Arnout attended the Open Source Summit EU 2022 in Dublin. Here are the reports for some of the sessions he attended.
Modern cars have dozens of ECUs. Nowadays there is typically a central ECU called Node0 running Linux. Try to keep things simple by doing as much as possible in Linux itself.
Botting fast is actually doing the things that need to be done fast early on - before the entire system is ready. In addition it has to have decent security.Continue Reading
Nowadays, field updates are unavoidable but must also be secure, unattended, and robust (i.e. atomic + automatic rollback). On x86 you boot UEFI which verifies the signature of the bootloader and loads it. The bootloader takes care of A/B switching (UEFI can do that itself, but do you trust the firmware?); it also starts a wachtdog. The bootloader loads kernel+commandline+initrd image after verifiying it. The kernel verifies and unlocks the (encrypted) rootfs. The platform key for dmcrypt comes from TPM.
ARM64 typically uses U-Boot + TF-A, but there is still custom engineering needed. There is also no standard for getting the key. However, ARM64 is also evolving to UEFI. There is even project to use U-Boot as a UEFI provider. With that, the same boot/update/verification flow can be used as on x86. For the secrets, there is OP-TEE.Continue Reading
This is an experience of preparing A/B updates with U-Boot and swupdate.Continue Reading
Device mgmt: identity, communication with backend, monitoring, debugging, onboarding, updates, EOL, secure tunnel (VPN/SSH)
Fleet mgmt = devices in aggregate: scheduled updates (waves), alerting, integration with other services, authentication
No open source solutions for any of this exist. Doesn’t need to be integrated even, it could be something built from components.
Some people from mender were there. They said that mender, even though open core, would accept PRs for features that are currently closed but implemented (differently) by the community. To be taken with a grain of sand of course.
Azure IoT Hub looks open source, but it’s actually just a bunch of huge blobs that are dropped.Continue Reading
RAUC is an update system. It creates the update image, downloads it from a server or a storage device, and applies it in a fail-safe way. It uses A/B updates. Updates are verified cryptographically before applying.
Recently a new “verity” bundle format was created which solves some security issues, makes things faster, and allows streaming.Continue Reading
Software supply chain attacks are growing. SBOM (Software Bill Of Materials) helps controlling them.Continue Reading
802.15.4 is the spec for wireless PAN (Personal Area Network), i.e. Zigbee and 6LowPan.Continue Reading
Rust is a systems language like C, that can be used to build reliable and efficient software. It provides compile-time memory and thread safety. It’s slowly being introduced into open source projects, including the Linux kernel. There is even talk about rewriting the NVMe driver in rust. This allows to evaluate performance, it turns out to be about the same as C, and it might even get better as some of the current C bindings are converted to Rust as well.Continue Reading
A few research and development institutes in Czech republic working on space came together to start something similar to Automotive Linux for space because nothing exists yet.Continue Reading
Podman is a container (and pod) manager with a focus on security. It’s closely related to kubernetes but very often used independently as well.Continue Reading
RISC-V is a free, open ISA, initially defined in 2010. It doesn’t force a specific microarchitecture, so in-order, out-of-order, vector, … are possible. It’s extensible.Continue Reading
There is some resistance to using systemd in embedded. Chris tries to show how it can be used effectively. He had a previous talk in 2019 covering boot speed, so that’s not covered here.Continue Reading