by Gary Mintchell | Dec 9, 2025 | Embedded Control, Security
I met a new neighbor the other day. We talked a bit about what we had done in our prior employment lives. Turns out she has a friend who gave her a copy of his book. She loaned Software Test Attacks to Break Mobile and Embedded Devices by Jon Duncan Hagar to me to read. It’s 10 years old, but it seems quite contemporary. (Not that I’ve done any embedded systems programming for decades.) The book is also thorough.
After reading through it, this press release dropped into my mailbox about yet another report from a security company. If they don’t scare you into taking action on software security, they’ve overestimated their impact. Using AI as a programming assistant is all the rage currently. Reports indicate that there are good uses, but also that you had best not use AI-generated code as your final build.
This 2025 report investigates AI adoption and the security of AI-generated code in critical embedded systems. It is certainly timely.
RunSafe Security, a pioneer of cyberhardening technology for embedded systems across critical infrastructure, announced the release of its 2025 report, AI in Embedded Systems: AI Is Here. Security Isn’t. The report is a snapshot of how artificial intelligence (AI) usage is unfolding across embedded software development and provides insights into what the data means for engineering, product, and security leaders who are integrating AI into their workflows.
Surveying more than 200 professionals throughout the US, UK, and Germany who work on embedded systems in critical infrastructure, the report reveals that AI-generated code is already running in production across medical devices, industrial control systems, automotive platforms, and energy infrastructure. The report finds that AI has quickly moved from an experimental curiosity to an operational reality in embedded systems development. While adoption races forward, security concerns loom large.
Here follows the obligatory quote.
“AI will transform embedded systems development with teams deploying AI-generated code at scale across critical infrastructure, and we see this trend accelerating,” said Joseph M. Saunders, Founder and CEO of RunSafe Security. “Our report reveals an industry at an inflection point, where transformation is happening faster than security practices have evolved. Organizations that navigate it successfully will be those that maintain the same rigor with AI-generated code that they’ve traditionally applied to human-written code while also recognizing that AI introduces new patterns, risks, and security requirements. At RunSafe Security, we provide greater visibility into software and risk so organizations can properly manage their security while deploying AI in embedded systems.”
RunSafe Security’s report highlights the following key findings:
- AI is already widely used in embedded software development workflows:
- 80.5% of respondents currently use AI tools in embedded development
- 83.5% have deployed AI-generated code to production systems
- 93.5% expect usage to increase over the next two years
- Risk from AI-generated code is widely recognized, but framed as manageable if organizations modernize:
- 53% of respondents cited security as their top concern with AI-generated code
- 73% rated cybersecurity risk as moderate or higher
- Runtime resilience is a central pillar of embedded security:
- Runtime protection for AI-generated embedded software is rated “highly important” by most respondents
- 91% of respondents plan to increase investment in embedded software security over the next two years
- 60% already use runtime protections to address memory safety vulnerabilities
Click on the Follow button at the bottom of the page to subscribe to a weekly email update of posts. Click on the mail icon to subscribe to additional email thoughts.
by Gary Mintchell | Nov 25, 2025 | Automation, Embedded Control, Standards
The comment brought memories from many years ago when I first heard about a new programming language/operating system. Java. I rushed to the local bookstore to purchase a book. It was huge. I downloaded the Java Development Kit. Eventually, I downloaded eclipse, an IDE for writing Java.
The key marketing message for Java? Write once, run everywhere. You just had to have a target to download the code to a runtime instance.
The comment that brought back ancient memories occurred during a briefing at the Rockwell Automation Automation Fair event in November.
Executives from Rockwell were discussing how their latest control platforms were amenable to software defined automation. A colleague asked about their support for IEC 61131 programming languages, especially about the part where they hope to have “write once/run anywhere” programmable controller code. That is, write a control program in the void, then download to any target be it Rockwell Automation, Siemens, ABB, or name your favorite.
The executives returned a blank stare. The inquisitor said that he supposed that that was a “no.”
I had long forgotten that nirvana of PLC Open. Discussions often grew heated in the early part of the century on this topic. Personally, I don’t see how it can happen. To bring that hope of PLCOpen to fruition, all controller manufacturers would have to agree to commoditize their hardware. Some users may think that driving control to commodity to reduce the cost would be good. But that would disincentivize innovation.
That’s not going to happen.
In fact, looking at software-defined and model-based programming with AI assistance, I wonder how long IEC61131 will be necessary.
I’m quoting Ed Sheeran and just “Thinking Out Loud.” Where will all this go? What impact will the ubiquitous AI have on this entire discussion—if any? What will machine control look like in 10 years?
Click on the Follow button at the bottom of the page to subscribe to a weekly email update of posts. Click on the mail icon to subscribe to additional email thoughts.
by Gary Mintchell | Nov 21, 2025 | Automation, Embedded Control, Industrial Computers, News
The Rockwell Automation Control team could not contain their enthusiasm for their latest product—ControLogix 5590. Yes, they are master at branding 😉 I saw long-time contact Dennis Wylie on the show floor. He shared his excitement with me there—and later.
At a later gathering of media and analyst people, the team talked up the product. The marketing team has chosen the word “powerhouse” to best describe the advances included in the product. The last controller news that came my was was years ago, so I’m a bit rusty analyzing this. See below for a list of capabilities and features. I’m sure machine designers and other automation geeks will love this.
Rockwell Automation announced the highly anticipated launch of its newest controller, ControlLogix 5590, the powerhouse at the core of the Logix platform. Designed to meet the evolving demands of modern manufacturing, this all-in-one controller delivers seamless software integration and multidiscipline control across the enterprise to streamline operations like never before.
All in one refers at the least to including safety as part of the package.
Manufacturers are navigating a perfect storm of challenges, from rising global competition and workforce shortages to growing safety and security risks. Contributing to the complexity are disconnected control and data systems built on propriety technologies, which limit flexibility and keep costs high. The ControlLogix 5590 controller is a purpose-built solution to help manufacturers tackle these challenges with ease and take control of their operations.
“The ControlLogix 5590 controller isn’t just an upgrade, it’s a powerhouse engineered for the future of industrial automation,” said Dan DeYoung, global vice president and general manager, production design & control, Rockwell Automation. “We’re giving our customers the ability to build smarter and more secure systems right out of the box, with a platform designed to meet the demands of today and ready to scale for tomorrow.”
Key capabilities of the ControlLogix 5590 controller include:
- Integrated Safety: Every ControlLogix 5590 controller includes advanced, integrated functional safety capabilities designed to help protect people, equipment and operations, without the need for separate safety models. Certified to meet rigorous global standards, it helps customers build safer systems with less complexity and more confidence.
- Powerful Performance for Demanding Applications: Delivers high-speed processing and expanded memory capacity to support complex operations. From process and batch to discrete, motion and robotics applications – the ControlLogix 5590 controller is ideal for manufacturers looking to design scalable architecture, optimize throughput and drive efficiency on a single high-performance and interoperable platform.
- Built-In Cybersecurity: Includes built-in security features designed to help protect systems from current and emerging cyber threats. These protections are based on global standards (IEC 62443) and help customers keep their operations connected and compliant with modern security requirements.
- Streamlined Engineering Experience with a Unified Software Suite: A unified software suite, including Studio 5000 Logix Designer® and FactoryTalk® Design Studio™*, helps streamline development, accelerate deployment and simplify workflows across the enterprise.
Key Features:
- Up to 80 MB user memory
- Integrated Dual 1-Gigabit Ethernet ports with CIP Security
- Expanded and scalable performance for motion and safety applications
- Higher performance for high availability process systems
- Integration with Studio 5000 and FactoryTalk platforms
Click on the Follow button at the bottom of the page to subscribe to a weekly email update of posts. Click on the mail icon to subscribe to additional email thoughts.
by Gary Mintchell | Mar 17, 2025 | Embedded Control
Festo never ceases to amaze me with their pneumatics advances. Here introducing digital closed-loop control.
Festo introduces Controlled Pneumatics, a digital closed-loop control strategy for delivering energy efficiency, high dynamic response, and precision movement. Controlled Pneumatics is an ideal solution for web tensioning; welding; surface processing; flexible gripping, including vacuum gripping; dispensing and pumping; PET bottle blowing; and diaphragm pump control.
Controlled Pneumatics lowers compressed air usage by up to 50%. The reduction in energy improves the sustainability of the operation by lowering carbon dioxide (CO2) emissions from electricity generation. Precise proportional pressure control also conserves gases used in food and beverage, chemical, and semiconductor processing applications.
Controlled Pneumatic systems are composed of digitally controlled proportional pressure regulators, sensors, high-speed communications, and control algorithms. Controlled Pneumatics proportional pressure regulators feature piezoelectric valves, a technology Festo has been applying for decades and now mass produces.
Piezoelectric valves consume 95% less energy than solenoid valves. Piezoelectric valves open proportionally for precision control of pressure and flow and are fast acting for highly dynamic applications. Closed-loop control of these valves ensures an accurate, stable, and linear flow rate – without hysteresis. Repetition accuracy is rated at +/-0.25% of setpoint. Piezoelectric valves do not generate heat and can be densely packed. Low friction prolongs service life. These valves have a peak particle size per switching cycle of 0.1 μm, which is about five times smaller than proportional pressure regulators that do not use piezoelectric valves. These valves operate silently.
The Festo Controlled Pneumatics product range includes the VPPI proportional pressure regulator for high flow rate applications. The VTEM motion terminal is used for multi-channel control of large and small workpieces. The VEAB low flow rate proportional pressure regulator is designed for highly precise applications. The VTEP is a compact valve terminal for multi-channel low flow rate pressure control. It features high precision and dynamic response. These proportional pressure regulators can be used in addition with solenoid valves for hybrid functionality. The VEAB is a proportional pressure control valve for pressure ranges up to 6 bar. The VEFC is a compact mass flow controller for inert gasses.
Festo offers control algorithms to operate the VTEM Motion terminal, including:
- Flow control
- Selectable pressure level
- Positioning over the entire stroke of the cylinder
- Preset travel time
- Operating actuators with minimum pressure
- Leakage diagnostics
- Soft stop
- Model-based proportional pressure regulation (no need for external sensors)
- Proportional pressure regulation – two pressure regulators per valve slice at the two valve outlets that can be used to regulate pressures independently of each other, including vacuum.
These algorithms can be downloaded as apps on demand for the VTEM motion terminal.
Case studies:
A silicon wafer manufacturing plant applied Controlled Pneumatics to its Nitrogen gas (N2) purge application. Controlled Pneumatics cut N2 flow rate for oxygen flushing by 75%. For every 1,000 nitrogen purge systems, the plant saved $163,000 (U.S. dollars) in lower energy costs. The reduced energy lowered CO2 emissions from energy generation by 1,045 metric tons. In other words, Controlled Pneumatics removed CO2 emissions equivalent to burning 1.2 million pounds of coal.
At a tire manufacturing plant, small pneumatic cylinders were used to apply various tread patterns, depending on the layer of rubber being applied. These cylinders had to be precisely controlled in a pressure range of 0.05 to 8 bar. Previously, a proportional valve was used for each individual pressure zone in this application. The multi-channel VTEM motion terminal reduced valve slices by 50%. For the application’s control algorithm, the plant used model-based control for proportional pressure, which did not require external sensors.
by Gary Mintchell | Feb 12, 2025 | Embedded Control
The last real-time operating system briefing for me had to have been more than a decade ago. I’m passing this along as an interesting take. RTOSX develops real-time operating systems (RTOS) and middleware. It bills its RTOSX Kernel as the “industrial grade alternative to Eclipse Thread X. RTOSX has achieved certification for functional safety.
In brief: Certification accelerates compliance with IEC 61508, IEC 62304, ISO 26262, and EN 50128 functional safety standards for automotive, industrial, and medical industries.
RTOSX, a global leader in high-performance real-time operating systems and middleware, today announced the off-the-shelf functional safety certification of RTOSX KERNEL — the industrial-grade alternative to Eclipse ThreadX. Developers using RTOSX KERNEL leverage the RTOS certification artifacts to save time and money during application certification for safety-certified devices in the automotive, industrial, and medical industries. The RTOSX KERNEL certifications were performed by SGS-TÜV Saar, the leading accredited, independent company for testing, auditing, verifying, and certifying embedded software for safety-related systems. The RTOSX KERNEL achieved functional safety certification to the highest levels of the IEC 61508, IEC 62304, ISO 26262, and EN 50128 functional safety standards, specifically IEC 61508 SIL 4, IEC 62304 Class C, ISO 26262 ASIL D, and EN 50128 SW-SIL 4.
RTOSX KERNEL is the industrial-grade alternative to Eclipse ThreadX. Derived from the latest Eclipse ThreadX release, it is completely refactored and infused with unique technology from PX5 RTOS, including Pointer/Data Verification (PDV) and central error handling. RTOSX KERNEL is 100% API and functionally compatible with standard ThreadX, fully preserving its small memory footprint, full multithreading, and hard real-time functionality. Existing ThreadX-based applications require no modification when moving to RTOSX KERNEL. The RTOSX KERNEL includes full development tool support, source code, and royalty-free licensing.
by Gary Mintchell | Dec 11, 2024 | Automation, Embedded Control, Technology
Ah, AI. It’s everywhere. Often the wrong questions are asked and answered in general and tech media. The real question is what problem will it solve—and how well.
This news comes from Copia Automation who attempts to solve the problem of how controls engineers write, manage, and document industrial code.
As the first step in Copia’s vision of integrating AI into industrial automation, Copia Copilot enhances productivity, efficiency, and quality by automating routine coding tasks, simplifying complex processes, and equipping industrial workers with the tools they need for successful knowledge transfer and onboarding.
Core Capabilities
- Code documentation: Automatically create well-structured, clear documentation for PLC and other industrial code, reducing manual effort and ensuring consistency.
- Code translation: Seamlessly convert between Ladder Logic and Structured Text, making it easier to work across different programming languages.
- Code summarization: Quickly understand what a set of code does by asking the Copilot to explain it.
- Code modification: Improve, format, or troubleshoot existing code, allowing engineers to streamline their workflows and enhance code quality.
- New code generation: Generate boilerplate routines and custom code blocks for common automation tasks, saving time and accelerating development cycles.
- File referencing: Easily reference PLC project files from Copia repositories for more accurate and context-aware AI outputs.
Copia Copilot is currently available as part of an Alpha release, with plans to expand its functionality and reach in the coming months.
