Loading…
Attending this event?
September 16-18, 2024
Vienna, Austria
View More Details & Registration
Note: The schedule is subject to change.

The Sched app allows you to build your schedule but is not a substitute for your event registration. You must be registered for Open Source Summit Europe 2024 to participate in the sessions. If you have not registered but would like to join us, please go to the event registration page to purchase a registration.

This schedule is automatically displayed in Central European Summer Time (UTC/GMT +2). To see the schedule in your preferred timezone, please select from the drop-down menu to the right, above "Filter by Date."

IMPORTANT NOTE: Timing of sessions and room locations are subject to change.

Simple
Expanded
Grid
By Venue
Intermediate clear filter
Monday, September 16
 

11:20 CEST

SBOM Implementation Reality - from Crawl to Walk, the SPDX Lite Profile for the First Step. - Norio Kobota, Sony Gorup Corporation & Takashi Ninjouji, Toshiba Corporation
Monday September 16, 2024 11:20 - 12:00 CEST
Room 0.94-0.95 (Level 0)
This session will introduce the SPDX Lite profile, its background, and what and how it solves with many JSON examples. The Lite profile of SPDX 3.0 is designed to make it quick and easy to start creating a Software Bill of Materials (SBOMs) when a company has limited capacity for introducing new items into its process. Over the past few years, the importance of SBOM has increased. As interest in SBOM from government agencies and industries grows, the SBOM specification extends significantly to meet these various needs. SPDX Lite is a lightweight and compact SBOM specification. The OpenChain Project Japan WG explores and promotes SBOM. The focus is on making the SBOM practical from security assurance and license compliance perspectives and on sharing and transferring SBOM across the global software supply chain in any industry. SPDX Lite is one of the achievements of collaboration between the OpenChain project and the SPDX project. Attendees in this session will learn the first steps to creating an SBOM using the Lite profile of SPDX 3.0 by several examples of SBOM documents that address regulations and requirements.
Speakers
avatar for Takashi Ninjouji

Takashi Ninjouji

Chief Specialist, Toshiba Corporation
Takashi Ninjouji, Chief Specialist at Toshiba Corporation, works on open source, open standards, and compliance and was the first head of OSPO. He is strongly attracted to open source to collaborate with a diverse community, including companies. He is a member of the OpenChain Project's... Read More →
avatar for Norio Kobota

Norio Kobota

Senior Open Source Strategist, Sony Gorup Corporation
Norio Kobota is a Senior Open Source Strategist in Sony Group Corporation. He is the chair of Open Source Software License Committee in Sony and works to improve OSS compliance and relationships with OSS communities. He represents Sony as a board member of OpenChain Project. And he... Read More →
Monday September 16, 2024 11:20 - 12:00 CEST
Room 0.94-0.95 (Level 0)
  Operations Management Summit

12:15 CEST

Open Source and IP Departments: Risk Containment and Portfolio Management - Shane Coughlan, The Linux Foundation
Monday September 16, 2024 12:15 - 12:35 CEST
Room 0.94-0.95 (Level 0)
Product teams, R&D teams and OSPOs occasionally find themselves in an adversarial situation with IP Departments around open source and how it should be managed in an organization. This is usually due to misunderstandings about how open source provides value and how the risks associated with it can be contained. With open source increasingly necessary for organizations to compete effectively, it is important to ensure all departments understand its strategic importance, and how to manage it in the context of their KPIs and requirements. This talk will explain how to collaborate with IP Departments using the language of external risk containment and internal portfolio management, and help IP Department staff assess open source as part of a diversified IPR strategy.
Speakers
avatar for Shane Coughlan

Shane Coughlan

OpenChain General Manager, The Linux Foundation
Shane Coughlan is an expert in communication, security and business development. His professional accomplishments include spearheading the licensing team that elevated OIN into the largest patent non-aggression community in history and establishing the first global network for open... Read More →
Monday September 16, 2024 12:15 - 12:35 CEST
Room 0.94-0.95 (Level 0)
  Operations Management Summit

12:35 CEST

Enhancing Kernel Functional Safety Analysis with KS-nav - Alessandro Carminati & Gabriele Paoloni, Red Hat
Monday September 16, 2024 12:35 - 12:55 CEST
Room 0.96-0.97 (Level 0)
In order to make functional safety claims on SW components, having a clear understanding of the underlying software architecture is crucial. However, if SW architectural documentation is missing, understanding how software operates and how its parts fit together can be challenging. For the Linux kernel and many other OSS SW, such documents are absent and instead, analysts must rely on code, which can be hard to read.
ks-nav is a tool designed to help in reverse engineering and understanding the code by generating diagrams that highlight the interactions between code elements and sub-elements.

ks-nav relies on binary images instead of source code analysis to get rid of the uncertainty introduced by configurations, compiler optimizations, and any other toolchain related issues. Additionally, using the MAINTAINERS file, it precisely pinpoints subsystems, enabling users to delve into their interactions with clarity.

This session focuses on:
* Why understanding the code is critical in FuSa activities;
* How ks-nav works, how it addresses the various challenges of analyzing the code;
* An example of how ks-nav can be used to support an expert-driven FMEA for a specific use case.
Speakers
avatar for Gabriele Paoloni

Gabriele Paoloni

Sr SW Principal Engineer, Red Hat
Gabriele Paoloni is an Open Source Community Technical Leader at Red Hat. He is a passionate technologist and has strong experience in both functional safety and Linux Kernel development, including previous roles leading FuSa software architecture for Intel platforms, CCIX vice chairman... Read More →
avatar for Alessandro Carminati

Alessandro Carminati

Principal Software Engineer, Red Hat
As a Linux Kernel Engineer within the RedHat Automotive Team, I specialize in both upstream contributions and downstream efforts, focusing on enhancing Linux kernel functionality for automotive.With a background in embedded Linux development and Linux security for embedded systems... Read More →
Monday September 16, 2024 12:35 - 12:55 CEST
Room 0.96-0.97 (Level 0)
  Critical Software Summit

13:20 CEST

AOSP Developers Birds of a Feather - Chris Simmonds, 2net Ltd
Monday September 16, 2024 13:20 - 14:00 CEST
Room 0.14 (Level 0)
This Birds of a Feather meeting is an opportunity for all developers working with embedded Android to come together and share ideas, grumbles and clever hacks. Some of the topics you might like to talk about include these: * Building AOSP * Creating and maintaining board support packages * Integration with Android Studio * Testing and debugging * Security, SELinux, secomp, sandboxing Come along if you find *any* of this stuff interesting!
Speakers
avatar for Chris Simmonds

Chris Simmonds

software consultant, 2net Ltd
Chris Simmonds is a software consultant and professional geek living in Northern England. He has more than two decades of experience in designing and building open-source embedded systems. He is a big believer in Open Source and the importance of community. He is the author of the... Read More →
Monday September 16, 2024 13:20 - 14:00 CEST
Room 0.14 (Level 0)
  Embedded Linux Conference

14:15 CEST

Panel Discussion: eBPF: A New Era in Cloud Infrastructure Tools - Liz Rice, Isovalent; Frederic Branczyk, Polar Signals Inc.; Hemanth Malla, Datadog; Yusheng Zheng, EUNOMIA INC.; and Richard Simon, T-Systems International
Monday September 16, 2024 14:15 - 14:55 CEST
Room 2.15 (Level 2)
eBPF has become something of a buzzword recently, but why is it being used in so many tools for observability, security and networking? What does it bring that other approaches don't offer? How can you leverage the power of eBPF in your organization? Join this session to learn from the creators and maintainers of leading open source eBPF projects about how this kernel technology enables high-performance, scalable cloud infrastructure tools.
Speakers
avatar for Liz Rice

Liz Rice

Chief Open Source Officer, Isovalent at Cisco
Liz Rice is Chief Open Source Officer with eBPF specialists Isovalent, creators of the Cilium project. She was chair of the CNCF's Technical Oversight Committee 2019-2022, and Co-Chair of KubeCon + CloudNativeCon in 2018. She is also the author of "Learning eBPF" and "Container Security... Read More →
avatar for Hemanth Malla

Hemanth Malla

Senior Software Engineer, Datadog
Hemanth Malla is a Senior Software Engineer working on Kubernetes and container networking at Datadog. He is also a Cilium CNCF maintainer. Previously he worked on various distributed systems in industries like e-commerce, fintech and high frequency trading. Apart from computers... Read More →
avatar for Frederic Branczyk

Frederic Branczyk

Founder, Polar Signals Inc.
Frederic is the founder of Polar Signals. Before founding Polar Signals he was a senior principal engineer and main architect for all things Observability at Red Hat, joining through the CoreOS acquisition. Frederic is a Prometheus & Thanos maintainer and tenured as a tech lead for... Read More →
avatar for Yusheng Zheng

Yusheng Zheng

eunomia-bpf - Open Source Developer, EUNOMIA INC.
Yusheng Zheng is an active open source contributor and the founder of the eunomia-bpf lab. With a focus on eBPF, she has developed notable projects, including userspace eBPF runtime for Uprobe and Syscall hooks that align with kernel eBPF standards and integrating eBPF with WebAssembly... Read More →
avatar for Richard Simon

Richard Simon

CTO, T-Systems International
Richard has 34 years of IT industry experience. He has been working in Cloud Computing for 15 years. He's done various roles (Systems Engineer, Senior Kubernetes Architect, Principal Consultant and now CTO). He's worked for a number of prestigious IT vendors and service providers... Read More →
Monday September 16, 2024 14:15 - 14:55 CEST
Room 2.15 (Level 2)
  CloudOpen

14:15 CEST

Cross Industry Demands and Collaboration Opportunities in Open Source for Safety Critical Systems - Philipp Ahmann, Robert Bosch GmbH & Olivier Charrier, Wind River
Monday September 16, 2024 14:15 - 14:55 CEST
Room 0.96-0.97 (Level 0)
The increasing computation power of embedded CPUs has revolutionized industries such as Automotive, Aerospace, or Industrial by enabling centralized and enhanced use cases, software-defined functionalities, and increased automation. The challenges of this increased complexity are often addressed by incorporating Open Source Software, particularly Linux, virtualization and RTOS. As these industries are heavily regulated by quality and safety-integrity standards, the certification of these highly complex systems becomes crucial.

Starting from the similarities and overlaps in system architecture design across use cases, this talk will explore the demands imposed by safety integrity standards in various industries. To develop these systems and adhere to required processes, the integration of tools and a high degree of automation is essential.

The authors show how Open Source projects bridge the gap between open source and safety-criticality, introducing tools and processes, and showcasing collaborative efforts in creating reproducible example system architectures. These systems can serve as a foundation for companies and projects adopting Open Source in safety-critical applications.
Speakers
avatar for Philipp Ahmann

Philipp Ahmann

Sr. OSS Community Manager, Etas GmbH (BOSCH)
Philipp Ahmann is an experienced senior OSS community manager at Etas GmbH (BOSCH) specializing in safety and automotive grade open source stacks for software defined vehicles. He holds the position of technical steering committee chair for the Linux Foundation ELISA project to Enable... Read More →
avatar for Olivier Charrier

Olivier Charrier

Principal Technologist - Functional Safety, Wind River
Olivier Charrier obtained a Master’s degree in Software Engineering (DESS) from Bordeaux University in 1989.After working for Alsys/Aonix on Ada development environment for embedded systems, Olivier joined Wind River in June 2001 where his focus is to help Wind River's customers... Read More →
Monday September 16, 2024 14:15 - 14:55 CEST
Room 0.96-0.97 (Level 0)
  Critical Software Summit

14:25 CEST

Lightning Talk: Optimizing Kubernetes Multicluster Backup & Restore - Hường Đinh, Viettel Solutions
Monday September 16, 2024 14:25 - 14:35 CEST
Hall M2 (Level 2)
In this presentation, I aim to address critical challenges in Kubernetes cluster management, particularly focusing on optimizing multicluster backup and restore processes using Velero. The current state of Kubernetes cluster management emphasizes the critical importance of implementing robust backup and restore processes. However, a challenge arises when dealing with multiple clusters, requiring the installation of Velero on each cluster, resulting in complex and resource-intensive multicluster Kubernetes environments. To address this issue, the proposed solution advocates for a centralized Velero installation, allowing for the backup and restore of individual clusters using their corresponding kubeconfig. The talk delves into the design architecture of multicluster backups, outlining how to integrate this approach with Velero's existing features. This innovative approach not only simplifies management but also optimizes resource utilization in a way that aligns with the evolving landscape of Kubernetes cluster operations. I aim for the audience to leave with actionable insights and a clear roadmap for implementing centralized backup strategies in their own multicluster setups.
Speakers
avatar for Hường Đinh

Hường Đinh

Cloud Engineer, Viettel Solutions
Cloud Solution Engineer
Monday September 16, 2024 14:25 - 14:35 CEST
Hall M2 (Level 2)
  ContainerCon

14:35 CEST

Lightning Talk: Process Level Packet Filter for Containers Using eBPF - Ruturaj Mohite, IIIT Bangalore
Monday September 16, 2024 14:35 - 14:45 CEST
Hall M2 (Level 2)
With the rise in container use, it's becoming crucial to safeguard compromised containers from malicious exploitation. A compromised container could be hijacked to join a network of computers to participating in a Denial of Service attack, leak sensitive information back to an attacker or be used to steal compute resources for mining cryptocurrency. Ruturaj introduces a packet filter built using eBPF to filter packets based on their L3 and L4 destination metadata (such as destination IP address and port) as well as the process and container (cgroup) of origin. This filter also detects any new containers at runtime and filters their traffic.
Speakers
avatar for Ruturaj Mohite

Ruturaj Mohite

Student, IIIT Bangalore
Ruturaj is a computer science student at the International Institute of Information Technology, Bangalore. In the past he has interned with Google and CNCF and worked on cloud native projects. He also maintains and has contributed to CircuitVerse,org, an open source digital logic... Read More →
Monday September 16, 2024 14:35 - 14:45 CEST
Hall M2 (Level 2)
  ContainerCon

15:25 CEST

How to Make Your Kubernetes Add-Ons Management Painless in Multi Cloud - Eleni Grosdouli & Gianluca Mardente, Cisco Systems
Monday September 16, 2024 15:25 - 16:05 CEST
Room 2.15 (Level 2)
One of the most powerful aspects of Kubernetes is its extensibility. But with flexibility comes complexity. Deploying Kubernetes add-ons extend its functionality, but with most platform engineers managing and maintaining multiple clusters across different environments comes the pain. Giving a breather to platform administrators will allow them to be more productive and creative, while enabling them to perform deployments easily, quickly and reliably. From a small home lab to large-scale production environments, keeping up with Kubernetes add-ons deployment and management in a consistent, reliable, and maintainable manner can be like trying to find Nemo on the CNCF landscape. In this engaging session, we will demonstrate: - How smoothly Flux synchronises Kubernetes resources - How to use different add-on formats, including Helm charts, raw YAML/JSON highlighting the Lua language template creation for advanced deployments and logical application - How to deploy Cilium as a CNI - How to deploy Kyverno policies to clusters based on their scope as templates Attendees will learn a new, easy and creative way of deploying applications whether on-prem or in the cloud.
Speakers
avatar for Gianluca Mardente

Gianluca Mardente

Principal Engineer, Cisco Systems
A passionate advocate for automation in Kubernetes environments, Gianluca brings a lot of experience to his role as a Principal Engineer at Cisco Systems. He contributes to the open-source community by actively maintaining Projectsveltos, a set of Kubernetes controllers that simplify... Read More →
avatar for Eleni Grosdouli

Eleni Grosdouli

DevOps Consulting Engineer, Cisco Systems
The go-to person for DevOps and Kubernetes Automation, with a passion for networking, security, endpoint management, and endpoint security, Eleni brings diversity of experiences to her role as a DevOps Consulting Engineer at Cisco Systems. Always eager to learn, she enjoys trying... Read More →
Monday September 16, 2024 15:25 - 16:05 CEST
Room 2.15 (Level 2)
  CloudOpen

15:25 CEST

Bringing Existing Open-Source Code into MISRA Compliance - Roberto Bagnara, University of Parma and BUGSENG
Monday September 16, 2024 15:25 - 16:05 CEST
Room 0.96-0.97 (Level 0)
Bringing an existing codebase into MISRA compliance is known to be a difficult, risky and time-consuming task. Yet, when a product needs a functional safety certification and rewriting the software is out of question, this is a necessity. Such an endeavor requires facing multiple tradeoffs and, consequently, lots of experience both on the codebase and on MISRA. The choices between deviating the guideline, and the (often, many) ways in which code may be changed and deviations may be formulated, are tough and with consequences that are not immediately evident. The situation is particularly interesting in the case of open-source software, where additional challenges have to be faced. In this presentation, we illustrate our experience and the several lessons learned while undertaking MISRA compliance work in open-source projects, most notably the Zephyr RTOS and the Xen hypervisor, both used in many embedded systems. Key take-home points include: effective deviation strategies and mechanisms; dealing with the MISRA C essential type model (guidelines related to that account for many of the violations in existing codebases); interaction with open-source communities.
Speakers
avatar for Roberto Bagnara

Roberto Bagnara

Professor, University of Parma and BUGSENG
Roberto Bagnara is professor of Computer Science at the University of Parma and Software Verification Expert and Evangelist at BUGSENG. He coauthored more than 40 papers, in international journals and conference proceedings, on programming languages, static analysis and other techniques... Read More →
Monday September 16, 2024 15:25 - 16:05 CEST
Room 0.96-0.97 (Level 0)
  Critical Software Summit

15:25 CEST

From Hardware to Linux - Stefan Eichenberger, embear GmbH
Monday September 16, 2024 15:25 - 16:05 CEST
Room 0.14 (Level 0)
This presentation will show a step-by-step guide from hardware design to a fully functional Linux system. Initial considerations in the hardware design phase will help simplify the bringup. This includes designing for testability and incorporating features that make debugging easier, such as having accessible test points and providing instrumentation, such as a serial console and a JTAG interface. The next phase involves the bootloader, which is the first software component to run on the system. At this stage, we can use JTAG for early debugging to get some text output and eventually a console. The transition to the Linux kernel involves strategies that may include using JTAG again for early kernel debugging, followed by using printk and KDB for later diagnostics. The final phase involves the root file system and userspace tools that help bring up the rest of the peripherals. This final section of the presentation shows some userspace diagnostic and debugging tools for successfully getting a Linux-based system up and running.
Speakers
avatar for Stefan Eichenberger

Stefan Eichenberger

Embedded Software Engineer, embear GmbH
I started my career 20 years ago with an apprenticeship as an electronics technician. I was always fascinated by embedded software, which led me to study electrical engineering and computer science. Since then I have been working as an embedded software engineer using embedded Linux... Read More →
Monday September 16, 2024 15:25 - 16:05 CEST
Room 0.14 (Level 0)
  Embedded Linux Conference

15:25 CEST

Exploration of Compliance Governance Based on Operating Systems - Ziwei Ding, Kylin Software Co., Ltd
Monday September 16, 2024 15:25 - 16:05 CEST
Room 0.94-0.95 (Level 0)
Open source compliance management occupies an important position in enterprise open source management, but for operating systems, the scenarios that require compliance management are complex and numerous, and management is difficult, but it is still a task that we have to face.This topic focuses on enterprise open source compliance management, starting from the overall development process of the operating system, explains in detail a variety of development scenarios, analyzes the pain points and difficulties of compliance management in different scenarios, and gives some thoughts and suggestions on compliance management.
Speakers
avatar for Ziwei Ding

Ziwei Ding

Compliance R&D Engineer, openEuler
I focus on the thinking and practice of open source compliance, participate in open source compliance governance and other related work, and am active in the openeuler community as a maintainer of the compliance community.
Monday September 16, 2024 15:25 - 16:05 CEST
Room 0.94-0.95 (Level 0)
  Operations Management Summit

16:20 CEST

Fine-Grained Policies RBAC with OpenFGA - José Carlos Chávez, Okta
Monday September 16, 2024 16:20 - 17:00 CEST
Room 2.15 (Level 2)
The fine-grained nature of cloud native deployments requires fine-grained authorization at each component. However, this may require security policies to be centrally defined and the configurations reflecting them to be defined in each microservice to enable uniform, consistent enforcement across the entire system which is hard to model and maintain. OpenFGA is an open source solution to Fine-Grained Authorization that applies the concept of Relationship-based access control (ReBAC) where a subject's permission to access a resource is defined by the presence of relationships between those subjects and resources. It was designed for reliability and low latency at a high scale. This talk will offer an overview of OpenFGA, ReBAC and its advantages over more traditional RBAC and ABAC in the context of Zero Trust.
Speakers
avatar for José Carlos Chávez

José Carlos Chávez

Security Software Engineer, Okta
José Carlos Chávez is a Security Software Engineer at Okta, an OWASP Coraza co-leader and a Mathematics student at the University of Barcelona. He enjoys working in Security & Compliance, compiling to WASM, designing APIs and building distributed systems. While not working with... Read More →
Monday September 16, 2024 16:20 - 17:00 CEST
Room 2.15 (Level 2)
  CloudOpen

16:20 CEST

Hidden in Plain Sight: Corner Case Defects - Robert Altnoeder, LINBIT HA-Solutions GmbH
Monday September 16, 2024 16:20 - 17:00 CEST
Room 0.96-0.97 (Level 0)
This session is about often unexpected and sometimes intricate defects that may either occur infrequently, seemingly randomly, or only in very specific corner cases.

These defects are often overlooked by developers, and most tests may not discover them either, despite how widespread they are, often lurking in plain sight, waiting to strike at the most unfortunate moment.
In this session, we will take a look at some code examples, we will talk about the sometimes surprising ways in which things can go wrong, and about how to avoid repeating the same mistakes.
Speakers
avatar for Robert Altnoeder

Robert Altnoeder

Developer, former RCA team member, LINBIT HA-Solutions GmbH
Robert has worked in the IT industry for almost 20 years in various roles, including as a root cause analysis specialist for a big international IT company. The subjects of code correctness and robustness are one of this main areas of interest, and the focus of a significant portion... Read More →
Monday September 16, 2024 16:20 - 17:00 CEST
Room 0.96-0.97 (Level 0)
  Critical Software Summit
  • Audience Level Intermediate
  • about Robert has worked in the IT industry for almost 20 years in various roles, including as a root cause analysis specialist for a big international IT company. The subjects of code correctness and robustness are one of this main areas of interest, and the focus of a significant portion of his own software development projects. He currently works as a software developer and consultant for LINBIT HA-Solutions GmbH in Austria.

16:20 CEST

Embedded Audio Policies Made Easy with WirePlumber - George Kiagiadakis, Collabora
Monday September 16, 2024 16:20 - 17:00 CEST
Room 0.11-0.12 (Level 0)
Building robust audio policies on embedded systems that integrate well with upstream APIs and components such as PipeWire and PulseAudio has been a challenging task for a long time. In many implementations, custom hardware DSP management components are built, bypassing existing upstream functionality, making integration and maintenance harder than they need to be. In this talk, George will explain how many of these difficulties can be overcome by integrating management directly into WirePlumber, the default session manager of PipeWire, and how existing functionality can be factored in to build complex solutions with ease. Emphasis will be given also on how recent developments in WirePlumber have improved this particular use case.
Speakers
avatar for George Kiagiadakis

George Kiagiadakis

Principal Software Engineer, Collabora
George Kiagiadakis is a principal software engineer at Collabora, with over 14 years of experience in open source and embedded multimedia projects in particular. He is the author and maintainer of WirePlumber, a modular session manager for PipeWire, and has worked extensively with... Read More →
Monday September 16, 2024 16:20 - 17:00 CEST
Room 0.11-0.12 (Level 0)
  Embedded Linux Conference

16:20 CEST

Practical Application of Verified Boot - Rouven Czerwinski, Pengutronix e.K.
Monday September 16, 2024 16:20 - 17:00 CEST
Room 0.14 (Level 0)
More and more applications of embedded linux systems require them to ensure that only trusted software is started on the device. This means that verified boot procedures need to be employed to verify the software running on the device. This talk will highlight the necesssary components to cryptographically verify the bootloader, kernel and filesystem. It will also show how these components can be integrated using the OpenEmbedded build system. Bootloader verification will be covered by providing examples to use the signing.bbclass in Yocto in conjunction with the NXP CST tool to sign a bootloader, kernel verification is covered by a to be upstreamed fitimage class and filesystem verification will be shown with a dm-verity class example for Yocto. Additionally the talk will highlight common pitfalls when deploying locked down embedded systems encountered during project work. We will also cover the case of using GPLv3 licenses on locked down devices.
Speakers
avatar for Rouven Czerwinski

Rouven Czerwinski

Embedded Linux Developer, Pengutronix e.K.
At first building the labgrid hardware access layer, rouven nowadays works on security solutions for embedded devices.
Monday September 16, 2024 16:20 - 17:00 CEST
Room 0.14 (Level 0)
  Embedded Linux Conference

16:20 CEST

Data Contracts Are an Open Standard and Good for Data - Jean-Georges Perrin, Bitol Project
Monday September 16, 2024 16:20 - 17:00 CEST
Hall B (Level 2)
Bitol is one of the newest LF AI & Data projects focusing on open standards and open source tools for modern data engineering. Bitol's flagship standard is ODCS (Open Data Contract Standard). In this talk, as the chair of the Bitol TSC, I will first explain what a data contract is, their importance for data (and AI) governance, the work of the Bitol project, and focus on the benefits of data contracts for data, AI, and analytics. I will conclude with an end-to-end demo of creating and enforcing data contracts using open-source and free tools.
Speakers
avatar for Jean-Georges Perrin

Jean-Georges Perrin

CIO | Chair of the TSC, AbeaData | Bitol @ LF AI Data
Jean-Georges “jgp” Perrin is the chief innovation officer at AbeaData, focusing on building innovative and modern data tooling. He is also chair of the Open Data Contract Standard (ODCS) at the Linux Foundation project Bitol, co-founder of AIDA User Group, and author of multi... Read More →
Monday September 16, 2024 16:20 - 17:00 CEST
Hall B (Level 2)
  Open AI + Data Forum

16:20 CEST

What Makes a Good, or Bad, Open Source Experience?! - Ildiko Vancsa, Open Infrastructure Foundation & Philip Robb, Ericssson Software Technology
Monday September 16, 2024 16:20 - 17:00 CEST
Hall C (Level 2)
Open source means a lot of things to a lot of people. That may be why it’s one of the most misunderstood and misused terms in tech and related ecosystems. In fact, if you ask ten different people in tech “what is open-source?”, you are likely to get ten very different answers. We know, we’ve done it! So what makes a “good” or “bad” experience for users and participants in open-source projects? Ildiko and Phil have set out to answer this question with their “My Open Source Experience” podcast. They are talking to seasoned professionals and newbies, to understand the challenges and successes they’ve experienced so far. Questions they ask include: Was it the code, the community, or the person's employer that made their experience better or worse? How did people navigate difficulties? What are “best practices” to achieve “success” however that is defined for individuals, their organization, and/or their community? In this talk Ildiko and Phil share some of the most interesting take-aways from their conversations with podcast guests as well as from their own open source journeys, and invite the audience to join the conversation and share their experiences.
Speakers
avatar for Phil Robb

Phil Robb

President, Ericssson Software Technology
Phil is the Head of Ericsson Software Technology (EST), where he leads a passionate group of engineers developing open source software across a wide range of projects. Prior to Ericsson, Phil was the V.P. of Operations for the Networking Projects at the Linux Foundation for six years... Read More →
avatar for Ildiko Vancsa

Ildiko Vancsa

Director of Community, Open Infrastructure Foundation
Ildikó is working for the Open Infrastructure Foundation as Director of Community. As part of her role, she is the Community Manager for the StarlingX and the Kata Containers projects, and a co-leader of the OpenInfra Edge Computing Group. She is an evangelist of open collaboration... Read More →
Monday September 16, 2024 16:20 - 17:00 CEST
Hall C (Level 2)
  Open Source Leadership Summit

16:20 CEST

Open Source Compliance Management - Removing the Thorn from Your Company's Side - Eleftheria Stefanaki & Jimmy Ahlberg, Ericsson
Monday September 16, 2024 16:20 - 17:00 CEST
Room 0.94-0.95 (Level 0)
This session covers two major topics: Firstly, the significance of an open source management system in the context of IP management for heavily software-dependent companies. Managing open source dependencies is a key pain-point, since so much of modern software development depends on it. Yet only a small number of people truly understand open source beyond “just the code”. Although a company's heavily intellectual property (IP)-involved departments deal with IP management everyday, they are oblivious to open source software. This talk suggests ways to translate the ‘open source talk’ and make these departments your comrades in arms. Secondly, the speakers introduce the OpenChain Specification 2.1 (ISO/IEC 5230:2020) on open source license compliance, aka a framework and a blueprint for how to translate open source management into IP management. This session gives you the tools to turn the view of open source from a potential liability to a valuable asset. The speakers pull from their experience working in IP heavy weights such as Ericsson (more than 60.000 granted patents globally) to put the above into context and give example of Ericsson’s ongoing journey in this area.
Speakers
avatar for Jimmy Ahlberg

Jimmy Ahlberg

Director Open Source Policy, Ericsson
Currently Mr Ahlberg is the Director of Open Source Policy with the Ericsson OSPO. Prior to the inception of the Ericsson OSPO he worked in different roles with various aspects of Open Source in the Ericsson organization, This included consumption of and contribution to Open Source... Read More →
avatar for Eleftheria Stefanaki

Eleftheria Stefanaki

I am a lawyer from Greece, specialized in technology and passionate about open source. I have started my 'open source journey' in Ericsson, assisting and participating in the activities and day-to-day of the OSPO since 2022. I have focused on issues around open source compliance... Read More →
Monday September 16, 2024 16:20 - 17:00 CEST
Room 0.94-0.95 (Level 0)
  Operations Management Summit
 
Tuesday, September 17
 

09:00 CEST

Linux Power Management Features, Their Relationships and Interactions - Théo Lebrun, Bootlin
Tuesday September 17, 2024 09:00 - 09:40 CEST
Room 0.11-0.12 (Level 0)
Over time, many features have been introduced into the Linux kernel to tackle various Power Management related needs. Most features rely upon the device model to provide its features, making each feature in isolation have rather understandable behavior and straight forward APIs. Complexity can creep in however when those various features interact with each other. We'll therefore cover features in isolation: system-wide suspend, hibernation, runtime power management, power domains, Quality of Service, etc. On each new step added, we'll stop to reflect on potential interactions or conflicts with previously seen features. Some of those will come from concrete issues encountered during the upstreaming effort of Suspend-to-RAM support on an automative SoC, the TI J7200 platform.
Speakers
avatar for Théo Lebrun

Théo Lebrun

Embedded Linux engineer, Bootlin
Théo joined Bootlin as an intern, studying the potential applications for the PipeWire ecosystem to embedded topics. He then went onto kernel work: suspend-to-RAM support for a TI automotive SoC and upstreaming of base platform support for Mobileye platforms.
Tuesday September 17, 2024 09:00 - 09:40 CEST
Room 0.11-0.12 (Level 0)
  Embedded Linux Conference

09:00 CEST

Visions for the Linux Kernel PWM Subsystem - Uwe Kleine-König, BayLibre
Tuesday September 17, 2024 09:00 - 09:40 CEST
Room 0.14 (Level 0)
PWMs are used in a wide range of applications. Most in-kernel usages have only soft requirements regarding precision and switching behaviour (LEDs, fan control, backlight). However if you control a motor you might have higher demands that currently cannot be mapped generically using the current PWM API given the wide variance of hardware drivers and hardware limitations. In this talk Uwe presents his vision how the PWM framework can be changed to better match the needs for higher precision and better control of PWM devices. This includes: * faster and easier control from userspace * tighter rules for lowlevel drivers * a way to determine the best request for a given use case on a certain hardware * more general abstraction of the PWM waveform
Speakers
avatar for Uwe Kleine-König

Uwe Kleine-König

Senior Software R&D Engineer, BayLibre
Uwe is a long-term kernel contributor during both work and free time and he's maintaining the PWM subsystem in the Linux kernel. Other than that he is involved in Debian and his local LUG. Uwe is based in Germany, and currently works for BayLibre, an embedded software consultancy... Read More →
Tuesday September 17, 2024 09:00 - 09:40 CEST
Room 0.14 (Level 0)
  Embedded Linux Conference

09:50 CEST

Give Me Back My GPIO Persistence! (Introducing the Libgpiod Gpio-Manager) - Bartosz Golaszewski, Linaro
Tuesday September 17, 2024 09:50 - 10:10 CEST
Room 0.14 (Level 0)
Ever since the GPIO character device was introduced as a proposed uAPI replacement for the deprecated sysfs interface, users have been pointing to the lack of persistence of GPIO state (as in: once the user-space process closes the file descriptor associated with a set of requested lines, their state is no longer defined - in practice: it's driver dependent) as the main issue with the new approach and a significant blocker in porting code from sysfs to libgpiod. Two solutions have been proposed: making the GPIO state persistent in the kernel or providing a centralized authority for controlling GPIOs from user-space. For various reasons the former has been rejected which led to the development of gpio-manager: a user-space daemon built on top of libgpiod that exposes an API to authorized clients and controls GPIOs on their behalf. This talk will present the features of the daemon, the DBus API it implements and the companion command-line client - gpiocli - which aims at allowing straightforward porting of sysfs-based scripts to the new interface.
Speakers
avatar for Bartosz Golaszewski

Bartosz Golaszewski

Linux Kernel Developer, Linaro
Bartosz Golaszewski has over 15 years of engineering experience in the embedded systems domain ranging from low-level, real-time operating systems, through the linux kernel up to user-space plumbing, libraries and build systems. Bartosz has contributed hundreds of patches to a wide... Read More →
Tuesday September 17, 2024 09:50 - 10:10 CEST
Room 0.14 (Level 0)
  Embedded Linux Conference

09:50 CEST

Zephyr Build System: Sysbuild and New Hardware Model - Torsten Tejlmand Rasmussen, Nordic Semiconductor
Tuesday September 17, 2024 09:50 - 10:30 CEST
Hall M1 (Level 1)
The Zephyr build system had been reaching its limits in its ability to build multiple images for modern SoCs in its previous hardware model.
The original build system began with the concept of a simple board containing a single core SoC for which you would build a single image. In today's world however, developers want to build multiple images for boards which may have multiple SoCs and / or SoCs with multiple CPU cores. This evolution towards complexity led us to the development and introduction of sysbuild and a new hardware model in Zephyr.

The purpose of this talk is to dive into the new hardware model, and what it provides seen from a developer's point of view, and from there continue into sysbuild, where the new hardware model is leveraged in order to build multiple images for a single device. The talk will go over how you as a developer can make the best use of the new hardware model and sysbuild to effectively build a complete project.
Speakers
avatar for Torsten Tejlmand Rasmussen

Torsten Tejlmand Rasmussen

Open Source Software Engineer, Nordic Semiconductor
Maintainer of Zephyr build system and toolchain integration.
Tuesday September 17, 2024 09:50 - 10:30 CEST
Hall M1 (Level 1)
  Zephyr

10:10 CEST

Pinctrl and GPIO - Interactions and Footguns - Chen-Yu Tsai, Google LLC
Tuesday September 17, 2024 10:10 - 10:30 CEST
Room 0.14 (Level 0)
The Linux Kernel has two subsystems that handle external pins: pinctrl that handles function muxing and electrical characteristics, and GPIO that handles generic input/output usage on individual pins. Depending on how the hardware is implemented, the two could be completely separate, or deeply intertwined. This presentation will introduce the hardware integration designs , how they should map to the kernel subsystems. We will dive deeper into the latter case and show how the kernel subsystems can handle it properly with "strict" GPIO pin muxing, and what could happen if the driver isn't implemented correctly, using existing in-tree drivers.
Speakers
avatar for Chen-Yu Tsai

Chen-Yu Tsai

Software Engineer, Google LLC
Chen-Yu is a software engineer that started working on the Linux kernel bringing up Allwinner SoCs in 2013. Chen-Yu currently works for Google on their ChromeOS team.
Tuesday September 17, 2024 10:10 - 10:30 CEST
Room 0.14 (Level 0)
  Embedded Linux Conference

11:00 CEST

Green Tech, Lean Budgets: A Journey to Saving Money (and the Planet) with Kubernetes - Timo Derstappen, Giant Swarm
Tuesday September 17, 2024 11:00 - 11:40 CEST
Room 2.15 (Level 2)
Raise your hand if you didn't get cost pressure in 2023! Cost efficiency and sustainability topics have been hotter than ever last year. In this session, we will delve into the techniques we employed to reduce costs and carbon footprints for our end-users in a painless way, leveraging the capabilities of the Kubernetes ecosystem. From PDBs to Spot Instances, we have a comprehensive exploration in store and many ideas for the future.
Speakers
avatar for Timo Derstappen

Timo Derstappen

CTO, Giant Swarm
Timo Derstappen is CTO and co-founder of Giant Swarm. He has many years of experience in building scalable and automated cloud architectures.
Tuesday September 17, 2024 11:00 - 11:40 CEST
Room 2.15 (Level 2)
  CloudOpen

11:00 CEST

The Case for an SoC Power Management Driver - Stephen Boyd, Google
Tuesday September 17, 2024 11:00 - 11:40 CEST
Room 0.11-0.12 (Level 0)
DeviceTree (DT) based systems usually lack a platform or firmware based device power management framework. Device drivers are left to figure out if a device is already powered on at probe and duplicate power management logic to manage system resources such as clks or interconnects. This is unlike ACPI based systems where the firmware provides standardized device power states to power on or off a device and mostly hides system resources behind a firmware interface. This session will make the case for implementing an ACPI-like power management framework in the Linux kernel via pmdomains registered by a System-on-Chip (SoC) driver. First we'll discuss the problem and previously attempted or ongoing solutions. Then we'll cover a case study implementing an SoC power management driver. Attendees will leave with a greater understanding of SoC power management techniques and the problems kernel developers face in supporting such hardware upstream along with a possible solution to implement this design elsewhere.
Speakers
avatar for Stephen Boyd

Stephen Boyd

Software Engineer, Google, Google
Stephen Boyd has been a Linux kernel developer since 2009 and a Linux kernel maintainer since 2014. He's currently the maintainer of the kernel's clk and SPMI subsystems working on ChromeOS at Google.
Tuesday September 17, 2024 11:00 - 11:40 CEST
Room 0.11-0.12 (Level 0)
  Embedded Linux Conference

11:00 CEST

How to Generate Test-Cases and Data Mocks for Microservices at Kernel Using eBPF - Neha Gupta & Animesh Pathak, Keploy
Tuesday September 17, 2024 11:00 - 11:40 CEST
Room 1.61 & Room 1.62 (Level 1)
In this session, we're going to talk about how we can easily record the API calls of any user-level application at Kernel using an EBPF program and convert those to realistic test cases and data mocks/stubs without writing any scripts. How we can set our testing pipelines on auto-pilot? We'll be discussing how to utilise UProbes and KProbes for the same. We'll also talk about how we can integrate this pipeline in popular language native testing libraries like JUnit, Jest, and Go-Test and easily achieve high test coverage on functional test suites. Since testing is very use-case specific, developers often avoid spending effort in writing test cases. Manual effort is being spent by QA to test apps and the industry standard for test automation is 24%. On average 50% of engineering efforts are spent to write and maintain the test scripts. Creating dummy test data is also very time-consuming and still, it is unrealistic test -data, leaving bugs leaking to production. The new-gen AI LLM-based test generation tools like ChatGPT are not fire-and-forget, since it requires effort to understand and correct the scripts generated by those tools and the dummy data is again unrealistic.
Speakers
avatar for Animesh Pathak

Animesh Pathak

Founding Devrel, Keploy
He is an avid tech community enthusiast. Having worked with various technologies such as NodeJS, Microsoft Azure, etc., he has spent the last 4 years empowering tech communities and is currently active as a Gold MLSA, Postman Student Leader and Twilio Field Operator. He has been an... Read More →
avatar for Neha Gupta

Neha Gupta

Co-Founder, Keploy
Co-Founder, Keploy.io. She brings prior experience of working as an engineer as well product manager at Indian startups like Lenskart, and Fareye. She has been an open-source contributor and mentor for projects like XWiki, and JenkinsX via programs like GSoC, and Outreachy. She has... Read More →
Tuesday September 17, 2024 11:00 - 11:40 CEST
Room 1.61 & Room 1.62 (Level 1)
  LinuxCon

11:00 CEST

Rusty Swapping: Rewriting a Zswap Backend in Rust - Vitaly Wool, Konsulko AB
Tuesday September 17, 2024 11:00 - 11:40 CEST
Room 0.49 - 0.50 (Level 0)
Despite all controversies, Rust in recent times has gained popularity as the second Linux kernel high-level language. There’s been discussions about its applicability in various kernel subsystems which yielded tentative conclusions. People have been advised by kernel gurus to use Rust for subsystem implementations rather than for drivers, and the author totally shares that stance. With that said, the author had a zswap backend called zblock ready for but still not accepted into the mainline, so the idea came naturally: to rewrite it in Rust and compare performance and complexity of the two implementations. Whichever wins gets submitted. This talk will cover the main principles of zblock (which stay the same no matter the language used), the obstacles the author met while implementing it in Rust, and finally the comparison of the two. It will be fun.
Speakers
avatar for Vitaly Wool

Vitaly Wool

Principal Engineer, Konsulko AB
Vitaly has more than 20 years of experience in embedded software development. Starting in real-time and critical systems, he moved to Embedded Linux in 2003, making numerous contributions to MTD device drivers and flash file systems. Then he moved to Sweden where he began working... Read More →
Tuesday September 17, 2024 11:00 - 11:40 CEST
Room 0.49 - 0.50 (Level 0)
  LinuxCon

11:00 CEST

Generative Conversational AI Interoperability - Diego Gosmar, Open Voice Interoperability, LF AI&DATA
Tuesday September 17, 2024 11:00 - 11:40 CEST
Hall B (Level 2)
We will explore Conversational AI that works like the Web. In this talk, we explore the pivotal role of OVON Specs in the Open Voice Network's Interoperability Initiative. We highlight how OVON Specs are crucial in crafting a universal, open-source AI voice interface for seamless cross-platform assistant integration. We'll delve into OVON Specs' practical applications and collaborative potential, showcasing their versatility and impact in the evolving landscape of conversational AI, and how they're shaping the future of voice technology. When we talk about the combination of Voice and AI, it’s not just about a new way of communicating, instead, we are dealing with a human biometric feature unique to us. It's useful to design standardization protocols and guidelines for Conversational AI interoperability and scalability: we will run through the current architecture proposed by the Open Voice Interoperability group, part of the Linux Foundation, working on the Conversational AI Universal API Message envelope specifications for interoperability: we will share how to play with the available sandbox and some ethical use cases powered with AI Retrieval Augmented Generation as well.
Speakers
avatar for Diego Gosmar

Diego Gosmar

Chief AI Officer XCALLY, Open Voice Interoperability, LF AI&DATA
Successful international innovator, Diego Gosmar is a Chief AI Officer specialized in Artificial Intelligence, with particular focus on Generative Conversational AI, Natural Language Processing (NLP), Sentiment Analysis, Conversation Analysis, AI Agent interoperability, Sustainable... Read More →
Tuesday September 17, 2024 11:00 - 11:40 CEST
Hall B (Level 2)
  Open AI + Data Forum

11:00 CEST

Panel Discussion: Bring Your Product Manager to the Open Source Party - Nithya Ruff, Amazon; Jeffrey Borek, IBM; and Mary (Meixia) Wang, Volvo Car Corporation
Tuesday September 17, 2024 11:00 - 11:40 CEST
Hall C (Level 2)
Open source is not just a tactical choice for consumption made by a developer. Open source should be a key part of your innovation plan and strategy, and product managers and business leaders need to understand it. From managing a key open source dependency to releasing open source for building an ecosystem and standards, to joining an open source foundation as a core part of a business plan, business owners need to know open source. Often, the business side of the house is not involved in open source decisions and don’t see it as business impacting. This session is about how to get the business side of the house involved in opens source. It is understanding the business planning process and how to ensure open source is included in that process. Whether it is ideation for a new product, managing ongoing investments in a product line or in marketing and launches, open source is a key component of business plans. As the head of the OSPO at Amazon, I work to build bridges with the business side of the house and to show them implications to the business of open source decisions we make. They need to be involved, support and invest in how we do open source at a company.
Speakers
avatar for Nithya Ruff

Nithya Ruff

Head, Open Source Program Office, Amazon
Nithya is the Head of Amazon’s Open Source Program Office. Amazon’s customers value open source innovation and the cloud’s role in helping them adopt and run important open source services. She drives open source culture and coordination inside of Amazon and engagement with... Read More →
avatar for Jeff Borek

Jeff Borek

WW Program Director,, IBM
Working to build a scalable and consistent supply chain security platform, while continuing to lead the consumption compliance Open Source Program Office (OSPO), including policy, execution and guidance. Working with IBM Government & Regulatory Affairs, Software, Systems, Cloud, Consulting... Read More →
avatar for Meixia Wang

Meixia Wang

Director of Open Source Ecosystem, Volvo Car Corporation
Mary Wang is the Director of Open Source Ecosystem of Volvo Car Corporation. Her professional accomplishments include initiating open source project, forming and built OSPO for Volvo Cars. Before this, Mary was a subject matter expert configuration manager and was responsible for... Read More →
Tuesday September 17, 2024 11:00 - 11:40 CEST
Hall C (Level 2)
  Open Source Leadership Summit

11:00 CEST

The Challenges of Public Code - Building an Open Source Culture at the BBC - Tom Sadler & David Buckhurst, BBC
Tuesday September 17, 2024 11:00 - 11:40 CEST
Room 0.94-0.95 (Level 0)
This talk looks at how corporate and team culture, and organisational structure, impact open source activities at the BBC. We will share our wins and losses in the open source space, and how the culture and organisation has helped or hindered open source. Much of BBC open source is driven by grassroots individuals and teams, rather than through an Open Source Programme Office, which has had benefits and drawbacks. As a publicly funded corporation, the motivations for engaging with open source can be a little different than other organisations, which we will explore. Finally, we will deep dive into the current state of play of open source and InnerSource projects at the BBC, how they are being managed, and what our next steps and future ambitions are.
Speakers
avatar for Tom Sadler

Tom Sadler

Principal Software Engineer, BBC
Tom Sadler is a Principal Software Engineer at the BBC, working with a number of teams to enable open source and industry engagement, and InnerSource. He has led multiple teams working on the BBC’s Connected TV applications, with a focus on cross team collaboration. Tom has been... Read More →
avatar for David Buckhurst

David Buckhurst

Head of Software Engineering, BBC
David Buckhurst is Head of Software Engineering at the BBC leading the 300 engineers who build the BBC’s public service streaming media applications: iPlayer and Sounds. Flip-flopping between startups and big tech for many years ultimately led David to the BBC where he’s enjoyed... Read More →
Tuesday September 17, 2024 11:00 - 11:40 CEST
Room 0.94-0.95 (Level 0)
  OSPOCon

11:55 CEST

Lightning Talk: The CFU: Custom Hardware with RISCV and Zephyr - Mohammed Billoo, MAB Labs Embedded Solutions
Tuesday September 17, 2024 11:55 - 12:05 CEST
Hall M1 (Level 1)
RISC-V's instruction set architecture (ISA) has enabled seasoned embedded software engineers to experiment with FPGAs since numerous open-source RISC-V cores can be flashed onto an FPGA.

The Zephyr Project is rapidly emerging as a leading real-time operating system (RTOS). Zephyr integrates open-source and security best practices to ensure a vendor-neutral, secure, and reliable platform.

One of the exciting features of the RISCV ISA is the Custom Function Unit (CFU), which enables a framework to support custom operations in hardware, which is accessible from software. In this talk, Mohammed will demonstrate how to add a CFU into a RISCV core on an FPGA, and how to make the appropriate calls from Zephyr.
Speakers
avatar for Mohammed Billoo

Mohammed Billoo

CEO, MAB Labs Embedded Solutions
Mohammed Billoo is an embedded software consultant with over 15 years of experience. He focuses on The Zephyr Project RTOS, Embedded Linux, and The Yocto Project. He has also developed user interfaces using the Qt framework. He has helped clients across numerous verticals, including... Read More →
Tuesday September 17, 2024 11:55 - 12:05 CEST
Hall M1 (Level 1)
  Zephyr

11:55 CEST

Building and Maintaining Binary Distributions with Yocto - Michael Opdenacker, Independent
Tuesday September 17, 2024 11:55 - 12:35 CEST
Room 0.11-0.12 (Level 0)
Imagine a world in which you can try the Yocto Project without even using it. This was possible in the past with the Ångström distribution, offering ready-made images which could be extended through binary package feeds. Though Ångström is long gone, the Yocto Project still has the ability to generate such images and package feeds. While system makers are still using this feature, the Yocto Project itself has never published such binaries. The Yocto Project, thanks to funding from the Sovereign Tech Fund, has recently developed its abilities to support binary distributions, by creating tooling to verify the ability to upgrade the images built for its releases through package feeds, and to support managing a "local" distribution that can customize packages offered by an "upstream" distribution. Since Yocto is about recipes, I will first present a cookbook for building your own images so that they can be updated through package feeds. I will then describe the recently developed features related to binary distributions and what possibilities they open for the Yocto Project and its users.
Speakers
avatar for Michael Opdenacker

Michael Opdenacker

Embedded Linux Consultant and Trainer, Independent
Michael Opdenacker is an independent consultant and trainer specialized in embedded Linux. He is the founder of Bootlin, who contributed to Linux World Domination by training thousands of engineers around the world on embedded Linux and its kernel, sharing all its materials under... Read More →
Tuesday September 17, 2024 11:55 - 12:35 CEST
Room 0.11-0.12 (Level 0)
  Embedded Linux Conference

11:55 CEST

Eight Years of Farming; Is Everybo(Ar)Dy Happy? - Geert Uytterhoeven, Glider bv
Tuesday September 17, 2024 11:55 - 12:35 CEST
Room 0.14 (Level 0)
8 years ago, at ELCE 2016, Geert talked about the benefits and modalities of organizing development boards in a board farm, and he introduced his personal board farm. Since then, more boards found their way into his farm, with more to come. Also, other developers asked him for remote access to his boards. In this presentation, Geert will talk about the evolution of his board farm. He will tell you about things that worked well, or didn't work well, and how he improved his farm, using readily available or custom hardware. He will discuss the challenges of growing your farm, in a changing world plagued by supply chain hick-ups. He will present a way to share boards in your farm with other developers and (automated) testers, using the backend-agnostic "FRAM" tool to grant remote control to only one or more boards, and not to your whole local infrastructure.
Speakers
avatar for Geert Uytterhoeven

Geert Uytterhoeven

Embedded Linux Kernel Hacker, Glider bv
Geert Uytterhoeven became involved with Linux 30 years ago, when he started hacking the Linux kernel to make it work better on his Amiga. This paved the way for a long string of contributions to Linux. In 2013, Geert founded Glider bv (http://glider.be/), to build upon the (embedded... Read More →
Tuesday September 17, 2024 11:55 - 12:35 CEST
Room 0.14 (Level 0)
  Embedded Linux Conference

11:55 CEST

Linux Sandboxing with Landlock - Mickaël Salaün, Microsoft
Tuesday September 17, 2024 11:55 - 12:35 CEST
Room 0.49 - 0.50 (Level 0)
Landlock's goal is to make it possible for Linux applications to sandbox themselves. On Linux, many traditional access control mechanisms are only available to the system administrator, which do not follow the principle of least privilege. As a result, sandboxing policies were created independently of an actual program execution, leading to unnecessarily broad policies. With Landlock, unprivileged processes can safely create sandboxing policies well-tailored to the expected needs of a running application. Landlock also solves the organizational aspect of keeping policy and software in sync with each other, by putting the policy definition and maintenance in the developer's hands. In this talk, we explain how Landlock works and how it can be used to protect Linux users, without being noticed, except by attackers.
Speakers
avatar for Mickaël Salaün

Mickaël Salaün

Senior Software Engineer, Microsoft
Mickaël Salaün is a kernel developer and open source enthusiast. He is mainly interested in Linux-based operating systems, especially from a security point of view. He has built security sandboxes before hacking into the kernel on a new LSM called Landlock, of which he is now the... Read More →
Tuesday September 17, 2024 11:55 - 12:35 CEST
Room 0.49 - 0.50 (Level 0)
  LinuxCon

11:55 CEST

Optimized String Processing in RISC-V: How Toolchain Improvements Can Boost Performance - Christoph Müllner, VRULL GmbH
Tuesday September 17, 2024 11:55 - 12:35 CEST
Room 1.61 & Room 1.62 (Level 1)
The C runtime offers a range of string processing routines, such as strcmp() and strlen(). The throughput of these routines has a significant impact on many applications and benchmarks, so they are one of the many optimization targets of toolchain developers. Unfortunately, these functions have certain properties and corner cases that limit the optimization opportunities. This talk makes a journey through common optimization techniques ranging from utilization of alignment information in the compiler. It ends with specific instructions that speed up string processing (RISC-V’s orc.b instruction). Further, the talk will show how these optimizations can boost the throughput on real HW by orders of magnitudes in synthetic benchmarks and the impact on the SPEC CPU 2017 benchmark suite. The presentation will include assembly listings, so basic assembly knowledge will help follow the talk.
Speakers
avatar for Christoph Müllner

Christoph Müllner

-, VRULL GmbH
Christoph Müllner is the chair of RVI’s Toolchains SIG and maintains the riscv-gnu-toolchain repository, a helpful resource for beginners and experienced toolchain experts. Christoph has actively contributed to the ratification process of several RISC-V extensions through PoC implementations... Read More →
Tuesday September 17, 2024 11:55 - 12:35 CEST
Room 1.61 & Room 1.62 (Level 1)
  LinuxCon

12:25 CEST

Lightning Talk: Implementing the Precision Time Protocol (PTP) in the Zephyr Project - Adam Wojasiński, BayLibre
Tuesday September 17, 2024 12:25 - 12:35 CEST
Hall M1 (Level 1)
In order for highly distributed communication to function well, there must be a reliable time source and a way to synchronize time between devices. In applications such as automotive and industrial control, the requirements here can be strict and subject to regulatory constraints. Precision Time Protocol (PTP) is a response to these hard time synchronization requirements by achieving clock accuracy in the sub-microsecond range.

As Zephyr becomes more broadly used in these environments, it needs support for precision timekeeping. This talk will cover a brief overview of PTP, discussion of various implementation choices for Zephyr, challenges along the way and upstreaming plans.
Speakers
avatar for Adam Wojasiński

Adam Wojasiński

Software engineer, BayLibre
Adam began his journey with open source joining Zephyr Project over two years ago. He is working in BayLibre on the Zephyr Project. His main areas of expertise are chip bring up, SPI and Zephyr drivers. Before joining BayLibre he worked in Nordic Semiconductor on bare-metal drivers... Read More →
Tuesday September 17, 2024 12:25 - 12:35 CEST
Hall M1 (Level 1)
  Zephyr

14:00 CEST

Inspecting and Optimizing Memory Usage in Linux - João Marcos Costa, Bootlin
Tuesday September 17, 2024 14:00 - 14:40 CEST
Room 0.14 (Level 0)
Considering a context where the hardware platform disposes of a restricted amount of RAM, developers need to understand how this resource is managed and consumed by the operating system and the applications running on it. In such situations, it is crucial to use the right metrics and tooling to identify which components are excessively allocating resources, trim them down, and finally get close to the strict necessary memory usage without compromising essential features. This presentation explores RAM management in the Linux kernel, focusing on how much memory is allocated across different areas and for what purposes. From a kernel space perspective, it will dive into the components of memory reserved in early boot. Considering the user space perspective, the presentation will explain how much memory is used by processes, both individually and collectively.
Speakers
avatar for João Marcos Costa

João Marcos Costa

Embedded Linux and Kernel engineer, Bootlin
João graduated in 2020 with a master degree in Physical engineering and embedded systems from ENSICAEN, a French engineering school, as well as an Electrical Engineering degree in 2021 from the Universidade Federal do Rio Grande do Norte in Brazil. Through his various experiences... Read More →
Tuesday September 17, 2024 14:00 - 14:40 CEST
Room 0.14 (Level 0)
  Embedded Linux Conference

14:00 CEST

Surviving 19 Jan 2038 on 32 Bit Platforms: Lessons Learned and Common Problems - Alexander Kanavin, Linutronix
Tuesday September 17, 2024 14:00 - 14:40 CEST
Room 1.61 & Room 1.62 (Level 1)
The year 2038 problem is a well known integer overflow issue on many 32 bit platforms, some of which will be still in use on the day when it happens: January 19 2038. In this talk I would like to present where the problem comes from, what the Yocto project has done to address the issue, which base work in kernel and libc has been utilized to avoid a total system collapse, how to test a system's readiness for that date, and which further issues this has uncovered in common open source components. I hope this prompts an interesting discussion and further ideas to ensure the world does not go down in 14 years.
Speakers
avatar for Alexander Kanavin

Alexander Kanavin

Linux / Open Source software engineer, Linutronix
Alexander is an open source developer specializing in distribution engineering using vendor-neutral tooling and userspace stacks. He is one of the primary contributors to the Yocto project and has an interest in developing foundations of digital infrastructure in a sustainable ma... Read More →
Tuesday September 17, 2024 14:00 - 14:40 CEST
Room 1.61 & Room 1.62 (Level 1)
  LinuxCon

14:00 CEST

Tutorial: Securing Access to and from Remote Systems with WireGuard and Linux - Alex Feiszli, Netmaker, Inc.
Tuesday September 17, 2024 14:00 - 15:35 CEST
Room 0.49 - 0.50 (Level 0)
IT infrastructure is all over the place: Cloud VPC's, edge servers, data centers, office networks, and more. Much of it exists on private networks or behind routers and firewalls. IT administrators are often tasked with making these resources available over the internet to employees or remote servers that are elsewhere on earth. In this tutorial, we'll use just a couple of VM's running Linux and WireGuard to set up a minimal, secure, and easily-maintainable remote access system. We'll demonstrate with a fictional business that has a physical office, uses the cloud, and has remote IT staff, an extremely common scenario. We'll walk attendees through: 1. How to set up secure access to the office network from the remote staffs' workstations. 2. How to establish access to a cloud VPC from servers in the office network. 3. How to account for corporate firewalls and other common networking challenges. By the end of this tutorial, attendees will have a good understanding of how they can use Linux and WireGuard in common IT networking scenarios.
Speakers
avatar for Alex Feiszli

Alex Feiszli

Founder, Netmaker, Inc.
Alex founded Netmaker, an open source, WireGuard-based VPN, 3 years ago, and was the original author of the project. Previously, Alex worked at IBM on Multi-Cloud Kubernetes projects, and with Red Hat on various DevOps projects. In his spare time, Alex likes to travel, play ukulele... Read More →
Tuesday September 17, 2024 14:00 - 15:35 CEST
Room 0.49 - 0.50 (Level 0)
  LinuxCon

14:20 CEST

Exploring the Potential of Zephyr in Automotive and Software Defined Vehicles - Philipp Ahmann, Robert Bosch GmbH
Tuesday September 17, 2024 14:20 - 14:40 CEST
Hall M1 (Level 1)
In the automotive industry more than 100 embedded control units (ECUs) are present in a typical car. They are equipped with microcontrollers responsible for various peripherals within the vehicle. Although it may be challenging to adapt automotive-specific interfaces to an IoT-driven RTOS like Zephyr, the use of standard peripherals such as GPIOs, I2C, and UART can lead to significant synergies with other products.

However, as starting point, the talk will delve into the automotive specific requirements and technology stacks necessary for integrating Zephyr into automotive development. Additionally, it will highlight areas where Zephyr may not yet be a perfect fit for automotive applications. Key touchpoints for discussion will include the compatibility of Zephyr with established automotive standards like Autosar, COVESA VSS, and CAN stack. Furthermore, the talk will address the challenges related to process compliance and adherence to safety integrity standards in the automotive industry.

This talk aims to initiate a discussion on the potential wider adoption of Zephyr in automotive products and to foster an engaging discussion among industry professionals.
Speakers
avatar for Philipp Ahmann

Philipp Ahmann

Sr. OSS Community Manager, Etas GmbH (BOSCH)
Philipp Ahmann is an experienced senior OSS community manager at Etas GmbH (BOSCH) specializing in safety and automotive grade open source stacks for software defined vehicles. He holds the position of technical steering committee chair for the Linux Foundation ELISA project to Enable... Read More →
Tuesday September 17, 2024 14:20 - 14:40 CEST
Hall M1 (Level 1)
  Zephyr

14:55 CEST

Deep Dive Into Traefik 3.0 - Emile Vauge, Traefik Labs
Tuesday September 17, 2024 14:55 - 15:35 CEST
Hall M2 (Level 2)
Traefik is one of the most popular open source projects in the world, with over 3 billion downloads to date, and one of the top 15 most downloaded open source projects on DockerHub. Traefik is an Ingress Controller and API Gateway capable of exposing and securing services and APIs simply, dynamically and at scale. Designed specifically for cloud-native environments, Traefik is the solution of choice from the simplest to the most complex case. If you spend your time managing, exposing and securing your applications and microservices, then this is the session for you! During this session, Emile Vauge (Traefik Creator) will show you how the new features in Traefik version 3 will simplify your daily life: - Support for Open Telemetry to monitor your infrastructure - Support for GatewayAPI resources to expose your resources in Kubernetes - Integration of WASM plugins to create your own middleware And much more...
Speakers
avatar for Emile Vauge

Emile Vauge

CTO, Traefik Labs
Emile is a Developer. He created Traefik in 2015 and is now the CTO of Traefik Labs, the company sponsoring the open source project.
Tuesday September 17, 2024 14:55 - 15:35 CEST
Hall M2 (Level 2)
  ContainerCon

14:55 CEST

Embedded Linux Security: Dr. Jekyll and Mr. Hyde - Richard Weinberger, sigma star gmbh
Tuesday September 17, 2024 14:55 - 15:35 CEST
Room 0.14 (Level 0)
Linux-based embedded systems are increasingly common, yet they often face security challenges. While Linux already has a good set of security features, it is often not trivial to choose the right ones and use them properly.
In his presentation, Richard will discuss the typical issues he sees when collaborating with clients on embedded systems.

He aims to highlight essential pitfalls to steer clear of in your upcoming projects.
Speakers
avatar for Richard Weinberger

Richard Weinberger

Co-Founder, sigma star gmbh
Richard is co-founder of sigma star gmbh where he offers consulting services around Linux and IT security. Upstream he maintains various subsystems of the Linux kernel such as UserModeLinux and UBIFS. Beside of low level and security aspects of computers he enjoys growing lithops... Read More →
Tuesday September 17, 2024 14:55 - 15:35 CEST
Room 0.14 (Level 0)
  Embedded Linux Conference

14:55 CEST

Licensing Support by Build Systems - and What Remains To Be Done - Jan Altenberg, Open Source Automation Development Lab (OSADL) eG
Tuesday September 17, 2024 14:55 - 15:35 CEST
Room 0.11-0.12 (Level 0)
Building embedded Linux systems is getting increasingly complex. The complexity does not only come from the technical aspects. The number of different packages and dependencies also make the fulfilment of license obligations quite challenging. Build systems and distro generators support us with this task. They can help in getting an overview of the licenses being used and packaging the relevant compliance material. But how far does their support really go? And is the information being provided complete?

This presentation will take a look into different licensing obligations (e.g. information obligations and disclosure obligations) and (based on the examples of the Yocto project, ELBE and ISAR) the licensing support of modern build systems will be evaluated.
Speakers
avatar for Jan Altenberg

Jan Altenberg

Director, Open Source Automation Development Lab (OSADL) eG
Jan Altenberg has more than 20 years of experience in developing and maintaining Embedded Linux systems. Jan studied information technologies at the University of Cooperative Education in Stuttgart (Germany). From 2002 - 2006 he was involved in the OCEAN project, a European research... Read More →
Tuesday September 17, 2024 14:55 - 15:35 CEST
Room 0.11-0.12 (Level 0)
  Embedded Linux Conference

14:55 CEST

Messing up Your NUMA Topology with CXL - Hannes Reinecke, SUSE Linux
Tuesday September 17, 2024 14:55 - 15:35 CEST
Room 1.61 & Room 1.62 (Level 1)
his presentation will focus on CXL (Compute Express Link) as an advanced interconnect between machines and peripherals. CXL allows to leverage the PCIe physical interconnect to link together different device types (CPU, memory, I/O, cache, switches etc) into a combined hierarchy. This allows IHVs to create tailored solutions for eg large-scale AI systems or dynamic resource pooling between machines. As it's also possible to connect or pool memory resources it means the we can end up with some really interesting NUMA topologies. Plus we need to look at memory placement, as CXL memory is inherently hotpluggable, and as such not really suitable for some data structures like DMA areas etc. In this talk I will give an overview over CXL and the implications for NUMA topologies, and I'll be giving a short demo with an emulated CXL instance under qemu.
Speakers
avatar for Hannes Reinecke

Hannes Reinecke

Kernel Storage Architect, SUSE Linux
Studied Physics in Heidelberg from 1990 until 1997, followed by a PhD in Edinburgh 's Heriot-Watt University in 2000. Now working at SUSE Labs as Teamlead for storage and networking. Principal contact point for storage related issues on SLES. Linux addict since the earliest days (0.95... Read More →
Tuesday September 17, 2024 14:55 - 15:35 CEST
Room 1.61 & Room 1.62 (Level 1)
  LinuxCon

14:55 CEST

VSCorode: Inside Your IDE, Inside Your Git Repository - Kevin Ward & Fabian Kammel, ControlPlane
Tuesday September 17, 2024 14:55 - 15:35 CEST
Room 0.96-0.97 (Level 0)
For several years now we’ve heard the mantra of shifting left to move security as early as possible in the development process. The aim is to enable developers to understand and produce secure code right away. The primary method to support developers is to enhance their IDE with extensions which can identify security issues, highlight insecure code practices and handle integration with external services. VSCode is one of the most popular IDEs with a flourishing community of extensions for data manipulation, theming, programmatic language features and additional debugging functionality. There is a great deal of trust placed in these extensions so what would happen if an extension turned against you? This talk explores the supply chain risks associated with VSCode extensions, what is required to get an extension included in the marketplace and how simply we hand over control to an unknown third party. We will demonstrate what an adversary can achieve with a malicious extension and how it represents a future red team target from enumeration, persistence and execution.Lastly we’ll offer advice on how to prevent common attack paths.
Speakers
avatar for Kevin Ward

Kevin Ward

Principal Consultant, ControlPlane
Kevin is an Principal Consultant with over 10 years of experience designing, building and testing secure solutions for Government, Defence and Finance sectors. In his own time, Kevin enjoys hacking and hardening systems to discover the balance between security and usability. He co-authored... Read More →
avatar for Fabian Kammel

Fabian Kammel

Senior Security Consultant, ControlPlane
Fabian Kammel is a Senior Security Consultant at ControlPlane, where he helps to make the (cloud-native) world a safer place. His goal is to bring hardware security and cloud-native security closer together, as well as, improving the developer experience in the security space. He... Read More →
Tuesday September 17, 2024 14:55 - 15:35 CEST
Room 0.96-0.97 (Level 0)
  SupplyChainSecurityCon

15:05 CEST

Lightning Talk: Delta Firmware Over The Air (DFOTA) Update: Optimizing Device Updates in Zephyr - Romain Pelletant & Clovis Corde, Kickmaker
Tuesday September 17, 2024 15:05 - 15:15 CEST
Hall M1 (Level 1)
Firmware Over The Air (FOTA) updates are a well-established method for updating devices, but this approach shows its limitations in the embedded world. Indeed, in embedded systems we have 2 main constraints (among others) when discussing firmware updates : memory and bandwidth. Regarding memory, developing a low-memory-footprint API was our priority when creating this solution. To explain how we built this API, we will discuss compression algorithms and justify our choice of implementing in Zephyr the open-source library "Heatshrink" which is ideally suited for DFOTA's needs and for embedded systems in general (we can demonstrate the memory footprint differences compared to the already implemented compression algorithm "LZ4"). Next, we will see how deltas (or patches) between two firmware versions are generated (we could present a benchmark to illustrate the data savings achieved by sending patches instead of the full firmware, as it is done during FOTA update). Further, we will explore the implementation of the DFOTA API to explain how it works and how it can be implemented into your project.
Speakers
avatar for Romain Pelletant

Romain Pelletant

Embedded Software Engineer, Kickmaker
Embedded system enthusiast, focused on real-time operating systems in industry.
avatar for Clovis Corde

Clovis Corde

Embedded Software Engineer, Kickmaker
Software Engineer, Zephyr RTOS enthusiast, Loves to build all kinds of solutions from embedded systems to mobile applications.
Tuesday September 17, 2024 15:05 - 15:15 CEST
Hall M1 (Level 1)
  Zephyr

15:15 CEST

Lightning Talk: How to Create an Asset Tracker With Zephyr and Thingsboard In No Time - Tobias Marquardt, grandcentrix GmbH
Tuesday September 17, 2024 15:15 - 15:25 CEST
Hall M1 (Level 1)
In this lightning talk I'll show you how to create a working PoC of an asset tracker with very little effort by using Zephyr. It's based on an off-the-shelf cellular SoC that sends GPS data over CoAP to the open source Thingsboard IoT cloud platform.
Speakers
avatar for Tobias Marquardt

Tobias Marquardt

Embedded Software Engineer, grandcentrix GmbH
Tobias is an embedded software developer at grandcentrix, where he works on embedded systems built with Linux and Zephyr. Prior to this role he worked several years as C++ application developer. Apart from that he plays the electric guitar, writes a Gameboy emulator for fun and enjoys... Read More →
Tuesday September 17, 2024 15:15 - 15:25 CEST
Hall M1 (Level 1)
  Zephyr

16:00 CEST

Cloud Native Threat Intelligence for Everyone - James Callaghan, ControlPlane & Constanze Roedig, Technische Universität Wien
Tuesday September 17, 2024 16:00 - 16:40 CEST
Room 2.15 (Level 2)
Accurate and current threat intelligence data plays a vital role in threat modelling, as we can learn about what attackers are doing in the wild, and how likely certain attack paths are to be exploited. Whilst open source threat intelligence does exist, it is often ‘event-based’, focusing on historical incidents of attackers using particular techniques to exploit specific vulnerabilities. However, what if we want to quantify our own threat models, which may involve chaining together many such attack vectors? The Kubernetes Storm Centre is a newly established open source initiative that aims to provide a framework for independent quantification of cloud native attack paths, with contributing organisations running diverse ‘honey-clusters’ and sharing their results with a central hub for the world to freely consume. In this session, we will discuss the progress made by the project so far, share our initial results and insights, and explain how interested parties can contribute.
Speakers
avatar for Dr. Constanze Roedig

Dr. Constanze Roedig

Head of the Austrian Open Cloud Community, Technische Universität Wien
Constanze earned her doctorate at the Albert Einstein Institute in relativistic radiation hydrodynamics. After 8 years as a software architect focussed on reimplementing legacy systems with transparent, performant, scalable and defensible designs, she returned to academia for an Austrian-wide... Read More →
avatar for James Callaghan

James Callaghan

Principal Consultant, ControlPlane
Dr. James Callaghan is a Cloud Native Security Architect at ControlPlane. He started off working as a Theoretical Physicist, but long nights of coding sparked an interest in how easy it can be for vulnerabilities to creep in. James then spent a number of years consulting as a Security... Read More →
Tuesday September 17, 2024 16:00 - 16:40 CEST
Room 2.15 (Level 2)
  CloudOpen

16:00 CEST

A New Era of Interrupt Handling: Multiple Interrupt Controllers in a Multi-chiplet Design - Priyadarsini G, Samsung Semiconductor India Research
Tuesday September 17, 2024 16:00 - 16:40 CEST
Room 0.14 (Level 0)
Semiconductor industry has entered a new era of chip design, moving from monolithic SOCs to multi-chiplet design. The new generation devices demands for more functionality, higher bandwidth and lower power often within smaller footprints. Multi-chiplet packages provide improved performance, cost savings and design flexibility.
Systems that comprises more than one chip can have several SOCs that are connected externally or a SOC package comprising several SOCs connected inside a single physical package.Each SOC is integrated with an interrupt controller. In a complex SOC design where wide range of peripherals are integrated, reducing interrupt latency and complexity of handling interrupts play a major role.

This talk will cover why we need multiple interrupt controllers in a multi-chiplet design. And how to implement the interrupt routing to CPUs across different chips. Also will see how to achieve consistency between interrupt controllers in multi-chiplet system. At the end will have a look on software implementation of multichip interrupt handling refering to ARM trusted firmware by taking an example of ARM’s Generic Interrupt Controller which support multiple GIC configuration
Speakers
avatar for Priyadarsini G

Priyadarsini G

Associate Staff Engineer, Samsung Semiconductor India Research, Bangalore
Priyadarsini is an accomplished Embedded Software Engineer with over 4 years of experience in embedded systems domain. With a passion for technology and a flair for innovation, she has consistently delivered exceptional solutions in the domain of embedded systems. She is well-versed... Read More →
Tuesday September 17, 2024 16:00 - 16:40 CEST
Room 0.14 (Level 0)
  Embedded Linux Conference

16:00 CEST

Advanced System Profiling, Tracing and Trace Analysis with Perfetto in Android and Yocto - Anna-Lena Marx & Stefan Lengfeld, inovex GmbH
Tuesday September 17, 2024 16:00 - 16:40 CEST
Room 0.11-0.12 (Level 0)
Tracing is a capable mechanism for deep system analysis and profiling with a minimal overhead. By recording defined system events, in Linux but also Android, tracing can be used to analyze concurrency or latency issues, for example. Android’s systrace tool made it easy to analyze and correlate traces and events due to a graphical UI, in order to help developers identify performance bottlenecks. The successor to this advanced and convenient tool is called Perfetto. It’s available for pure Linux too, and part of Yocto (meta-oe) since Langdale now. In the talk, we’ll have a look into - using Perfetto with Android and Yocto, - adding trace events to your applications, - recording traces and - analyzing system and application traces with the graphical GUI. This will allow you to take full advantage of the Perfetto trace viewer UI for analyzing memory usage, CPU scheduling, latency and more.
Speakers
avatar for Anna-Lena Marx

Anna-Lena Marx

Senior Embedded Systems Engineer, inovex GmbH
Anna-Lena Marx has been working as an Embedded Systems Developer at inovex since 2015 and holds a Master's degree in Embedded Systems. As a hobby, she also studies Electrical Engineering. Professionally, Anna-Lena focuses on the development of Embedded Systems based on Yocto or the... Read More →
avatar for Stefan Lengfeld

Stefan Lengfeld

Senior Embedded Systems Engineer, inovex GmbH
Stefan Lengfeld has been an Embedded Linux and Embedded Android developer at inovex since 2017. He is a Linux kernel contributor and has been professionally involved in all topics related to embedded software development since 2015. Even before that, he dove into the depths of Linux... Read More →
Tuesday September 17, 2024 16:00 - 16:40 CEST
Room 0.11-0.12 (Level 0)
  Embedded Linux Conference

16:00 CEST

The Cyber Resilience Act: Navigating Its Impact on Yocto-Based Products - Julien Bernet, Witekio
Tuesday September 17, 2024 16:00 - 16:40 CEST
Room 0.49 - 0.50 (Level 0)
The Cyber Resilience Act is reshaping the landscape for Yocto-based products. Join us as we navigate the implications of this ever-changing legislation. • Introduction to the Cyber Resilience Act: an overview of the CRA, its objectives, and its relevance to the IoT and embedded systems industry. • Understanding the Key Provisions of the CRA/CSA that are relevant to Yocto-based product developers. • Yocto Project and Security Compliance: how Yocto supports security measures, including secure boot, code signing, and vulnerability management. • Regulatory and Compliance Challenges: the challenges and complexities associated with complying with cybersecurity regulations in the embedded systems space. • Building Secure Yocto-Based Products: best practices for building secure Yocto-based products that align with the CRA's requirements. • Impact on Product Development Lifecycle: how the Act affects different stages of the Yocto-based product development lifecycle.
Speakers
avatar for Julien Bernet

Julien Bernet

Head of Security, Witekio
Julien is the Head of Security for Witekio and has over 15 years of experience in the cybersecurity field. After completing his PhD in computer science, he worked for various software security labs with a focus on embedded devices and smart cards. Thanks to his work as a security... Read More →
Tuesday September 17, 2024 16:00 - 16:40 CEST
Room 0.49 - 0.50 (Level 0)
  LinuxCon

16:00 CEST

Design Thinking: Generative AI Style - Martin Hickey & Donal Madden, IBM
Tuesday September 17, 2024 16:00 - 16:40 CEST
Hall B (Level 2)
What if you could harness the power of artificial intelligence to make it easier to employ design thinking principles to benefit the users of your application? Design thinking is a highly effective process in designing successful applications. Design thinking can help application developers identify the problems that the application is solving and can improve user experience at launch. But to be most effective design thinking must be employed straight from concept to release. However, this takes money and time which start-ups, or small companies may not have. In this talk we provide an overview of a design thinking system of open source Large Language Model (LLM) agents to help developers get the most out of the design thinking process. Each agent is primed with a persona of an individual in the process and will work with the development team to produce design thinking artefacts and deliverables. We will show how the system helps to accelerate both the effect and adoption of design thinking in an organisation. This is the talk for you if you want to understand how Generative AI can provide solutions that traditional programming may not.
Speakers
avatar for Martin Hickey

Martin Hickey

Senior Technical Staff Member, IBM
Martin is a STSM and an Open Source strategic leader at IBM. He has been contributing to various Open Source projects, most notably, Kubernetes, Helm, OpenTelemetry, and OpenStack. Martin is a core maintainer and a TOC member of the Helm project. He has been a speaker at various conferences... Read More →
avatar for Donal Madden

Donal Madden

Data Scientist, IBM
Donal is a Data Scientist in IBM Sustainability Software working on the EU Horizons COGNIMAN research project which is tasked with advancing safety, efficiency and sustainability of manufacturing in Europe using AI, Robotics, Digital twins and Machine Learning. Beyond his current... Read More →
Tuesday September 17, 2024 16:00 - 16:40 CEST
Hall B (Level 2)
  Open AI + Data Forum

16:00 CEST

From Data Tsunami to Actionable Insights - Dawn Foster, CHAOSS & Cali Dolfi, Red Hat
Tuesday September 17, 2024 16:00 - 16:40 CEST
Room 0.94-0.95 (Level 0)
The data available about open source projects can feel like a tsunami, but there are ways to make this more manageable by focusing on the metrics that matter the most for your OSPO. This session will highlight how OSPOs can use data to generate meaningful insights about the open source software communities that are important for your business. This talk will start with a discussion about how to approach the tsunami of data by moving from data points toward insight and wisdom about your open source software. We’ll start with data collection and processing before discussing how collections of metrics can be used to understand your community more holistically than looking at individual metrics. The final section will include examples of how to interpret the data to move beyond analysis and find tangible ways to improve your OSS projects. We’ll show examples from Augur and 8Knot to show what is possible with structured data and metrics from the CHAOSS project. The audience will walk away with tips and techniques for making sense of those waves of data using collections of metrics and data science to result in actionable insights about your open source software.
Speakers
avatar for Cali Dolfi

Cali Dolfi

Senior Data Scientist, Red Hat
Cali Dolfi is a Data Scientist in the Open Source Program Office at Red Hat. Her work focuses on changing the way we look at open source communities through the lens of data science and machine learning. Outside of data science, her passion lies in making careers in technology more... Read More →
avatar for Dawn Foster

Dawn Foster

Director of Data Science, CHAOSS
Dr. Dawn Foster works as the Director of Data Science for CHAOSS where she is also a board member / maintainer. She is co-chair of CNCF TAG Contributor Strategy and an OpenUK board member. She has 20+ years of experience at companies like VMware and Intel with expertise in community... Read More →
Tuesday September 17, 2024 16:00 - 16:40 CEST
Room 0.94-0.95 (Level 0)
  OSPOCon

16:55 CEST

MicroCeph: Simplifying Storage from Laptop to Data Center - Peter Sabaini, Canonical
Tuesday September 17, 2024 16:55 - 17:35 CEST
Room 2.15 (Level 2)
Need to get started quickly with storage? Need a robust storage cluster that doesn't require a team of experts to maintain and grow? MicroCeph aims to make software defined storage effortless to install, and scales from your laptop to dozens of racks. MicroCeph is a self-contained packaging of the Ceph cluster software --it integrates well into existing environments, and is great choice wherever you need repeatable installs and ease of operation, such as edge clouds, labs or remote sites. This talk will give an overview of MicroCeph and shows use cases and demos. It will show how to scale from a single-node dev environment to a multi-node cluster, how object storage and distributed filesystem can be provided, and how to integrate MicroCeph into existing environments. Furthermore options for encryption at rest and disaster recovery as well as hardware acceleration will be presented.
Speakers
avatar for Peter Sabaini

Peter Sabaini

Software Engineer, Canonical
Peter is a Software Engineer at Canonical, working on Ceph storage solutions. Before that, he was part of the managed services team there. He has worked in software development and (Linux) ops roles throughout his career.
Tuesday September 17, 2024 16:55 - 17:35 CEST
Room 2.15 (Level 2)
  CloudOpen

16:55 CEST

Taming DMA: Tales Wrestling Memory Corruption - Ahmad Fatoum, Pengutronix
Tuesday September 17, 2024 16:55 - 17:35 CEST
Room 0.14 (Level 0)
Direct Memory Access frees up the CPU for other important work, while devices read and write data in the background. This is as good as it sounds and most embedded systems make ample use of this; for good sound and otherwise. On the flipside, incorrectly configured DMA and the creeping memory corruption that results can decidedly be more unpleasant than the possible slow-down of using PIO. Ahmad's bootloader and kernel escapades have not been spared from the wrath of DMA masters. In this talk, he will share tales of his debugging campaigns and how tracking down memory corruption led him to learn, one bug at a time, more about the internals of Linux' and barebox' DMA API, ARM cache maintenance and the limitations of DMA controllers.
Speakers
avatar for Ahmad Fatoum

Ahmad Fatoum

Embedded Linux Developer, Pengutronix
Ahmad joined the kernel team at Pengutronix in 2018 to work full-time on furthering Linux world domination. He does so by helping automotive and industrial customers build embedded Linux systems based on the mainline Linux kernel. Having a knack for digging in low-level guts, his... Read More →
Tuesday September 17, 2024 16:55 - 17:35 CEST
Room 0.14 (Level 0)
  Embedded Linux Conference

16:55 CEST

Using Yocto to Debug Embedded Device Crashes - Etienne Cordonnier, Snap Inc
Tuesday September 17, 2024 16:55 - 17:35 CEST
Room 0.11-0.12 (Level 0)
It is challenging to debug hard to reproduce crashes on embedded devices. Due to limited space constraints, it is often not feasible to deploy full debug symbols. Core dumps are a great tool to debug such crashes. The Yocto project offers several features to help with working with core dumps, such as minidebuginfo and debuginfod combined with debug symbol servers. Used with crash-monitoring software and systemd core dump tooling, those features make it easier for developers to analyze and solve crashes happening only e.g. in production.
Speakers
avatar for Etienne Cordonnier

Etienne Cordonnier

Software Engineer, Snap Inc
Etienne Cordonnier is an embedded software developer who has worked on various Linux and FreeRTOS embedded products such as consumer audio products, smart-meters, as well as robotic devices. He likes to use and contribute to open-source projects, mostly the Yocto project. In his free... Read More →
Tuesday September 17, 2024 16:55 - 17:35 CEST
Room 0.11-0.12 (Level 0)
  Embedded Linux Conference

16:55 CEST

Level Up Your Embedded Testing Game: FRETish, Robot, and Twister: A Dream Team - Christian Schlotter, Carl Zeiss Meditec AG & Tobias Kästner, TiaC Systems
Tuesday September 17, 2024 16:55 - 17:35 CEST
Hall M1 (Level 1)
Developing embedded software for regulated environments like medical devices presents unique challenges. Crucially, we need to document how the software design fulfills stated product requirements. While functional testing remains dominant for verifying functional suitability, deriving and maintaining effective test suites can quickly become cumbersome.

This talk explores a novel approach to this longstanding problem. We leverage NASA's FRETish method for formally capturing requirements. We will talk about how the formal nature of FRETish requirements allows for automatic test case generation leveraging the Robot Framework. The latter was specifically chosen as it is partially supported by Zephyr's test harness today and allows to utilize twister for automated test execution of these test suites on real hardware. This method has the potential to streamline testing, offering benefits such as reduced time and maintenance efforts as well as accurate coverage metrics from very early on in the project's lifecycle.

We'll discuss our progress in implementing this approach, the challenges we encountered, and potential solutions for deeper integration with the Zephyr project.
Speakers
avatar for Tobias Kästner

Tobias Kästner

Bridle Maintainer, TiaC Systems
A physicist by training, Tobias Kaestner has always been fascinated by the intersection of the physical with the digital world. His professional career started as a SW team lead in a medical device start-up and since then he has served a couple of roles for 15+ years in this industry... Read More →
avatar for Christian Schlotter

Christian Schlotter

Software Architect, Carl Zeiss Meditec AG
Software Architect at Carl Zeiss Meditec AG, active member of queer ERG Proud@ZEISS, love nature, hiking and people 😀
Tuesday September 17, 2024 16:55 - 17:35 CEST
Hall M1 (Level 1)
  Zephyr
 
Wednesday, September 18
 

11:00 CEST

Securing Data-in-Transit with Wireguard for Kubernetes Cluster - Dhiraj Sehgal, Tigera
Wednesday September 18, 2024 11:00 - 11:40 CEST
Hall M2 (Level 2)
This talk delves into the transformative combination of WireGuard and Calico for enhancing network security in Kubernetes clusters. Despite the ubiquity of Kubernetes in microservice orchestration, securing the inter-node traffic often presents a significant challenge. We will first discuss the security risks associated with the non-encryption of inter-node traffic, such as data interception and potential injection of malicious payloads. It underscores the critical importance of implementing traffic encryption within Kubernetes clusters to thwart these threats. We examine WireGuard and ProjectCalico using its eBPF dataplane for securing traffic. The talk navigates the potential constraints, including the requirement for kernel support, the complexity of multi-cluster setups, and the compatibility issues across different environments.
Speakers
avatar for Dhiraj Sehgal

Dhiraj Sehgal

Technical Marketing Engineer, Tigera
Dhiraj is Mgr, Dev Advocacy team at Tigera. He has worked on various open source projects since the start of OpenStack, Ceph, Docker, SDN and IOvisor.
Wednesday September 18, 2024 11:00 - 11:40 CEST
Hall M2 (Level 2)
  ContainerCon

11:00 CEST

UCSI, TCPM, PD, AltModes: Demystifying USB-C and Its Support in Linux - Dmitry Baryshkov, Linaro Ltd.
Wednesday September 18, 2024 11:00 - 11:40 CEST
Room 1.61 & Room 1.62 (Level 1)
Implementing Type-C support in Linux is not a simple task, platforms implementers have to understand different pieces of the Type-C stack (and various USB standards). This talk provides overview of the Linux USB-C subsystem and its different parts, basing on my experience with implementing and improving USB-C support for different Qualcomm platforms.
Speakers
avatar for Dmitry Baryshkov

Dmitry Baryshkov

Engineer, Linaro Ltd.
Dmitry has been working in embedded Linux area since 2006. Since 2007 he has been working in the development services area (at Siemens and Mentor Graphics). In 2015-2019 Dmitry has been working at Cavium Inc, improving system software for ThunderX and OcteonTX. In 2020 he has joined... Read More →
Wednesday September 18, 2024 11:00 - 11:40 CEST
Room 1.61 & Room 1.62 (Level 1)
  LinuxCon

11:00 CEST

A-Typical but Fruitful Public Sector Collaborations Through OSPO's - Nico Rikken, Alliander & Karel Rietveld, Dutch Tax and Customs Administration
Wednesday September 18, 2024 11:00 - 11:40 CEST
Room 0.49 - 0.50 (Level 0)
Collaboration in the public sector typically happens between similar organizations and through an overarching coordinating body. How a-typical is then the collaboration between the Dutch Tax Office and the semi-public Grid Operator Alliander. Yet the goals for their open source activities are similar and thus the OSPO's are collaborating to establish sound Open Source practices. Meanwhile there is a larger community of public and semi-public OSPO's that are taking on multiple shared goals. In this presentation Karel Rietveld and Nico Rikken will go over their learnings: - Unique benefits of an OSPO-collaboration that is national and consists of (semi-)public organizations - Practical examples of collaboration - How a small collaboration has grown to a larger collaboration - The road to the current working structure with working groups
Speakers
avatar for Nico Rikken

Nico Rikken

Open Source Advocate, Alliander
Nico Rikken has a track record in maximizing the potential of Free and Open Source Software in the energy sector and in the Netherlands. As Open Source Ambassador at grid operator Alliander he helps make open source project participation successful and ensure control over the company... Read More →
avatar for Karel Rietveld

Karel Rietveld

Specialist Open Source at Open Source Program Office, Dutch Tax and Customs Administration
Working within the Chief Technology Office in building an Open Source Program Office for the Dutch Tax and Customs administration.
Wednesday September 18, 2024 11:00 - 11:40 CEST
Room 0.49 - 0.50 (Level 0)
  Open Source in the Public Sector

11:00 CEST

Panel Discussion: Divergence and Convergence: Exploring OSPO Practices Among Leading Chinese Tech Giants - Xiaoya Xia & Richard Sikang Bian, Ant Group; Rong Wang, Alibaba Cloud; and Willem Jiang, ByteDance
Wednesday September 18, 2024 11:00 - 11:40 CEST
Room 0.94-0.95 (Level 0)
Join us for an insightful panel at OSPOcon, featuring representatives from Alibaba, Ant Group, and ByteDance, as we delve into the varied landscapes of Open Source Program Offices (OSPOs) across these top Chinese firms. This discussion will highlight both the commonalities and unique approaches these companies take toward open source engagement. Panelists will share their experiences with internal open source project incubation, as well as discuss their strategies for leveraging ecosystem connections to drive business transformation through open source. This session offers a unique perspective on how different organizational cultures within China shape their open source practices, providing valuable insights for anyone looking to understand or engage with open source in a global context.
Speakers
avatar for Willem Jiang

Willem Jiang

Principal Open Source Evangelist of ByteDance OSPO, ByteDance
Willem Jiang (Jiang Ning) is the principal Open Source Evangelist of ByteDance OSPO , and serves as a board director of the Apache Software Foundation. He has contributed to various Apache projects, including Camel, CXF, ServiceMix, and ServiceComb. Prior to joining ByteDance, Willem... Read More →
avatar for Amber Wang

Amber Wang

OSPO manager, Alibaba Cloud
Rong Wang is the Operations Manager at Alibaba Cloud. She is passionate about building the open-source ecosystem and is dedicated to fostering a mutually beneficial relationship between the company and developers. She and her team have successfully driven several key projects, spurring... Read More →
avatar for Xiaoya Xia

Xiaoya Xia

OSPO manager, Ant Group
Xiaoya Xia is a member of the Ant Group OSPO, where she focuses on catalyzing open source success through data-driven insights. Before joining Ant Group, Xiaoya was a PhD at East China Normal University (ECNU), where she concentrated on research into open source ecosystem sustain... Read More →
avatar for Richard Sikang Bian

Richard Sikang Bian

Head of Open Source Growth and Strategy, Ant Group
As an engineer by training and father to a toddler, Richard was ex-Square, ex-Microsoft who currently works on the Technical Strategy Initiatives team of Ant Group. Richard is also in charge of Ant Group's Open Source Program Office (OSPO) and enjoys being the evangelist of Open Source... Read More →
Wednesday September 18, 2024 11:00 - 11:40 CEST
Room 0.94-0.95 (Level 0)
  OSPOCon

11:00 CEST

Enhancing Artifact Security with GitHub’s Build Provenance and Minder - Fredrik Skogman, GitHub & Radoslav Dimitrov, Stacklok
Wednesday September 18, 2024 11:00 - 11:40 CEST
Room 0.96-0.97 (Level 0)
In the evolving landscape of software development, ensuring the integrity of build artifacts like container images is crucial. In this talk, we'll demonstrate how to use GitHub's Build Provenance API to generate SLSA attestations and create robust policies for your artifacts, verifying their origin and authenticity. We'll examine the contents and significance of these attestations and discuss how to integrate them into your CI/CD pipelines. Additionally, we'll explore using Minder to monitor and enforce these policies across your repositories, ensuring these attestation practices do not degrade over time. We’ll also show how combining these tools can safeguard even in the event of someone else gaining access and pushing a malicious image to your container registry. By the end of this session, you'll have a good understanding of how open source tools like Sigstore, in-toto, SLSA, TUF, and Minder can collectively strengthen the security of the software supply chain. You'll gain practical insights into setting up artifact attestations with GitHub's API and establishing tailored policies with Minder to protect your development processes against vulnerabilities.
Speakers
avatar for Radoslav Dimitrov

Radoslav Dimitrov

Senior Software Engineer, Stacklok
Radoslav Dimitrov is a Senior Software Engineer at Stacklok. He's a maintainer of go-tuf, RSTUF and Minder and is contributing to several other software supply chain projects. His interests include mountain biking, cats, coffees and everything that relates to DIY.
avatar for Fredrik Skogman

Fredrik Skogman

Staff Engineer, GitHub
Fredrik is a Staff Engineer on the Package Security Engineering team at GitHub, where he focuses on software supply chain security. At GitHub he provides technical leadership for standards and tools in the supply chain security space, most recently co-authoring the published npm RFC... Read More →
Wednesday September 18, 2024 11:00 - 11:40 CEST
Room 0.96-0.97 (Level 0)
  SupplyChainSecurityCon

11:55 CEST

Container Development Client for Reproducible Artifacts - Harsh Thakur, Civo & Kunal Verma, Kubesimplify
Wednesday September 18, 2024 11:55 - 12:35 CEST
Hall M2 (Level 2)
The container landscape is undergoing a transformation with innovative snapshotters and image formats. But how do we leverage these advancements to empower developers with more cost-effective solutions? Open source projects like Colima and Finch are paving the way for this new wave of container tooling. While they didn't fully meet our specific needs, they provided valuable building blocks for our solution. In our pursuit of achieving truly reproducible builds, we explored Nix and Nix-snapshotter. Combining the power of Nix, a robust package manager, with Nix-snapshotter's efficient caching capabilities within containerd, and the cross-platform functionality of Lima for managing Linux VMs, we've unlocked a new level of consistency and reproducibility for developers' software builds. This project empowers developers with unprecedented flexibility and control over their containerized environments. By embracing these innovations, we can expect reduced CI resource consumption, faster build times, and simplified security and compliance.
Speakers
avatar for Harsh Thakur

Harsh Thakur

Infra Engineer, Civo
Harsh's tech journey began in software development, leading to open-source contributions in the CNCF. His passion for complex systems propelled him into infrastructure engineering, gaining expertise in building control planes and designing APIs, and architecting cost-effective solutions... Read More →
avatar for Kunal Verma

Kunal Verma

DevRel, Kubesimplify
Kunal is a DevOps and Cloud Advocate with a passion for Open Source. He is a CNCF Ambassador & has been involved in the DevOps and open-source ecosystem for more than a year and has strong experience in public speaking, community management, content creation etc. He has the experience... Read More →
Wednesday September 18, 2024 11:55 - 12:35 CEST
Hall M2 (Level 2)
  ContainerCon

11:55 CEST

VirtIo-Net PCIe Function Using Linux PCI Endpoint Framework - Shunsuke Mie, IGEL Co., Ltd.
Wednesday September 18, 2024 11:55 - 12:35 CEST
Room 1.61 & Room 1.62 (Level 1)
The PCI Endpoint framework enables the Linux kernel to act as a PCI Endpoint device. It allows software to describe the behavior of a PCIe function, which is a logical unit within a PCI device. This session will present the design and implementation of a virtio-net device using this framework. Virtio is a para-virtualization framework designed to improve the efficiency of device I/O operations in virtualized environments. It enables software to emulate device behavior, leading to efficient data transfers in this case. This session will discuss the architecture and current status of the proposed virtio-net PCI function driver based on the PCI endpoint framework. Additionally, it will introduce an API for controlling virtio virtqueues, which are used for data transfer. This API is generic and can be used to implement PCI Endpoint devices for other virtio devices.
Speakers
avatar for Shunsuke Mie

Shunsuke Mie

Middle Engineer, IGEL Co., Ltd.
Several years of experience in device drivers and other areas of the Linux kernel. I have a half decade of experience in software development ranging from firmware and embedded Linux, middleware.
Wednesday September 18, 2024 11:55 - 12:35 CEST
Room 1.61 & Room 1.62 (Level 1)
  LinuxCon

11:55 CEST

Open Source Governance for Software Engineers - Tobie Langel, UnlockOpen
Wednesday September 18, 2024 11:55 - 12:35 CEST
Hall C (Level 2)
The goal of this presentation is twofold: Firstly, we want to demystify open source project governance. Do you freeze when you hear the term governance? Do you blindly copy and paste the governance of other projects hoping it works for your project too? Do you struggle to keep governance up to date or aligned with what's *actually* going on in the project? You're not alone. Secondly, we want to provide a simple, practical, and proven approach to writing governance that's directly inspired from coding best practices. The very same concepts that are used when writing code (e.g. Don't Repeat Yourself, Keep It Simple, or Separation of Concerns) have direct application when authoring governance documents and create the same kind of positive outcomes: governance that is simple to understand, flexible, and and easy to maintain. You'll never come back from thinking about governance as code. By the time you leave this presentation, you'll have an entirely new perspective on governance and will feel empowered by your ability to leverage your existing software engineering skills in this new domain.
Speakers
avatar for Tobie Langel

Tobie Langel

Principal, UnlockOpen
Tobie Langel is a world-leading expert on open source and standardization. He advises some of the biggest names in tech (Google, Microsoft, Mozilla, Intel, Cisco), promising startups (Airtable, Postman, GitLab), industry organizations (OpenJS Foundation, OASIS Open, W3C) and nonprofits... Read More →
Wednesday September 18, 2024 11:55 - 12:35 CEST
Hall C (Level 2)
  Open Source Leadership Summit

11:55 CEST

How Can We Define the Value of Open Source Work? - Sophia Vargas, Google
Wednesday September 18, 2024 11:55 - 12:35 CEST
Room 0.94-0.95 (Level 0)
Collectively, we struggle to consistently define the value of open source and work supporting open source projects. Without clear value attributed to open source projects and development, it can be difficult to justify continued investment, especially as many users rely on open source solutions as a source of cost savings. This talk will discuss longstanding and novel economic, social and operational models designed to understand and measure the value of open source, with the goal to help contributors, organizations and companies identify what approach best meets their needs and context.
Speakers
avatar for Sophia Vargas

Sophia Vargas

Research Analyst, Google
Sophia Vargas is a Program Manager in the research and education team within Google’s Open Source Programs Office. In this role she leads efforts that span project health, contributor experience, and open source economics. She is also on the Governing Board and an active contributor... Read More →
Wednesday September 18, 2024 11:55 - 12:35 CEST
Room 0.94-0.95 (Level 0)
  OSPOCon

11:55 CEST

Measuring Security Risk: Community Engagement Is the Best Mitigation - Deb Nicholson, Python Software Foundation
Wednesday September 18, 2024 11:55 - 12:35 CEST
Room 0.96-0.97 (Level 0)
When considering open source software that you include in your products, engaging with your upstream is a more robust and resilient way to gauge your security risks than relying on outsourcing your trust modeling to metrics and GitHub stars. Becoming a partner to your upstream community helps you build more secure software and create the relationships you'll need if there's ever an attack. Plus community engagement has a lot of follow-on benefits for the way your company makes use of open source. This talk covers how to keep surprises to a minimum by engaging with your upstream communities. We'll look at several ways to gracefully go from "who the heck is in charge of that code" to being an open source insider that always knows what’s going on with your upstream partners. We'll also look at how to identify red flags at projects that you may not want to rely on.
Speakers
avatar for Deb Nicholson

Deb Nicholson

Executive Director, Python Software Foundation
Deb Nicholson is an open source software policy expert and a passionate community advocate. She is the Executive Director at the Python Software Foundation which serves as the non-profit steward of the Python programming language. She serves on the Board of Directors for the Spritely... Read More →
Wednesday September 18, 2024 11:55 - 12:35 CEST
Room 0.96-0.97 (Level 0)
  SupplyChainSecurityCon

12:15 CEST

German Administration and Open Source - Thomas Fricke, Independent
Wednesday September 18, 2024 12:15 - 12:35 CEST
Room 0.49 - 0.50 (Level 0)
This talk describes a journey that began almost a quarter of a century ago. The first attempts to establish open source in Germany failed. Only with a cloud and digital sovereignty strategy was it possible to establish FOSS in the German administration. The speaker was involved in various initiatives, the Verwaltungsgitlab (OpenCode.de), the strategic papers of the IT Planning Council, OpenDesk, the founding of the Sovereign Tech Fund and is still centrally involved in the updating of the strategy. It provides an insight into the foundations of a private cloud strategy that ultimately paved the way for FOSS. The vision is a digitally sovereign administration cloud that ensures a secure and automated implementation of modern administration processes through DevSecOps as the engine of the processes. Translated with DeepL.com (free version)
Speakers
avatar for Thomas Fricke

Thomas Fricke

Independent
Thomas Fricke has been working with containers and Kubernetes for 7 years, with Linux and networks for 30 and with computers for 40. His focus is on security in KRITIS environments (energy, health care) and the agile transformations that are necessary in these environments. He is... Read More →
Wednesday September 18, 2024 12:15 - 12:35 CEST
Room 0.49 - 0.50 (Level 0)
  Open Source in the Public Sector

14:00 CEST

Lightning Talk: Fort Kairos: A New Dawn for Secure Linux in Untrusted Environments - Mauro Morales, Spectro Cloud
Wednesday September 18, 2024 14:00 - 14:10 CEST
Room 2.15 (Level 2)
At the edge, there's one thing we know for sure: it's not to be trusted. But imagine if Kairos could change that, letting you sleep soundly knowing your intellectual property is secure. Kairos is a fully open source project to run kubernetes at the edge. As such, we have put Trusted Boot into action. Inspired by Lennard Pottering, the mind behind Systemd, we've leveraged Secure Boot, Trusted Boot, TPM, and disk encryption. The result? A Linux OS that's built tough against the challenges of untrusted environments.
Speakers
avatar for Mauro Morales

Mauro Morales

Open Source Developer Specialist, Spectro Cloud
Mauro is a Guatemalan software developer with more than 17 years of professional experience. His main focus is on backend and CLI applications using the Ruby and Go programming languages. He’s also had a chance to participate in the Open-Source community on projects like Cloud Foundry... Read More →
Wednesday September 18, 2024 14:00 - 14:10 CEST
Room 2.15 (Level 2)
  CloudOpen

14:00 CEST

Lightning Talk: Digital Sovereignty at Risk - Opportunities for Intervention - Kay Hartkopf, PD - Berater der öffentlichen Hand
Wednesday September 18, 2024 14:00 - 14:10 CEST
Room 0.49 - 0.50 (Level 0)
The importance of digital sovereignty in the public sector has been amplified in the European Union (EU) due to recent geopolitical changes and the risk of relying on foreign digital technology and services such as cloud and artificial intelligence (AI). This issue has gained significant attention, prompting calls for collective action to manage these risks. Therefore, it's crucial to explore potential strategies that the public sector can adopt to reduce these risks. The role of Open Source Software (OSS) in enhancing the digital sovereignty of the public sector is a significant point of discussion. We aim to showcase some of the actions currently being undertaken by the public sector in Europe and Germany to achieve digital sovereignty, highlighting the crucial role of OSS in these strategies. Additionally, we will share real-world examples to demonstrate the ongoing efforts, potential opportunities, and challenges that need to be tackled.
Speakers
avatar for Kay Hartkopf

Kay Hartkopf

Senior Managing Expert, PD - Berater der öffentlichen Hand
A seasoned professional with over 31 years of diverse experience across public administration, telecommunications, and industry sectors. Having started his career as a Systems Engineer in 1991 after graduating in Physics from Hamburg University, he has successfully held multiple leadership... Read More →
Wednesday September 18, 2024 14:00 - 14:10 CEST
Room 0.49 - 0.50 (Level 0)
  Open Source in the Public Sector

14:00 CEST

Writing Safe Async Code in Rust: Safeguarding Your Program's Concurrency! - Martin Mosler, Zühlke Engineering AG
Wednesday September 18, 2024 14:00 - 14:40 CEST
Room 1.61 & Room 1.62 (Level 1)
In recent years, the Rust programming language has gained popularity for its ability to provide safety guarantees for concurrent code, making it an ideal choice for developers looking to create secure open source products. However, while Rust offers robust features to prevent common programming errors and vulnerabilities, developers still play a crucial role in ensuring the correctness of their code. This presentation will explore the safety guarantees of Rust for concurrent async code and discuss how developers can take ownership of writing secure and correct code. Key Points: 1. Overview of Rust's safety guarantees for concurrent code 2. Understanding the role of developers in ensuring code correctness 3. Best practices for writing secure Rust code 4. Challenges and limitations of using Rust for developing secure software Overall, this presentation aims to educate attendees on the benefits and challenges of using Rust for developing secure products. By empowering developers to take charge of writing correct code, we can collectively contribute to a safer and more reliable digital ecosystem.
Speakers
avatar for Martin Mosler

Martin Mosler

Principal Embedded Software Consultant, Zühlke Engineering AG
Martin Mosler is a seasoned software engineer with expertise in developing secure embedded systems. With a background in Rust programming, he has firsthand experience implementing secure concurrent code and is passionate about sharing his knowledge with the community.
Wednesday September 18, 2024 14:00 - 14:40 CEST
Room 1.61 & Room 1.62 (Level 1)
  LinuxCon

14:10 CEST

Lightning Talk: The Open Source Smart Garden - Ivan Šarić, TripAdvisor
Wednesday September 18, 2024 14:10 - 14:20 CEST
Room 2.15 (Level 2)
This presentation outlines the design of a smart garden system. The system consists of a cloud component where data is streamed to and commands are relayed from the local sites. The other component is the locally positioned SBC-powered system that orchestrates a group of sensors and controllers while maintaining a tunnel to the cloud. The choice of protocol for local communication between the SBC-based coordinator, sensors and controllers is open. The current set up is based around Zigbee due to the small size of the deployment site and the unobstructed nature of the terrain on which the system was developed. The system leverages the power of the open-source graph visualization and monitoring platform Grafana and the time-series database Prometheus. Grafana is a natural choice for a user dashboard that can display real-time site statistics like soil-moisture, ph score and EC. Grafana provides monitoring capabilities that will be used by the operators to ensure functioning. The cloud component provides long-term storage of all locally-streamed data. It also allows the owner to export all collected data for analysis by a third-party expert.
Speakers
avatar for Ivan Šarić

Ivan Šarić

Software Engineer, TripAdvisor
Ivan Šarić is a Software Engineer at TripAdvisor.He previously worked as a freelance Technical Architect and Software Developer through his company Path Variable LLC.He holds an MA degree in Political Science and Government from Central European University, where he studied topics... Read More →
Wednesday September 18, 2024 14:10 - 14:20 CEST
Room 2.15 (Level 2)
  CloudOpen

14:30 CEST

Lightning Talk: With Great Traces Comes Great Costs: How to Reduce That Bill? - Prashansa Kulshrestha, Independent
Wednesday September 18, 2024 14:30 - 14:40 CEST
Room 2.15 (Level 2)
Is Distributed Tracing an observability essential or just a high-maintenance diva? Hardly, anyone wants to compromise on a trace. For an adventure, try tracing everything and watch your cloud bill explode. Yes! All those spans that you decide to keep are expensive. If you use an external APM provider, god help you before you break your bank. While tracing has solved a number of problems, the cost problem is genuine and it keeps increasing with scale. In this presentation, Prashansa narrates her experiences when she was trying to balance the costs while keeping the traces sane. It’s a humorous journey lined with some failed experiments, small peaks of joy, troughs of sorrow and finally tumbling upon a good enough solution. Join her to know how you can also maintain good and sane enough tracing with a manageable bill, with some span tweaking magic, custom sampling algorithm and fully utilising OpenTelemetry capabilities. Trace smarter to save better.
Speakers
avatar for Prashansa Kulshrestha

Prashansa Kulshrestha

Software Engineer, Independent
Prashansa Kulshrestha has worked at Postman for 4 years in the Reliability Engineering team. Thus, her mindset is observability-first. Currently, she is enjoying a career break while she explores new opportunities that come her way. She is interested in Linux and cloud-native tech... Read More →
Wednesday September 18, 2024 14:30 - 14:40 CEST
Room 2.15 (Level 2)
  CloudOpen

15:10 CEST

Multi-Cloud Global Content Distribution at Cloud Native Speeds - Jiri Kremser, k8gb Project & Yury Tsarev, Upbound
Wednesday September 18, 2024 15:10 - 15:50 CEST
Room 2.15 (Level 2)
If you’ve been globally distributing digital content for a while, you’ll understand that merely having numerous datacenters with advanced caching patterns isn’t sufficient. When your users need to retrieve an object that’s available in different locations worldwide, they should ideally be directed automatically to the location that’s nearest and fastest for the best experience. Cloud service providers typically offer services to handle this for you within their own clouds, but what if you are running a multi-cloud or hybrid environment? K8GB is a cloud-native solution that handles GeoDNS across heterogeneous environments and enables you to reach the same level of multiregion service resilience offered by cloud providers.
Speakers
JK

Jiri Kremser

Core Maintainer, k8gb project
avatar for Yury Tsarev

Yury Tsarev

Principal Solutions Architect, Upbound
Yury is an experienced software engineer who strongly focuses on open-source, software quality and distributed systems. As the creator of k8gb (https://www.k8gb.io) and active contributor to the Crossplane ecosystem, he frequently speaks at conferences covering topics such as Control... Read More →
Wednesday September 18, 2024 15:10 - 15:50 CEST
Room 2.15 (Level 2)
  CloudOpen

15:10 CEST

Open Source Software Engineering Education - Stephen Walli, Microsoft
Wednesday September 18, 2024 15:10 - 15:50 CEST
Hall C (Level 2)
Well run open source software community projects are natural labs for teaching software engineering practices to undergraduates. What if we turned the classroom inside out? What if we taught students the fundamentals of software transmitted diseases? (The New STDs!) And intellectual property basics that every engineer needs to understand? This talk shares the experiences of building out Semesters of Code this past four years, and where the experiment is going to go next.
Speakers
avatar for Stephen Walli

Stephen Walli

Principal Programmer Manager, Microsoft
I'm a principal program manager at Microsoft in the Azure Office of the CTO. I've been a Distinguished Technologist at HP, CTO at the Outercurve Foundation, founded a start-up, and been a writer and consultant. I've been around open source software for 30+ years. I was governing board... Read More →
Wednesday September 18, 2024 15:10 - 15:50 CEST
Hall C (Level 2)
  Open Source Leadership Summit

15:10 CEST

Our First Steps Establishing an Open Source Program Office - J. Manrique Lopez, INDITEX
Wednesday September 18, 2024 15:10 - 15:50 CEST
Room 0.94-0.95 (Level 0)
At this year’s Open Source Summit Europe, we are excited to share the comprehensive early steps of our journey of establishing our own Open Source Program Office (OSPO) within our corporation. From the initial steps of crafting foundational policies to overseeing compliance with open source licenses, our narrative provides a detailed roadmap for others embarking on a similar path. We will delve into our strategic approaches to tracking employee contributions to open source projects and the intricacies involved in releasing our first open source projects. Our presentation will highlight how integrating open source practices extends beyond enhancing innovation and efficiency in software development. We underscore the alignment with our company's core values, particularly in sustainability—not only in the environmental sense but also in fostering a sustainable technological ecosystem. We will explore how participating in open source projects is pivotal to both advancing corporate innovation and upholding commitments to sustainable practices that resonate with our broader corporate ethos.
Speakers
avatar for Jose Manrique Lopez de la Fuente

Jose Manrique Lopez de la Fuente

OSPO Manager, INDITEX
Manrique is the manager of the INDITEX Tech OSPO and a passionate advocate for free, libre, and open source software development communities. He holds a degree in Industrial Engineering and has significant experience in R&D (IT Center of the Principality of Asturias, W3C, Ándago... Read More →
Wednesday September 18, 2024 15:10 - 15:50 CEST
Room 0.94-0.95 (Level 0)
  OSPOCon

16:05 CEST

What Is an ABI, and Why Should You Care? - Shung-Hsi Yu, SUSE
Wednesday September 18, 2024 16:05 - 16:45 CEST
Room 1.61 & Room 1.62 (Level 1)
Application Binary Interface (ABI), in contrast to the more often heard Application Programming Interface (API), is not as widely discussed, but is every bit as important as the latter. It is what allows us to run programs that are compiled 10 years ago on the latest system, and still expect it to work. In this talk, we will introduce the audience to the concept of ABI, explain its difference from API, and and lay out what exactly breaks ABI, as well as cover the symptoms of such breakage. Further more, we will detail how ABI breakage can be detected or prevented, and discuss some specific cases: Linux Kernel's ABI, Python's stable ABI, and Foreign Function Interface.
Speakers
avatar for Shung-Hsi Yu

Shung-Hsi Yu

Kernel Engineer, SUSE
Mainly working on maintaining the BPF stack of SUSE Linux Enterprise Server (SLES) distribution, consisting of the BPF subsystem in the Linux Kernel, and it's user-space tooling: libbpf, bcc, and bpftrace.
Wednesday September 18, 2024 16:05 - 16:45 CEST
Room 1.61 & Room 1.62 (Level 1)
  LinuxCon
 
  • Filter By Date
    Sep 16 -19, 2024
  • Filter By Venue
    Vienna, Austria
    All
    Austria Center Vienna
    Entrance 1
    Entrance, E, & F Halls (Level 0)
    Foyer A (Level 2)
    Hall A (Level 2)
    Hall B (Level 2)
    Hall C (Level 2)
    Hall M1 (Level 1)
    Hall M2 (Level 2)
    Le Méridien Vienna
    Melia Vienna
    Rooftop Foyer + Terrace (Level 3)
    Room 0.11-0.12 (Level 0)
    Room 0.14 (Level 0)
    Room 0.15 (Level 0)
    Room 0.49 - 0.50 (Level 0)
    Room 0.94-0.95 (Level 0)
    Room 0.96-0.97 (Level 0)
    Room 1.31-1.32 (Level 1)
    Room 1.33 (Level 1)
    Room 1.34 (Level 1)
    Room 1.61 & Room 1.62 (Level 1)
    Room 2.15 (Level 2)
    Room 2.31 (Level 2)
    Solutions Showcase (Level 0)
    TBA
    Wolke21 in the Saturn Tower
  • Filter By Type
    Ask the Expert
    CloudOpen
    Co-Located Events
    ContainerCon
    Critical Software Summit
    Digital Trust
    Diversity Empowerment Summit
    Embedded Linux Conference
    Keynote Sessions
    LFX Mentorship Showcase
    LinuxCon
    Open AI + Data Forum
    Open Source 101
    Open Source in the Public Sector
    Open Source Leadership Summit
    Operations Management Summit
    OSPOCon
    Project Mini Summits
    Special Events / Exhibits / Breaks
    Standards & Specifications Forum
    SupplyChainSecurityCon
    TechDocsCon
    Unconference Sessions
    Zephyr
  • Audience Level
    Advanced
    Any
    Beginner
    Intermediate
  • Timezone
Share Modal

Share this link via

Or copy link

Filter sessions
Apply filters to sessions.
Monday, September 16
Tuesday, September 17
Wednesday, September 18
Thursday, September 19
Austria Center Vienna
Entrance 1
Entrance, E, & F Halls (Level 0)
Foyer A (Level 2)
Hall A (Level 2)
Hall B (Level 2)
Hall C (Level 2)
Hall M1 (Level 1)
Hall M2 (Level 2)
Le Méridien Vienna
Melia Vienna
Rooftop Foyer + Terrace (Level 3)
Room 0.11-0.12 (Level 0)
Room 0.14 (Level 0)
Room 0.15 (Level 0)
Room 0.49 - 0.50 (Level 0)
Room 0.94-0.95 (Level 0)
Room 0.96-0.97 (Level 0)
Room 1.31-1.32 (Level 1)
Room 1.33 (Level 1)
Room 1.34 (Level 1)
Room 1.61 & Room 1.62 (Level 1)
Room 2.15 (Level 2)
Room 2.31 (Level 2)
Solutions Showcase (Level 0)
TBA
Wolke21 in the Saturn Tower
  • Ask the Expert
  • CloudOpen
  • Co-Located Events
  • ContainerCon
  • Critical Software Summit
  • Digital Trust
  • Diversity Empowerment Summit
  • Embedded Linux Conference
  • Keynote Sessions
  • LFX Mentorship Showcase
  • LinuxCon
  • Open AI + Data Forum
  • Open Source 101
  • Open Source in the Public Sector
  • Open Source Leadership Summit
  • Operations Management Summit
  • OSPOCon
  • Project Mini Summits
  • Special Events / Exhibits / Breaks
  • Standards & Specifications Forum
  • SupplyChainSecurityCon
  • TechDocsCon
  • Unconference Sessions
  • Zephyr
  • Audience Level
  • Advanced
  • Any
  • Beginner
  • Intermediate