[Nextgrid]

Some of the Wi-Fi enabled SD cards you're mentioning (older models by now, but might still be available on eBay & stuff) can be rooted and you can get a shell. Example: https://gist.github.com/deckar01/6d9b76bdef21eaab0568 (I'm sure there are more models that are vulnerable to similar attacks)

One thing I would suggest keeping in mind with any kind of interference (regardless of how stable it is and how well it adheres to the SD spec & maintains data integrity) is that if something happens to/with the machinery this controller is handling, your modification can easily be blamed by the vendor, even if your modification isn't actually at fault and it's the vendor's shitty software that's at fault. The risk is double considering it doesn't even seem to be able to manage not corrupting a standard SD card.

[sudonanohome]

Thank you! I had no idea those SDs are hackable. We'll look into it as well. Would be nice to get ahold of a hundred SD on ebay. I'll search tomorrow. I like their form-factor and that it fits in SD slot tightly, very clean and no need to fit another box in the control cabinet.

Your point regarding liability: as-is systems are unreliable already so much that the manufacturer selling support contracts to firms like mine, so we to improve reliability through humans driving around and fixing&replacing them. The HW manufacturer has insane lucrative contract themselves and so now they need to fix things up so they re-contracting support of their shitty HW down the chain. Can't say more due to NDA. So "broken" state of controllers is already has, so we are not making any new hardware failure points. I did talk to my lawyer, he said my plans are ok. Thank you for your comment!

[Nextgrid]

Just to clarify, my point about liability was more about if someone gets hurt by the controlled and it goes to (potentially criminal) court for negligence. In this case there is going to be a witch hunt and everyone will try to deflect blame, thus your non-standard modification will be under much scrutiny regardless if it actually played a role. In fact judging by the original reliability (or lack thereof) of the system, you might get blamed for failures that don’t actually have anything to do with your modification.

If there’s no risk of injury/death then the stakes are much lower and indeed since the vendor software itself is already shitty you can’t really make it any worse.

[Nextgrid]

To add to my original comment, if you want to pursue the Wi-Fi SD card route, I suggest using any of the known vulnerabilities to get root on the card and then reverse engineer the card (as in how the SD side is driven) from the inside.

This would effectively let you skip the whole “build a device that emulates an SD card” part.

From there I’d suggest building a Linux image from scratch using Buildroot or Yocto, so you start with a fresh and modern base and don’t have to fight with the SD vendor’s firmware or deal with their vulnerabilities (which might be a liability in your case).

Feel free to get in touch (email in my profile) if you want more guidance.