.
You can majorly step up your SCADA communication security thanks to one important new 8.3 feature: more secure data serialization with Remote Procedure Call (RPC) technology that uses Google Protobuf instead of Java serialization.
by Gary Mintchell | Nov 26, 2025 | Automation, News, Robots, Technology
The only news emanating from Automation Fair last week was the announcement of a plan to build a 1 million sq ft manufacturing and warehousing facility in southeast Wisconsin. Executives also reinforced earlier news regarding its regrouping of the cybersecurity SecureOT Solution Suite and the new ControlLogix 5590.
Executives appeared before the assembled media and analyst folks attending to highlight areas of emphasis that Rockwell Automation wished to promote. These talks were enlightening about the current state of Rockwell Automation’s thinking on what is important in this market and where Rockwell fits at this time.
Bob Buttermore, senior vice president, chief supply chain officer, has often appeared as the point person for using Rockwell products and services to improve internal and external supply chains within the company. Part of the new plant announcement included investing $2B in Rockwell operations to test and prove the next generation of industrial technology.
Our existing facilities in Singapore, Twinsburg and Milwaukee serve as live innovation labs, showing how new tools and processes perform in real-world manufacturing. These plants give customers a front-row seat to breakthrough solutions and demonstrate how Rockwell is shaping the future of smart, efficient and resilient manufacturing.
The old Silicon Valley phrase was “eating your own dog food.” The today Rockwell Automation version is Rok on Rok. Buttermore told us the team in Singapore took initiative to work with the local government and internal Rockwell resources to bring reality to “factory of the future” improvements. Learnings from that initiative are being applied within the Twinsburg, Ohio facility. They will be used to build the new Wisconsin facility when the time comes.
Special kudos to Buttermore for going beyond the pablum “we use AI” phrase to pinpointing which aspects of AI are used where. So refreshing to get something closer to specifics.
Speaking of AI, Rockwell has an executive in charge. Jordan Reynolds, Vice President, Artificial Intelligence & Autonomy, spoke about companies going beyond embedding AI in technology by incorporating it in workflows, and further using it to empower the people using the technology.
His talking point—As AI becomes more deeply embedded in operations, manufacturers must ensure their teams are not only equipped with the right skills but also confident in using AI to make faster, smarter decisions. In fact, 47% of manufacturers responded that AI comfortability is a “very important skill” in their workforce according to the 2025 State of Smart Manufacturing Report, which marks a 10% increase from 2024.
Sustainability remains an important mission. A panel brought together leaders from Circulor, Bolder Industries, and Utility Global to discuss how their innovations are accelerating the transition to a low-carbon future. The conversation highlighted the role of circular manufacturing, supply chain transparency, and clean hydrogen in building reliable and sustainable energy infrastructure. Panelists discussed overcoming regulatory, operational, and technological challenges through strategic partnerships and advanced automation.
My long history with Rockwell Automation includes nothing about robotics. Given a couple of recent acquisitions, the company has a new vice president of robotics, Ryan Gariepy. He was CTO of OTTO, the recently acquired AMR company. He’s excited about bringing together the array of robotics technology. This includes software Unified Robot Control and software-defined automation. Mobile with Clearpath development platform and the OTTO Autonomous Mobile Robotics. An integration ecosystems with Emulate 3D and OTTO Fleet Manager.
Running the anchor leg of the relay was Dan DeYoung, Vice President & General Manager, Design & Control. We saw him later showing off the ControlLogix 5590. This session focused on the future of software-defined automation. Rockwell sees the future of industrial automation as one where control systems can rapidly adapt and grow as new disciplines emerge. “With software defined automation, we are rethinking how robotics, vision, AI and ML come together with the core strengths of our multidiscipline control. Our focus is on creating an environment where these technologies can be integrated with speed and simplicity, shaping a future where automation is more flexible, scalable and ready for what’s next.”
It was at this point that a question from the audience asked about adoption of IEC 61131 programming and especially about the PLCOpen nirvana of write once/run anywhere. That is, write control code in your IDE of choice in a 61131 language and then target control platforms from any vendor. There was no comment. (Something I expected.) As Ed Sheeran put it, I was Thinking Out Loud on this longer thought piece about that topic.
Click on the Follow button at the bottom of the page to subscribe to a weekly email update of posts. Click on the mail icon to subscribe to additional email thoughts.
by Gary Mintchell | Nov 25, 2025 | Automation, Embedded Control, Standards
The comment brought memories from many years ago when I first heard about a new programming language/operating system. Java. I rushed to the local bookstore to purchase a book. It was huge. I downloaded the Java Development Kit. Eventually, I downloaded eclipse, an IDE for writing Java.
The key marketing message for Java? Write once, run everywhere. You just had to have a target to download the code to a runtime instance.
The comment that brought back ancient memories occurred during a briefing at the Rockwell Automation Automation Fair event in November.
Executives from Rockwell were discussing how their latest control platforms were amenable to software defined automation. A colleague asked about their support for IEC 61131 programming languages, especially about the part where they hope to have “write once/run anywhere” programmable controller code. That is, write a control program in the void, then download to any target be it Rockwell Automation, Siemens, ABB, or name your favorite.
The executives returned a blank stare. The inquisitor said that he supposed that that was a “no.”
I had long forgotten that nirvana of PLC Open. Discussions often grew heated in the early part of the century on this topic. Personally, I don’t see how it can happen. To bring that hope of PLCOpen to fruition, all controller manufacturers would have to agree to commoditize their hardware. Some users may think that driving control to commodity to reduce the cost would be good. But that would disincentivize innovation.
That’s not going to happen.
In fact, looking at software-defined and model-based programming with AI assistance, I wonder how long IEC61131 will be necessary.
I’m quoting Ed Sheeran and just “Thinking Out Loud.” Where will all this go? What impact will the ubiquitous AI have on this entire discussion—if any? What will machine control look like in 10 years?
Click on the Follow button at the bottom of the page to subscribe to a weekly email update of posts. Click on the mail icon to subscribe to additional email thoughts.
by Gary Mintchell | Nov 21, 2025 | Automation, Embedded Control, Industrial Computers, News
The Rockwell Automation Control team could not contain their enthusiasm for their latest product—ControLogix 5590. Yes, they are master at branding 😉 I saw long-time contact Dennis Wylie on the show floor. He shared his excitement with me there—and later.
At a later gathering of media and analyst people, the team talked up the product. The marketing team has chosen the word “powerhouse” to best describe the advances included in the product. The last controller news that came my was was years ago, so I’m a bit rusty analyzing this. See below for a list of capabilities and features. I’m sure machine designers and other automation geeks will love this.
Rockwell Automation announced the highly anticipated launch of its newest controller, ControlLogix 5590, the powerhouse at the core of the Logix platform. Designed to meet the evolving demands of modern manufacturing, this all-in-one controller delivers seamless software integration and multidiscipline control across the enterprise to streamline operations like never before.
All in one refers at the least to including safety as part of the package.
Manufacturers are navigating a perfect storm of challenges, from rising global competition and workforce shortages to growing safety and security risks. Contributing to the complexity are disconnected control and data systems built on propriety technologies, which limit flexibility and keep costs high. The ControlLogix 5590 controller is a purpose-built solution to help manufacturers tackle these challenges with ease and take control of their operations.
“The ControlLogix 5590 controller isn’t just an upgrade, it’s a powerhouse engineered for the future of industrial automation,” said Dan DeYoung, global vice president and general manager, production design & control, Rockwell Automation. “We’re giving our customers the ability to build smarter and more secure systems right out of the box, with a platform designed to meet the demands of today and ready to scale for tomorrow.”
Key capabilities of the ControlLogix 5590 controller include:
- Integrated Safety: Every ControlLogix 5590 controller includes advanced, integrated functional safety capabilities designed to help protect people, equipment and operations, without the need for separate safety models. Certified to meet rigorous global standards, it helps customers build safer systems with less complexity and more confidence.
- Powerful Performance for Demanding Applications: Delivers high-speed processing and expanded memory capacity to support complex operations. From process and batch to discrete, motion and robotics applications – the ControlLogix 5590 controller is ideal for manufacturers looking to design scalable architecture, optimize throughput and drive efficiency on a single high-performance and interoperable platform.
- Built-In Cybersecurity: Includes built-in security features designed to help protect systems from current and emerging cyber threats. These protections are based on global standards (IEC 62443) and help customers keep their operations connected and compliant with modern security requirements.
- Streamlined Engineering Experience with a Unified Software Suite: A unified software suite, including Studio 5000 Logix Designer® and FactoryTalk® Design Studio™*, helps streamline development, accelerate deployment and simplify workflows across the enterprise.
Key Features:
- Up to 80 MB user memory
- Integrated Dual 1-Gigabit Ethernet ports with CIP Security
- Expanded and scalable performance for motion and safety applications
- Higher performance for high availability process systems
- Integration with Studio 5000 and FactoryTalk platforms
Click on the Follow button at the bottom of the page to subscribe to a weekly email update of posts. Click on the mail icon to subscribe to additional email thoughts.
