Pengutronix at FOSDEM 2018
As in the previous years a bunch of Pengutronix developers attended the FOSDEM Open Source conference in Brussels to stay up-to-date with the latest developments in the context of embedded Linux, graphics and media, electronics and lots of other interesting topics.
With his talk Facing the Challenges of Updating Complex Systems Pengutronix developer Enrico Jörns looked at the updating topic beyond the basic considerations about redundancy, atomicity, simple verification and A/B setups that are luckily solved by most nowadays Open Source updating frameworks such as RAUC.
Instead, he pointed out, designing a robust update system does not mean assembling unrelated building blocks but instead requires fine-tuned configuration of all system components from the bootloader to the deployment software to smoothly interact.
While installing updates itself is solved by standard frameworks by now, handling target selection in the bootloader still requires error-prone custom scripting in many cases. With bootchooser Pengutronix brought a framework for this to the Barebox bootloader, making it an ideal candidate for redundant system designs. Enrico also noted that UEFI provides a similar mechanism with its boot target handling as well.
One of the other noteworthy topics covered in his talk was the possible benefit of using the casync content chunking tool for embedded system updates over limited data connections. With this, it is possible to reuse local data chunks that are identical between the update and the current system and download only those which differ over the network connection. Thus, future versions of RAUC will support casync-based bundles.
Thanks to the folks from OpenEmbedded we were able to bring our over-the-air updating demo to their stand at FOSDEM. This was a great opportunity for us to discuss with hackers from all different fields of interest about reproducible embedded system builds and the closely related importance of safe and secure update strategies in a growing world of embedded and IoT devices.
Beside our popular black pencils also our new Pengutronix penguin stickers and project/job cards that we got ready right in time before FOSDEM enjoyed great popularity.
Thanks to the entire FOSDEM team for organization, support and video recordings!
Further Readings
Pengutronix at Electronica 2024 in Munich
Electronica trade fair in Munich, Germany is just around the corner and Pengutronix is currently gearing up to showcase some of our latest topics and developments. You find us in Hall B4 Booth 102 (map).
RAUC v1.12 Released
With 93 pull requests that brought in 248 new commits, a lot happened since the last release on master (v1.11.1). The new v1.12 version of RAUC focusses on making it even more robust while adding some features and improvements.
Pengutronix at FrOSCon 2024
On August 17th and 18th, 2024, it's that time again: FrOSCon will take place at the Bonn-Rhein-Sieg University of Applied Sciences in Sankt Augustin - and Pengutronix will be there again as a Partner.
Pengutronix at Embedded World 2024
Meet Pengutronix at the Embedded World 2024 in Nurnberg! You find us, as always, in hall 4, booth 4-261. As usual, we will be showing demonstrators on current topics at our exhibition stand.
RAUC v1.11 Released
Ho Ho ho! As the year's progress bar approaches 99%, another update is already completed: RAUC v1.11 is here!
RAUC v1.10 Released
Just in time for the EOSS 2023 in Prague, we have released v1.10 of RAUC. Just-in-time means the release was actually finalized by Jan Lübbe in the train to Prague (like I finally wrote the majority of this blog post on the train back).
Netdevconf 0x16
After a longer time with online-only events, the Netdev 0x16, a conference about the technical aspects of Linux Networking, was organized as hybrid event: online and on-site at Lisbon.
CLT-2022: Voll verteilt!
Unter dem Motto "Voll verteilt" finden die Chemnitzer Linux Tage auch 2022 im virtuellen Raum statt. Wie auch im letzten Jahr, könnt ihr uns in der bunten Pixelwelt des Workadventures treffen und auf einen Schnack über Linux, Open Source, oder neue Entwicklungen vorbei kommen.
Wir haben doch etwas zu verbergen: Schlüssel mit OP-TEE verschlüsseln
Moderne Linux Systeme müssen häufig zwecks Authentifizierung bei einer Cloud- basierten Infrastruktur oder einer On-Premise Maschine eigene kryptografische Schlüssel speichern. Statt der Verwendung eines Trusted Platform Modules (TPM), bieten moderne ARM Prozessoren die TrustZone-Technologie an, auf deren Basis ebenfalls Schlüssel oder andere Geheimnisse gespeichert werden können. Dieses Paper zeigt die Nutzung des Open Portable Trusted Execution Environments (OP- TEE) mit der Standardkonformen PKCS#11 Schnittstellen und i.MX6 Prozessoren von NXP als Beispiel.