Open Source Summit is the premier event for open source developers, technologists, and community leaders to collaborate, share information, solve problems and gain knowledge, furthering open source innovation and ensuring a sustainable open source ecosystem. It is the gathering place for open source code and community contributors.
Open Source Summit is a conference umbrella, composed of a collection of events covering the most important technologies, topics, and issues affecting open source today.
This year, there will be talks based on the Zephyr Project at the Open Source Summit. Don’t miss out on these sessions! Add these talks to your schedule today!
End point devices are resource constrained, either in terms of power, memory or communication capabilities – sometimes all three. However, being able to apply machine learning on these end point devices is possible and when applied strategically enables system wide efficiencies to be realized. This talk will explore the requirements and tradeoffs for such system to be considered when using the Zephyr RTOS and Tensorflow Lite for Embedded Microcontrollers projects. Learn more.
When the Zephyr project launched in 2016, the lack of standardized security best practices in the IoT market segment was a known problem. It was one of the goals the project wanted to address, and started working on from before day 1. This talk will go through the journey of the last 8 years of applying known best security practices to an open source project, including becoming a CVE Numbering Authority, and forming a PSIRT team from volunteers from different companies. This team has been managing embargo windows, bulk vulnerability reports as well as the occasional vulnerability reported from the community. It is possible for open source projects to follow Security Best Practices and this talk will let others leverage the key lessons that Zephyr has learned over time. Learn more.
MCUboot enables secure booting of Zephyr RTOS using asymmetric cryptographic signature verification with a public key. Typically, the hash of the public key is embedded within the MCUboot binary, ensuring its integrity. For enhanced tamper protection, this hash can also be securely stored and retrieved using hardware keys. Embedded SoCs, such as the i.MX RT, offer advanced security features like High Assurance Boot (HAB), Data Co-Processor (DCP), and Trusted Firmware-M (TF-M) for implementing TrustZone in SoCs like the nRF91. These features enable secure storage with hardware crypto acceleration or external security modules (e.g., TPM, EdgeLock) to store keys in a hardware vault. This presentation will explore MCUboot secure booting with hardware keys, using the NXP i.MX RT as an example. We’ll delve into HAB for booting signed and encrypted MCUboot, establishing a hardware root of trust, and booting Zephyr RTOS using keys from OTP for verification. Additionally, we’ll discuss using the TF-M backend and OTP for securely booting TrustZone-enabled SoCs. Learn more.
