Ask HN: Pivot to embedded Linux, pentesting, or robotics?

[nandkeypull]

tl;dr: I'm an embedded systems engineer who programs on bare-metal micros. I feel my domain will be obsolete in coming decades and want to pivot to either embedded linux development, pentesting/reversing, or robotics. The question is, which one?

I have some interest in each of these areas, and given enough time and effort, I believe I could work my way up to an acceptable level of ability. However, I don't really have a good pulse on how these industries are going and what it's actually like to work in one of these fields. Here are my preliminary thoughts about each:

Embedded linux engineer: +field doesn't change quickly, is similar to my current embedded work, which I do enjoy -might get boring; kernel debugging sounds somewhat stressful

Pentester/reverse engineering: +very exciting work, lots of interesting tools and sometimes assembly (I love looking at ARM disassembly and poking registers!) -minimum bar might be exceedingly high, making it hard to break into the field -may not be very stable as a career choice

Robotics engineer: +many interesting applications of machine learning and state-of-the-art techniques -requires a hardcore math background to understand things at a deep level (I've only studied up to intro-level linear algebra) -field changes rapidly every single year (hello CNNs)

Do you work in one of these fields? What is work like for you day-to-day? Where do you see your industry going, and do you believe you've made a good long-term career choice?

[joezydeco]

If you have been working on bare metal all these years and don't have any embedded Linux experience, I'd say definitely get that under your belt.

You don't need to kernel hack all day. I would say most of the major SoCs I work with already have a stable tree and anything that's not super-exotic already has a driver or can be adapted from another. I haven't seen the need to fine-tune kernel performance to any serious degree.

One area that companies always need is experienced bootloader and BSP work. That lets you tinker at the register level as well as understand the build process. The demand for secure bootloaders/HAB and secure field upgrades over IoT will definitely be increasing as time goes on, and that can be very specialized work based on the SoC and platform. That also kind of ticks the security aspect of the role...maybe look into that?

[alltakendamned]

Not OP, but do you have any pointers where to learn more about bootloader security ?

[joezydeco]

I've been doing a lot of iMX work lately, so here's some reference material I've used in the past:

https://boundarydevices.com/high-assurance-boot-hab-dummies/

https://www.nxp.com/docs/en/application-note/AN4581.pdf

https://blog.quarkslab.com/vulnerabilities-in-high-assurance...

A lot of it depends on Das U-Boot, the favorite open-source bootloader of the eLinux crowd:

https://www.denx.de/wiki/U-Boot

[leftmypwdathome]

What are the use cases for HAB on i.MX these days? I was under the impression it was broken.

[minipci1321]

> I'm an embedded systems engineer who programs on bare-metal micros. I feel my domain will be obsolete in coming decades

What makes you think so? These days embedded Linux programming is mostly done for SoCs (unless you embed a PC in a nuclear station), and those SoC embed (sorry) more and more micro-controllers. Skimming through various job posting from silicon vendors should give you some idea of the situation -- there are frequently jobs openings for programming these embedded cores.

[hatsubai]

I am an embedded OS (both Linux and vxWorks) engineer for a defense contractor. Day to day work is actually more about maintaining the OS, making sure applications get loaded successfully, and continuously keeping it both secure and fast (emphasis on secure). The initial board bring up and driver development is usually at the beginning of the project, and you usually only have to do small tweaks as the project matures. There'll be spinoffs based on successful implementations, but again, it's not too terrible. Debugging can be very stressful, but since I'm in defense, the schedule itself is usually quite long, so I have always had more than enough time to fix any issues.

It's a solid career choice, especially if you want to branch out into automotive where they are hitting this field hard. The skills you learn are also applicable to pretty much anywhere where you use Linux, so the transferable skill set overlaps a good deal.

There's a really good book I recommend that describes basically anything and everything you need to know called "Mastering Embedded Linux Programming" by Chris Simmonds. It'll teach you pretty much everything you need to know to get up and running in the embedded Linux world. It's also a ton of fun if you've never messed with something like a BeagleBone.

That said, I'm looking to get out of the defense industry and getting back into app development. Part of it is because I want to work with newer, more exciting technology. I'm looking towards possibly going back to mobile development, even. Unsure at the moment... Keep in mind that this has nothing to do with the stability of the market. I honestly feel it's way more stable than most people seem to give it credit for, especially the embedded Linux side of things.

[eaguyhn]

I liked embedded systems because I didn't have to write a GUI - most use of the module usage was with other systems so I had to design message protocols (no users, yay!)

For me, transition into API design and web services was a natural progression. FWIW.