This year the Open Source Summit North America takes place in Austin from June 21st to the 24th. The conference gathers open source developers, technologists, and community leaders to share information and further open source innovation. Deviating a little from past OSS events, the summit now hosts a number of smaller specialized events.
Pantacor is sponsoring and speaking at the event and our team will be available in-person and virtually. Key Pantacor engineers, Aníbal Portero (@anibalportero) and Ricardo Mendoza (@ricmm) are presenting and speaking at the Embedded IoT Summit on Tuesday, June 21st.
Live demos at the booth
Update and manage device fleets with Pantavisor and Pantacor Hub
Come meet the Pantacor team in person at B33 or visit the booth from the comfort of your home and log onto our virtual booth beginning on June 20. At the in-person booth we’ll show you around Pantavisor, our open source container framework before demonstrating how you can share, manage and distribute containerized embedded systems and services on our SaaS, Pantacor Hub. We’ll also show you how to deploy over-the-air updates to embedded Linux and IoT fleets from any backend, including Azure or AWS IoT.
Mycroft Mark II
In addition to this, we will have a preview version of the open source, privacy-first voice assistant, Mycroft Mark II. Mycroft Mark II runs on a Quad core Cortex-A72 (ARM v8) 64-bit, 1.5GHz and implements the open source container framework Pantavisor Linux. Software and firmware updates are managed with Pantacor Hub and Fleet. Come and check it out, Mycroft is waiting for your questions.
Embedded Linux conference talks
This year we have two exciting embedded Linux talks from our engineers:
Aníbal Portero (@anibalportero) will speak on:
How to Leverage an Open Update Protocol to Drive Your Embedded Devices from Any OTA Cloud Provider
Speaker: Aníbal Portero
Date: Tuesday, 21st June
Time: 12pm to 12:40pm
Schedule link:https://ossna2022.sched.com/event/11Nlj
Abstract
Until now, vendors struggled to provide a comprehensive end-to-end solution addressing the software OTA requirements for the connected devices ecosystem. Instead of fostering innovation, the lack of an end-to-end solution has resulted in a number of projects that live in isolation and that only solve specific parts of the OTA deployment requirements. Solutions out there today are very good at solving one end of the story or another, but not both. By decoupling the device side and the cloud side of the problem, we can ensure that our understanding of both parts is not dictated by a preconceived notion of how the other end should be. By providing a comprehensive local control protocol through lightweight Linux containers, device manufacturers can reap the benefits of a tried-and-tested embedded firmware lifecycle management engine while using their OTA backend of choice. In this talk, we discuss how to implement an OTA system client container that communicates with your cloud-based update service of choice and how you can use this with any backend to control the software and firmware lifecycles of your embedded Linux devices with Pantavisor.
Ricardo Mendoza (@ricmm)will also speak on the following topic:
Uncovering Software Provenance in Embedded Systems
Speaker: Ricardo Mendoza (@ricmm)
Date: Tuesday, 21st June
Time: 2:55pm – 3:35pm CDT
Schedule link:https://ossna2022.sched.com/event/11Nlj
Abstract
With IoT, 5G, and embedded devices becoming a big part of everyone’s daily lives, security should be on everyone’s minds. Security and more importantly trust in our embedded devices are essential for many reasons. Embedded devices have not always had good security with the last several years seeing a significant number of high-profile hacks that could prevent people from widely adopting IoT in their homes.
The federal government also signed an executive order signed last year that requires companies selling connected devices must include a SBoM. But SBoMs are only a small part of the story around keeping embedded devices secure and from a developer and operator point of view, the more important issue is knowing that what you are running and deploying are from trusted sources. In this talk, we’ll discuss the security requirements for embedded Linux devices, with a focus on origin determination and how this can (or cannot) be achieved with the existing tools and practices. We’ll then go through a use case to show how all components of an embedded device can be signed, attested and verified with the help of Pantavisor Linux’s “revisions” and then drill down on code signing, and revoking (if necessary) the provenance of malicious and unsigned code on embedded Linux systems.
Final Thoughts
If you’re going to Austin next week, please stop by booth 33 for some great looking swag and a demo of our open source container framework and OTA deployment and management solution for embedded Linux devices. See you there!