Embedded systems are computers installed in devices such as appliances, vehicles, medical devices, and so on. They differ from computers in servers and PCs because of limits on size, power consumption, form factor, and mobility, resulting in limits on computational power, memory, and communication connectivity. Embedded systems are increasingly common; they control important devices in military, government, industrial, and, increasingly, consumer contexts. Because of the many constraints on such devices, embedded systems typically do not enjoy many of the desirable features of servers and desktop systems. In particular, such devices are typically programmed by their vendor and do not offer an open API to enable owners and users to customize the device by installing software written by third parties. In many cases this would be useful, but applications are limited by risks to safety and security. For instance, vehicles do not currently provide open APIs for users to customize their engine functionality with third party programs, but there are users that do this to evade tax and environmental regulations. On the other hand, some embedded systems, like PDAs, offer rich open APIs and others, like cell phones, will probably follow this trend.

This talk will overview some of the challenges in designing open APIs for embedded systems and some of the architectural tradeoffs. The focus will be a case study in which Java smart cards are used to implement programmable payment cards. This work is based on efforts of the OpEm Project at Penn.