With the advent of modern embedded systems, logging as a process is becoming more and more prevalent for diagnostic and analytic services. Traditionally, storage and managing of the logged data are generally kept as a part of one entity together with the main logic components. In systems that implement network connections, this activity is usually handled over a remote device. However, enabling remote connection is still considered a limiting factor for many embedded devices due to the demanding production cost. A significant challenge is presented to vendors who need to decide how the data will be extracted and handled for an embedded platform during the design concept phase. It is generally desirable that logging memory modules are able to be addressed as separate units. These devices need to be appropriately secured and verifiable on a different system since data compromise can lead to enormous privacy and even financial losses. In this paper, we present two patterns. First, a pattern that allows flexible logging operation design in terms of module and interface responsibility separation. Second, a pattern for the design of secure logging processes during the utilization of constrained embedded devices. The introduced patterns fulfil the following conditions: (i) flexibility, design is independent of the chip vendors making the logging memory modules easily replaceable, (ii) self-sufficiency, every logging controller is maintained as a separate entity in a decentralized topology, (iii) security, through providing authenticity, confidentiality, and integrity by means of using a dedicated security module.

翻译：随着现代嵌入式系统的兴起，日志记录作为一项流程在诊断与分析服务中日益普及。传统上，日志数据的存储与管理通常与主逻辑组件一起作为单一实体的一部分。在实现网络连接的系统中，此操作通常由远程设备处理。然而，由于生产成本的限制，启用远程连接对许多嵌入式设备而言仍被视为一项制约因素。供应商在设计概念阶段需决定如何提取和处理嵌入式平台的数据，这构成了重大挑战。通常期望日志内存模块能作为独立单元进行寻址。这些设备需要在不同系统上进行适当的安全保护与验证，因为数据泄露可能导致巨大的隐私乃至财务损失。本文提出两种模式：第一种模式通过模块与接口职责分离实现灵活的日志操作设计；第二种模式用于在资源受限的嵌入式设备使用过程中设计安全的日志流程。所引入的模式满足以下条件：(i) 灵活性——设计独立于芯片供应商，使日志内存模块易于更换；(ii) 自足性——每个日志控制器在去中心化拓扑中作为独立实体维护；(iii) 安全性——通过使用专用安全模块提供真实性、机密性与完整性。