SlideShare a Scribd company logo
1 of 31
Download to read offline
Drew Moseley
Technical Solutions Architect
Mender.io
IoT: Contrasting Yocto/Buildroot to Binary OSes
Session overview
● Motivation
● Challenges for Embedded,
Linux and IoT developers
● Describe and compare IoT
system build workflows
● Do containers matter for IoT?
Thank you to our organizer!
Kevin Dankwardt and the following meetup groups:
● Silicon Valley Linux Technology
● SFBayLUG
● Silicon Valley IoT
About me
Drew Moseley
○ 10 years in Embedded Linux/Yocto development.
○ Longer than that in general Embedded Software.
○ Project Lead and Solutions Architect.
drew.moseley@mender.io
https://twitter.com/drewmoseley
https://www.linkedin.com/in/drewmoseley/
https://twitter.com/mender_io
Mender.io
○ Over-the-air update manager for
embedded Linux
○ Open source (Apache License, v2)
○ Dual A/B rootfs layout (client)
○ Remote deployment management (server)
○ Under active development
Embedded Projects increasingly use Linux:
● AspenCore/Linux.com1
: Embedded Linux top 2 in current and planned use.
Huge IoT market opportunity:
● Forbes2
: $267B by 2020
Linux is a big player in IoT
● Nodes & Gateways3
- 17.18 Billion units by 2023
● Inexpensive prototyping hardware - Raspberry Pi, Beaglebone, etc
● Readily available production hardware - Toradex, Variscite, Boundary
Devices
● Wide selection of chipsets - NXP, TI, Microchip, Nvidia
1
https://www.linux.com/news/event/elce/2017/linux-and-open-source-move-embedded-says-survey
2
https://www.forbes.com/sites/louiscolumbus/2017/01/29/internet-of-things-market-to-reach-267b-by-2020
3
http://www.marketsandmarkets.com/PressReleases/iot-gateway.asp
Motivation
Challenges for Embedded Linux/IoT Developers
Hardware variety
Storage Media
Software may be maintained
in forks
Cross development
Initial device provisioning
Getting Started Guide for Embedded/IoT Development
1. Buy Hardware1
1
https://makezine.com/comparison/boards/
Getting Started Guide for Embedded/IoT Development
1. Buy Hardware1
2. Connect Hardware
1
https://makezine.com/comparison/boards/
Getting Started Guide for Embedded/IoT Development
1. Buy Hardware1
2. Connect Hardware
3. Install OS
1
https://makezine.com/comparison/boards/
a. Binary distribution
b. Build system
Getting Started Guide for Embedded/IoT Development
1. Buy Hardware1
2. Connect Hardware
3. Install OS
a. Binary distribution
b. Build system
4. Develop and Test
1
https://makezine.com/comparison/boards/
Getting Started Guide for Embedded/IoT Development
1. Buy Hardware1
2. Connect Hardware
3. Install OS
a. Binary distribution
b. Build system
4. Develop and Test
5. Deploy
1
https://makezine.com/comparison/boards/
Getting Started Guide for Embedded/IoT Development
1. Buy Hardware1
2. Connect Hardware
3. Install OS
a. Binary distribution
b. Build system
4. Develop and Test
5. Deploy
1
https://makezine.com/comparison/boards/
6. PROFIT!!!
Why are we here?
To build things.
Useful things.
But how?
Why are we here?
To build things.
Useful things.
But how?
It depends
System Requirements
Common:
● Off the shelf hardware
● Linux
● Limited functionality “appliance”
Unique:
● Fleet size
● Product lifecycle
○ POC vs Production
○ Legacy devices?
○ Lifetime
● Use cases
Option #1 - Binary Distros
● Installer or pre-built image from
board vendor.
● Boot board:
○ Remove things
○ Add things
● Create “Golden Master”
● Optional
○ Use Debian build tooling
Option #1 - Binary Distros - cont
Advantages:
● Simple
● Developer familiarity
● Quick
Disadvantages:
● Golden master bottleneck
● Reliance on external providers
○ System architecture
○ Availability of binaries
● Reproducibility
● Larger images
● License compliance
Option #2 - Build Systems
● Checkout build system
metadata.
● Configure
● Run “make” or equivalent
● Deploy and test
● Check in local changes
Linux system as code
Option #2 - Build Systems
Advantages:
● Configurability
● Reproducible
● No bottleneck on golden master
● No reliance on external providers
● Smaller images
Disadvantages:
● Complexity
● Learning curve
● Long build times
● Large build systems
● Unfamiliar working model (ie cross
compiling everything)
Build System Defined
_Is_
● Mechanism to specify and build
○ Define hardware/BSP
components
○ Integrate user-space
applications; including custom
code
● A system that:
○ Is reproducible
○ Supports multiple developers
○ Allow for parallel processing
● Ideally provides:
○ (Cross) Toolchains
○ License Management
_Is Not_
● An IDE
● A Distribution
● A deployment and provisioning
tool
● An out-of-the-box solution
“It’s not an embedded Linux distribution -- it creates a custom one for you”1
● Recipes, metadata, dependencies and configuration
● Primary output: package feed
● Secondary output: boot images
● Builds all components from source
● Mechanism, not policy
Products:
● Root filesystem image
● Kernel, Bootloader, Toolchain
● Package Feed
Yocto Project - Overview
1
See more at https://www.yoctoproject.org and https://openembedded.org
“Buildroot is a simple, efficient and easy-to-use tool to generate embedded Linux
systems through cross-compilation.”1
● Primary output: boot images
● Does not support rpm-style package mgmt
● “Firmware Generator”
● Builds all components from source
● Focus on simplicity
Products:
● Root filesystem image
● Kernel, Bootloader, Toolchain
Buildroot - Overview
1
See more at https://buildroot.org/
● “The ‘s’ in IOT stands for security” - @tkadlec
● 1-25 bugs per 1000 lines of code*
○ Assume that all software components have
vulnerabilities
● Use well-maintained software and keep it updated
● Review vendors for update policies
● General Security Practices
○ Principle of least privilege
○ Separation of privilege
○ Kerckhoff’s principle
■ “You can only design an encryption system
that someone dumber than you cannot
crack.”
*Source: Steve McConnell, Code Complete
Security
● “The ‘s’ in IOT stands for security” - @tkadlec
● 1-25 bugs per 1000 lines of code*
○ Assume that all software components have
vulnerabilities
● Use well-maintained software and keep it updated
● Review vendors for update policies
● General Security Practices
○ Principle of least privilege
○ Separation of privilege
○ Kerckhoff’s principle
■ “You can only design an encryption system
that someone dumber than you cannot
crack.”
*Source: Steve McConnell, Code Complete
OTA updates are
a must have.
Security
“A container is a standard unit of
software that packages up code and all
its dependencies so the application runs
quickly and reliably from one computing
environment to another.”1
Containers
1
https://www.docker.com/resources/what-container
“An operating system paradigm in which
the kernel allows the existence of
multiple isolated user space instances.”2
2
https://en.wikipedia.org/wiki/OS-level_virtualization
● Isolation
○ File system
○ I/O
○ CPU
○ Network
● Dependency packaging
● Shared kernel
● Optional:
○ Orchestration
○ Network distribution
○ Global repositories
○ Private repositories
Containers - characteristics
● chroot
● lxc/lxd
● Docker
● runc
● rkt
● systemd-nspawn
● ...
Containers - implementations
https://en.wikipedia.org/wiki/OS-level_virtualization lists 18 options
Server side:
● Definitely useful here.
● Same basic use cases as for any other use cases.
Containers in Embedded/IoT?
Client side:
● Limited utility due to limited functionality of devices.
● Custom distro should mean fewer issues due to clashing dependencies.
● Similar concerns as with binary distros.
⎻ Reproducibility
⎻ Availability
● Use cases:
⎻ Packaging of application code for updatability
⎻ Architecture separation
⎼ Common base system software
⎼ Device personality provided by containerized code
● Define your application first
○ Please consider OTA updates early
● Get and use a reproducible build
system
● Keep an eye on containers
● Don’t Panic
● Call us
Conclusions
● https://bit.ly/2GlKlUQ - Previous ELC Talk comparing Embedded Linux build
systems
● https://ubm.io/2Iazdfn - Deeper dive into the Yocto project
● https://hub.mender.io/t/raspberry-pi-3-model-b-b/57 - Building Yocto for
Raspberry Pi with Mender.
● https://www.linuxjournal.com/content/linux-iot-development-adjusting-bin
ary-os-yocto-project-workflow - Article discussing the two workflows
For more information:
Questions?
Thank you!
@drewmoseley
https://mender.io
drew.moseley@mender.io

More Related Content

What's hot

Emanuele Faranda - Creating network overlays with IoT devices using N2N
Emanuele Faranda - Creating network overlays with IoT devices using N2NEmanuele Faranda - Creating network overlays with IoT devices using N2N
Emanuele Faranda - Creating network overlays with IoT devices using N2Nlinuxlab_conf
 
Creating new Tizen profiles using the Yocto Project
Creating new Tizen profiles  using the Yocto ProjectCreating new Tizen profiles  using the Yocto Project
Creating new Tizen profiles using the Yocto ProjectLeon Anavi
 
Build your own embedded linux distributions by yocto project
Build your own embedded linux distributions by yocto projectBuild your own embedded linux distributions by yocto project
Build your own embedded linux distributions by yocto projectYen-Chin Lee
 
Software update for embedded systems - elce2014
Software update for embedded systems - elce2014Software update for embedded systems - elce2014
Software update for embedded systems - elce2014Stefano Babic
 
Claudio Scordino - Handling mixed criticality on embedded multi-core systems
Claudio Scordino - Handling mixed criticality on embedded multi-core systemsClaudio Scordino - Handling mixed criticality on embedded multi-core systems
Claudio Scordino - Handling mixed criticality on embedded multi-core systemslinuxlab_conf
 
Userspace drivers-2016
Userspace drivers-2016Userspace drivers-2016
Userspace drivers-2016Chris Simmonds
 
Balena Hackathon 2021 - Welcome and Getting Started
Balena Hackathon 2021 - Welcome and Getting StartedBalena Hackathon 2021 - Welcome and Getting Started
Balena Hackathon 2021 - Welcome and Getting StartedBalena
 
Embedded Linux primer
Embedded Linux primerEmbedded Linux primer
Embedded Linux primerDrew Fustini
 
Evolution of ota_update_in_the_io_t_world
Evolution of ota_update_in_the_io_t_worldEvolution of ota_update_in_the_io_t_world
Evolution of ota_update_in_the_io_t_worldStefano Babic
 
Michele Dionisio & Pietro Lorefice - Developing and testing a device driver w...
Michele Dionisio & Pietro Lorefice - Developing and testing a device driver w...Michele Dionisio & Pietro Lorefice - Developing and testing a device driver w...
Michele Dionisio & Pietro Lorefice - Developing and testing a device driver w...linuxlab_conf
 
Qubes os presentation_to_clug_20150727
Qubes os presentation_to_clug_20150727Qubes os presentation_to_clug_20150727
Qubes os presentation_to_clug_20150727csirac2
 
Embedded Recipes 2017 - An easy-to-install real world embedded Linux distribu...
Embedded Recipes 2017 - An easy-to-install real world embedded Linux distribu...Embedded Recipes 2017 - An easy-to-install real world embedded Linux distribu...
Embedded Recipes 2017 - An easy-to-install real world embedded Linux distribu...Anne Nicolas
 
Stefano Cordibella - An introduction to Yocto Project
Stefano Cordibella - An introduction to Yocto ProjectStefano Cordibella - An introduction to Yocto Project
Stefano Cordibella - An introduction to Yocto Projectlinuxlab_conf
 
The Yocto Project
The Yocto ProjectThe Yocto Project
The Yocto Projectrossburton
 
Yocto project and open embedded training
Yocto project and open embedded trainingYocto project and open embedded training
Yocto project and open embedded trainingH Ming
 
libreCMC : The Libre Embedded GNU/Linux Distro
libreCMC : The Libre Embedded GNU/Linux DistrolibreCMC : The Libre Embedded GNU/Linux Distro
libreCMC : The Libre Embedded GNU/Linux DistroAll Things Open
 
Run Qt on Linux embedded systems using Yocto
Run Qt on Linux embedded systems using YoctoRun Qt on Linux embedded systems using Yocto
Run Qt on Linux embedded systems using YoctoMarco Cavallini
 
Connected Tizen: Bringing Tizen to Your Connected Devices Using the Yocto Pro...
Connected Tizen: Bringing Tizen to Your Connected Devices Using the Yocto Pro...Connected Tizen: Bringing Tizen to Your Connected Devices Using the Yocto Pro...
Connected Tizen: Bringing Tizen to Your Connected Devices Using the Yocto Pro...Samsung Open Source Group
 

What's hot (20)

Emanuele Faranda - Creating network overlays with IoT devices using N2N
Emanuele Faranda - Creating network overlays with IoT devices using N2NEmanuele Faranda - Creating network overlays with IoT devices using N2N
Emanuele Faranda - Creating network overlays with IoT devices using N2N
 
Creating new Tizen profiles using the Yocto Project
Creating new Tizen profiles  using the Yocto ProjectCreating new Tizen profiles  using the Yocto Project
Creating new Tizen profiles using the Yocto Project
 
Build your own embedded linux distributions by yocto project
Build your own embedded linux distributions by yocto projectBuild your own embedded linux distributions by yocto project
Build your own embedded linux distributions by yocto project
 
Software update for embedded systems - elce2014
Software update for embedded systems - elce2014Software update for embedded systems - elce2014
Software update for embedded systems - elce2014
 
Claudio Scordino - Handling mixed criticality on embedded multi-core systems
Claudio Scordino - Handling mixed criticality on embedded multi-core systemsClaudio Scordino - Handling mixed criticality on embedded multi-core systems
Claudio Scordino - Handling mixed criticality on embedded multi-core systems
 
Userspace drivers-2016
Userspace drivers-2016Userspace drivers-2016
Userspace drivers-2016
 
Balena Hackathon 2021 - Welcome and Getting Started
Balena Hackathon 2021 - Welcome and Getting StartedBalena Hackathon 2021 - Welcome and Getting Started
Balena Hackathon 2021 - Welcome and Getting Started
 
Embedded Linux primer
Embedded Linux primerEmbedded Linux primer
Embedded Linux primer
 
Evolution of ota_update_in_the_io_t_world
Evolution of ota_update_in_the_io_t_worldEvolution of ota_update_in_the_io_t_world
Evolution of ota_update_in_the_io_t_world
 
Michele Dionisio & Pietro Lorefice - Developing and testing a device driver w...
Michele Dionisio & Pietro Lorefice - Developing and testing a device driver w...Michele Dionisio & Pietro Lorefice - Developing and testing a device driver w...
Michele Dionisio & Pietro Lorefice - Developing and testing a device driver w...
 
Qubes os presentation_to_clug_20150727
Qubes os presentation_to_clug_20150727Qubes os presentation_to_clug_20150727
Qubes os presentation_to_clug_20150727
 
Embedded Recipes 2017 - An easy-to-install real world embedded Linux distribu...
Embedded Recipes 2017 - An easy-to-install real world embedded Linux distribu...Embedded Recipes 2017 - An easy-to-install real world embedded Linux distribu...
Embedded Recipes 2017 - An easy-to-install real world embedded Linux distribu...
 
Sw update elce2017
Sw update elce2017Sw update elce2017
Sw update elce2017
 
Stefano Cordibella - An introduction to Yocto Project
Stefano Cordibella - An introduction to Yocto ProjectStefano Cordibella - An introduction to Yocto Project
Stefano Cordibella - An introduction to Yocto Project
 
The Yocto Project
The Yocto ProjectThe Yocto Project
The Yocto Project
 
Yocto project and open embedded training
Yocto project and open embedded trainingYocto project and open embedded training
Yocto project and open embedded training
 
libreCMC : The Libre Embedded GNU/Linux Distro
libreCMC : The Libre Embedded GNU/Linux DistrolibreCMC : The Libre Embedded GNU/Linux Distro
libreCMC : The Libre Embedded GNU/Linux Distro
 
Yocto project
Yocto projectYocto project
Yocto project
 
Run Qt on Linux embedded systems using Yocto
Run Qt on Linux embedded systems using YoctoRun Qt on Linux embedded systems using Yocto
Run Qt on Linux embedded systems using Yocto
 
Connected Tizen: Bringing Tizen to Your Connected Devices Using the Yocto Pro...
Connected Tizen: Bringing Tizen to Your Connected Devices Using the Yocto Pro...Connected Tizen: Bringing Tizen to Your Connected Devices Using the Yocto Pro...
Connected Tizen: Bringing Tizen to Your Connected Devices Using the Yocto Pro...
 

Similar to IoT: Contrasting Yocto/Buildroot to binary OSes

Iot development from prototype to production
Iot development from prototype to productionIot development from prototype to production
Iot development from prototype to productionMender.io
 
Why the yocto project for my io t project elc_edinburgh_2018
Why the yocto project for my io t project elc_edinburgh_2018Why the yocto project for my io t project elc_edinburgh_2018
Why the yocto project for my io t project elc_edinburgh_2018Mender.io
 
IoT Development from Prototype to Production
IoT Development from Prototype to ProductionIoT Development from Prototype to Production
IoT Development from Prototype to ProductionMender.io
 
Embedded Linux Build Systems - Texas Linux Fest 2018
Embedded Linux Build Systems - Texas Linux Fest 2018Embedded Linux Build Systems - Texas Linux Fest 2018
Embedded Linux Build Systems - Texas Linux Fest 2018Mender.io
 
Is Android the New Embedded Linux? at AnDevCon V
Is Android the New Embedded Linux? at AnDevCon VIs Android the New Embedded Linux? at AnDevCon V
Is Android the New Embedded Linux? at AnDevCon VOpersys inc.
 
Is Android the New Embedded Linux? at AnDevCon VI
Is Android the New Embedded Linux? at AnDevCon VIIs Android the New Embedded Linux? at AnDevCon VI
Is Android the New Embedded Linux? at AnDevCon VIOpersys inc.
 
IoT Prototyping using BBB and Debian
IoT Prototyping using BBB and DebianIoT Prototyping using BBB and Debian
IoT Prototyping using BBB and DebianMender.io
 
Is Android the New Embedded Linux? at AnDevCon IV
Is Android the New Embedded Linux? at AnDevCon IVIs Android the New Embedded Linux? at AnDevCon IV
Is Android the New Embedded Linux? at AnDevCon IVOpersys inc.
 
Electron JS | Build cross-platform desktop applications with web technologies
Electron JS | Build cross-platform desktop applications with web technologiesElectron JS | Build cross-platform desktop applications with web technologies
Electron JS | Build cross-platform desktop applications with web technologiesBethmi Gunasekara
 
Android Internals at Linaro Connect Asia 2013
Android Internals at Linaro Connect Asia 2013Android Internals at Linaro Connect Asia 2013
Android Internals at Linaro Connect Asia 2013Opersys inc.
 
Is Android the New King of Embedded OSes at Embedded World 2014
Is Android the New King of Embedded OSes at Embedded World 2014Is Android the New King of Embedded OSes at Embedded World 2014
Is Android the New King of Embedded OSes at Embedded World 2014Opersys inc.
 
Android Things Internals
Android Things InternalsAndroid Things Internals
Android Things InternalsOpersys inc.
 
Modern IoT and Embedded Linux Deployment - Berlin
Modern IoT and Embedded Linux Deployment - BerlinModern IoT and Embedded Linux Deployment - Berlin
Modern IoT and Embedded Linux Deployment - BerlinDjalal Harouni
 
EclipseCon Eu 2012 - Buildroot Eclipse Bundle : A powerful IDE for Embedded L...
EclipseCon Eu 2012 - Buildroot Eclipse Bundle : A powerful IDE for Embedded L...EclipseCon Eu 2012 - Buildroot Eclipse Bundle : A powerful IDE for Embedded L...
EclipseCon Eu 2012 - Buildroot Eclipse Bundle : A powerful IDE for Embedded L...melbats
 
embedded-linux-120203.pdf
embedded-linux-120203.pdfembedded-linux-120203.pdf
embedded-linux-120203.pdftwtester
 
Android Things: Android for IoT
Android Things: Android for IoTAndroid Things: Android for IoT
Android Things: Android for IoTOpersys inc.
 
Developing for Industrial IoT with Linux OS on DragonBoard™ 410c: Session 1
Developing for Industrial IoT with Linux OS on DragonBoard™ 410c: Session 1Developing for Industrial IoT with Linux OS on DragonBoard™ 410c: Session 1
Developing for Industrial IoT with Linux OS on DragonBoard™ 410c: Session 1Qualcomm Developer Network
 
ABS 2014 - The Growth of Android in Embedded Systems
ABS 2014 - The Growth of Android in Embedded SystemsABS 2014 - The Growth of Android in Embedded Systems
ABS 2014 - The Growth of Android in Embedded SystemsBenjamin Zores
 
Survey of Container Build Tools
Survey of Container Build ToolsSurvey of Container Build Tools
Survey of Container Build ToolsMichael Ducy
 
Leveraging Android's Linux Heritage at AnDevCon3
Leveraging Android's Linux Heritage at AnDevCon3Leveraging Android's Linux Heritage at AnDevCon3
Leveraging Android's Linux Heritage at AnDevCon3Opersys inc.
 

Similar to IoT: Contrasting Yocto/Buildroot to binary OSes (20)

Iot development from prototype to production
Iot development from prototype to productionIot development from prototype to production
Iot development from prototype to production
 
Why the yocto project for my io t project elc_edinburgh_2018
Why the yocto project for my io t project elc_edinburgh_2018Why the yocto project for my io t project elc_edinburgh_2018
Why the yocto project for my io t project elc_edinburgh_2018
 
IoT Development from Prototype to Production
IoT Development from Prototype to ProductionIoT Development from Prototype to Production
IoT Development from Prototype to Production
 
Embedded Linux Build Systems - Texas Linux Fest 2018
Embedded Linux Build Systems - Texas Linux Fest 2018Embedded Linux Build Systems - Texas Linux Fest 2018
Embedded Linux Build Systems - Texas Linux Fest 2018
 
Is Android the New Embedded Linux? at AnDevCon V
Is Android the New Embedded Linux? at AnDevCon VIs Android the New Embedded Linux? at AnDevCon V
Is Android the New Embedded Linux? at AnDevCon V
 
Is Android the New Embedded Linux? at AnDevCon VI
Is Android the New Embedded Linux? at AnDevCon VIIs Android the New Embedded Linux? at AnDevCon VI
Is Android the New Embedded Linux? at AnDevCon VI
 
IoT Prototyping using BBB and Debian
IoT Prototyping using BBB and DebianIoT Prototyping using BBB and Debian
IoT Prototyping using BBB and Debian
 
Is Android the New Embedded Linux? at AnDevCon IV
Is Android the New Embedded Linux? at AnDevCon IVIs Android the New Embedded Linux? at AnDevCon IV
Is Android the New Embedded Linux? at AnDevCon IV
 
Electron JS | Build cross-platform desktop applications with web technologies
Electron JS | Build cross-platform desktop applications with web technologiesElectron JS | Build cross-platform desktop applications with web technologies
Electron JS | Build cross-platform desktop applications with web technologies
 
Android Internals at Linaro Connect Asia 2013
Android Internals at Linaro Connect Asia 2013Android Internals at Linaro Connect Asia 2013
Android Internals at Linaro Connect Asia 2013
 
Is Android the New King of Embedded OSes at Embedded World 2014
Is Android the New King of Embedded OSes at Embedded World 2014Is Android the New King of Embedded OSes at Embedded World 2014
Is Android the New King of Embedded OSes at Embedded World 2014
 
Android Things Internals
Android Things InternalsAndroid Things Internals
Android Things Internals
 
Modern IoT and Embedded Linux Deployment - Berlin
Modern IoT and Embedded Linux Deployment - BerlinModern IoT and Embedded Linux Deployment - Berlin
Modern IoT and Embedded Linux Deployment - Berlin
 
EclipseCon Eu 2012 - Buildroot Eclipse Bundle : A powerful IDE for Embedded L...
EclipseCon Eu 2012 - Buildroot Eclipse Bundle : A powerful IDE for Embedded L...EclipseCon Eu 2012 - Buildroot Eclipse Bundle : A powerful IDE for Embedded L...
EclipseCon Eu 2012 - Buildroot Eclipse Bundle : A powerful IDE for Embedded L...
 
embedded-linux-120203.pdf
embedded-linux-120203.pdfembedded-linux-120203.pdf
embedded-linux-120203.pdf
 
Android Things: Android for IoT
Android Things: Android for IoTAndroid Things: Android for IoT
Android Things: Android for IoT
 
Developing for Industrial IoT with Linux OS on DragonBoard™ 410c: Session 1
Developing for Industrial IoT with Linux OS on DragonBoard™ 410c: Session 1Developing for Industrial IoT with Linux OS on DragonBoard™ 410c: Session 1
Developing for Industrial IoT with Linux OS on DragonBoard™ 410c: Session 1
 
ABS 2014 - The Growth of Android in Embedded Systems
ABS 2014 - The Growth of Android in Embedded SystemsABS 2014 - The Growth of Android in Embedded Systems
ABS 2014 - The Growth of Android in Embedded Systems
 
Survey of Container Build Tools
Survey of Container Build ToolsSurvey of Container Build Tools
Survey of Container Build Tools
 
Leveraging Android's Linux Heritage at AnDevCon3
Leveraging Android's Linux Heritage at AnDevCon3Leveraging Android's Linux Heritage at AnDevCon3
Leveraging Android's Linux Heritage at AnDevCon3
 

More from Mender.io

Strategies for developing and deploying your embedded applications and images
Strategies for developing and deploying your embedded applications and imagesStrategies for developing and deploying your embedded applications and images
Strategies for developing and deploying your embedded applications and imagesMender.io
 
Software Updates for Connected Devices - OSCON 2018
Software Updates for Connected Devices - OSCON 2018Software Updates for Connected Devices - OSCON 2018
Software Updates for Connected Devices - OSCON 2018Mender.io
 
Linux IOT Botnet Wars and the Lack of Basic Security Hardening - OSCON 2018
Linux IOT Botnet Wars and the Lack of Basic Security Hardening - OSCON 2018Linux IOT Botnet Wars and the Lack of Basic Security Hardening - OSCON 2018
Linux IOT Botnet Wars and the Lack of Basic Security Hardening - OSCON 2018Mender.io
 
Linux IoT Botnet Wars - ESC Boston 2018
Linux IoT Botnet Wars - ESC Boston 2018Linux IoT Botnet Wars - ESC Boston 2018
Linux IoT Botnet Wars - ESC Boston 2018Mender.io
 
Securing the Connected Car - SCaLE 2018
Securing the Connected Car - SCaLE 2018Securing the Connected Car - SCaLE 2018
Securing the Connected Car - SCaLE 2018Mender.io
 
Mender.io | Securing the Connected Car
Mender.io | Securing the Connected CarMender.io | Securing the Connected Car
Mender.io | Securing the Connected CarMender.io
 
Linux IoT Botnet Wars and the lack of basic security hardening
Linux IoT Botnet Wars and the lack of basic security hardeningLinux IoT Botnet Wars and the lack of basic security hardening
Linux IoT Botnet Wars and the lack of basic security hardeningMender.io
 

More from Mender.io (7)

Strategies for developing and deploying your embedded applications and images
Strategies for developing and deploying your embedded applications and imagesStrategies for developing and deploying your embedded applications and images
Strategies for developing and deploying your embedded applications and images
 
Software Updates for Connected Devices - OSCON 2018
Software Updates for Connected Devices - OSCON 2018Software Updates for Connected Devices - OSCON 2018
Software Updates for Connected Devices - OSCON 2018
 
Linux IOT Botnet Wars and the Lack of Basic Security Hardening - OSCON 2018
Linux IOT Botnet Wars and the Lack of Basic Security Hardening - OSCON 2018Linux IOT Botnet Wars and the Lack of Basic Security Hardening - OSCON 2018
Linux IOT Botnet Wars and the Lack of Basic Security Hardening - OSCON 2018
 
Linux IoT Botnet Wars - ESC Boston 2018
Linux IoT Botnet Wars - ESC Boston 2018Linux IoT Botnet Wars - ESC Boston 2018
Linux IoT Botnet Wars - ESC Boston 2018
 
Securing the Connected Car - SCaLE 2018
Securing the Connected Car - SCaLE 2018Securing the Connected Car - SCaLE 2018
Securing the Connected Car - SCaLE 2018
 
Mender.io | Securing the Connected Car
Mender.io | Securing the Connected CarMender.io | Securing the Connected Car
Mender.io | Securing the Connected Car
 
Linux IoT Botnet Wars and the lack of basic security hardening
Linux IoT Botnet Wars and the lack of basic security hardeningLinux IoT Botnet Wars and the lack of basic security hardening
Linux IoT Botnet Wars and the lack of basic security hardening
 

Recently uploaded

Event-Driven Architecture Masterclass: Challenges in Stream Processing
Event-Driven Architecture Masterclass: Challenges in Stream ProcessingEvent-Driven Architecture Masterclass: Challenges in Stream Processing
Event-Driven Architecture Masterclass: Challenges in Stream ProcessingScyllaDB
 
How we scaled to 80K users by doing nothing!.pdf
How we scaled to 80K users by doing nothing!.pdfHow we scaled to 80K users by doing nothing!.pdf
How we scaled to 80K users by doing nothing!.pdfSrushith Repakula
 
JavaScript Usage Statistics 2024 - The Ultimate Guide
JavaScript Usage Statistics 2024 - The Ultimate GuideJavaScript Usage Statistics 2024 - The Ultimate Guide
JavaScript Usage Statistics 2024 - The Ultimate GuidePixlogix Infotech
 
Choosing the Right FDO Deployment Model for Your Application _ Geoffrey at In...
Choosing the Right FDO Deployment Model for Your Application _ Geoffrey at In...Choosing the Right FDO Deployment Model for Your Application _ Geoffrey at In...
Choosing the Right FDO Deployment Model for Your Application _ Geoffrey at In...FIDO Alliance
 
TopCryptoSupers 12thReport OrionX May2024
TopCryptoSupers 12thReport OrionX May2024TopCryptoSupers 12thReport OrionX May2024
TopCryptoSupers 12thReport OrionX May2024Stephen Perrenod
 
Easier, Faster, and More Powerful – Alles Neu macht der Mai -Wir durchleuchte...
Easier, Faster, and More Powerful – Alles Neu macht der Mai -Wir durchleuchte...Easier, Faster, and More Powerful – Alles Neu macht der Mai -Wir durchleuchte...
Easier, Faster, and More Powerful – Alles Neu macht der Mai -Wir durchleuchte...panagenda
 
Hyatt driving innovation and exceptional customer experiences with FIDO passw...
Hyatt driving innovation and exceptional customer experiences with FIDO passw...Hyatt driving innovation and exceptional customer experiences with FIDO passw...
Hyatt driving innovation and exceptional customer experiences with FIDO passw...FIDO Alliance
 
Secure Zero Touch enabled Edge compute with Dell NativeEdge via FDO _ Brad at...
Secure Zero Touch enabled Edge compute with Dell NativeEdge via FDO _ Brad at...Secure Zero Touch enabled Edge compute with Dell NativeEdge via FDO _ Brad at...
Secure Zero Touch enabled Edge compute with Dell NativeEdge via FDO _ Brad at...FIDO Alliance
 
Introduction to FIDO Authentication and Passkeys.pptx
Introduction to FIDO Authentication and Passkeys.pptxIntroduction to FIDO Authentication and Passkeys.pptx
Introduction to FIDO Authentication and Passkeys.pptxFIDO Alliance
 
TrustArc Webinar - Unified Trust Center for Privacy, Security, Compliance, an...
TrustArc Webinar - Unified Trust Center for Privacy, Security, Compliance, an...TrustArc Webinar - Unified Trust Center for Privacy, Security, Compliance, an...
TrustArc Webinar - Unified Trust Center for Privacy, Security, Compliance, an...TrustArc
 
Intro to Passkeys and the State of Passwordless.pptx
Intro to Passkeys and the State of Passwordless.pptxIntro to Passkeys and the State of Passwordless.pptx
Intro to Passkeys and the State of Passwordless.pptxFIDO Alliance
 
The Zero-ETL Approach: Enhancing Data Agility and Insight
The Zero-ETL Approach: Enhancing Data Agility and InsightThe Zero-ETL Approach: Enhancing Data Agility and Insight
The Zero-ETL Approach: Enhancing Data Agility and InsightSafe Software
 
Harnessing Passkeys in the Battle Against AI-Powered Cyber Threats.pptx
Harnessing Passkeys in the Battle Against AI-Powered Cyber Threats.pptxHarnessing Passkeys in the Battle Against AI-Powered Cyber Threats.pptx
Harnessing Passkeys in the Battle Against AI-Powered Cyber Threats.pptxFIDO Alliance
 
Where to Learn More About FDO _ Richard at FIDO Alliance.pdf
Where to Learn More About FDO _ Richard at FIDO Alliance.pdfWhere to Learn More About FDO _ Richard at FIDO Alliance.pdf
Where to Learn More About FDO _ Richard at FIDO Alliance.pdfFIDO Alliance
 
Top 10 CodeIgniter Development Companies
Top 10 CodeIgniter Development CompaniesTop 10 CodeIgniter Development Companies
Top 10 CodeIgniter Development CompaniesTopCSSGallery
 
The Value of Certifying Products for FDO _ Paul at FIDO Alliance.pdf
The Value of Certifying Products for FDO _ Paul at FIDO Alliance.pdfThe Value of Certifying Products for FDO _ Paul at FIDO Alliance.pdf
The Value of Certifying Products for FDO _ Paul at FIDO Alliance.pdfFIDO Alliance
 
The Metaverse: Are We There Yet?
The  Metaverse:    Are   We  There  Yet?The  Metaverse:    Are   We  There  Yet?
The Metaverse: Are We There Yet?Mark Billinghurst
 
Intro in Product Management - Коротко про професію продакт менеджера
Intro in Product Management - Коротко про професію продакт менеджераIntro in Product Management - Коротко про професію продакт менеджера
Intro in Product Management - Коротко про професію продакт менеджераMark Opanasiuk
 
“Iamnobody89757” Understanding the Mysterious of Digital Identity.pdf
“Iamnobody89757” Understanding the Mysterious of Digital Identity.pdf“Iamnobody89757” Understanding the Mysterious of Digital Identity.pdf
“Iamnobody89757” Understanding the Mysterious of Digital Identity.pdfMuhammad Subhan
 
Long journey of Ruby Standard library at RubyKaigi 2024
Long journey of Ruby Standard library at RubyKaigi 2024Long journey of Ruby Standard library at RubyKaigi 2024
Long journey of Ruby Standard library at RubyKaigi 2024Hiroshi SHIBATA
 

Recently uploaded (20)

Event-Driven Architecture Masterclass: Challenges in Stream Processing
Event-Driven Architecture Masterclass: Challenges in Stream ProcessingEvent-Driven Architecture Masterclass: Challenges in Stream Processing
Event-Driven Architecture Masterclass: Challenges in Stream Processing
 
How we scaled to 80K users by doing nothing!.pdf
How we scaled to 80K users by doing nothing!.pdfHow we scaled to 80K users by doing nothing!.pdf
How we scaled to 80K users by doing nothing!.pdf
 
JavaScript Usage Statistics 2024 - The Ultimate Guide
JavaScript Usage Statistics 2024 - The Ultimate GuideJavaScript Usage Statistics 2024 - The Ultimate Guide
JavaScript Usage Statistics 2024 - The Ultimate Guide
 
Choosing the Right FDO Deployment Model for Your Application _ Geoffrey at In...
Choosing the Right FDO Deployment Model for Your Application _ Geoffrey at In...Choosing the Right FDO Deployment Model for Your Application _ Geoffrey at In...
Choosing the Right FDO Deployment Model for Your Application _ Geoffrey at In...
 
TopCryptoSupers 12thReport OrionX May2024
TopCryptoSupers 12thReport OrionX May2024TopCryptoSupers 12thReport OrionX May2024
TopCryptoSupers 12thReport OrionX May2024
 
Easier, Faster, and More Powerful – Alles Neu macht der Mai -Wir durchleuchte...
Easier, Faster, and More Powerful – Alles Neu macht der Mai -Wir durchleuchte...Easier, Faster, and More Powerful – Alles Neu macht der Mai -Wir durchleuchte...
Easier, Faster, and More Powerful – Alles Neu macht der Mai -Wir durchleuchte...
 
Hyatt driving innovation and exceptional customer experiences with FIDO passw...
Hyatt driving innovation and exceptional customer experiences with FIDO passw...Hyatt driving innovation and exceptional customer experiences with FIDO passw...
Hyatt driving innovation and exceptional customer experiences with FIDO passw...
 
Secure Zero Touch enabled Edge compute with Dell NativeEdge via FDO _ Brad at...
Secure Zero Touch enabled Edge compute with Dell NativeEdge via FDO _ Brad at...Secure Zero Touch enabled Edge compute with Dell NativeEdge via FDO _ Brad at...
Secure Zero Touch enabled Edge compute with Dell NativeEdge via FDO _ Brad at...
 
Introduction to FIDO Authentication and Passkeys.pptx
Introduction to FIDO Authentication and Passkeys.pptxIntroduction to FIDO Authentication and Passkeys.pptx
Introduction to FIDO Authentication and Passkeys.pptx
 
TrustArc Webinar - Unified Trust Center for Privacy, Security, Compliance, an...
TrustArc Webinar - Unified Trust Center for Privacy, Security, Compliance, an...TrustArc Webinar - Unified Trust Center for Privacy, Security, Compliance, an...
TrustArc Webinar - Unified Trust Center for Privacy, Security, Compliance, an...
 
Intro to Passkeys and the State of Passwordless.pptx
Intro to Passkeys and the State of Passwordless.pptxIntro to Passkeys and the State of Passwordless.pptx
Intro to Passkeys and the State of Passwordless.pptx
 
The Zero-ETL Approach: Enhancing Data Agility and Insight
The Zero-ETL Approach: Enhancing Data Agility and InsightThe Zero-ETL Approach: Enhancing Data Agility and Insight
The Zero-ETL Approach: Enhancing Data Agility and Insight
 
Harnessing Passkeys in the Battle Against AI-Powered Cyber Threats.pptx
Harnessing Passkeys in the Battle Against AI-Powered Cyber Threats.pptxHarnessing Passkeys in the Battle Against AI-Powered Cyber Threats.pptx
Harnessing Passkeys in the Battle Against AI-Powered Cyber Threats.pptx
 
Where to Learn More About FDO _ Richard at FIDO Alliance.pdf
Where to Learn More About FDO _ Richard at FIDO Alliance.pdfWhere to Learn More About FDO _ Richard at FIDO Alliance.pdf
Where to Learn More About FDO _ Richard at FIDO Alliance.pdf
 
Top 10 CodeIgniter Development Companies
Top 10 CodeIgniter Development CompaniesTop 10 CodeIgniter Development Companies
Top 10 CodeIgniter Development Companies
 
The Value of Certifying Products for FDO _ Paul at FIDO Alliance.pdf
The Value of Certifying Products for FDO _ Paul at FIDO Alliance.pdfThe Value of Certifying Products for FDO _ Paul at FIDO Alliance.pdf
The Value of Certifying Products for FDO _ Paul at FIDO Alliance.pdf
 
The Metaverse: Are We There Yet?
The  Metaverse:    Are   We  There  Yet?The  Metaverse:    Are   We  There  Yet?
The Metaverse: Are We There Yet?
 
Intro in Product Management - Коротко про професію продакт менеджера
Intro in Product Management - Коротко про професію продакт менеджераIntro in Product Management - Коротко про професію продакт менеджера
Intro in Product Management - Коротко про професію продакт менеджера
 
“Iamnobody89757” Understanding the Mysterious of Digital Identity.pdf
“Iamnobody89757” Understanding the Mysterious of Digital Identity.pdf“Iamnobody89757” Understanding the Mysterious of Digital Identity.pdf
“Iamnobody89757” Understanding the Mysterious of Digital Identity.pdf
 
Long journey of Ruby Standard library at RubyKaigi 2024
Long journey of Ruby Standard library at RubyKaigi 2024Long journey of Ruby Standard library at RubyKaigi 2024
Long journey of Ruby Standard library at RubyKaigi 2024
 

IoT: Contrasting Yocto/Buildroot to binary OSes

  • 1. Drew Moseley Technical Solutions Architect Mender.io IoT: Contrasting Yocto/Buildroot to Binary OSes
  • 2. Session overview ● Motivation ● Challenges for Embedded, Linux and IoT developers ● Describe and compare IoT system build workflows ● Do containers matter for IoT?
  • 3. Thank you to our organizer! Kevin Dankwardt and the following meetup groups: ● Silicon Valley Linux Technology ● SFBayLUG ● Silicon Valley IoT
  • 4. About me Drew Moseley ○ 10 years in Embedded Linux/Yocto development. ○ Longer than that in general Embedded Software. ○ Project Lead and Solutions Architect. drew.moseley@mender.io https://twitter.com/drewmoseley https://www.linkedin.com/in/drewmoseley/ https://twitter.com/mender_io Mender.io ○ Over-the-air update manager for embedded Linux ○ Open source (Apache License, v2) ○ Dual A/B rootfs layout (client) ○ Remote deployment management (server) ○ Under active development
  • 5. Embedded Projects increasingly use Linux: ● AspenCore/Linux.com1 : Embedded Linux top 2 in current and planned use. Huge IoT market opportunity: ● Forbes2 : $267B by 2020 Linux is a big player in IoT ● Nodes & Gateways3 - 17.18 Billion units by 2023 ● Inexpensive prototyping hardware - Raspberry Pi, Beaglebone, etc ● Readily available production hardware - Toradex, Variscite, Boundary Devices ● Wide selection of chipsets - NXP, TI, Microchip, Nvidia 1 https://www.linux.com/news/event/elce/2017/linux-and-open-source-move-embedded-says-survey 2 https://www.forbes.com/sites/louiscolumbus/2017/01/29/internet-of-things-market-to-reach-267b-by-2020 3 http://www.marketsandmarkets.com/PressReleases/iot-gateway.asp Motivation
  • 6. Challenges for Embedded Linux/IoT Developers Hardware variety Storage Media Software may be maintained in forks Cross development Initial device provisioning
  • 7. Getting Started Guide for Embedded/IoT Development 1. Buy Hardware1 1 https://makezine.com/comparison/boards/
  • 8. Getting Started Guide for Embedded/IoT Development 1. Buy Hardware1 2. Connect Hardware 1 https://makezine.com/comparison/boards/
  • 9. Getting Started Guide for Embedded/IoT Development 1. Buy Hardware1 2. Connect Hardware 3. Install OS 1 https://makezine.com/comparison/boards/ a. Binary distribution b. Build system
  • 10. Getting Started Guide for Embedded/IoT Development 1. Buy Hardware1 2. Connect Hardware 3. Install OS a. Binary distribution b. Build system 4. Develop and Test 1 https://makezine.com/comparison/boards/
  • 11. Getting Started Guide for Embedded/IoT Development 1. Buy Hardware1 2. Connect Hardware 3. Install OS a. Binary distribution b. Build system 4. Develop and Test 5. Deploy 1 https://makezine.com/comparison/boards/
  • 12. Getting Started Guide for Embedded/IoT Development 1. Buy Hardware1 2. Connect Hardware 3. Install OS a. Binary distribution b. Build system 4. Develop and Test 5. Deploy 1 https://makezine.com/comparison/boards/ 6. PROFIT!!!
  • 13. Why are we here? To build things. Useful things. But how?
  • 14. Why are we here? To build things. Useful things. But how? It depends
  • 15. System Requirements Common: ● Off the shelf hardware ● Linux ● Limited functionality “appliance” Unique: ● Fleet size ● Product lifecycle ○ POC vs Production ○ Legacy devices? ○ Lifetime ● Use cases
  • 16. Option #1 - Binary Distros ● Installer or pre-built image from board vendor. ● Boot board: ○ Remove things ○ Add things ● Create “Golden Master” ● Optional ○ Use Debian build tooling
  • 17. Option #1 - Binary Distros - cont Advantages: ● Simple ● Developer familiarity ● Quick Disadvantages: ● Golden master bottleneck ● Reliance on external providers ○ System architecture ○ Availability of binaries ● Reproducibility ● Larger images ● License compliance
  • 18. Option #2 - Build Systems ● Checkout build system metadata. ● Configure ● Run “make” or equivalent ● Deploy and test ● Check in local changes Linux system as code
  • 19. Option #2 - Build Systems Advantages: ● Configurability ● Reproducible ● No bottleneck on golden master ● No reliance on external providers ● Smaller images Disadvantages: ● Complexity ● Learning curve ● Long build times ● Large build systems ● Unfamiliar working model (ie cross compiling everything)
  • 20. Build System Defined _Is_ ● Mechanism to specify and build ○ Define hardware/BSP components ○ Integrate user-space applications; including custom code ● A system that: ○ Is reproducible ○ Supports multiple developers ○ Allow for parallel processing ● Ideally provides: ○ (Cross) Toolchains ○ License Management _Is Not_ ● An IDE ● A Distribution ● A deployment and provisioning tool ● An out-of-the-box solution
  • 21. “It’s not an embedded Linux distribution -- it creates a custom one for you”1 ● Recipes, metadata, dependencies and configuration ● Primary output: package feed ● Secondary output: boot images ● Builds all components from source ● Mechanism, not policy Products: ● Root filesystem image ● Kernel, Bootloader, Toolchain ● Package Feed Yocto Project - Overview 1 See more at https://www.yoctoproject.org and https://openembedded.org
  • 22. “Buildroot is a simple, efficient and easy-to-use tool to generate embedded Linux systems through cross-compilation.”1 ● Primary output: boot images ● Does not support rpm-style package mgmt ● “Firmware Generator” ● Builds all components from source ● Focus on simplicity Products: ● Root filesystem image ● Kernel, Bootloader, Toolchain Buildroot - Overview 1 See more at https://buildroot.org/
  • 23. ● “The ‘s’ in IOT stands for security” - @tkadlec ● 1-25 bugs per 1000 lines of code* ○ Assume that all software components have vulnerabilities ● Use well-maintained software and keep it updated ● Review vendors for update policies ● General Security Practices ○ Principle of least privilege ○ Separation of privilege ○ Kerckhoff’s principle ■ “You can only design an encryption system that someone dumber than you cannot crack.” *Source: Steve McConnell, Code Complete Security
  • 24. ● “The ‘s’ in IOT stands for security” - @tkadlec ● 1-25 bugs per 1000 lines of code* ○ Assume that all software components have vulnerabilities ● Use well-maintained software and keep it updated ● Review vendors for update policies ● General Security Practices ○ Principle of least privilege ○ Separation of privilege ○ Kerckhoff’s principle ■ “You can only design an encryption system that someone dumber than you cannot crack.” *Source: Steve McConnell, Code Complete OTA updates are a must have. Security
  • 25. “A container is a standard unit of software that packages up code and all its dependencies so the application runs quickly and reliably from one computing environment to another.”1 Containers 1 https://www.docker.com/resources/what-container “An operating system paradigm in which the kernel allows the existence of multiple isolated user space instances.”2 2 https://en.wikipedia.org/wiki/OS-level_virtualization
  • 26. ● Isolation ○ File system ○ I/O ○ CPU ○ Network ● Dependency packaging ● Shared kernel ● Optional: ○ Orchestration ○ Network distribution ○ Global repositories ○ Private repositories Containers - characteristics
  • 27. ● chroot ● lxc/lxd ● Docker ● runc ● rkt ● systemd-nspawn ● ... Containers - implementations https://en.wikipedia.org/wiki/OS-level_virtualization lists 18 options
  • 28. Server side: ● Definitely useful here. ● Same basic use cases as for any other use cases. Containers in Embedded/IoT? Client side: ● Limited utility due to limited functionality of devices. ● Custom distro should mean fewer issues due to clashing dependencies. ● Similar concerns as with binary distros. ⎻ Reproducibility ⎻ Availability ● Use cases: ⎻ Packaging of application code for updatability ⎻ Architecture separation ⎼ Common base system software ⎼ Device personality provided by containerized code
  • 29. ● Define your application first ○ Please consider OTA updates early ● Get and use a reproducible build system ● Keep an eye on containers ● Don’t Panic ● Call us Conclusions
  • 30. ● https://bit.ly/2GlKlUQ - Previous ELC Talk comparing Embedded Linux build systems ● https://ubm.io/2Iazdfn - Deeper dive into the Yocto project ● https://hub.mender.io/t/raspberry-pi-3-model-b-b/57 - Building Yocto for Raspberry Pi with Mender. ● https://www.linuxjournal.com/content/linux-iot-development-adjusting-bin ary-os-yocto-project-workflow - Article discussing the two workflows For more information: