One small Step for a Distribution, but one giant Leap for more Safety & Security
Today, it is impossible to think about embedded project in different types of industries without the sitting penguin. Embedded systems with Linux in use are growing rapidly. Recent market figures indicate a CAGR (cumulated annual growth rate) of about 4% up to the year 2023 in the embedded hypervisor market. Linux is easy to configure, build and deploy. Good tooling support is provided for editing, tracing and debugging.
But when it comes to safety and security demands, ”normal” Linux distributions come to their limits. So far, Linux based systems did not pass medium or high certification levels. The good point of Linux is that it is open source, which means also available in source code and offers a wide range of supported I/O and drivers. Consequently it is often used as software stack for wireless communication in a hypervisor project configuration. A lot of security thread vectors are targeting the wireless protocols as well as interfaces and therefore have to be frequently updated or patched.
When developing a software project using Linux and hypervisor technology you have to take into account a wide split definition of use cases. Some of them are user space oriented, but others are kernel space or even need a bare metal application so that e.g. fast boot or secure boot capabilities can be granted.
Booting processes need close cooperation with hardware. In order to use secure boot, the SoC vendor has to provide mechanisms for ensuring secure operation in the early boot phase and for detecting security violations.
After defining the boot process, the developer needs to take care of setting up the kernel and application project. It is important that a wide range of kernels can be supported, so that the project can be handled flexible over several hardware platforms. A Generic Platform BSP Manager would be a helpful tool here to maybe even support the growing Yocto project based kernels. Each kernel should be long-term supported by the Linux foundation. On the application side graphics and UI tools need to be available, but also a wide spread partner ecosystem from the OS vendor can help selecting the right setup for the project in view. The Linux distribution shall be well-maintained as upstream for packages. Debian and Ubuntu are the leading upstream providers here. The Linux distribution shall also be continuously tested and updates shall be provided quickly via nightly builds.
Once the project is defined, build and created on the target, application and feature details can be configured. There is a Linux community behind to support the feature development, but when it comes to bug handling, maintenance and support it is important to have a professional partner at hand. There are different maintenance and support levels available with a lot of parameters varying from support hours, 24/7 availability, duration, update patch frequency, available documentation and bulletins, as well as frozen or certified versions of the software product.
With the upcoming SYSGO ELinOS 6.2 version, all of the above can be provided. The official press release will be published soon. Stay tuned and watch out for the news at www.sysgo.com.
More information at www.sysgo.com/elinos