The Power of Embedded Open Source: EOSS 2023 Takeaways

Last week, Northern.tech, the company behind Mender, participated in the Embedded Open Source Summit (EOSS) in Prague, connecting with attendees and presenting on key topics. The new umbrella event for open source embedded projects and developer communities, EOSS 2023, included the Embedded Linux Conference, Automotive Linux Summit Europe, and the Zephyr Project Developer Summit, among others.

Here are some of the key takeaways and activities across the multi-day event:

Secure Boot: What is it, and do I need it?

Opening the Embedded IoT track of the event on Tuesday morning, Fabio Tranchitella, CTO and Mender Product Owner from Northern.tech, presented on “Secure Boot: What Is It, and Do I Need It?”. Securing the boot process is a highly relevant topic to many in the embedded landscape, and the room was packed.

After delivering the presentation in excellent style, Fabio also highlighted the often overlooked fact that a secured boot does not protect against hardware tampering or hide information through encryption.

Key Takeaways:

• Decomposing secure boot: What are the different use cases and technologies involved?
• Key components: What do you need to consider to support secure boot?
• Security applications: What are the real-world threats and use cases where secure boot provides protection?
• Limitations: What are the limits of secure boot for security?

Over-the-air updates on display

The ELC program committee traditionally organizes a tech showcase each year to highlight new technical developments, integrations, and approaches. This year, Northern.tech showcased its Mender end-to-end solution for over-the-air (OTA) updates.

A complete OTA solution was presented – starting with a Mender server on a laptop, traversing through a segregated network, and ending in a heterogeneous fleet consisting of ESP32, Zephyr, and Linux.

Key improvements in the OTA infrastructure include:

• State scripts & custom update modules enable hooks for custom actions (i.e., pre- and post-install scripts) and support for specialized update mechanisms (i.e., DFU firmware updates).
• Custom OTA infrastructure provides flexibility for on-premise or hosted servers combined with APIs and webhooks for existing infrastructure integration.
• Fail-safe design & automatic rollback capabilities safeguard devices. If something occurs during the update process, your devices will still function!
• Efficient data transfers via a client-side streaming API and delta updates reduce data transfer sizes, minimize required bandwidth, and optimize update costs.
• Advanced features for large fleets support unlimited scalability and control with role-based access control (RBC), audit logs, and multi-tenancy design.

Over the course of the showcase, a steady stream of visitors asked questions on all aspects of Mender and OTA updates. Multiple times, visitors would discuss their individual Mender experiences, with more than one stating, “It works! We have been using it for years now.”

All Eyes on Zephyr

All in all, Zephyr was the major and outstanding topic of the event. From driver maintenance over debugging and productization to long-term strategy, an enormous amount of presentations covered the whole range of topics on Zephyr. The Zephyr community displayed both great diversity and backing from the industry. Already having first ties to this ecosystem through our community contributions, Northern.tech looks forward to its continued growth and contributing in areas of expertise and mutual benefit.

Josef Holzmayr, Head of Mender Developer Relations at Northern.tech, spoke in the Zephyr Developer Summit tracks, presenting “Community Fueled OTA for Zephyr (and Other µCs)”. Highlighting the Mender server and a Mender client by Joël Guittet, written in the true open source community spirit, Josef detailed the new contribution to the open source community, OTA updates, and Zephyr. Coincidentally, Joël announced just before the presentation that he is in the final stages of adding remote terminal to the client as well. Going beyond Linux, together with the roadmap for the official client rewrite to C++, the topics and presentation received good attention and sparked a nice discussion.

Yocto: 4-year LTS announced

During the Yocto Project Dev Day (YPDD), taking place on Monday, June 26, the project announced the four-year LTS announcement. For Mender, this is great news – enabling our users, customers, and community to focus on their distinctive features and value add developments. Northern.tech will provide support timeframes aligned with those of the Yocto Project upstream.

This announcement also emphasizes the topic which surfaced in various forms: strategy moving forward for ease of use while retaining stability and flexibility. OTA integrations will increasingly become a commodity and be capable of leveraging growing and more mature infrastructure stacks. A prime piece in this scenario will be ARMs SystemReady certification, which aims to provide a clear platform for system-level software to build upon, such as Mender’s robust A/B update mechanism.

Thank you to our community

As a small gesture of giving back to the open source community, Northern.tech raffled out two BeaglePlay boards. Congratulations Håkan Rick and Florian Limberger – the lucky winners!