
Ask HN: Pivot to embedded Linux, pentesting, or robotics? - nandkeypull
tl;dr: I&#x27;m an embedded systems engineer who programs on bare-metal micros. I feel my domain will be obsolete in coming decades and want to pivot to either embedded linux development, pentesting&#x2F;reversing, or robotics. The question is, which one?<p>I have some interest in each of these areas, and given enough time and effort, I believe I could work my way up to an acceptable level of ability. However, I don&#x27;t really have a good pulse on how these industries are going and what it&#x27;s actually like to work in one of these fields. Here are my preliminary thoughts about each:<p>Embedded linux engineer:
+field doesn&#x27;t change quickly, is similar to my current embedded work, which I do enjoy
-might get boring; kernel debugging sounds somewhat stressful<p>Pentester&#x2F;reverse engineering:
+very exciting work, lots of interesting tools and sometimes assembly (I love looking at ARM disassembly and poking registers!)
-minimum bar might be exceedingly high, making it hard to break into the field
-may not be very stable as a career choice<p>Robotics engineer:
+many interesting applications of machine learning and state-of-the-art techniques
-requires a hardcore math background to understand things at a deep level (I&#x27;ve only studied up to intro-level linear algebra)
-field changes rapidly every single year (hello CNNs)<p>Do you work in one of these fields? What is work like for you day-to-day? Where do you see your industry going, and do you believe you&#x27;ve made a good long-term career choice?
======
joezydeco
If you have been working on bare metal all these years and don't have any
embedded Linux experience, I'd say definitely get that under your belt.

You don't need to kernel hack all day. I would say most of the major SoCs I
work with already have a stable tree and anything that's not super-exotic
already has a driver or can be adapted from another. I haven't seen the need
to fine-tune kernel performance to any serious degree.

One area that companies always need is experienced bootloader and BSP work.
That lets you tinker at the register level as well as understand the build
process. The demand for secure bootloaders/HAB and secure field upgrades over
IoT will definitely be increasing as time goes on, and that can be very
specialized work based on the SoC and platform. That also kind of ticks the
security aspect of the role...maybe look into that?

~~~
alltakendamned
Not OP, but do you have any pointers where to learn more about bootloader
security ?

~~~
joezydeco
I've been doing a lot of iMX work lately, so here's some reference material
I've used in the past:

[https://boundarydevices.com/high-assurance-boot-hab-
dummies/](https://boundarydevices.com/high-assurance-boot-hab-dummies/)

[https://www.nxp.com/docs/en/application-
note/AN4581.pdf](https://www.nxp.com/docs/en/application-note/AN4581.pdf)

[https://blog.quarkslab.com/vulnerabilities-in-high-
assurance...](https://blog.quarkslab.com/vulnerabilities-in-high-assurance-
boot-of-nxp-imx-microprocessors.html)

A lot of it depends on Das U-Boot, the favorite open-source bootloader of the
eLinux crowd:

[https://www.denx.de/wiki/U-Boot](https://www.denx.de/wiki/U-Boot)

~~~
leftmypwdathome
What are the use cases for HAB on i.MX these days? I was under the impression
it was broken.

------
minipci1321
> I'm an embedded systems engineer who programs on bare-metal micros. I feel
> my domain will be obsolete in coming decades

What makes you think so? These days embedded Linux programming is mostly done
for SoCs (unless you embed a PC in a nuclear station), and those SoC embed
(sorry) more and more micro-controllers. Skimming through various job posting
from silicon vendors should give you some idea of the situation -- there are
frequently jobs openings for programming these embedded cores.

------
hatsubai
I am an embedded OS (both Linux and vxWorks) engineer for a defense
contractor. Day to day work is actually more about maintaining the OS, making
sure applications get loaded successfully, and continuously keeping it both
secure and fast (emphasis on secure). The initial board bring up and driver
development is usually at the beginning of the project, and you usually only
have to do small tweaks as the project matures. There'll be spinoffs based on
successful implementations, but again, it's not too terrible. Debugging can be
very stressful, but since I'm in defense, the schedule itself is usually quite
long, so I have always had more than enough time to fix any issues.

It's a solid career choice, especially if you want to branch out into
automotive where they are hitting this field hard. The skills you learn are
also applicable to pretty much anywhere where you use Linux, so the
transferable skill set overlaps a good deal.

There's a really good book I recommend that describes basically anything and
everything you need to know called "Mastering Embedded Linux Programming" by
Chris Simmonds. It'll teach you pretty much everything you need to know to get
up and running in the embedded Linux world. It's also a ton of fun if you've
never messed with something like a BeagleBone.

That said, I'm looking to get out of the defense industry and getting back
into app development. Part of it is because I want to work with newer, more
exciting technology. I'm looking towards possibly going back to mobile
development, even. Unsure at the moment... Keep in mind that this has nothing
to do with the stability of the market. I honestly feel it's way more stable
than most people seem to give it credit for, especially the embedded Linux
side of things.

------
eaguyhn
I liked embedded systems because I didn't have to write a GUI - most use of
the module usage was with other systems so I had to design message protocols
(no users, yay!)

For me, transition into API design and web services was a natural progression.
FWIW.

