Open Source has won! Today, most open source developers or users work for commercial entities and more and more companies use open source. Yet open source communities are still about the people, not the companies employing them. This leads to never-ending tension on the boundary between business and community, which only the most successful community leaders manage well.
In this talk we will look at some of the basic dynamics playing out in open source communities and introduce some mental models explaining them. We will look at the Open Source Flywheel (inspired by Walton’s Productivity Loop and the Bezos Flywheel) and the Open Source Community Funnel (inspired by Sales Funnels) to explain them.
We will then explore the tension between community and businesses in some more detail, in the form of war stories (or case studies). These stories will cover real incidents where business interests and communities were in conflict: some were resolved amicably; others led to significant problems within the community. The stories will span the author’s experience with Eclipse, the Symbian Foundation, Linaro, the Xen Project and other open source projects.
We will investigate the underlying issues for each story, draw lessons and link explain them to the mental models we introduced earlier.
We will establish best practices for businesses, their employees and community managers to defuse tensions on the boundary of business and community. Mastering the skills to square the circle between business and community is a never-ending challenge. Being able to do so consistently will give your open source project an edge in the competitive world of open source and help secure the long-term future of your project.
Open Source has won! Today, most open source developers work for commercial entities and the majority
of software and hardware vendors use open source software as key components in their commercial
offerings. In this talk we will look at some of the basic dynamics playing out in open source and introduce
some mental models explaining them. We will look at the Open Source Flywheel and the Open Source Community Funnel to explain them. We will make a very short excursion into common business models that companies playing in open source use and cover some of the risks that can occur when companies use open source components without fully understanding the potential impact.
The last two years have seen an extraordinary level of change within the Xen Project developer and user communities. Join Lars Kurth as he opens the 2014 Xen Project Developer Summit with a short round-up of the bad, the good, and the great developments in the Xen Project.
eAccessibility and the Inclusive Web: A talk by Sandi Wassmer, Managing Director, Copious and Member, UK Government e-Accessibility Forum, at e-Access 11 on 28 June.
Open source ecosystem is very specific. In the same market we meet companies, end-users, professionals customers, editor, IT service providers and community with non-profit organization. These actors interact and create value.
Our research studies interaction between these actors and the impact on service value chain. Through an interaction model, Actor-network theory, and value chain of IT service, we interviewed 50 professionals (editor, IT service providers, CIO and community) with qualitative approach.
We will present for the first time the results of this research. This presentation will be oriented with a managerial approach:
- CIO: Do you have to choose an editor ? An IT service provider ?
- IT service provider: Community are better than Editor ? Where is the business in community approach ?
- Editor: Are you sure community is your friend ?
2 - Building bridges with Ansible AutomationKangaroot
Fighting too many fires and no time for innovation? What is Ansible Automation and how can I scale my IT automation, manage complex deployments and speed productivity.
Open Source has won! Today, most open source developers work for commercial entities and the majority
of software and hardware vendors use open source software as key components in their commercial
offerings. In this talk we will look at some of the basic dynamics playing out in open source and introduce
some mental models explaining them. We will look at the Open Source Flywheel and the Open Source Community Funnel to explain them. We will make a very short excursion into common business models that companies playing in open source use and cover some of the risks that can occur when companies use open source components without fully understanding the potential impact.
The last two years have seen an extraordinary level of change within the Xen Project developer and user communities. Join Lars Kurth as he opens the 2014 Xen Project Developer Summit with a short round-up of the bad, the good, and the great developments in the Xen Project.
eAccessibility and the Inclusive Web: A talk by Sandi Wassmer, Managing Director, Copious and Member, UK Government e-Accessibility Forum, at e-Access 11 on 28 June.
Open source ecosystem is very specific. In the same market we meet companies, end-users, professionals customers, editor, IT service providers and community with non-profit organization. These actors interact and create value.
Our research studies interaction between these actors and the impact on service value chain. Through an interaction model, Actor-network theory, and value chain of IT service, we interviewed 50 professionals (editor, IT service providers, CIO and community) with qualitative approach.
We will present for the first time the results of this research. This presentation will be oriented with a managerial approach:
- CIO: Do you have to choose an editor ? An IT service provider ?
- IT service provider: Community are better than Editor ? Where is the business in community approach ?
- Editor: Are you sure community is your friend ?
2 - Building bridges with Ansible AutomationKangaroot
Fighting too many fires and no time for innovation? What is Ansible Automation and how can I scale my IT automation, manage complex deployments and speed productivity.
Shifting Sands: The new face of sustainable innovation in the age of social m...Greg Matthews
Originally presented at Community 2.0 in May of 2010 ... focused on articulating how social media can impact innovation in the enterprise, supported by examples from Humana's Consumer Innovation team
The presentation i used to make my speech at the CII KM Summit 2009 in Chennai. I used an mp3 recorder to record the voice live and included in this slidecast.
Join our expert panel of technology professionals as they discuss the latest trends in nonprofit technology for 2018. Discussion includes cloud, security, consumerization and business intelligence.
Webinar Slides [Oct 26] Putting the Ops in DevOpsIBM DevOps
Watch the replay: https://www.youtube.com/watch?v=SEu9tVVK_-U&feature=youtu.be
Explore the common operational challenges many DevOps teams are facing today, how the traditional IT Operations best practices could be leveraged for use in a DevOps methodology, and how new operations management tools can help you carry out those best practices to meet your goals on an on-going basis.
Collaborative development is at the core of successful open source projects. Yet to be successful in today's competitive open source world, it is increasingly important to master many different disciplines and to develop an edge.
In this talk we will cover a wide range of topics relevant to developers and members of open source communities who want to increase participation in their projects. Topics range from growing your developer base (e.g. by participation in GSoC, OPW and similar programs), rewarding participation, projecting momentum in the media and press, coercing large companies into contributing more and in different ways to your project, running community initiatives successfully and measuring success.
We will use real-life examples and share tools and mental models (e.g. open source flywheel and funnels) that help you make the right decisions for your project.
Collaborative development is at the core of successful open source projects. Yet to be successful in today's competitive open source world, it is increasingly important to master many different disciplines and to develop an edge.
In this talk we will cover a wide range of topics relevant to developers and members of open source communities who want to increase participation in their projects. Topics range from growing your developer base (e.g. by participation in GSoC, OPW and similar programs), rewarding participation, projecting momentum in the media and press, coercing large companies into contributing more and in different ways to your project, running community initiatives successfully and measuring success.
We will use real-life examples and where appropriate share tools and mental models that help you make the right decisions for your project.
LCEU13 : Xen Project Lessons Learned - Lars Kurth, Xen ProjectThe Linux Foundation
In April this year, Xen became a Linux Foundation Collaborative Project. 6 months later it is time to take stock. I will start with a brief introduction of the Xen Project, explain why Xen moved to the Linux Foundation, explore the impact on the community and provide an outlook for the future. I will use examples from the Xen Project community to explore the challenges and benefits of becoming a collaborative project, draw lessons and explore tools to help make your project more successful. I will cover a wide range of topics ranging from community management, collaboration infrastructure, marketing, and good governance to align the interests of a project’s stake-holders. By employing each of these techniques in a complementary fashion, we can ensure the long-term success of a project.
OSCON 2013: "Case Study: What to do when your project outgrows your company"The Linux Foundation
In the last decade, the open source development model has been extraordinarily successful. However, this success came at a cost. Today, we are experiencing an explosion of open source projects, escalating competition amongst projects, and commercial interests driving projects at an ever increasing rate. To succeed in the long run, open source projects need to employ a set of management techniques to overcome these issues.
To illustrate how this is accomplished, we will draw on the 10 year history of the Xen project as a case study. Xen started in 2003 with strong university roots, quickly evolving into a thriving code-centric project with a development culture very similar to the Linux kernel. The project was instrumental in creating the cloud computing space as we know it today. Large companies such as Amazon, Citrix, and Rackspace, as well as many others, were able to build thriving businesses using open source Xen. Yet five years later, the project started struggling in multiple areas: it failed to engage its user base, becoming inward focused, and suffering from fragmentation caused by pressure from commercial interests. As a result, Xen lost the support of a number of key Linux distributions. Xen started to be perceived as old and outdated, despite a swelling user base, a growing and diversifying contributor community, an increasing number of Xen-based commercial solutions, and numerous Xen-powered open source projects. Some onlookers even predicted the imminent demise of the project. The project clearly had an image problem, which could have become a self-fulfilling prophecy. But, because of a program of cultural change initiated 2 years ago, the Xen project of 2013 is no longer crippled by the problems which nearly caused its downfall. We will explore the causes of the issues which arose, highlighting mistakes that were made, and revealing their effect on the community.
We will also show how almost any issue that threatens the success of an open source project can be addressed using a combination of good community management, excellent collaboration infrastructure, wise marketing, and good governance to align the interests of a project’s stake-holders. By employing each of these techniques in a complementary fashion, we can ensure the long-term success of a project.
OWF: Xen Project - Moving a commercial open source project to an open source ...The Linux Foundation
In April this year, Xen became a Linux Foundation Collaborative Project. 6 months later it is time to take stock. I will start with a brief introduction of the Xen Project, explain the key challenges the project had under Citrix' stewardship, explain why Xen moved to the Linux Foundation, explore the challenges and considerations when choosing an open source foundation and explore the impact on the Xen community to date. The talk will centre around the core question of whether open source foundations provide a better collaboration platform for open source projects than corporate stewardship. The answer - at least for the Xen project - is clearly yes. However, following this route has its own challenges, trade-offs and risks.
Curious about FINOS programs and membership benefits? Want to learn more on how you can contribute to the organization that is bringing open source to financial services and fintech? And most importantly, want to know what's in it for you, whether you are large financial institution, a large or small fintech tech or data vendor or an individual? Check out this deck and start contributing today!
An introduction to Symphony Softwar Foundation, community, projects, open source and open standards focused initiatives for innovation in financial services and fintech.
For more information check out:
Website: http://symphony.foundation
Wiki: https://symphonyoss.atlassian.net/wiki/
Github: https://github.com/symphonyoss/
Webinar presented by The Linux Foundation and Rogue Wave Software. Professional open source management addresses many aspects of the software development lifecycle, from technical to operational to legal concerns. Key to success with open source is choosing the right means and methods for obtaining support for the open source in your software portfolio, and understanding how to maintain integrated and embedded open source code over time.
Shifting Sands: The new face of sustainable innovation in the age of social m...Greg Matthews
Originally presented at Community 2.0 in May of 2010 ... focused on articulating how social media can impact innovation in the enterprise, supported by examples from Humana's Consumer Innovation team
The presentation i used to make my speech at the CII KM Summit 2009 in Chennai. I used an mp3 recorder to record the voice live and included in this slidecast.
Join our expert panel of technology professionals as they discuss the latest trends in nonprofit technology for 2018. Discussion includes cloud, security, consumerization and business intelligence.
Webinar Slides [Oct 26] Putting the Ops in DevOpsIBM DevOps
Watch the replay: https://www.youtube.com/watch?v=SEu9tVVK_-U&feature=youtu.be
Explore the common operational challenges many DevOps teams are facing today, how the traditional IT Operations best practices could be leveraged for use in a DevOps methodology, and how new operations management tools can help you carry out those best practices to meet your goals on an on-going basis.
Collaborative development is at the core of successful open source projects. Yet to be successful in today's competitive open source world, it is increasingly important to master many different disciplines and to develop an edge.
In this talk we will cover a wide range of topics relevant to developers and members of open source communities who want to increase participation in their projects. Topics range from growing your developer base (e.g. by participation in GSoC, OPW and similar programs), rewarding participation, projecting momentum in the media and press, coercing large companies into contributing more and in different ways to your project, running community initiatives successfully and measuring success.
We will use real-life examples and share tools and mental models (e.g. open source flywheel and funnels) that help you make the right decisions for your project.
Collaborative development is at the core of successful open source projects. Yet to be successful in today's competitive open source world, it is increasingly important to master many different disciplines and to develop an edge.
In this talk we will cover a wide range of topics relevant to developers and members of open source communities who want to increase participation in their projects. Topics range from growing your developer base (e.g. by participation in GSoC, OPW and similar programs), rewarding participation, projecting momentum in the media and press, coercing large companies into contributing more and in different ways to your project, running community initiatives successfully and measuring success.
We will use real-life examples and where appropriate share tools and mental models that help you make the right decisions for your project.
LCEU13 : Xen Project Lessons Learned - Lars Kurth, Xen ProjectThe Linux Foundation
In April this year, Xen became a Linux Foundation Collaborative Project. 6 months later it is time to take stock. I will start with a brief introduction of the Xen Project, explain why Xen moved to the Linux Foundation, explore the impact on the community and provide an outlook for the future. I will use examples from the Xen Project community to explore the challenges and benefits of becoming a collaborative project, draw lessons and explore tools to help make your project more successful. I will cover a wide range of topics ranging from community management, collaboration infrastructure, marketing, and good governance to align the interests of a project’s stake-holders. By employing each of these techniques in a complementary fashion, we can ensure the long-term success of a project.
OSCON 2013: "Case Study: What to do when your project outgrows your company"The Linux Foundation
In the last decade, the open source development model has been extraordinarily successful. However, this success came at a cost. Today, we are experiencing an explosion of open source projects, escalating competition amongst projects, and commercial interests driving projects at an ever increasing rate. To succeed in the long run, open source projects need to employ a set of management techniques to overcome these issues.
To illustrate how this is accomplished, we will draw on the 10 year history of the Xen project as a case study. Xen started in 2003 with strong university roots, quickly evolving into a thriving code-centric project with a development culture very similar to the Linux kernel. The project was instrumental in creating the cloud computing space as we know it today. Large companies such as Amazon, Citrix, and Rackspace, as well as many others, were able to build thriving businesses using open source Xen. Yet five years later, the project started struggling in multiple areas: it failed to engage its user base, becoming inward focused, and suffering from fragmentation caused by pressure from commercial interests. As a result, Xen lost the support of a number of key Linux distributions. Xen started to be perceived as old and outdated, despite a swelling user base, a growing and diversifying contributor community, an increasing number of Xen-based commercial solutions, and numerous Xen-powered open source projects. Some onlookers even predicted the imminent demise of the project. The project clearly had an image problem, which could have become a self-fulfilling prophecy. But, because of a program of cultural change initiated 2 years ago, the Xen project of 2013 is no longer crippled by the problems which nearly caused its downfall. We will explore the causes of the issues which arose, highlighting mistakes that were made, and revealing their effect on the community.
We will also show how almost any issue that threatens the success of an open source project can be addressed using a combination of good community management, excellent collaboration infrastructure, wise marketing, and good governance to align the interests of a project’s stake-holders. By employing each of these techniques in a complementary fashion, we can ensure the long-term success of a project.
OWF: Xen Project - Moving a commercial open source project to an open source ...The Linux Foundation
In April this year, Xen became a Linux Foundation Collaborative Project. 6 months later it is time to take stock. I will start with a brief introduction of the Xen Project, explain the key challenges the project had under Citrix' stewardship, explain why Xen moved to the Linux Foundation, explore the challenges and considerations when choosing an open source foundation and explore the impact on the Xen community to date. The talk will centre around the core question of whether open source foundations provide a better collaboration platform for open source projects than corporate stewardship. The answer - at least for the Xen project - is clearly yes. However, following this route has its own challenges, trade-offs and risks.
Curious about FINOS programs and membership benefits? Want to learn more on how you can contribute to the organization that is bringing open source to financial services and fintech? And most importantly, want to know what's in it for you, whether you are large financial institution, a large or small fintech tech or data vendor or an individual? Check out this deck and start contributing today!
An introduction to Symphony Softwar Foundation, community, projects, open source and open standards focused initiatives for innovation in financial services and fintech.
For more information check out:
Website: http://symphony.foundation
Wiki: https://symphonyoss.atlassian.net/wiki/
Github: https://github.com/symphonyoss/
Webinar presented by The Linux Foundation and Rogue Wave Software. Professional open source management addresses many aspects of the software development lifecycle, from technical to operational to legal concerns. Key to success with open source is choosing the right means and methods for obtaining support for the open source in your software portfolio, and understanding how to maintain integrated and embedded open source code over time.
Social Business for Associations: Building B2B Business with Relationship-Foc...CSRA, Inc.
How professional associations can regain their importance in professional networking & development: Use digital social networks to evolve business models
Static partitioning is used to split an embedded system into multiple domains, each of them having access only to a portion of the hardware on the SoC. It is key to enable mixed-criticality scenarios, where a critical application, often based on a small RTOS, runs alongside a larger non-critical app, typically based on Linux. The two domains cannot interfere with each other.
This talk will explain how to use Xen for static partitioning. It will introduce dom0-less, a new Xen feature written for the purpose. Dom0-less allows multiple VMs to start at boot time directly from the Xen hypervisor, decreasing boot times drastically. It makes it very easy to partition the system without virtualization overhead. Dom0 becomes unnecessary.
This presentation will go into details on how to setup a Xen dom0-less system. It will show configuration examples and explain device assignment. The talk will discuss its implications for latency-sensitive and safety-critical environments.
XPDDS19: How TrenchBoot is Enabling Measured Launch for Open-Source Platform ...The Linux Foundation
TrenchBoot is a cross-community OSS integration project for hardware-rooted, late launch integrity of open and proprietary systems. It provides a general purpose, open-source DRTM kernel for measured system launch and attestation of device integrity to trust-centric access infrastructure. TrenchBoot closes the UEFI Measurement Gap and reduces the need to trust system firmware. This talk will introduce TrenchBoot architecture and a recent collaboration with Oracle to launch the Linux kernel directly with Intel TXT or AMD SVM Secure Launch. It will propose mechanisms for integrating the Xen hypervisor into a TrenchBoot system launch. DRTM-enabled capabilities for client, server and embedded platforms will be presented for consideration by the Xen community.
XPDDS19 Keynote: Xen in Automotive - Artem Mygaiev, Director, Technology Solu...The Linux Foundation
Artem will briefly cover what has been done since the first talk on Xen in Automotive domain back in 2013, what is going on now and what is still missing for broad adaptation of Xen in vehicles. The following topics will be covered:
Embedded/automotive features of Xen
Collaboration with AGL and GENIVI organizations for standardization
Efforts on Functional Safety compliance
Artem will also go over typical automotive use scenarios for Xen which may not be the same as generic computing use of hypervisor.
XPDDS19 Keynote: Xen Project Weather Report 2019 - Lars Kurth, Director of Op...The Linux Foundation
In this keynote talk, we will give an overview of the state of the Xen Project, trends that impact the project, see whether challenges that surfaced last year have been addressed and how we did it, and highlight new challenges and solutions for the coming year.
In recent years unikernels have shown immense performance potential (e.g., boot times of only a few ms, image sizes of only hundreds of KBs).The fundamental drawback of unikernels is that they require that applications be manually ported to the underlying minimalistic OS, needing both expert work and often considerable amount of time.
The Unikraft project provides a unikernel code base and build system that significantly simplifies the building of unikernels. In addition to support for a number CPU architectures, languages and frameworks, Unikraft provides debugging and tracing features that are generally sorely missing from unikernel projects. In this talk we will talk about these features, show a set of preliminary performance numbers, and provide a roadmap for the project's future.
XPDDS19 Keynote: Secret-free Hypervisor: Now and Future - Wei Liu, Software E...The Linux Foundation
The idea of making Xen secret-free has been floating since Spectre and Meltdown came into light. In this talk we will discuss what is being done and what needs to be done next.
XPDDS19 Keynote: Xen Dom0-less - Stefano Stabellini, Principal Engineer, XilinxThe Linux Foundation
This talk will introduce Dom0-less: a new way of using Xen to build mixed-criticality solutions. Dom0-less is a Xen feature that adds a novel approach to static partitioning based on virtualization. It allows multiple domains to start at boot time directly from the Xen hypervisor, decreasing boot times dramatically. Xen userspace tools, such as xl and libvirt, become optional.
Dom0-less extends the existing device tree based Xen boot protocol to cover information required by additional domains. Binaries, such as kernels and ramdisks, are loaded by the bootloader (u-boot) and advertised to Xen via new device tree bindings.
The audience will learn how to use Dom0-less to partition the system. Uboot and device tree configuration details will be explained to enable the audience to get the most out of this feature. The talk will include a status update and details on future plans.
XPDDS19 Keynote: Patch Review for Non-maintainers - George Dunlap, Citrix Sys...The Linux Foundation
As the number of contributions grow, reviewer bandwidth becomes a bottleneck; and maintainers are always asking for more help. However, ultimately maintainers must at least Ack every patch that goes in; so if you're not a maintainer, how can you contribute? Why should anyone care about your opinion?
This talk will try to lay out some advice and guidelines for non-maintainers, for how they can do code review in a way which will effectively reduce the load on maintainers when they do come to review a patch.
This talk is a follow-up to our Summit 2017 presentation in which we covered our plans for Intel VMFUNC and #VE, as well as related use-cases. This year, we will provide a report on what we have accomplished in Xen 4.12, and what remains to be addressed. We will also give a brief status update of VMI on AMD hardware. The session will end with some real-world numbers of the Hypervisor Introspection solution running on Citrix Hypervisor 8.0 with #VE enabled.
OSSJP/ALS19: The Road to Safety Certification: Overcoming Community Challeng...The Linux Foundation
Safety certification is one of the essential requirements for software to be used in highly regulated industries. Besides technical and compliance issues (such as ISO 26262 vs IEC 611508) transitioning an existing project to become more easily safety certifiable requires significant changes to development practices within an open source project.
In this session, we will lay out some challenges of making safety certification achievable in open source and the Xen Project. We will outline the process the Xen Project has followed thus far and highlight lessons learned along the way. The talk will primarily focus on necessary process, tooling changes and community challenges that can prevent progress. We will be offering an in-depth review of how Xen Project is approaching this challenging goal and try to derive lessons for other projects and contributors.
OSSJP/ALS19: The Road to Safety Certification: How the Xen Project is Making...The Linux Foundation
Safety certification is one of the essential requirements for software to be used in highly regulated industries. The Xen Project, a secure and stable hypervisor that is used in many different markets, has been exploring the feasibility of building safety certified products on top of Xen for a year, looking at key aspects of its code base and development practices.
In this session, we will lay out the motivation and challenges of making safety certification achievable in open source and the Xen Project. We will outline the process the project has followed thus far and highlight lessons learned along the way. The talk will cover technical enablers, necessary process and tooling changes and community challenges offering an in-depth review of how Xen Project is approaching this exciting and and challenging goal.
XPDDS19: Speculative Sidechannels and Mitigations - Andrew Cooper, CitrixThe Linux Foundation
2018 saw fundamental shifts in security boundaries which were previously taken for granted. A lot of work has been done in the past 2 years, and largely in secret under embargo, but there is plenty more work to be done to strengthen the existing mitigations and to try to recover some performance without reopening security holes.
This talk will look at speculative execution sidechannels, the work which has already been done to mitigate the security holes, and future work which hopes to bring some improvements.
XPDDS19: Keeping Coherency on Arm: Reborn - Julien Grall, Arm ltdThe Linux Foundation
The Arm architecture provides a set of guidelines that any software should abide by when accessing the memory with MMU off and update page-tables. Failing to do so may result in getting TLB conflicts or breaking coherency.
In a previous talk ("Keeping coherency on Arm"), we focused on updating safely the stage-2 (aka P2M) page-tables. This talk will focus on the boot code and Xen memory management.
During this session, we will introduce some of the guidelines and when they should be used. We will also discuss how Xen boot sequence needs to be reworked to avoid breaking the guidelines.
XPDDS19: QEMU PV Backend 'qdevification'... What Does it Mean? - Paul Durrant...The Linux Foundation
For many years the QEMU codebase has contained PV backends for Xen guests, giving them paravirtual access to storage, network, keyboard, mouse, etc. however these backends have not been configurable as QEMU devices as their implementation did not fully adhere to the QEMU Object Model (QOM).
Particularly the PV storage backend not using proper QOM devices, or qdevs, meant that the QEMU block layer needed to maintain legacy code that was cluttering up the source. This was causing push-back from the maintainers who did not want to accept any patches relating to that Xen backend until it was 'qdevified'.
In this talk, I'll explain the modifications I made to QEMU to achieve 'qdevification' of the PV storage backend, how compatibility with the libxl toolstack was maintained, and what the next steps in both QEMU and libxl development should be.
XPDDS19: Status of PCI Emulation in Xen - Roger Pau Monné, Citrix Systems R&DThe Linux Foundation
PCI is a local computer bus for attaching hardware devices in a computer, and is the main peripheral bus on modern x86 systems. As such, having a proper way to emulate it is crucial for Xen to be able to expose both fully emulated devices or passthrough devices to guests.
This talk will focus on the current status of PCI emulation in Xen, how and where it is used, what are its main limitations and future plans to improve it in order to be more robust and modular.
XPDDS19: [ARM] OP-TEE Mediator in Xen - Volodymyr Babchuk, EPAM SystemsThe Linux Foundation
Volodymyr will speak about TEE mediators. This is a new feature in Xen which allows multiple virtual machines to interact with Trusted Execution Environment available on platform. He developed mediator for one of TEEs, namely OP-TEE.
He will give background information on why TEE is needed at all and share some implementation details.
XPDDS19: Bringing Xen to the Masses: The Story of Building a Community-driven...The Linux Foundation
Xen is a very powerful hypervisor with a talented and diverse developers community. Despite the fact it's almost everywhere (from the Cloud to the embedded world), it can be difficult to set up and manage as a system administrator. General purpose distros have Xen packages, but that's just a start in your Xen journey: you need some tooling and knowledge to have a working and scalable platform.
XCP-ng was built to overcome those issues: by bringing Xen to the masses with a fully turnkey distro with Xen as its core. It's the logical sequel to the XCP project, with a community focus from the start. We'll see how it happened, what we did, and what's next. Finally, we'll see the impact of XCP-ng on the Xen Project.
XPDDS19: Will Robots Automate Your Job Away? Streamlining Xen Project Contrib...The Linux Foundation
Doug has long advocated for more CI/CD (Continuous Integration / Continuous Delivery) processes to be adopted by the Xen Project from the use of Travis CI and now GitLab CI. This talk aims to propose ideas for building upon the existing process and transforming the development process to provide users a higher quality with each release by the Xen Project.
XPDDS19: Client Virtualization Toolstack in Go - Nick Rosbrook & Brendan Kerr...The Linux Foundation
High level toolstacks for server and cloud virtualization are very mature with large communities using and supporting them. Client virtualization is a much more niche community with unique requirements when compared to those found in the server space. In this talk, we’ll introduce a client virtualization toolstack for Xen (redctl) that we are using in Redfield, a new open-source client virtualization distribution that builds upon the work done by the greater virtualization and Linux communities. We will present a case for maturing libxl’s Go bindings and discuss what advantages Go has to offer for high level toolstacks, including in the server space.
Today Xen is scheduling guest virtual cpus on all available physical cpus independently from each other. Recent security issues on modern processors (e.g. L1TF) require to turn off hyperthreading for best security in order to avoid leaking information from one hyperthread to the other. One way to avoid having to turn off hyperthreading is to only ever schedule virtual cpus of the same guest on one physical core at the same time. This is called core scheduling.
This presentation shows results from the effort to implement core scheduling in the Xen hypervisor. The basic modifications in Xen are presented and performance numbers with core scheduling active are shown.
"Impact of front-end architecture on development cost", Viktor TurskyiFwdays
I have heard many times that architecture is not important for the front-end. Also, many times I have seen how developers implement features on the front-end just following the standard rules for a framework and think that this is enough to successfully launch the project, and then the project fails. How to prevent this and what approach to choose? I have launched dozens of complex projects and during the talk we will analyze which approaches have worked for me and which have not.
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...UiPathCommunity
💥 Speed, accuracy, and scaling – discover the superpowers of GenAI in action with UiPath Document Understanding and Communications Mining™:
See how to accelerate model training and optimize model performance with active learning
Learn about the latest enhancements to out-of-the-box document processing – with little to no training required
Get an exclusive demo of the new family of UiPath LLMs – GenAI models specialized for processing different types of documents and messages
This is a hands-on session specifically designed for automation developers and AI enthusiasts seeking to enhance their knowledge in leveraging the latest intelligent document processing capabilities offered by UiPath.
Speakers:
👨🏫 Andras Palfi, Senior Product Manager, UiPath
👩🏫 Lenka Dulovicova, Product Program Manager, UiPath
State of ICS and IoT Cyber Threat Landscape Report 2024 previewPrayukth K V
The IoT and OT threat landscape report has been prepared by the Threat Research Team at Sectrio using data from Sectrio, cyber threat intelligence farming facilities spread across over 85 cities around the world. In addition, Sectrio also runs AI-based advanced threat and payload engagement facilities that serve as sinks to attract and engage sophisticated threat actors, and newer malware including new variants and latent threats that are at an earlier stage of development.
The latest edition of the OT/ICS and IoT security Threat Landscape Report 2024 also covers:
State of global ICS asset and network exposure
Sectoral targets and attacks as well as the cost of ransom
Global APT activity, AI usage, actor and tactic profiles, and implications
Rise in volumes of AI-powered cyberattacks
Major cyber events in 2024
Malware and malicious payload trends
Cyberattack types and targets
Vulnerability exploit attempts on CVEs
Attacks on counties – USA
Expansion of bot farms – how, where, and why
In-depth analysis of the cyber threat landscape across North America, South America, Europe, APAC, and the Middle East
Why are attacks on smart factories rising?
Cyber risk predictions
Axis of attacks – Europe
Systemic attacks in the Middle East
Download the full report from here:
https://sectrio.com/resources/ot-threat-landscape-reports/sectrio-releases-ot-ics-and-iot-security-threat-landscape-report-2024/
Essentials of Automations: Optimizing FME Workflows with ParametersSafe Software
Are you looking to streamline your workflows and boost your projects’ efficiency? Do you find yourself searching for ways to add flexibility and control over your FME workflows? If so, you’re in the right place.
Join us for an insightful dive into the world of FME parameters, a critical element in optimizing workflow efficiency. This webinar marks the beginning of our three-part “Essentials of Automation” series. This first webinar is designed to equip you with the knowledge and skills to utilize parameters effectively: enhancing the flexibility, maintainability, and user control of your FME projects.
Here’s what you’ll gain:
- Essentials of FME Parameters: Understand the pivotal role of parameters, including Reader/Writer, Transformer, User, and FME Flow categories. Discover how they are the key to unlocking automation and optimization within your workflows.
- Practical Applications in FME Form: Delve into key user parameter types including choice, connections, and file URLs. Allow users to control how a workflow runs, making your workflows more reusable. Learn to import values and deliver the best user experience for your workflows while enhancing accuracy.
- Optimization Strategies in FME Flow: Explore the creation and strategic deployment of parameters in FME Flow, including the use of deployment and geometry parameters, to maximize workflow efficiency.
- Pro Tips for Success: Gain insights on parameterizing connections and leveraging new features like Conditional Visibility for clarity and simplicity.
We’ll wrap up with a glimpse into future webinars, followed by a Q&A session to address your specific questions surrounding this topic.
Don’t miss this opportunity to elevate your FME expertise and drive your projects to new heights of efficiency.
Key Trends Shaping the Future of Infrastructure.pdfCheryl Hung
Keynote at DIGIT West Expo, Glasgow on 29 May 2024.
Cheryl Hung, ochery.com
Sr Director, Infrastructure Ecosystem, Arm.
The key trends across hardware, cloud and open-source; exploring how these areas are likely to mature and develop over the short and long-term, and then considering how organisations can position themselves to adapt and thrive.
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...James Anderson
Effective Application Security in Software Delivery lifecycle using Deployment Firewall and DBOM
The modern software delivery process (or the CI/CD process) includes many tools, distributed teams, open-source code, and cloud platforms. Constant focus on speed to release software to market, along with the traditional slow and manual security checks has caused gaps in continuous security as an important piece in the software supply chain. Today organizations feel more susceptible to external and internal cyber threats due to the vast attack surface in their applications supply chain and the lack of end-to-end governance and risk management.
The software team must secure its software delivery process to avoid vulnerability and security breaches. This needs to be achieved with existing tool chains and without extensive rework of the delivery processes. This talk will present strategies and techniques for providing visibility into the true risk of the existing vulnerabilities, preventing the introduction of security issues in the software, resolving vulnerabilities in production environments quickly, and capturing the deployment bill of materials (DBOM).
Speakers:
Bob Boule
Robert Boule is a technology enthusiast with PASSION for technology and making things work along with a knack for helping others understand how things work. He comes with around 20 years of solution engineering experience in application security, software continuous delivery, and SaaS platforms. He is known for his dynamic presentations in CI/CD and application security integrated in software delivery lifecycle.
Gopinath Rebala
Gopinath Rebala is the CTO of OpsMx, where he has overall responsibility for the machine learning and data processing architectures for Secure Software Delivery. Gopi also has a strong connection with our customers, leading design and architecture for strategic implementations. Gopi is a frequent speaker and well-known leader in continuous delivery and integrating security into software delivery.
Transcript: Selling digital books in 2024: Insights from industry leaders - T...BookNet Canada
The publishing industry has been selling digital audiobooks and ebooks for over a decade and has found its groove. What’s changed? What has stayed the same? Where do we go from here? Join a group of leading sales peers from across the industry for a conversation about the lessons learned since the popularization of digital books, best practices, digital book supply chain management, and more.
Link to video recording: https://bnctechforum.ca/sessions/selling-digital-books-in-2024-insights-from-industry-leaders/
Presented by BookNet Canada on May 28, 2024, with support from the Department of Canadian Heritage.
Search and Society: Reimagining Information Access for Radical FuturesBhaskar Mitra
The field of Information retrieval (IR) is currently undergoing a transformative shift, at least partly due to the emerging applications of generative AI to information access. In this talk, we will deliberate on the sociotechnical implications of generative AI for information access. We will argue that there is both a critical necessity and an exciting opportunity for the IR community to re-center our research agendas on societal needs while dismantling the artificial separation between the work on fairness, accountability, transparency, and ethics in IR and the rest of IR research. Instead of adopting a reactionary strategy of trying to mitigate potential social harms from emerging technologies, the community should aim to proactively set the research agenda for the kinds of systems we should build inspired by diverse explicitly stated sociotechnical imaginaries. The sociotechnical imaginaries that underpin the design and development of information access technologies needs to be explicitly articulated, and we need to develop theories of change in context of these diverse perspectives. Our guiding future imaginaries must be informed by other academic fields, such as democratic theory and critical theory, and should be co-developed with social science scholars, legal scholars, civil rights and social justice activists, and artists, among others.
UiPath Test Automation using UiPath Test Suite series, part 4DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 4. In this session, we will cover Test Manager overview along with SAP heatmap.
The UiPath Test Manager overview with SAP heatmap webinar offers a concise yet comprehensive exploration of the role of a Test Manager within SAP environments, coupled with the utilization of heatmaps for effective testing strategies.
Participants will gain insights into the responsibilities, challenges, and best practices associated with test management in SAP projects. Additionally, the webinar delves into the significance of heatmaps as a visual aid for identifying testing priorities, areas of risk, and resource allocation within SAP landscapes. Through this session, attendees can expect to enhance their understanding of test management principles while learning practical approaches to optimize testing processes in SAP environments using heatmap visualization techniques
What will you get from this session?
1. Insights into SAP testing best practices
2. Heatmap utilization for testing
3. Optimization of testing processes
4. Demo
Topics covered:
Execution from the test manager
Orchestrator execution result
Defect reporting
SAP heatmap example with demo
Speaker:
Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP
Connector Corner: Automate dynamic content and events by pushing a buttonDianaGray10
Here is something new! In our next Connector Corner webinar, we will demonstrate how you can use a single workflow to:
Create a campaign using Mailchimp with merge tags/fields
Send an interactive Slack channel message (using buttons)
Have the message received by managers and peers along with a test email for review
But there’s more:
In a second workflow supporting the same use case, you’ll see:
Your campaign sent to target colleagues for approval
If the “Approve” button is clicked, a Jira/Zendesk ticket is created for the marketing design team
But—if the “Reject” button is pushed, colleagues will be alerted via Slack message
Join us to learn more about this new, human-in-the-loop capability, brought to you by Integration Service connectors.
And...
Speakers:
Akshay Agnihotri, Product Manager
Charlie Greenberg, Host
Let's dive deeper into the world of ODC! Ricardo Alves (OutSystems) will join us to tell all about the new Data Fabric. After that, Sezen de Bruijn (OutSystems) will get into the details on how to best design a sturdy architecture within ODC.
OSCON14: Community War Stories - Squaring the Circle between Business and Community
1. Lars Kurth
Community Manger, Xen Project
Chairman, Xen Project Advisory Board
Director, Open Source Business Office, Citrix lars_kurth
2. Was a contributor to various projects
Worked in parallel computing, tools,
mobile and now virtualization
Community guy at Symbian Foundation
Learned how NOT to do stuff
Community guy for the Xen Project
Working for Citrix
Member of OSS Business Office
Accountable to Xen Project Advisory Board
Chairman of Xen Project Advisory Board
3. Open Source Business Office : open.citrix.com
7 people: stewardship of strategic projects and spreading best practices internally
Own Citrix’ Open Source Strategy
Strategic Projects and Open Source Organizations
Membership, OSS Leaders, Contributors, Evangelists, …
5. The # of Projects is growing rapidly
2007: 0.2M projects
Today: 1.0M projects,
100Billion LOC,
10M contributors
2015: 1.8M projects
John Morgan @ Flickr
Simon & His Camera @ Flickr
Kumar Appaiah @ Flickr
6. 50% of all enterprises adopt OSS
software
Julian Manson @ Flickr
7. 30% of companies make it easy for
employees to contribute to projects
Influencing a project’s direction is one
of the main reason for contributing
Nick @ Flickr
toffehoff @ Flickr
16. 2001: Open Sourced by IBM
2001 – 2003: Growth from 8 to 80
consortia members
2006: Callisto
10 projects, 260 committers
2004: Eclipse Foundation
2011: 10th Birthday
273 projects, 1057 committers,
50+ MLOC, 174 members
(see bit.do/Eclipse-10)
More projects/products/users,
improved process, improved
option value/modularity, …
…
19. Bruce Schneier
Internationally renowned security Technologist
@Bruce_Schneier
Catastrophic is the right word
[for Heartbleed]. On the scale
of 1 to 10, this is an 11.
20.
21. Source: Ohloh.net
Growing Codebase
Static and small contributor base
1 person maintaining 100 KLoC =
Underinvestment
Extremely large user base
Critical infrastructure component
Thus impact of Heartbleed is huge
26. Not all Open Source projects are the same
Perform due diligence before using a project
Using Open Source is not free
Exchanging cost against risk
Of course: licensing and other implications
Contributing reduces risk
Everyone can help with Marketing and PR,
raising bugs, improving documentation, …
Vinovyn @ Flickr
27. If you use Open Source
Have an Open Source Strategy
Vinovyn @ Flickr
29. Follow Industry News
Follow Project News
Adopt Software
Engage with Users
Trial Software
Engage with Industry
Evangelize
Contribute
Customize
Lead
Activities
Events
36. Xen Project Advisory Board trying
to push a preferred test harness
over community solution
Paralysis: no new test code
written
Delay of roll-out of independently
hosted Test Farm
Risk of Test Farm not being
adopted
• Working group jointly led by community and Advisory Board
• Group resolved the issue
37. HW vendor trying to use private
channels to Citrix Xen Project
maintainers to get an edge
Committers needed the vendor
help to progress their goals
Vendor trying to get more and
more
Potential of lack of trust in our
Xen Project maintainers
• A rather difficult conversation
• Vendor starting to follow community practices and additionally donating
(non-developer) resources to the project
38. Vendors and individuals
competing for review time from
stretched maintainer / reviewer
base
Patch queue growing
Frustration by vendors & maintainers
Potential of slowing growth
Potential of loosing new vendors
• Grow reviewer base by identifying capable candidates
• Get backing from vendors to ensure candidates stay engaged in community
(if vendor employee)
• Mentor candidates to get them effective more quickly than normal
41. Vendors wants to promote
project at events (swag, booth,
collateral, …)
Tedious approval process
for every single instance
• PMC approval
• VP of Trademark approval
(bottleneck)
Frustrated vendors
Frustrated community
• Simplify process for common situations
• Proposal at bit.do/PMC-TM-management
42.
43. Clear Rules and Responsibilities
Remove tension
Create trust
Works best when aligned with Flywheel
Business friendly Rules
Simple and Easy
Enables businesses to help the community
Long term Effect: Community sees value in
company participation
Vinovyn @ Flickr
44. CommunityCompanies
• PR / AR / Marketing /
Messaging
• Membership Rules /
Trademarks / Legal
• Provide funds to solve
Common Good problems
• Referee of last resort
• Principles (aka Values)
• Roles
• Decision Making
• Project Lifecycle
• Community Initiatives, Best
Practices, …
Advisory Board WGs Project Governance
Test
WGs
Love to travel to weird places and grow weird plants
10 years =stories to tell
Munich, London, LA
Raise hands
Rinse and repeat
Mention: Core Infrastructure Initiative
The reason for these issues is often an imbalanced or broken cycle
In the case of the Xen Project, we also had a broken cycle, and I spent the last 4 years at the project fixing this.
10 years ago, putting the code out there was usually enough to be successful!
This is not true any more, because we hit resource limits
TIMING: 16/24 MINUTES
#1 Inspired by Sales Funnels : conversion of leads from media interest to users to developers/companies
Effectiveness determined by shape of funnel
#2 The shape can be manipulated by activities (e.g. Test Days, Media Campaigns, Governance)
and
external events (e.g. what the competition does)
#3 Don’t have time to go through this in detail, but there is a blog post and presentation with a case study explaining it
TIMING: 29/11 MINUTES
#3: Everyone knows what they can expect and what the boundaries are
TIMING: 32/8 MINUTES
Cross-over of people, e.g. committers and maintainers on board and WG groups
Apache, Commercial Projects, …
TIMING: 34/6 MINUTES
In other words : why not let companies contribute expertise which they have rather than doing it all yourself