Open Source Summit Europe 2024: Full Schedule

September 16-18, 2024
Vienna, Austria
View More Details & Registration
Note: The schedule is subject to change.

The Sched app allows you to build your schedule but is not a substitute for your event registration. You must be registered for Open Source Summit Europe 2024 to participate in the sessions. If you have not registered but would like to join us, please go to the event registration page to purchase a registration.

This schedule is automatically displayed in Central European Summer Time (UTC/GMT +2). To see the schedule in your preferred timezone, please select from the drop-down menu to the right, above "Filter by Date."

IMPORTANT NOTE: Timing of sessions and room locations are subject to change.

arrow_back View All Dates

09:00 CEST

Visions for the Linux Kernel PWM Subsystem - Uwe Kleine-König, BayLibre

Tuesday September 17, 2024 09:00 - 09:40 CEST

Hall C (Level 2)

PWMs are used in a wide range of applications. Most in-kernel usages have only soft requirements regarding precision and switching behaviour (LEDs, fan control, backlight). However if you control a motor you might have higher demands that currently cannot be mapped generically using the current PWM API given the wide variance of hardware drivers and hardware limitations. In this talk Uwe presents his vision how the PWM framework can be changed to better match the needs for higher precision and better control of PWM devices. This includes: * faster and easier control from userspace * tighter rules for lowlevel drivers * a way to determine the best request for a given use case on a certain hardware * more general abstraction of the PWM waveform

Visions for the Linux Kernel PWM Subsystem pdf

Tuesday September 17, 2024 09:00 - 09:40 CEST
Hall C (Level 2)

Embedded Linux Conference

Audience Level Intermediate
Presentation Slides Attached Yes

09:00 CEST

How to Contribute a Zephyr Sensor Driver - Maureen Helm, Analog Devices

Tuesday September 17, 2024 09:00 - 09:40 CEST

Room 0.49-0.50 (Level 0)

The Zephyr sensor driver API is a popular area for new contributors to submit code upstream; a sensor driver is well-contained, it doesn't touch more intimidating or complex subsystems, and most importantly, it enables your Zephyr application to interact with the physical world in a new way. Naturally, you want to share it with the open source community, but how do you do it? This talk will share best practices and common pitfalls encountered by new contributors submitting their first sensor driver, and provide insight into why maintainers request certain changes.

Speakers

Maureen Helm

Distinguished Engineer, Analog Devices

Maureen Helm is a Distinguished Engineer in the Software & Security Group at Analog Devices, focusing on embedded microcontroller software. She is an upstream maintainer in the Zephyr Project and former chair of the Technical Steering Committee.

Open Source Summit Europe 2024 How to Contribute a Zephyr Sensor Driver pdf

Tuesday September 17, 2024 09:00 - 09:40 CEST
Room 0.49-0.50 (Level 0)

Zephyr

Audience Level Beginner
Presentation Slides Attached Yes

09:50 CEST

Give Me Back My GPIO Persistence! (Introducing the libgpiod GPIO-Manager) - Bartosz Golaszewski, Linaro

Tuesday September 17, 2024 09:50 - 10:20 CEST

Hall C (Level 2)

Ever since the GPIO character device was introduced as a proposed uAPI replacement for the deprecated sysfs interface, users have been pointing to the lack of persistence of GPIO state (as in: once the user-space process closes the file descriptor associated with a set of requested lines, their state is no longer defined - in practice: it's driver dependent) as the main issue with the new approach and a significant blocker in porting code from sysfs to libgpiod. Two solutions have been proposed: making the GPIO state persistent in the kernel or providing a centralized authority for controlling GPIOs from user-space. For various reasons the former has been rejected which led to the development of gpio-manager: a user-space daemon built on top of libgpiod that exposes an API to authorized clients and controls GPIOs on their behalf. This talk will present the features of the daemon, the DBus API it implements and the companion command-line client - gpiocli - which aims at allowing straightforward porting of sysfs-based scripts to the new interface.

Speakers

Bartosz Golaszewski

Linux Kernel Developer, Linaro

Bartosz Golaszewski has over 15 years of engineering experience in the embedded systems domain ranging from low-level, real-time operating systems, through the linux kernel up to user-space plumbing, libraries and build systems. Bartosz has contributed hundreds of patches to a wide... Read More →

Introducing the gpio manager pdf

Tuesday September 17, 2024 09:50 - 10:20 CEST
Hall C (Level 2)

Embedded Linux Conference

Audience Level Intermediate
Presentation Slides Attached Yes

10:10 CEST

Pinctrl and GPIO - Interactions and Footguns - Chen-Yu Tsai, Google LLC

Tuesday September 17, 2024 10:10 - 10:30 CEST

Hall B (Level 2)

The Linux Kernel has two subsystems that handle external pins: pinctrl that handles function muxing and electrical characteristics, and GPIO that handles generic input/output usage on individual pins. Depending on how the hardware is implemented, the two could be completely separate, or deeply intertwined. This presentation will introduce the hardware integration designs , how they should map to the kernel subsystems. We will dive deeper into the latter case and show how the kernel subsystems can handle it properly with "strict" GPIO pin muxing, and what could happen if the driver isn't implemented correctly, using existing in-tree drivers.

Speakers

Chen-Yu Tsai

Software Engineer, Google LLC

Chen-Yu is a software engineer that started working on the Linux kernel bringing up Allwinner SoCs in 2013. Chen-Yu currently works for Google on their ChromeOS team.

ELCE 2024 Pinctrl and GPIO Interactions and Footguns pdf

Tuesday September 17, 2024 10:10 - 10:30 CEST
Hall B (Level 2)

Embedded Linux Conference

Audience Level Intermediate
Presentation Slides Attached Yes

11:00 CEST

Coping with Zero Days with Cilium Tetragon - Liz Rice, Isovalent

Tuesday September 17, 2024 11:00 - 11:40 CEST

Room 0.14 (Level 0)

However good the tools and processes you use to catch CVEs and security problems pre-deployment, it's still possible that your code and the platform it's running on could be compromised. When a new CVE and its patches are announced, it's called a "zero day", and it's a race against time for security teams to understand whether their deployments are vulnerable, and to get updated versions of all affected components deployed.

In this talk (with demos) you'll learn about strategies for using the open source runtime security tool, Cilium Tetragon, to detect components that are affected by a CVE. You'll see how eBPF allows Tetragon to generate rich forensic information to understand whether a vulnerability has been exploited in your system, and understand how the component was compromised.

Speakers

Liz Rice

Chief Open Source Officer, Isovalent @ Cisco

Liz Rice is Chief Open Source Officer with eBPF specialists Isovalent, creators of the Cilium project. She was chair of the CNCF's Technical Oversight Committee 2019-2022, and Co-Chair of KubeCon + CloudNativeCon in 2018. She is also the author of Container Security, published by... Read More →

Tetragon Zero Days Vienna pdf

Tuesday September 17, 2024 11:00 - 11:40 CEST
Room 0.14 (Level 0)

ContainerCon

Presentation Slides Attached Yes

11:00 CEST

Testing Your Yocto Project - from Ptest and Testimage to LAVA - Clara Kowalsky & Florian Bezdeka, Siemens

Tuesday September 17, 2024 11:00 - 11:40 CEST

Hall C (Level 2)

Before setting up a test automation framework for your Yocto project, it is worth considering which options are available and most suitable. In this talk, we will explore which tools are appropriate depending on project complexity and scalability. For a small Yocto project where a test environment needs to be up and running as quickly as possible and only one piece of hardware is supported, a complete test setup can be created using only the testimage class for image testing and ptest for package testing. The tests can be carried out locally or in a CI/CD system. Using Gitlab CI/CD as an example, we will show how the results of testimage can be neatly displayed as a unit test report. For more complex projects that support a variety of architectures and require tests to be automatically scheduled on devices, it is advisable to use an automated test framework. We will demonstrate how ptest and pytest can be integrated into a LAVA test environment and what alternatives to LAVA exist.

Speakers

Clara Kowalsky

Linux Software Engineer, Siemens AG

Clara Kowalsky is working as a consultant software engineer in the Linux Expert Center at Siemens Technology. She is regularly contributing to multiple inner-source and open-source projects, especially in the field of real-time (e.g., Xenomai) and embedded Linux tooling. She gives... Read More →

Florian Bezdeka

Linux Software Engineer, SIEMENS AG

Florian is working as a consultant software engineer in the Linux Expert Center at Siemens Technology. He is regularly contributing to multiple inner-source and open-source projects, especially in the field of real-time Linux (e.g., Xenomai) and embedded Linux tooling. He gives internal... Read More →

2024 OSSE YoctoTesting pdf

Tuesday September 17, 2024 11:00 - 11:40 CEST
Hall C (Level 2)

Embedded Linux Conference

Audience Level Any
Presentation Slides Attached Yes

11:00 CEST

The Case for an SoC Power Management Driver - Stephen Boyd, Google

Tuesday September 17, 2024 11:00 - 11:40 CEST

Hall B (Level 2)

DeviceTree (DT) based systems usually lack a platform or firmware based device power management framework. Device drivers are left to figure out if a device is already powered on at probe and duplicate power management logic to manage system resources such as clks or interconnects. This is unlike ACPI based systems where the firmware provides standardized device power states to power on or off a device and mostly hides system resources behind a firmware interface. This session will make the case for implementing an ACPI-like power management framework in the Linux kernel via pmdomains registered by a System-on-Chip (SoC) driver. First we'll discuss the problem and previously attempted or ongoing solutions. Then we'll cover a case study implementing an SoC power management driver. Attendees will leave with a greater understanding of SoC power management techniques and the problems kernel developers face in supporting such hardware upstream along with a possible solution to implement this design elsewhere.

Speakers

Stephen Boyd

Software Engineer, Google, Google

Stephen Boyd has been a Linux kernel developer since 2009 and a Linux kernel maintainer since 2014. He's currently the maintainer of the kernel's clk and SPMI subsystems working on ChromeOS at Google.

The Case for an SoC Power Management Driver pdf

Tuesday September 17, 2024 11:00 - 11:40 CEST
Hall B (Level 2)

Embedded Linux Conference

Audience Level Intermediate
Presentation Slides Attached Yes

11:00 CEST

How to Generate Test-Cases and Data Mocks for Microservices at Kernel Using eBPF - Neha Gupta & Animesh Pathak, Keploy

Tuesday September 17, 2024 11:00 - 11:40 CEST

Hall M2 (Level 1)

In this session, we're going to talk about how we can easily record the API calls of any user-level application at Kernel using an EBPF program and convert those to realistic test cases and data mocks/stubs without writing any scripts. How we can set our testing pipelines on auto-pilot? We'll be discussing how to utilise UProbes and KProbes for the same. We'll also talk about how we can integrate this pipeline in popular language native testing libraries like JUnit, Jest, and Go-Test and easily achieve high test coverage on functional test suites. Since testing is very use-case specific, developers often avoid spending effort in writing test cases. Manual effort is being spent by QA to test apps and the industry standard for test automation is 24%. On average 50% of engineering efforts are spent to write and maintain the test scripts. Creating dummy test data is also very time-consuming and still, it is unrealistic test -data, leaving bugs leaking to production. The new-gen AI LLM-based test generation tools like ChatGPT are not fire-and-forget, since it requires effort to understand and correct the scripts generated by those tools and the dummy data is again unrealistic.

Speakers

Animesh Pathak

Founding DevRel Engineer, Keploy

Animesh Pathak, is an avid tech community enthusiast, having worked with various technologies such as NodeJS, Microsoft Azure, etc., he has spent the last 4 years empowering tech communities and is currently active as a Gold MLSA, Postman Student Leader and Twilio Field Operator... Read More →

Neha Gupta

Co-Founder, Keploy

Co-Founder, Keploy.io. She brings prior experience of working as an engineer as well product manager at Indian startups like Lenskart, and Fareye. She has been an open-source contributor and mentor for projects like XWiki, and JenkinsX via programs like GSoC, and Outreachy. She has... Read More →

OSS Europe pdf

Tuesday September 17, 2024 11:00 - 11:40 CEST
Hall M2 (Level 1)

LinuxCon

Audience Level Intermediate
Presentation Slides Attached Yes

11:00 CEST

Generative Conversational AI Interoperability - Diego Gosmar, Open Voice Interoperability, LF AI&DATA

Tuesday September 17, 2024 11:00 - 11:40 CEST

Room 2.31 (Level 2)

We will explore Conversational AI that works like the Web. In this talk, we explore the pivotal role of OVON Specs in the Open Voice Network's Interoperability Initiative. We highlight how OVON Specs are crucial in crafting a universal, open-source AI voice interface for seamless cross-platform assistant integration. We'll delve into OVON Specs' practical applications and collaborative potential, showcasing their versatility and impact in the evolving landscape of conversational AI, and how they're shaping the future of voice technology. When we talk about the combination of Voice and AI, it’s not just about a new way of communicating, instead, we are dealing with a human biometric feature unique to us. It's useful to design standardization protocols and guidelines for Conversational AI interoperability and scalability: we will run through the current architecture proposed by the Open Voice Interoperability group, part of the Linux Foundation, working on the Conversational AI Universal API Message envelope specifications for interoperability: we will share how to play with the available sandbox and some ethical use cases powered with AI Retrieval Augmented Generation as well.

Speakers

Diego Gosmar

Chief AI Officer XCALLY, Open Voice Interoperability, LF AI&DATA

Successful international innovator, Diego Gosmar is a Chief AI Officer specialized in Artificial Intelligence, with particular focus on Generative Conversational AI, Natural Language Processing (NLP), Sentiment Analysis, Conversation Analysis, AI Agent interoperability, Sustainable... Read More →

Diego Gosmar oss eu24 pdf

Tuesday September 17, 2024 11:00 - 11:40 CEST
Room 2.31 (Level 2)

Open AI + Data Forum

Audience Level Intermediate
Presentation Slides Attached Yes

11:00 CEST

Tutorial: How to Win Friends & Influence LLMs (with Prompt Engineering) - James Busche, IBM

Tuesday September 17, 2024 11:00 - 12:35 CEST

Room 1.61-1.62 (Level 1)

Part art, part science, prompt engineering is the process of crafting input text to fine-tune a given large language model for best effect. Foundation models have billions of parameters and are trained on terabytes of data to perform a variety of tasks, including text-, code-, or image generation, classification, conversation, and more. A subset known as large language models are used for text- and code-related tasks. When it comes to prompting these models, there isn't just one right answer. There are multiple ways to prompt them for a successful result. In this workshop, you will learn the basics of prompt engineering, from monitoring your token usage to balancing intelligence and security. You will be guided through a range of exercises where you will be able to utilize the different techniques, dials, and levers illustrated in order to get the output you desire from the model. Participants of this workshop will be equipped with a comprehensive understanding of prompt engineering along with the practical skills required to achieve the best results with open source large language models.

Speakers

James Busche

Senior Software Development Manager, IBM

James Busche is a senior software engineer in the IBM Open Technologies Group, currently focused on the Open Source CodeFlare project. Previously, James has been a DevOps Cloud engineer for IBM Watson and the worldwide Watson Kubernetes deployments.

InfluenceLLMsWithPromptEng OSS pptx

Tuesday September 17, 2024 11:00 - 12:35 CEST
Room 1.61-1.62 (Level 1)

Open Source 101

Audience Level Beginner
Presentation Slides Attached Yes

11:20 CEST

Zephyr Network Subsystem Status and Overview - Jukka Rissanen, Nordic Semiconductor

Tuesday September 17, 2024 11:20 - 11:40 CEST

Room 0.49-0.50 (Level 0)

Network connectivity is important part of Zephyr. This talk will give information of current status of the network stack.

Speakers

Jukka Rissanen

Principal Engineer, Nordic Semiconductor

Jukka is one of the network maintainers in Zephyr RTOS

oss eu24 zephyr net stack status pdf

Tuesday September 17, 2024 11:20 - 11:40 CEST
Room 0.49-0.50 (Level 0)

Zephyr

Audience Level Beginner
Presentation Slides Attached Yes

11:55 CEST

Lightning Talk: The CFU: Custom Hardware with RISCV and Zephyr - Mohammed Billoo, MAB Labs Embedded Solutions

Tuesday September 17, 2024 11:55 - 12:05 CEST

Room 0.49-0.50 (Level 0)

RISC-V's instruction set architecture (ISA) has enabled seasoned embedded software engineers to experiment with FPGAs since numerous open-source RISC-V cores can be flashed onto an FPGA.

The Zephyr Project is rapidly emerging as a leading real-time operating system (RTOS). Zephyr integrates open-source and security best practices to ensure a vendor-neutral, secure, and reliable platform.

One of the exciting features of the RISCV ISA is the Custom Function Unit (CFU), which enables a framework to support custom operations in hardware, which is accessible from software. In this talk, Mohammed will demonstrate how to add a CFU into a RISCV core on an FPGA, and how to make the appropriate calls from Zephyr.

Speakers

Mohammed Billoo

CEO, MAB Labs Embedded Solutions

Mohammed Billoo is an embedded software consultant with over 15 years of experience. He focuses on The Zephyr Project RTOS, Embedded Linux, and The Yocto Project. He has also developed user interfaces using the Qt framework. He has helped clients across numerous verticals, including... Read More →

The CFU Custom Hardware with RISCV and Zephyr pdf

Tuesday September 17, 2024 11:55 - 12:05 CEST
Room 0.49-0.50 (Level 0)

Zephyr

Audience Level Intermediate
Presentation Slides Attached Yes

11:55 CEST

Sponsored Session: Confidential Computing - New Capabilities for New Workloads - Mike Bursell, Confidential Computing Consortium

Tuesday September 17, 2024 11:55 - 12:35 CEST

Room 1.31-1.32 (Level 1)

Can you use Confidential Computing to make your compute loads
confidential? Well, yes, but that's missing much of the point.
Confidential Computing combines hardware-based security features with
cryptographic assurances about applications and data, allowing you to
do new things with new types of workloads. In this session, we'll
explore how hardware-based Trusted Execution Environments, backed by
remote attestation, allow you to track provenance, combine the security
features offered by CPUs and GPUs and create multi-party collaborative
applications where nobody (fully) needs to trust each other.

Join to find out more about Confidential Computing and:
- Gen AI
- Web3
- multi-party computation
- and much more.

This is very much an open session, with questions welcome throughout,
so come and find out all you want to know about Confidential Computing
now and in the future.

Speakers

Mike Bursell

Executive Director, Confidential Computing Consortium

Mike Bursell is the Executive Director of the Confidential Computing Consortium. He is one of the co-founders of the Enarx project. He has previously served on the Governing Boards of the CCC and the Bytecode Alliance and currently holds advisory board roles with various start-ups... Read More →

Confidential Computing New Capabilities for New Workloads Mike Bursell pdf

Tuesday September 17, 2024 11:55 - 12:35 CEST
Room 1.31-1.32 (Level 1)

CloudOpen

Presentation Slides Attached Yes

11:55 CEST

Building and Maintaining Binary Distributions with Yocto - Michael Opdenacker, Root Commit

Tuesday September 17, 2024 11:55 - 12:35 CEST

Hall B (Level 2)

Imagine a world in which you can try the Yocto Project without even using it. This was possible in the past with the Ångström distribution, offering ready-made images which could be extended through binary package feeds. Though Ångström is long gone, the Yocto Project still has the ability to generate such images and package feeds. While system makers are still using this feature, the Yocto Project itself has never published such binaries. The Yocto Project, thanks to funding from the Sovereign Tech Fund, has recently developed its abilities to support binary distributions, by creating tooling to verify the ability to upgrade the images built for its releases through package feeds, and to support managing a "local" distribution that can customize packages offered by an "upstream" distribution. Since Yocto is about recipes, I will first present a cookbook for building your own images so that they can be updated through package feeds. I will then describe the recently developed features related to binary distributions and what possibilities they open for the Yocto Project and its users.

Speakers

Michael Opdenacker

Embedded Linux Consultant and Trainer, Root Commit

Michael Opdenacker is an independent consultant and trainer specialized in embedded Linux. He is the founder of Bootlin, who contributed to Linux World Domination by training thousands of engineers around the world on embedded Linux and its kernel, sharing all its materials under... Read More →

yocto binary distro pdf

Tuesday September 17, 2024 11:55 - 12:35 CEST
Hall B (Level 2)

Embedded Linux Conference

Audience Level Intermediate
Presentation Slides Attached Yes

11:55 CEST

Eight Years of Farming; Is Everybo(Ar)Dy Happy? - Geert Uytterhoeven, Glider bv

Tuesday September 17, 2024 11:55 - 12:35 CEST

Hall C (Level 2)

8 years ago, at ELCE 2016, Geert talked about the benefits and modalities of organizing development boards in a board farm, and he introduced his personal board farm. Since then, more boards found their way into his farm, with more to come. Also, other developers asked him for remote access to his boards. In this presentation, Geert will talk about the evolution of his board farm. He will tell you about things that worked well, or didn't work well, and how he improved his farm, using readily available or custom hardware. He will discuss the challenges of growing your farm, in a changing world plagued by supply chain hick-ups. He will present a way to share boards in your farm with other developers and (automated) testers, using the backend-agnostic "FRAM" tool to grant remote control to only one or more boards, and not to your whole local infrastructure.

Speakers

Geert Uytterhoeven

Embedded Linux Kernel Hacker, Glider bv

Geert Uytterhoeven became involved with Linux 30 years ago, when he started hacking the Linux kernel to make it work better on his Amiga. This paved the way for a long string of contributions to Linux. In 2013, Geert founded Glider bv (http://glider.be/), to build upon the (embedded... Read More →

Eight Years of Farming Handouts pdf

Tuesday September 17, 2024 11:55 - 12:35 CEST
Hall C (Level 2)

Embedded Linux Conference

Audience Level Intermediate
Presentation Slides Attached Yes

11:55 CEST

Bridging the Gap: Incorporating Open Source Into Product Managers' Toolbox - Philipp Ahmann, Robert Bosch GmbH

Tuesday September 17, 2024 11:55 - 12:35 CEST

Room 0.94-0.95 (Level 0)

In the world of product management, spread sheets and analysis tools dominate the daily business. However, when it comes to open source, many product managers struggle to quantify its benefits and limit it to risk and compliance handling. This session aims to bridge the gap between the open source community and product managers by exploring how open source can be incorporated into their existing tools and considerations. While traditional tools focus on quantifiable metrics, the non-quantifiable benefits of open source communities, such as technology awareness and company insights, are often overlooked. By integrating open source considerations and measuring points into existing tools and perspectives, including monetary quantifiable numbers, product managers can build a comprehensive business case that captures the value of open source. Attendees of this session will gain insights into the tools and considerations that product managers employ in their journey towards product innovation. By understanding product manager perspectives and needs, the open source community can better collaborate and support the integration of open source into product development processes.

Speakers

Philipp Ahmann

Sr. OSS Community Manager, Etas GmbH (BOSCH)

Philipp Ahmann is a senior OSS community manager at Etas GmbH (BOSCH) specializing in safety and automotive grade open source software. He holds the position of technical steering committee chair for the Linux Foundation (LF) ELISA project to Enable Linux in Safety Applications and... Read More →

1709 1155 Incorporating Open Source into Product Managers Toolbox Ahmann pdf

Tuesday September 17, 2024 11:55 - 12:35 CEST
Room 0.94-0.95 (Level 0)

Open Source Leadership Summit

Audience Level Any
Presentation Slides Attached Yes

11:55 CEST

Policing Open-Source Projects at Scale - Thomas Neidhart, Eclipse Foundation

Tuesday September 17, 2024 11:55 - 12:35 CEST

Room 2.15 (Level 2)

Large open-source foundations like the Eclipse Foundation are faced with the challenge of maintaining thousands of repositories for the numerous projects and monitoring that these repositories adhere to certain policies and security guidelines to provide an open, transparent and secure environment for the development of open-source software. We would like to present our approach to tackle these challenges: a system where our projects as hosted on GitHub have their configuration stored as code in a repository itself, and project members can request changes to this configuration by opening a pull request, and once approved, changes get applied automatically. With this approach it is possible to make the current infrastructure of a project transparent to everyone involved, highlight items that should be addressed to adhere to certain policies and empower teams to improve and secure their repositories more easily. In this talk we would also like to outline what we have learned while rolling out this service to projects at the Eclipse Foundation and how such an approach can help to increase collaboration in your community as members are able to learn from each other.

Speakers

Thomas Neidhart

Security Engineer, Eclipse Foundation

Passionate open source developer, focused on helping open-source projects to be more productive and secure.

oss eu24 policing open source projects at scale pptx

Tuesday September 17, 2024 11:55 - 12:35 CEST
Room 2.15 (Level 2)

SupplyChainSecurityCon

Audience Level Any
Presentation Slides Attached Yes

12:05 CEST

Lightning Talk: Zephyr Portability with an AI Application on Very Different MCUs - Ales Ryska, NXP

Tuesday September 17, 2024 12:05 - 12:15 CEST

Room 0.49-0.50 (Level 0)

Code portability is one of the compelling benefits of adopting Zephyr. In this session we will discuss a single AI-based face detection application that scales from a high performance, Arm Cortex-M7 based MCU to a low power Cortex-M33 based MCU with a neural processing accelerator. In addition to different main processor cores, these two platforms have quite different camera and display interfaces, and one has a limited frame buffer capability, leading to required improvements in the display driver which NXP has contributed back to the project. This session will also explore the specifics of how devicetree and Kconfig were leveraged to switch between platforms.

Speakers

Ales Ryska

System engineer, NXP Semiconductors

Ales Ryska is a systems engineer at NXP and a Zephyr enthusiast. He enjoys helping customers get to market faster with out-of-box hardware and software and easy-to-use tools. (Note: NXP may like to update the biography if class is selected)

Zephyr Application Portability pdf

Tuesday September 17, 2024 12:05 - 12:15 CEST
Room 0.49-0.50 (Level 0)

Zephyr

Audience Level Beginner
Presentation Slides Attached Yes

12:15 CEST

Lightning Talk: Using Zephyr to Power the Sustainable Cloud - Dan Kalowsky, Ampere Computing

Tuesday September 17, 2024 12:15 - 12:25 CEST

Room 0.49-0.50 (Level 0)

Share how Ampere Computing uses Zephyr to re-imagine the cloud in a more sustainable way. Covering some of the challenges encountered aligning product goals with Zephyr, adding new code coverage beyond the upstream support, and getting a test environments up and running.

Speakers

Dan Kalowsky

Firmware Engineer, Ampere Computing

Dan is an engineer passionate about code quality with an almost unhealthy relationship on simplifying processes. He has been active on and off in the Zephyr community since the start. His role at Ampere spans multiple areas of technology on the firmware development side.

Sustainable Cloud and Zephyr OSS EU 2024 pdf

Tuesday September 17, 2024 12:15 - 12:25 CEST
Room 0.49-0.50 (Level 0)

Zephyr

Audience Level Any
Presentation Slides Attached Yes

12:25 CEST

Lightning Talk: Implementing the Precision Time Protocol (PTP) in the Zephyr Project - Adam Wojasiński, BayLibre

Tuesday September 17, 2024 12:25 - 12:35 CEST

Room 0.49-0.50 (Level 0)

In order for highly distributed communication to function well, there must be a reliable time source and a way to synchronize time between devices. In applications such as automotive and industrial control, the requirements here can be strict and subject to regulatory constraints. Precision Time Protocol (PTP) is a response to these hard time synchronization requirements by achieving clock accuracy in the sub-microsecond range.

As Zephyr becomes more broadly used in these environments, it needs support for precision timekeeping. This talk will cover a brief overview of PTP, discussion of various implementation choices for Zephyr, challenges along the way and upstreaming plans.

Speakers

Adam Wojasiński

Software engineer, BayLibre

Adam began his journey with open source joining Zephyr Project over two years ago. He is working in BayLibre on the Zephyr Project. His main areas of expertise are chip bring up, SPI and Zephyr drivers. Before joining BayLibre he worked in Nordic Semiconductor on bare-metal drivers... Read More →

ptp in zephyr pdf

Tuesday September 17, 2024 12:25 - 12:35 CEST
Room 0.49-0.50 (Level 0)

Zephyr

Audience Level Intermediate
Presentation Slides Attached Yes

13:00 CEST

Automated Testing & Board Farming - Rouven Czerwinski & Jan Lübbe, Pengutronix

Tuesday September 17, 2024 13:00 - 13:40 CEST

Hall C (Level 2)

In face of the strict requirements of the CRA legislation on the horizon for EU markets, one of the key techniques to rapidly test new software releases is an automated testing setup. This session wants to collect the current state of the automated testing landscape and discuss current development directions, tools and projects. We will provide a quick summary of current projects in the space and than have a quick vote on which topics to discuss. Thereafter we encourage discussion between the audience members.

We'll be using a shared document to gather topics before and during the BoF and collect notes during the discussions:

https://docs.google.com/document/d/1oM0AREY_X-3QMBb8SRUHq1yYcJ4BaWE39gYxmYkr8AI/edit?usp=sharing

Speakers

Jan Lübbe

CTO, Pengutronix

After building Linux smartphones with OpenMoko and deploying open source GSM networks to cruise ships, Jan Lübbe joined Pengutronix in 2012 as a kernel hacker. Since then he started the RAUC and labgrid projects. In his free time, Jan builds open mesh networks at the Stratum 0 hacker... Read More →

Rouven Czerwinski

Embedded Linux Developer, Pengutronix e.K.

At first building the labgrid hardware access layer, rouven nowadays works on security solutions for embedded devices.

BoF Automated Testing Board Farming pdf

Tuesday September 17, 2024 13:00 - 13:40 CEST
Hall C (Level 2)

Embedded Linux Conference

Audience Level Beginner
Presentation Slides Attached Yes

14:00 CEST

Developing Wildlife Camera Traps with Zephyr RTOS - Alex Bucknall, Arribada Initiative

Tuesday September 17, 2024 14:00 - 14:20 CEST

Room 0.49-0.50 (Level 0)

Monitoring wildlife and environmental changes often requires deploying remote camera traps that can capture imagery and activity over long periods of time. These camera systems need to be low-power, portable, and easily adapted to different hardware configurations based on project requirements.

This talk will cover how we utilised Zephyr to develop flexible time lapse camera solutions for conservation applications. We’ll explore our time lapse camera deployment in Bermuda and how we’re using Zephyr to monitor and understand the impact of seagrass decay on the local marine life. Zephyr allowed us to rapidly target different hardware platforms by abstracting away complex hardware interactions. We'll discuss how Zephyr's hardware and driver APIs simplify peripheral access to cameras, RTCs, and power management features across multiple vendor SoCs.

Additionally, we'll explore challenges associated with this kind of cross-platform support, such as lack of core features for certain vendor SoCs. We'll also share insights into optimising for size, performance, and battery life on constrained embedded devices.

Speakers

Alex Bucknall

Senior Engineer, Arribada Initiative

An Engineer who fell into the world of conservation. Busy developing tools and projects to support conservation, environmental and humanitarian crises. PhD in high performance reconfigurable computing platforms.

Developing Wildlife Camera Traps with Zephyr RTOS pdf

Tuesday September 17, 2024 14:00 - 14:20 CEST
Room 0.49-0.50 (Level 0)

Zephyr

Audience Level Any
Presentation Slides Attached Yes

14:00 CEST

Surviving 19 Jan 2038 on 32 Bit Platforms: Lessons Learned and Common Problems - Alexander Kanavin, Linutronix

Tuesday September 17, 2024 14:00 - 14:40 CEST

Hall M2 (Level 1)

The year 2038 problem is a well known integer overflow issue on many 32 bit platforms, some of which will be still in use on the day when it happens: January 19 2038. In this talk I would like to present where the problem comes from, what the Yocto project has done to address the issue, which base work in kernel and libc has been utilized to avoid a total system collapse, how to test a system's readiness for that date, and which further issues this has uncovered in common open source components. I hope this prompts an interesting discussion and further ideas to ensure the world does not go down in 14 years.

Speakers

Alexander Kanavin

Linux / Open Source software engineer, Linutronix

Alexander is an open source developer specializing in distribution engineering using vendor-neutral tooling and userspace stacks. He is one of the primary contributors to the Yocto project and has an interest in developing foundations of digital infrastructure in a sustainable ma... Read More →

EOSS Vienna 2024 Surviving Y2038 odp

Makefile

test types time t c

EOSS Vienna 2024 Surviving Y2038 pdf

Tuesday September 17, 2024 14:00 - 14:40 CEST
Hall M2 (Level 1)

LinuxCon

Audience Level Intermediate
Presentation Slides Attached Yes

14:00 CEST

Tutorial: Securing Access to and from Remote Systems with WireGuard and Linux - Alex Feiszli, Netmaker, Inc.

Tuesday September 17, 2024 14:00 - 15:35 CEST

Hall M1 (Level 1)

IT infrastructure is all over the place: Cloud VPC's, edge servers, data centers, office networks, and more. Much of it exists on private networks or behind routers and firewalls. IT administrators are often tasked with making these resources available over the internet to employees or remote servers that are elsewhere on earth. In this tutorial, we'll use just a couple of VM's running Linux and WireGuard to set up a minimal, secure, and easily-maintainable remote access system. We'll demonstrate with a fictional business that has a physical office, uses the cloud, and has remote IT staff, an extremely common scenario. We'll walk attendees through: 1. How to set up secure access to the office network from the remote staffs' workstations. 2. How to establish access to a cloud VPC from servers in the office network. 3. How to account for corporate firewalls and other common networking challenges. By the end of this tutorial, attendees will have a good understanding of how they can use Linux and WireGuard in common IT networking scenarios.

Speakers

Alex Feiszli

Founder, Netmaker, Inc.

Alex founded Netmaker, an open source, WireGuard-based VPN, 3 years ago, and was the original author of the project. Previously, Alex worked at IBM on Multi-Cloud Kubernetes projects, and with Red Hat on various DevOps projects. In his spare time, Alex likes to travel, play ukulele... Read More →

Netmaker WireGuard OSS 2024 pptx

Tuesday September 17, 2024 14:00 - 15:35 CEST
Hall M1 (Level 1)

LinuxCon

Audience Level Intermediate
Presentation Slides Attached Yes

14:20 CEST

Exploring the Potential of Zephyr in Automotive and Software Defined Vehicles - Philipp Ahmann, Robert Bosch GmbH

Tuesday September 17, 2024 14:20 - 14:40 CEST

Room 0.49-0.50 (Level 0)

In the automotive industry more than 100 embedded control units (ECUs) are present in a typical car. They are equipped with microcontrollers responsible for various peripherals within the vehicle. Although it may be challenging to adapt automotive-specific interfaces to an IoT-driven RTOS like Zephyr, the use of standard peripherals such as GPIOs, I2C, and UART can lead to significant synergies with other products.

However, as starting point, the talk will delve into the automotive specific requirements and technology stacks necessary for integrating Zephyr into automotive development. Additionally, it will highlight areas where Zephyr may not yet be a perfect fit for automotive applications. Key touchpoints for discussion will include the compatibility of Zephyr with established automotive standards like Autosar, COVESA VSS, and CAN stack. Furthermore, the talk will address the challenges related to process compliance and adherence to safety integrity standards in the automotive industry.

This talk aims to initiate a discussion on the potential wider adoption of Zephyr in automotive products and to foster an engaging discussion among industry professionals.

Speakers

Philipp Ahmann

Sr. OSS Community Manager, Etas GmbH (BOSCH)

1709 1420 potential of zephyr in automotive ahmann pdf

Tuesday September 17, 2024 14:20 - 14:40 CEST
Room 0.49-0.50 (Level 0)

Zephyr

Audience Level Intermediate
Presentation Slides Attached Yes

14:55 CEST

Licensing Support by Build Systems - and What Remains To Be Done - Jan Altenberg, Open Source Automation Development Lab (OSADL) eG

Tuesday September 17, 2024 14:55 - 15:35 CEST

Hall B (Level 2)

Building embedded Linux systems is getting increasingly complex. The complexity does not only come from the technical aspects. The number of different packages and dependencies also make the fulfilment of license obligations quite challenging. Build systems and distro generators support us with this task. They can help in getting an overview of the licenses being used and packaging the relevant compliance material. But how far does their support really go? And is the information being provided complete?

This presentation will take a look into different licensing obligations (e.g. information obligations and disclosure obligations) and (based on the examples of the Yocto project, ELBE and ISAR) the licensing support of modern build systems will be evaluated.

Speakers

Jan Altenberg

Director, Open Source Automation Development Lab (OSADL) eG

Jan Altenberg has more than 20 years of experience in developing and maintaining Embedded Linux systems. Jan studied information technologies at the University of Cooperative Education in Stuttgart (Germany). From 2002 - 2006 he was involved in the OCEAN project, a European research... Read More →

OSSEU 2024 Licensing support by distro generators Jan Altenberg pdf

Tuesday September 17, 2024 14:55 - 15:35 CEST
Hall B (Level 2)

Embedded Linux Conference

Audience Level Intermediate
Presentation Slides Attached Yes

14:55 CEST

VSCorode: Inside Your IDE, Inside Your Git Repository - Kevin Ward & Fabian Kammel, ControlPlane

Tuesday September 17, 2024 14:55 - 15:35 CEST

Room 2.15 (Level 2)

For several years now we’ve heard the mantra of shifting left to move security as early as possible in the development process. The aim is to enable developers to understand and produce secure code right away. The primary method to support developers is to enhance their IDE with extensions which can identify security issues, highlight insecure code practices and handle integration with external services. VSCode is one of the most popular IDEs with a flourishing community of extensions for data manipulation, theming, programmatic language features and additional debugging functionality. There is a great deal of trust placed in these extensions so what would happen if an extension turned against you? This talk explores the supply chain risks associated with VSCode extensions, what is required to get an extension included in the marketplace and how simply we hand over control to an unknown third party. We will demonstrate what an adversary can achieve with a malicious extension and how it represents a future red team target from enumeration, persistence and execution.Lastly we’ll offer advice on how to prevent common attack paths.

Speakers

Kevin Ward

Principal Consultant, ControlPlane

Kevin is an Principal Consultant with over 10 years of experience designing, building and testing secure solutions for Government, Defence and Finance sectors. In his own time, Kevin enjoys hacking and hardening systems to discover the balance between security and usability. He co-authored... Read More →

Fabian Kammel

Senior Security Consultant, ControlPlane

Fabian Kammel is a Senior Security Consultant at ControlPlane, where he helps to make the (cloud-native) world a safer place. His goal is to bring hardware security and cloud-native security closer together, as well as, improving the developer experience in the security space. He... Read More →

Open Source Summit EU 2024 VSCorode Inside your IDE, Inside your Git Repository pdf

Tuesday September 17, 2024 14:55 - 15:35 CEST
Room 2.15 (Level 2)

SupplyChainSecurityCon

Audience Level Intermediate
Presentation Slides Attached Yes

15:15 CEST

Lightning Talk: How to Create an Asset Tracker With Zephyr and Thingsboard In No Time - Tobias Marquardt, grandcentrix GmbH

Tuesday September 17, 2024 15:15 - 15:25 CEST

Room 0.49-0.50 (Level 0)

In this lightning talk I'll show you how to create a working PoC of an asset tracker with very little effort by using Zephyr. It's based on an off-the-shelf cellular SoC that sends GPS data over CoAP to the open source Thingsboard IoT cloud platform.

Speakers

Tobias Marquardt

Embedded Software Engineer, grandcentrix GmbH

Tobias is an embedded software developer at grandcentrix, where he works on embedded systems built with Linux and Zephyr. Prior to this role he worked several years as C++ application developer. Apart from that he plays the electric guitar, writes a Gameboy emulator for fun and enjoys... Read More →

How to build an Asset Tracker with Zephyr and Thingsboard in no Time pdf

Tuesday September 17, 2024 15:15 - 15:25 CEST
Room 0.49-0.50 (Level 0)

Zephyr

Audience Level Intermediate
Presentation Slides Attached Yes

15:25 CEST

Lightning Talk: From Ideas to 3 Firmwares Powering Railway-Infrastructure Monitoring in 2 Years - Tobias Meyer, Konux GmbH

Tuesday September 17, 2024 15:25 - 15:35 CEST

Room 0.49-0.50 (Level 0)

Using Zephyr OS, we successfully developed three firmware versions in under two years, establishing a scalable wireless sensor network for enhanced railway infrastructure monitoring.

This talk will detail the rationale behind our technology selections, including Zephyr OS, BLE, LTE-M, and AWS Iot Core.

We will discuss specific features of Zephyr that facilitated rapid development and the aspects that presented a learning curve. Our session will explore critical design decisions, architectural frameworks using Zephyr, and effective strategies for MCU communication and optimizing battery life. It will show how projects are setup, dependency are managed using west, how firmware is tested, and which features of zephyr we use where. We'll also share common pitfalls and practical lessons learned.

Concluding with recent Zephyr updates and our reflective insights, this presentation will end with what we would have done differently this time.

Speakers

Tobias Meyer

Senior Firmware Developer, Konux GmbH

Over 20 years experience in programming, over 10 years professional.Currently working on sensors enabling transforming railway operation at Konux GmBh

oss eu 24 tobias meyer pdf

Tuesday September 17, 2024 15:25 - 15:35 CEST
Room 0.49-0.50 (Level 0)

Zephyr

Audience Level Beginner
Presentation Slides Attached Yes

16:00 CEST

Cloud Native Threat Intelligence for Everyone - Constanze Roedig, Tobias Grantner, Lukas Mahler & Josef Taha, Technische Universität Wien

Tuesday September 17, 2024 16:00 - 16:40 CEST

Room 0.11-0.12 (Level 0)

Accurate and current threat intelligence data plays a vital role in threat modelling, as we can learn about what attackers are doing in the wild, and how likely certain attack paths are to be exploited. Whilst open source threat intelligence does exist, it is often ‘event-based’, focusing on historical incidents of attackers using particular techniques to exploit specific vulnerabilities. However, what if we want to quantify our own threat models, which may involve chaining together many such attack vectors? The Kubernetes Storm Centre is a newly established open source initiative that aims to provide a framework for independent quantification of cloud native attack paths, with contributing organisations running diverse ‘honey-clusters’ and sharing their results with a central hub for the world to freely consume. In this session, we will discuss the progress made by the project so far, share our initial results and insights, and explain how interested parties can contribute.

Speakers

Josef Taha

Cloud Software Engineer, Technische Universität Wien

Dr. Constanze Roedig

Head of the Austrian Open Cloud Community, Technische Universität Wien

Constanze earned her doctorate at the Albert Einstein Institute in relativistic radiation hydrodynamics. After 8 years as a software architect focussed on reimplementing legacy systems with transparent, performant, scalable and defensible designs, she returned to academia for an Austrian-wide... Read More →

Tobias Grantner

Data Science Student, Technische Universität Wien

Tobias is currently enrolled in the Data Science Master programme at the Technical University of Vienna. As part of his "interdisciplinary project" he actively contributes to the Kubernetes stormcenter and conducts research on how to best capture Threat Intelligence in Cloud Nati... Read More →

Lukas Mahler

Student, Technische Universität Wien

k8s stormcenter oss eu24 roedig grantner mahler pptx

Tuesday September 17, 2024 16:00 - 16:40 CEST
Room 0.11-0.12 (Level 0)

CloudOpen

Audience Level Intermediate
Presentation Slides Attached Yes

16:00 CEST

DevSecOps Transformation at Speed and Scale Using Tekton - Caroline Cameron & Tony Higham, IBM

Tuesday September 17, 2024 16:00 - 16:40 CEST

Room 0.14 (Level 0)

The distributed development effort across individual teams to build secure software in a constantly evolving security threat landscape results in massive duplication of CI/CD automation work and inconsistent security and compliance postures across teams. The solution is to standardize the CI/CD security & compliance automation for development teams and centralize platform operations and maintenance. Our centralized CI/CD platform prevents software security problems from reaching production systems and streamlines compliance audits using built-in DevSecOps practices. Tekton is used as the open source orchestrator to standardize CI/CD and contribute open source enhancements through our valued ecosystem partnerships to benefit all users. The platform includes open source scanning tools such as Clair for OSS threat intelligence, SonarQube for SAST, and OWASP ZAP for DAST. The platform also extends the traditional CI and CD pipelines with a Continuous Compliance (CC) pipeline which ensures that deployed applications are scanned for new vulnerabilities on a daily basis with unique capabilities to auto remediate identified vulnerabilities and auto close resolved incident issues.

Speakers

Caroline Cameron

Senior Software Engineer, Secure Software Development, IBM

Caroline is a DevSecOps transformation thought leader and passionate advocate for integrating secure software supply chain tools and practices early and often into the SDLC. Her background in the IBM CISO organization, and keen interest in security and compliance, keep her at the... Read More →

Tony Higham

Chief Architect and Strategist - DevSecOps Transformation, IBM

With a track record as a recognized Distinguished Engineer, digital officer, and IT architect, I possess a history of delivering high-impact, innovative, customer facing solutions in the cloud applications industry. Among my talents are the ability to develop and mentor technical... Read More →

DevSecOps Transformation at Speed and Scale using Tekton pptx

Tuesday September 17, 2024 16:00 - 16:40 CEST
Room 0.14 (Level 0)

ContainerCon

Audience Level Any
Presentation Slides Attached Yes

16:00 CEST

Advanced System Profiling, Tracing and Trace Analysis with Perfetto in Android and Yocto - Anna-Lena Marx & Stefan Lengfeld, inovex GmbH

Tuesday September 17, 2024 16:00 - 16:40 CEST

Hall B (Level 2)

Tracing is a capable mechanism for deep system analysis and profiling with a minimal overhead. By recording defined system events, in Linux but also Android, tracing can be used to analyze concurrency or latency issues, for example. Android’s systrace tool made it easy to analyze and correlate traces and events due to a graphical UI, in order to help developers identify performance bottlenecks. The successor to this advanced and convenient tool is called Perfetto. It’s available for pure Linux too, and part of Yocto (meta-oe) since Langdale now. In the talk, we’ll have a look into - using Perfetto with Android and Yocto, - adding trace events to your applications, - recording traces and - analyzing system and application traces with the graphical GUI. This will allow you to take full advantage of the Perfetto trace viewer UI for analyzing memory usage, CPU scheduling, latency and more.

Speakers

Anna-Lena Marx

Senior Embedded Systems Engineer, inovex GmbH

Anna-Lena Marx has been working as an Embedded Systems Developer at inovex since 2015 and holds a Master's degree in Embedded Systems. As a hobby, she also studies Electrical Engineering. Professionally, Anna-Lena focuses on the development of Embedded Systems based on Yocto or the... Read More →

Stefan Lengfeld

Senior Embedded Systems Engineer, inovex GmbH

Stefan Lengfeld has been an Embedded Linux and Embedded Android developer at inovex since 2017. He is a Linux kernel contributor and has been professionally involved in all topics related to embedded software development since 2015. Even before that, he dove into the depths of Linux... Read More →

OSS Talk Perfetto pdf

Tuesday September 17, 2024 16:00 - 16:40 CEST
Hall B (Level 2)

Embedded Linux Conference

Audience Level Intermediate
Presentation Slides Attached Yes

16:00 CEST

Panel Discussion: Outreachy Linux Kernel Internship Report - Julia Lawall, Inria; Hans Verkuil, Cisco Systems Norway; Tahera Fahimi, University of Calgary; Khadija Kamran; and Dorcas Litunya, Jomo Kenyatta University

Tuesday September 17, 2024 16:00 - 16:40 CEST

Hall M2 (Level 1)

Come learn about the great accomplishments of our Outreachy Linux Kernel Interns! Outreachy offers open source internships to people subject to systemic bias and impacted by under-representation in the technical industry where they are living. Julia Lawall offers an overview of the Outreachy Linux Kernel Community followed by intern presentations showcasing their projects and experiences: * Dorcas Litunya: Improving support for the Vivid Test Driver * Khadija Kamran: Analyzing Linux Kernel Security Subsystems * Tahera Fahimi: Improving Landlock Access Control Linux Kernel Maintainer Hans Verkuil wraps up the panel by sharing his experience as an Outreachy mentor.

Speakers

Hans Verkuil

Cisco Systems Norway

Hans Verkuil started contributing patches to the MPEG encoder/decoder ivtv driver in early 2004 and it snowballed from there. He is a media subsystem co-maintainer responsible for V4L2 bridge drivers, video receivers and transmitters, and maintainer of the HDMI CEC framework. Since... Read More →

Julia Lawall

Researcher, Inria

Dorcas Litunya

Jomo Kenyatta University

Khadija Kamran

Intern

Hi everyone 👋🔭 Khadija here! I am a Software Engineer and I have 4 years of experience working as a full stack developer.👩 I am working as a Software Developer for Quantl, a company that provides financial sevices.🎇 I am a django developer and work with a team on Quantl's website... Read More →

Tahera Fahimi

Outreachy Intern, Linux Foundation

Tahera Fahimi is a graduate student at the University of Calgary.

outreachy panel pdf

Tuesday September 17, 2024 16:00 - 16:40 CEST
Hall M2 (Level 1)

LinuxCon

Audience Level Any
Presentation Slides Attached Yes

16:00 CEST

"Here Is a Clean Section of the Beach" - Proactively Auditing Open Source Dependencies and Letting End Users Know - Munawar Hafiz, OpenRefactory & Michael Winser, Alpha-Omega

Tuesday September 17, 2024 16:00 - 16:40 CEST

Room 2.15 (Level 2)

Open source dependencies pose the most serious threat for all software. Software Composition Analysis (SCA) tools can help understand the risk profile using data collected about known vulnerabilities. But what about the unknown ones? The Alpha-Omega project, sponsored by Amazon, Google and Microsoft, has been challenged with the tasks of scouring the most popular Open Source libraries in order to “clean the beach” to make it safe for everyone. But the beach is huge and how can this project be performed at scale? In this talk, Michael Winser, Alpha-Omega co-founder, and Dr. Munawar Hafiz, CEO of OpenRefactory, will discuss the progress that Alpha-Omega has made in scanning and repairing thousands of Open Source libraries. They will describe the scaling challenges, the data handling and storage challenges and how the information is made available to the end users.

Speakers

Munawar Hafiz

CEO, OpenRefactory

Munawar Hafiz is the founder and head of innovations of OpenRefactory, Inc., an application security company that intends to improve the way developers write secure, reliable and compliant code. Munawar had a body of work on automated bug fixing in academia which lays the foundation... Read More →

Michael Winser

Co-founder, Alpha-Omega

Michael is a 40 year veteran in the software industry, with over 25 of those years at Google and Microsoft. He co-founded Alpha-Omega while at Google. Michael is an industry expert in software supply chain security, software development, and developer ecosystems. In addition to Alpha-Omega... Read More →

OSS Europe Talk pdf

Tuesday September 17, 2024 16:00 - 16:40 CEST
Room 2.15 (Level 2)

SupplyChainSecurityCon

Audience Level Beginner
Presentation Slides Attached Yes

16:55 CEST

Taming DMA: Tales Wrestling Memory Corruption - Ahmad Fatoum, Pengutronix

Tuesday September 17, 2024 16:55 - 17:35 CEST

Hall C (Level 2)

Direct Memory Access frees up the CPU for other important work, while devices read and write data in the background. This is as good as it sounds and most embedded systems make ample use of this; for good sound and otherwise. On the flipside, incorrectly configured DMA and the creeping memory corruption that results can decidedly be more unpleasant than the possible slow-down of using PIO. Ahmad's bootloader and kernel escapades have not been spared from the wrath of DMA masters. In this talk, he will share tales of his debugging campaigns and how tracking down memory corruption led him to learn, one bug at a time, more about the internals of Linux' and barebox' DMA API, ARM cache maintenance and the limitations of DMA controllers.

Speakers

Ahmad Fatoum

Embedded Linux Developer, Pengutronix

Ahmad joined the kernel team at Pengutronix in 2018 to work full-time on furthering Linux world domination. He does so by helping automotive and industrial customers build embedded Linux systems based on the mainline Linux kernel. Having a knack for digging in low-level guts, his... Read More →

taming dma pdf

Tuesday September 17, 2024 16:55 - 17:35 CEST
Hall C (Level 2)

Embedded Linux Conference

Audience Level Intermediate
Presentation Slides Attached Yes

16:55 CEST

Building a Hypervisor Firewall with nftables and Rust - Stefan Hanreich, Proxmox Server Solutions

Tuesday September 17, 2024 16:55 - 17:35 CEST

Hall M2 (Level 1)

Firewalls play a pivotal part in securing a hypervisor and its guests from internal and external threats. In this talk I want to show how to utilize nftables for creating complex rulesets in a virtualized Linux network environment.

This talk will start with a short introduction on nftables and Linux network virtualization. I will then dive deeper by showing how to create complex rulesets efficiently by utilizing the built-in nftables datastructures. Furthermore, I will show how zone-based firewalling can be implemented by leveraging the nftables bridge family, with a focus on virtualized network environments common in hypervisors. To finish off, I will talk about how to use Rust for interfacing with nftables via JSON by using the provided nftables-json schema to programmatically create firewall rules.

Speakers

Stefan Hanreich

Software Engineer, Proxmox Server Solutions

Stefan has been passionate about Linux since he first started using it in his teenage years. He works as a software engineer for Proxmox since 2022 with a focus on the networking stack.

presentation pdf

Tuesday September 17, 2024 16:55 - 17:35 CEST
Hall M2 (Level 1)

LinuxCon

Audience Level Intermediate
Presentation Slides Attached Yes

16:55 CEST

Testing, a Journey from Testing Kernels to Testing Debian and Yocto - Sudip Mukherjee, Codethink Ltd

Tuesday September 17, 2024 16:55 - 17:35 CEST

Hall M1 (Level 1)

Testing is an integral part of the software lifecycle. For software which are in continuous development it's even more important to have regular testing so that any bugs or errors can be detected early. In this talk, I will present how I started testing the Linux Kernel in a personal capacity and the status of Kernel testing that is now being done as part of Codethink. I will also present how that testing infrastructure has evolved to test Debian Sid on a RPI4 from a CI pipeline and the problems we had to overcome. That same infrastructure is now being modified to test Yocto from a gitlab CI pipeline.

Speakers

Sudip Mukherjee

Software Engineer, Codethink Ltd

A software engineer at Codethink Ltd for 9 years and involved with opensource for more than 11 years. Also, a Debian Developer and a member of Elisa TSC (Technical Steering Committee).

testing debian yocto pdf

Tuesday September 17, 2024 16:55 - 17:35 CEST
Hall M1 (Level 1)

LinuxCon

Audience Level Beginner
Presentation Slides Attached Yes

16:55 CEST

Capslock: Escaping Bad Dependencies - Jess McClintock, Google

Tuesday September 17, 2024 16:55 - 17:35 CEST

Room 2.15 (Level 2)

A package’s permissions and capabilities constrain its blast radius if compromised. Analysing and restricting these permissions can thwart potential attack vectors, such as we have recently seen with inserting malicious code into programs via third-party libraries, sometimes by gaining commit access to an existing trusted package.
Security vulnerabilities can also be caused by excessive but well-intended privileges in packages that have unintended scope. Visibility into package permissions can help motivate the principle of least privilege within the ecosystem and increase scrutiny on dangerous capabilities.

Capslock is a CLI tool for analysing Go package imports that works on a callpath-level to look at only the capabilities accessible by the caller (instead of just looking at package imports). This ensures that the signals provided aren’t overly broad or noisy, in order to decrease false positive rates and prevent alert fatigue for users. This model is influenced by mobile phone permissions systems, where users can make decisions on the behaviours that apps require.

Capslock capability results are now available for Go on deps.dev, with support for more languages in development.

Speakers

Jess McClintock

Senior Software Engineer, Google

Jess is a senior software engineer on the Open Source Security team at Google. In this role, she develops software solutions to security problems. Previously, Jess completed a PhD in theoretical computer science at the University of Melbourne, and has written papers on approximation... Read More →

Capslock escaping bad dependencies pdf

Tuesday September 17, 2024 16:55 - 17:35 CEST
Room 2.15 (Level 2)

SupplyChainSecurityCon

Audience Level Intermediate
Presentation Slides Attached Yes