MultiZone is an IoT firmware that provides a trusted execution environment (TEE) for securing IoT applications on RISC-V processors. It includes pre-integrated libraries for TCP/IP, TLS, ECC and FreeRTOS to handle basic and advanced IoT requirements. MultiZone provides four separated execution environments called zones that are enforced by hardware to isolate trusted applications from untrusted third party code and libraries. It allows for building secure IoT devices, remote firmware updates, and real-time device monitoring and management without needing proprietary hardware extensions.
RISC-V growth and successes in technology and industry - embedded world 2021RISC-V International
RISC-V International has more than 1,000 members across over 50 countries who are working in hardware, software, services, and various industries for a strong and healthy RISC-V ecosystem. It is projected that by 2025 there will be over 62 billion RISC-V CPU cores and the total market for RISC-V IP and software is expected to grow to over $1b by 2025.
In 2020 alone, we saw successes with newly defined RISC-V accelerator architectures, affordable RISC-V open source small-board computers, development boards for personal computers, and an incredibly fast 64-bit RISC-V Core as the community also ratified key specifications and made advances in security.
As we see the growth of RISC-V into industries such as AI, machine learning, blockchain, 5G, medical, and industrial, we will see the ratifications of new extensions that enable this growth.
Join Kim McMahon, Director of Marketing and Stephano Cetola, Technical Program Manager as we take a look at where RISC-V is going in 2021.
RISC-V growth and successes in technology and industry - embedded world 2021RISC-V International
RISC-V International has more than 1,000 members across over 50 countries who are working in hardware, software, services, and various industries for a strong and healthy RISC-V ecosystem. It is projected that by 2025 there will be over 62 billion RISC-V CPU cores and the total market for RISC-V IP and software is expected to grow to over $1b by 2025.
In 2020 alone, we saw successes with newly defined RISC-V accelerator architectures, affordable RISC-V open source small-board computers, development boards for personal computers, and an incredibly fast 64-bit RISC-V Core as the community also ratified key specifications and made advances in security.
As we see the growth of RISC-V into industries such as AI, machine learning, blockchain, 5G, medical, and industrial, we will see the ratifications of new extensions that enable this growth.
Join Kim McMahon, Director of Marketing and Stephano Cetola, Technical Program Manager as we take a look at where RISC-V is going in 2021.
The VF360 is a 3U OpenVPX module
that leverages on Altera Stratix® V
FPGA and Texas Instruments Key-
Stone® Multicore DSP technology to
provide an ultra-high bandwidth processing
platform, ideally suited for
computation and bandwidth intensive
applications.
The KeyStone provides the flexibility to
perform complex post-processing functions
more suited for the processor
domain.
The Stratic has two banks of dedicated
DDR3 and QDRII+ memories for
algorithms with high bandwidth and/or
large memory size requirements. Highspeed
serial interfaces to the OpenVPX
data plane and the FMC-HPC Module
site creates abundant IO throughput.
An Open Discussion of RISC-V BitManip, trends, and comparisons _ CuffRISC-V International
Join RISC-V BitManip industry leader Claire Xenia Wolf and Dr. James Cuff for an open and lively discussion with an interactive Q&A on RISC-V and BitManip including trends and comparisons with the existing architecture landscape including x86 and ARM and what specifically makes RISC-V unique.
LAS16-100K1: Welcome Keynote
Speakers: George Grey
Date: September 26, 2016
★ Session Description ★
George Grey, CEO of Linaro will welcome attendees to the conference and give an update on the latest projects taking place at Linaro.
★ Resources ★
Etherpad: pad.linaro.org/p/las16-100k1
Presentations & Videos: http://connect.linaro.org/resource/las16/las16-100k1/
★ Event Details ★
Linaro Connect Las Vegas 2016 – #LAS16
September 26-30, 2016
http://www.linaro.org
http://connect.linaro.org
LAS16-300: Mini Conference 2 Cortex-M Software - Device ConfigurationLinaro
LAS16-300: Mini Conference 2 RTOS-Zephyr - Device Configuration
Speakers: Andy Gross
Date: September 28, 2016
★ Session Description ★
SoC Vendors, board vendors, software middle layers, scripting languages, etc all need to have access to system configuration information (pin muxes, what sensors are on a system, what amount of memory, flash, etc, etc). We need a means to convey this in a vendor neutral mechanism but also one that is friendly for Cortex-M/constrained footprint devices. This session will be to discuss the topic, how its done today, what kinda tooling might exist from different vendors, what we could utilize (device tree) and what issues that creates.
★ Resources ★
Etherpad: pad.linaro.org/p/las16-300
Presentations & Videos: http://connect.linaro.org/resource/las16/las16-300/
★ Event Details ★
Linaro Connect Las Vegas 2016 – #LAS16
September 26-30, 2016
http://www.linaro.org
http://connect.linaro.org
LAS16-500: The Rise and Fall of Assembler and the VGIC from HellLinaro
LAS16-500: The Rise and Fall of Assembler and the VGIC from Hell
Speakers: Marc Zyngier, Christoffer Dall
Date: September 30, 2016
★ Session Description ★
KVM/ARM has grown up. While the initial implementation of virtualization support for ARM processors in Linux was a quality upstream software project, there were initial design decisions simply not suitable for a long-term maintained hypervisor code base. For example, the way KVM/ARM utilized the hardware support for virtualization, was by running a ‘switching’ layer of code in EL2, purely written in assembly. This was a reasonable design decision in the initial implementation, as the switching layer only had to do one thing: Switch between a VM and the host. But as we began to optimize the implementation, add support for ARMv8.1 and VHE, and added features such as debugging support, we had to move to a more integrated approach, writing the switching logic in C code as well. As another example, the support for virtual interrupts, famously known as the VGIC, was designed with a focus on optimizing MMIO operations. As it turns out, MMIO operations is a less important and infrequent operation on the GIC, and the design had some serious negative consequences for supporting other state transitions for virtual interrupts and had negative performance implications. Therefore, we completely redesigned the VGIC support, and implemented the whole thing from scratch as a team effort, with a very promising result, upstream since Linux v4.7. In this talk we will cover the evolution of this software project and give an overview of the state of the project as it is today.
★ Resources ★
Etherpad: pad.linaro.org/p/las16-500
Presentations & Videos: http://connect.linaro.org/resource/las16/las16-500/
★ Event Details ★
Linaro Connect Las Vegas 2016 – #LAS16
September 26-30, 2016
http://www.linaro.org
http://connect.linaro.org
Introduction to the new MediaTek LinkIt™ Development Platform for RTOSMediaTek Labs
The new MediaTek LinkIt™ Development Platform for RTOS is based on ARM Cortex-M4 MCU architecture and provides leading features for the creation of connected appliances, home and office automation devices, smart gadgets, and IoT bridges. Supporting a range of chipsets (initially the MediaTek MT7687F), LinkIt for RTOS offers the convenience of a single toolset and common API implemented over a popular RTOS. With this you can achieve economies across a full range of consumer and business IoT devices. The platform consists of a Software Development Kit (SDK), Hardware Development Kits (HDKs), including modules from supply chain partners, and related technical documentation. The first release of the platform supports the MediaTek MT7687F Wi-Fi SOC which has a 192 MHz MCU, 1×1 802.11b/g/n Wi-Fi subsystem, integrated security engine (AES and 3DES/SHA), embedded SRAM/ROM and 2MB flash. The new platform uses FreeRTOS with open-source modules for TCP/IP, SSL/TLS, HTTP (client and server), SNTP, DHCP daemon, MQTT, XML and JSON. Development and debugging is supported by free command line tools, plus a KEIL plug-in.
A detailed overview of Sierra Monitor's FieldServer protocol gateways for original equipment manufacturers (OEMs). This covers the FieldServer OEM product line, features and benefits of working with us, and use cases.
The VF360 is a 3U OpenVPX module
that leverages on Altera Stratix® V
FPGA and Texas Instruments Key-
Stone® Multicore DSP technology to
provide an ultra-high bandwidth processing
platform, ideally suited for
computation and bandwidth intensive
applications.
The KeyStone provides the flexibility to
perform complex post-processing functions
more suited for the processor
domain.
The Stratic has two banks of dedicated
DDR3 and QDRII+ memories for
algorithms with high bandwidth and/or
large memory size requirements. Highspeed
serial interfaces to the OpenVPX
data plane and the FMC-HPC Module
site creates abundant IO throughput.
An Open Discussion of RISC-V BitManip, trends, and comparisons _ CuffRISC-V International
Join RISC-V BitManip industry leader Claire Xenia Wolf and Dr. James Cuff for an open and lively discussion with an interactive Q&A on RISC-V and BitManip including trends and comparisons with the existing architecture landscape including x86 and ARM and what specifically makes RISC-V unique.
LAS16-100K1: Welcome Keynote
Speakers: George Grey
Date: September 26, 2016
★ Session Description ★
George Grey, CEO of Linaro will welcome attendees to the conference and give an update on the latest projects taking place at Linaro.
★ Resources ★
Etherpad: pad.linaro.org/p/las16-100k1
Presentations & Videos: http://connect.linaro.org/resource/las16/las16-100k1/
★ Event Details ★
Linaro Connect Las Vegas 2016 – #LAS16
September 26-30, 2016
http://www.linaro.org
http://connect.linaro.org
LAS16-300: Mini Conference 2 Cortex-M Software - Device ConfigurationLinaro
LAS16-300: Mini Conference 2 RTOS-Zephyr - Device Configuration
Speakers: Andy Gross
Date: September 28, 2016
★ Session Description ★
SoC Vendors, board vendors, software middle layers, scripting languages, etc all need to have access to system configuration information (pin muxes, what sensors are on a system, what amount of memory, flash, etc, etc). We need a means to convey this in a vendor neutral mechanism but also one that is friendly for Cortex-M/constrained footprint devices. This session will be to discuss the topic, how its done today, what kinda tooling might exist from different vendors, what we could utilize (device tree) and what issues that creates.
★ Resources ★
Etherpad: pad.linaro.org/p/las16-300
Presentations & Videos: http://connect.linaro.org/resource/las16/las16-300/
★ Event Details ★
Linaro Connect Las Vegas 2016 – #LAS16
September 26-30, 2016
http://www.linaro.org
http://connect.linaro.org
LAS16-500: The Rise and Fall of Assembler and the VGIC from HellLinaro
LAS16-500: The Rise and Fall of Assembler and the VGIC from Hell
Speakers: Marc Zyngier, Christoffer Dall
Date: September 30, 2016
★ Session Description ★
KVM/ARM has grown up. While the initial implementation of virtualization support for ARM processors in Linux was a quality upstream software project, there were initial design decisions simply not suitable for a long-term maintained hypervisor code base. For example, the way KVM/ARM utilized the hardware support for virtualization, was by running a ‘switching’ layer of code in EL2, purely written in assembly. This was a reasonable design decision in the initial implementation, as the switching layer only had to do one thing: Switch between a VM and the host. But as we began to optimize the implementation, add support for ARMv8.1 and VHE, and added features such as debugging support, we had to move to a more integrated approach, writing the switching logic in C code as well. As another example, the support for virtual interrupts, famously known as the VGIC, was designed with a focus on optimizing MMIO operations. As it turns out, MMIO operations is a less important and infrequent operation on the GIC, and the design had some serious negative consequences for supporting other state transitions for virtual interrupts and had negative performance implications. Therefore, we completely redesigned the VGIC support, and implemented the whole thing from scratch as a team effort, with a very promising result, upstream since Linux v4.7. In this talk we will cover the evolution of this software project and give an overview of the state of the project as it is today.
★ Resources ★
Etherpad: pad.linaro.org/p/las16-500
Presentations & Videos: http://connect.linaro.org/resource/las16/las16-500/
★ Event Details ★
Linaro Connect Las Vegas 2016 – #LAS16
September 26-30, 2016
http://www.linaro.org
http://connect.linaro.org
Introduction to the new MediaTek LinkIt™ Development Platform for RTOSMediaTek Labs
The new MediaTek LinkIt™ Development Platform for RTOS is based on ARM Cortex-M4 MCU architecture and provides leading features for the creation of connected appliances, home and office automation devices, smart gadgets, and IoT bridges. Supporting a range of chipsets (initially the MediaTek MT7687F), LinkIt for RTOS offers the convenience of a single toolset and common API implemented over a popular RTOS. With this you can achieve economies across a full range of consumer and business IoT devices. The platform consists of a Software Development Kit (SDK), Hardware Development Kits (HDKs), including modules from supply chain partners, and related technical documentation. The first release of the platform supports the MediaTek MT7687F Wi-Fi SOC which has a 192 MHz MCU, 1×1 802.11b/g/n Wi-Fi subsystem, integrated security engine (AES and 3DES/SHA), embedded SRAM/ROM and 2MB flash. The new platform uses FreeRTOS with open-source modules for TCP/IP, SSL/TLS, HTTP (client and server), SNTP, DHCP daemon, MQTT, XML and JSON. Development and debugging is supported by free command line tools, plus a KEIL plug-in.
A detailed overview of Sierra Monitor's FieldServer protocol gateways for original equipment manufacturers (OEMs). This covers the FieldServer OEM product line, features and benefits of working with us, and use cases.
Debugging MQTT Client Communications With MQTT.fx and HiveMQ CloudHiveMQ
Understanding and getting started with MQTT - the de-facto standard for IoT protocol - is easy. However, debugging MQTT client communications and exploring certain MQTT client behavior can sometimes be challenging, especially if you are new to MQTT.
In this webinar, we show how to use MQTT.fx® for testing, simulating, and debugging MQTT communications with HiveMQ Cloud, and without writing any code. MQTT.fx®, made by Softblade GmbH, is an easy-to-use desktop application available for Windows and OS X.
About the Speakers.
Magi Erber is a product manager at HiveMQ. She loves creating software that delights customers and helps them realizing innovative IoT solutions.
Jens Deters is Head of Professional Services at HiveMQ.
To watch the webinar recording:
https://www.hivemq.com/webinars/debugging-mqtt-client-communications-with-mqttfx-and-hivemq-cloud/
Advancing IoT Communication Security with TLS and DTLS v1.3Hannes Tschofenig
Missing communication security is a common vulnerability in Internet of Things deployments. Addressing this vulnerability is, in theory, relatively easy: with TLS and DTLS, two widely used security protocols are available. They are used to secure web and smart phone apps.
In this talk Hannes Tschofenig explains how the TLS/DTLS 1.3 protocols work and how they differ from previous versions. Hannes also speaks about the performance improvements and how they help in IoT deployments.
BKK16-200 Designing Security into low cost IO T SystemsLinaro
….Trust and security are essential for the Internet of Things (IoT) to scale. As your product becomes successful, attraction will be high for it to be hacked and, as a consumer, you'll suffer with consequences if security is not baked into the system, at every level. With IoT, we now need to enable an appropriate level of security for low cost IoT designs done by people with little or no security expertise. In this presentation, you will learn how ARM, Linaro and the ARM partnership are securing these low cost IoT endpoints by providing device security, lifecycle security and communication security, without the need for in-depth security experts…
BKK16-110 A Gentle Introduction to Trusted Execution and OP-TEELinaro
Smart connected devices such as mobile phones, tablets and Digital TVs are required to handle data with strong security and confidentiality requirements. A “Trusted Execution Environment” (TEE) provides an environment for processing data securely, protected from normal platform applications. This talk is intended as an introduction to Trusted Execution, and the open-source Trusted Execution Environment OP-TEE in particular. It introduces the GlobalPlatform TEE Specifications, explains how Trusted Execution is implemented by ARM TrustZone and OP-TEE, and outlines how trusted boot software manages the secure boot of an ARM platform. Finally, it gives some pointers on how to get started with OP-TEE.
Machine to Machine Communication with Microsoft Azure IoT Edge & HiveMQHiveMQ
Edge computing is becoming an important part of an IoT architecture. Microsoft’s IoT Edge runtime can manage different containers at the edge, including HiveMQ.
In this webinar, IoT and MQTT experts show the steps for deploying the HiveMQ broker on Microsoft Azure IoT Edge and then how to use HiveMQ to send MQTT messages to the cloud.
About the Speakers.
Christoph Schäbel -practical MQTT expert with multiple years of experience in the field. HiveMQ Core Developer. Has a background in scalable and reliable distributed systems and robotics.
Kresimir Galic - independent contractor with strong software engineering experience. Certified Azure Solutions Architect and a technical blogger.
To watch a webinar: https://www.hivemq.com/webinars/machine-to-machine-communication-with-microsoft-azure-iot-edge-and-hivemq/
Provides an overview of how LWM2M and DNS-SD/DNS-SEC can be used together to provide for secure communications, remote management and provisioning of constrained devices in the Internet of Things using open source software components leshan and Tiaki created in the eclipse IoT community.
HiveMQ + Kafka - The Ideal Solution for IoT MQTT Data IntegrationHiveMQ
Many companies want to move MQTT data between the IoT devices and Kafka clusters connected to back-end enterprise systems. HiveMQ has created a solution that allows for easy bi-direction MQTT message flow between IoT devices and Kafka clusters.
In this webinar, Dominik Obermaier, CTO and Co-founder of HiveMQ, and Magi Erber, Project Manager at HiveMQ, discuss the technical challenges of connecting IoT devices to Kafka and how the HiveMQ Kafka solution solves these problems. Dominik and Magi will walk you through HiveMQ Enterprise Extension for Kafka, which includes support for the Confluent Schema Registry.
This webinar is ideal for any developer or architect who are looking for solutions to connect Kafka with IoT devices.
About the Speakers
Dominik Obermaier is CTO and co-founder of HiveMQ. He is a member of the OASIS Technical Committee and is part of the standardization committee for MQTT 3.1.1 and MQTT 5. He is the co-author of the book 'The Technical Foundations of IoT' and a frequent speaker on IoT, MQTT, and messaging.
Magi Erber is a product manager at HiveMQ. She loves creating software that delights customers and helps them realizing innovative IoT solutions.
To watch the webinar recording: https://www.hivemq.com/webinars/hivemq-plus-kafka-the-ideal-solution-for-iot-mqtt-data-integration/
From idea to the field - Simplify Your IoT project (Acal BFi Nordic & Sierra ...Hans Andersson
A workshop by Acal BFi Nordic on project mangOH industrial open hardware running Linux/Legato open source software. Tight integration with cloud and connectivity services.
Iot Conference Berlin M2M,IoT, device management: one protocol to rule them all?Julien Vermillard
M2M/IoT is rapidly growing and since its early days different “standard” protocols have emerged (e.g. OMA-DM, TR-069, MQTT, …) or are emerging (e.g. CoAP or Lightweight M2M). Understanding which protocol to use for which application can be intimidating, therefore we propose to give an overview of these protocols to help you understand their goals and characteristics. We’ll present common M2M use cases and why they usually require more than just one protocol ; we will also see whether CoAP associated with Lightweight M2M allows to forge “one protocol to rule them all”.
Workshop software licensing, protection & security. Including a few video's. How to license and protect your application? How to create recurring business with pay-per-use and temporary licenses?
SS-CPSIoT 2023_Kevin Mika and Piotr Zierhoffer presentationVEDLIoT Project
VEDLIoT – Accelerated AIoT. Kevin Mika and Piotr Zierhoffer. CPS&IoT’2023 Summer School on Cyber-Physical Systems and Internet-of-Things, Budva, Montenegro, June 2023
Reconfigurable ML Accelerators in VEDLIoT. Marco Tassemeier. Workshop on Deep Learning for IoT (DL4IoT), co-located with HiPEAC 2022, Budapest, Hungary, June 2022
DevOps and Testing slides at DASA ConnectKari Kakkonen
My and Rik Marselis slides at 30.5.2024 DASA Connect conference. We discuss about what is testing, then what is agile testing and finally what is Testing in DevOps. Finally we had lovely workshop with the participants trying to find out different ways to think about quality and testing in different parts of the DevOps infinity loop.
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024Tobias Schneck
As AI technology is pushing into IT I was wondering myself, as an “infrastructure container kubernetes guy”, how get this fancy AI technology get managed from an infrastructure operational view? Is it possible to apply our lovely cloud native principals as well? What benefit’s both technologies could bring to each other?
Let me take this questions and provide you a short journey through existing deployment models and use cases for AI software. On practical examples, we discuss what cloud/on-premise strategy we may need for applying it to our own infrastructure to get it to work from an enterprise perspective. I want to give an overview about infrastructure requirements and technologies, what could be beneficial or limiting your AI use cases in an enterprise environment. An interactive Demo will give you some insides, what approaches I got already working for real.
Epistemic Interaction - tuning interfaces to provide information for AI supportAlan Dix
Paper presented at SYNERGY workshop at AVI 2024, Genoa, Italy. 3rd June 2024
https://alandix.com/academic/papers/synergy2024-epistemic/
As machine learning integrates deeper into human-computer interactions, the concept of epistemic interaction emerges, aiming to refine these interactions to enhance system adaptability. This approach encourages minor, intentional adjustments in user behaviour to enrich the data available for system learning. This paper introduces epistemic interaction within the context of human-system communication, illustrating how deliberate interaction design can improve system understanding and adaptation. Through concrete examples, we demonstrate the potential of epistemic interaction to significantly advance human-computer interaction by leveraging intuitive human communication strategies to inform system design and functionality, offering a novel pathway for enriching user-system engagements.
Transcript: Selling digital books in 2024: Insights from industry leaders - T...BookNet Canada
The publishing industry has been selling digital audiobooks and ebooks for over a decade and has found its groove. What’s changed? What has stayed the same? Where do we go from here? Join a group of leading sales peers from across the industry for a conversation about the lessons learned since the popularization of digital books, best practices, digital book supply chain management, and more.
Link to video recording: https://bnctechforum.ca/sessions/selling-digital-books-in-2024-insights-from-industry-leaders/
Presented by BookNet Canada on May 28, 2024, with support from the Department of Canadian Heritage.
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...DanBrown980551
Do you want to learn how to model and simulate an electrical network from scratch in under an hour?
Then welcome to this PowSyBl workshop, hosted by Rte, the French Transmission System Operator (TSO)!
During the webinar, you will discover the PowSyBl ecosystem as well as handle and study an electrical network through an interactive Python notebook.
PowSyBl is an open source project hosted by LF Energy, which offers a comprehensive set of features for electrical grid modelling and simulation. Among other advanced features, PowSyBl provides:
- A fully editable and extendable library for grid component modelling;
- Visualization tools to display your network;
- Grid simulation tools, such as power flows, security analyses (with or without remedial actions) and sensitivity analyses;
The framework is mostly written in Java, with a Python binding so that Python developers can access PowSyBl functionalities as well.
What you will learn during the webinar:
- For beginners: discover PowSyBl's functionalities through a quick general presentation and the notebook, without needing any expert coding skills;
- For advanced developers: master the skills to efficiently apply PowSyBl functionalities to your real-world scenarios.
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf91mobiles
91mobiles recently conducted a Smart TV Buyer Insights Survey in which we asked over 3,000 respondents about the TV they own, aspects they look at on a new TV, and their TV buying preferences.
Connector Corner: Automate dynamic content and events by pushing a buttonDianaGray10
Here is something new! In our next Connector Corner webinar, we will demonstrate how you can use a single workflow to:
Create a campaign using Mailchimp with merge tags/fields
Send an interactive Slack channel message (using buttons)
Have the message received by managers and peers along with a test email for review
But there’s more:
In a second workflow supporting the same use case, you’ll see:
Your campaign sent to target colleagues for approval
If the “Approve” button is clicked, a Jira/Zendesk ticket is created for the marketing design team
But—if the “Reject” button is pushed, colleagues will be alerted via Slack message
Join us to learn more about this new, human-in-the-loop capability, brought to you by Integration Service connectors.
And...
Speakers:
Akshay Agnihotri, Product Manager
Charlie Greenberg, Host
Software Delivery At the Speed of AI: Inflectra Invests In AI-Powered QualityInflectra
In this insightful webinar, Inflectra explores how artificial intelligence (AI) is transforming software development and testing. Discover how AI-powered tools are revolutionizing every stage of the software development lifecycle (SDLC), from design and prototyping to testing, deployment, and monitoring.
Learn about:
• The Future of Testing: How AI is shifting testing towards verification, analysis, and higher-level skills, while reducing repetitive tasks.
• Test Automation: How AI-powered test case generation, optimization, and self-healing tests are making testing more efficient and effective.
• Visual Testing: Explore the emerging capabilities of AI in visual testing and how it's set to revolutionize UI verification.
• Inflectra's AI Solutions: See demonstrations of Inflectra's cutting-edge AI tools like the ChatGPT plugin and Azure Open AI platform, designed to streamline your testing process.
Whether you're a developer, tester, or QA professional, this webinar will give you valuable insights into how AI is shaping the future of software delivery.
GraphRAG is All You need? LLM & Knowledge GraphGuy Korland
Guy Korland, CEO and Co-founder of FalkorDB, will review two articles on the integration of language models with knowledge graphs.
1. Unifying Large Language Models and Knowledge Graphs: A Roadmap.
https://arxiv.org/abs/2306.08302
2. Microsoft Research's GraphRAG paper and a review paper on various uses of knowledge graphs:
https://www.microsoft.com/en-us/research/blog/graphrag-unlocking-llm-discovery-on-narrative-private-data/
Key Trends Shaping the Future of Infrastructure.pdfCheryl Hung
Keynote at DIGIT West Expo, Glasgow on 29 May 2024.
Cheryl Hung, ochery.com
Sr Director, Infrastructure Ecosystem, Arm.
The key trends across hardware, cloud and open-source; exploring how these areas are likely to mature and develop over the short and long-term, and then considering how organisations can position themselves to adapt and thrive.
1. MultiZone® IoT Firmware
The quick and safe way to build secure IoT
applications with any RISC-V processor
Cesare Garlati – Hex Five Security
Sandro Pinto – Hex Five Security
2. MultiZoneis a registeredtrademarkof Hex Five Security,Inc. – Patent pendingUS 16450826,PCT US1938774
Cortex-M and TrustZoneare registeredtrademarksof Arm Limited
▪ Market requirements
― Consumer products: high volume / low cost
― Battery operated: small processor / limited ram & rom
Building Secure IoT Devices Is Challenging
Resource-constrained
MCUs (no MMU)
100’ of KB of 3rd party
untrusted code base
No RISC-V specs for
TrustZone®-like TEE
▪ Basic IoT requirements
― SW foundation: multitask RTOS, peripherals drivers, ...
― Connectivity libraries: tcp/ip, dhcp, dns, sntp, mqtt, ...
― Security libraries: TLS, ECC, PKI, RoT, TEE, ...
▪ Advanced IoT requirements
― New IoT regulations, access to commercial clouds, ...
― Secure boot, remote updates, OTA provisioning, ...
3. MultiZoneis a registeredtrademarkof Hex Five Security,Inc. – Patent pendingUS 16450826,PCT US1938774
Cortex-M and TrustZoneare registeredtrademarksof Arm Limited
Complete IoT stack that shields trusted applications from untrusted 3rd party libraries
Provides secure access to any IoT clouds, secure boot, remote firmware updates, ...
Works with any RISC-V processor: no need for proprietary TrustZone-like HW
Rapid development: pre-integrated TEE, TCP/IP, TLS/ECC, FreeRTOS, GCC, Eclipse
Built-in Trusted Execution Environment providing up to 4 separated HW/SW “worlds”
Commercial open source license: no GPL contamination, no royalties, $$ per design
MultiZone® IoT Firmware
4. MultiZoneis a registeredtrademarkof Hex Five Security,Inc. – Patent pendingUS 16450826,PCT US1938774
Cortex-M and TrustZoneare registeredtrademarksof Arm Limited
MultiZone® IoT Firmware Architecture
MultiZone Trusted Execution Environment (TEE)
Any RISC-V 32-bit or 64-bit with ‘U’ extension
‘M’ mode
‘U’ Mode
‘U’ Mode HW Drivers
Zone ...
RTOS
or
bare metal app
PMP HW
HW Drivers
Zone #3
RTOS
or
bare metal app
HW Drivers
Zone #2
RTOS
or
bare metal app
ETHERNET driver
Zone #1
MQTT Lib
TLS Lib
TCP Lib
PMP
PMP
5. MultiZoneis a registeredtrademarkof Hex Five Security,Inc. – Patent pendingUS 16450826,PCT US1938774
Cortex-M and TrustZoneare registeredtrademarksof Arm Limited
Use case
Secure access to commercial IoT clouds
❑ Customer needs MQTT, TLS,
ECC, mutual authentication
optimized for RISC-V devices
❑ Customer is concerned about
backdoors and lack of
separation in 3rd party software
❑ Customer can’t afford time,
cost and the technology risk of
a complete system redesign
MultiZone provides built-in secure
connectivity to commercial cloud
providers like AWS, Azure, etc
✓
MultiZone provides four separated
execution environments, hardware
enforced, software defined
✓
MultiZone can retrofit existing
hardware and software, works out-
of-the-box, and it is available now
✓
6. MultiZoneis a registeredtrademarkof Hex Five Security,Inc. – Patent pendingUS 16450826,PCT US1938774
Cortex-M and TrustZoneare registeredtrademarksof Arm Limited
Use case
Remote firmware updates
❑ Product must comply with new
IoT regulation requiring remote
firmware updates - OTA
❑ Customer is concerned about
time, cost, and security risk of
developing a DIY solution
❑ Customer is concerned about
the vendor lock-in inherent in
commercial cloud services
MultiZone provides high-grade
security OTA updates via open
standard MQTT and TLS protocols
✓
MultiZone is commercial-grade,
available immediately, and built
from the ground up for security
✓
MultiZone remote firmware updates
work with any commercial or private
IoT cloud
✓
7. MultiZoneis a registeredtrademarkof Hex Five Security,Inc. – Patent pendingUS 16450826,PCT US1938774
Cortex-M and TrustZoneare registeredtrademarksof Arm Limited
Use case
Real-time monitoring and device management
❑ Customer needs real-time
monitoring, remote updates,
and device management
❑ Customer can’t absorb the
recurring cost of commercial
web services – i.e. AWS, Azure
❑ Project economics can’t justify
the addition of expensive IoT
modules to the BOM
MultiZone provides secure
bidirectional access to/from the
device via standard MQTT protocol
✓
MultiZone works with public and
private clouds – i.e. OEM owned
PKI and backend infrastructure
✓
MultiZone can retrofit existing
hardware, no need to redesign for
additional 3rd party IoT modules
✓
8. MultiZoneis a registeredtrademarkof Hex Five Security,Inc. – Patent pendingUS 16450826,PCT US1938774
Cortex-M and TrustZoneare registeredtrademarksof Arm Limited
▪ Download and build the MultiZone Eclipse project
▪ Flash the MultiZone Firmware to the ARTY FPGA board
▪ Connect to public or private IoT cloud
▪ Remotely deploy individual applications
▪ Remotely control the operations of a small robotic arm
▪ Connect a local terminal to asses security and separation
MultiZone® Reference Application – Live Demo
Cloud
Private: MQTT
broker, Commercial:
AWS, ...
MQTT
TLS ECC
UART
GPIO
9. MultiZoneis a registeredtrademarkof Hex Five Security,Inc. – Patent pendingUS 16450826,PCT US1938774
Cortex-M and TrustZoneare registeredtrademarksof Arm Limited
How To Get Started
Hardware
▪ Artix-7 35T FPGA Evaluation Kit http://www.xilinx.com/products/boards-and-
kits/arty.html
▪ Olimex debug head ARM-USB-TINY-H
http://www.olimex.com/Products/ARM/JTAG/ARM-USB-TINY-H/
▪ OWI Robot (optional) http://owirobot.com/robotic-arm-edge/
Software
▪ Eclipse IDE CDT http://www.eclipse.org/cdt/
▪ Hex Five X300 SoC bitstream http://github.com/hex-five/multizone-fpga
▪ MultiZone Firmware https://github.com/hex-five/multizone-iot-firmware
Documentation
▪ https://github.com/hex-five/multizone-iot-firmware/blob/master/manual.pdf
10. MultiZone Security
MultiZone Security is the quick and safe way to add security and separation to billions of IoT
devices. MultiZone can retrofit existing hardware. If you don’t have TrustZone, or if you require finer
granularity than one trusted area, you can take advantage of high security separation without the
need for a redesign – see http://hex-five.com
11. MultiZoneis a registeredtrademarkof Hex Five Security,Inc. – Patent pendingUS 16450826,PCT US1938774
Cortex-M and TrustZoneare registeredtrademarksof Arm Limited
MultiZone® IoT Firmware – Data Sheet
Stack Component Features Size License
Reference Hardware
▪ Digilent ARTY7 35T FPGA
▪ Hex Five X300 SoC IP
▪ RISC-V core RV32ACIMU 4-way i-cahe 65MHz
▪ Ethernet: Xilinx EthernetLite Ethernet core
Apache 2.0 license
permissive
commercial use ok
IDE & Toolchain
• Eclipse IDE + openOCD debug
• GNU GCC, GDB, …
▪ GCC multi-lib rv32, rv32e, rv64, GDB, openOCD
▪ Hex Five pre-built GCC binaries (optional)
▪ Hex Five pre-built OpenOCD binaries (optional)
GNU General Public License version 3
TCP/IP library
▪ LWIP 2.1.1
▪ Hex Five security extensions
▪ IP, ICMP, UDP, TCP, ARP, DHCP, DNS, SNTP, MQTT
▪ Light weight single threaded execution
▪ Fully integrated with SSL stack
40KB ROM
16KB RAM
Modified BSD
permissive
commercial use ok
SSL library
▪ mbed TLS 2.23.0
▪ Hex Five secure configuration
▪ TLSv1.2, Cipher TLS_AES_128_GCM_SHA256
▪ ECC: prime256v1, Private Key NIST CURVE: P-256
▪ Mutual authentication, Cert expiration verification, TLS large fragment
64KB ROM
32KB RAM
Apache 2.0 license
permissive
commercial use ok
Real Time OS (optional)
▪ FreeRTOS 10.3.0
▪ Hex Five integration with TEE
▪ Secure unprivileged execution of kernel, tasks, and interrupt handlers
▪ No memory shared with TCP/IP and SSL library code
▪ No memory shared with other applications running in separate zones
32KB ROM
16KB RAM
MIT open source license
permissive
commercial use ok
Trusted Execution Environment
▪ MultiZone Security TEE 2.0
▪ RISC-V secure DMA extension
▪ RISC-V shared PLIC extension
▪ 4 separated Trusted Execution Environments (zones) enforced via PMP
▪ 8 memory-mapped resources per zone – i.e. ram, rom, i/o, uart, gpio, eth, …
▪ Secure inter-zone messaging – no shared memory, no buffers, no stack, etc
▪ Protected user-mode interrupt handlers mapped to zones – plic / clint
4KB ROM
4KB RAM
Free for evaluation,
commercial license priced per design –
perpetual, no royalties, no GPL
contamination
Minimal Attack Surface
(compare with TrustZone Secure Firmware)
4KB RAM
4KB ROM
12. MultiZoneis a registeredtrademarkof Hex Five Security,Inc. – Patent pendingUS 16450826,PCT US1938774
Cortex-M and TrustZoneare registeredtrademarksof Arm Limited
MultiZone Security TEE Feature List
Formallyverifiable TCB ~2KB, minimal attack surface, no dynamic data
structures like stack, hype, and buffers. TCB equivalent to less than
10,000 lines of code – assuming 10-4 defects per lines of code ratio.
Zerotrust Completely self-contained runtime, no dependencies from
libraries and other runtime components including C runtime, linker
scripts, and kernel-mode drivers.
Sealedruntime, pre-built driven by statically defined user-defined
policies, that doesn’t require or even expose to the developer any other
interface than the policy configuration file itself.
Isolationof executablecode(text segments) to ensure that user
programs run in unprivileged mode so that they can’t compromise the
overall system integrity – including drivers and IRQ handlers.
Isolationof data(data segments) and memory-mapped peripherals
(typically I/O) via a hardware unit that prevents access outside statically
defined security boundaries.
Isolationof interruptsso that interrupt handlers are mapped to the
respective zone context and executed at a reduced level of privilege,
unable to compromise the isolation model.
Isolationof hardwarecomponents including all cores, bus masters,
DMA, interrupt controllers, and caches in heterogeneoussystems
where deterministic and OOO come together in a single SoC.
Pre-emptivetemporalseparationmechanism to ensure that any single
thread can’t cause a denial of service by indefinitely holding processing
cycles. This is a must for safety-critical applications.
Secureinter-zonecommunicationsinfrastructure to allow inter-zone
data transfers without relying on shared memory resources such as
buffers, stack, and heap.
Secureinter-processorcommunications infrastructure to allow zones
running on the secure core(s) to send/receive data to/from other low-
criticality/non-secure core – i.e. protected split buffers.
Softtimerfacility to multiplex the underlying single hardware timer
functionality and make it available to each zone independently from the
others.
Waitfor interruptfunctionality to allow transparent support for system
suspend and low-power states. This is a must for battery-operated
devices and low-latency deterministic applications .
Trap& Emulate functionality for secure execution of privileged
instructions. Allows porting of existing application code originally
designed to operate in a single unprotected memory space.
Secureboot 2-stage boot loader to verify the integrity and authenticity
of runtime and policies. Should boot the whole system to configure and
lock separation policies for all hardware components.
Toolchainextension cross-platform command line fully integrated with
toolchain and IDE, to combine and configure the zones binaries and to
produce the signed firmware image for the secure boot of the system.
OpensourceAPI to expose runtime micro-services such as messaging
and process scheduling. Optional helper wrappers to reduce system
calls overhead. Free and open permissive license.
13. MultiZoneis a registeredtrademarkof Hex Five Security,Inc. – Patent pendingUS 16450826,PCT US1938774
Cortex-M and TrustZoneare registeredtrademarksof Arm Limited
MultiZone TEE Vs Arm TrustZone
Patent pending US 16450826, PCT US1938774 - Configuring, Enforcing, And Monitoring Separation Of Trusted Execution Environments.
Arm and TrustZone are registered trademarks of Arm Limited (or its subsidiaries) in the US and/or elsewhere.
TrustZone: Two Domains Hardcoded in Silicon
Cortex-M23/M33
MPC
Memory
OS
Apps
Normal World
MPC
Peripherals
Arm Trusted
Firmware-M
Trusted Apps
Secure World
NS Bit
SAU/IDAU
U-Thread mode
P-Thread mode
TZ-M HW
MultiZone: Multiple Domains Defined In Software
MultiZone TEE
RISC-V 32-bit or 64-bit
PMP
OS
Apps
Zone #1 Zone #2
Trusted OS
Trusted Apps
PMP HW
Machine mode
User Mode
Memory Peripherals
Zone #3 Zone #4
App App
User Mode
14. MultiZoneis a registeredtrademarkof Hex Five Security,Inc. – Patent pendingUS 16450826,PCT US1938774
Cortex-M and TrustZoneare registeredtrademarksof Arm Limited
Use case
Fit new functionality into limited RAM and ROM
❑ Customer is struggling to fit
large 3rd party libraries into
limited RAM and ROM
❑ Product economics don’t justify
platform upgrade and hardware
redesign
❑ Product economics don’t justify
platform upgrade and firmware
redesign
MultiZone is lightweight and built
from the ground up for resource
constrained MCUs – 4KB RAM ROM
✓
MultiZone can retrofit existing MCUs
– no need for hardware redesign
✓
MultiZone runs unmodified binaries
– no need for software redesign
✓
15. MultiZoneis a registeredtrademarkof Hex Five Security,Inc. – Patent pendingUS 16450826,PCT US1938774
Cortex-M and TrustZoneare registeredtrademarksof Arm Limited
Use case
Permissive open source software (no GPL)
❑ Product needs security libraries
– i.e. TLS, ECC
❑ Customer IP can’t risk “GPL
contamination”
❑ Customer can’t afford
expensive commercial libraries
MultiZone includes pre-integrated
open source libraries providing TLS
1.2, ECC, MQTT, ...
✓
MultiZone is GPL free. Its open
source components are distributed
under permissive licensing
✓
MultiZone commercial license is
conveniently priced per design –
perpetual, no royalties ever
✓
16. MultiZoneis a registeredtrademarkof Hex Five Security,Inc. – Patent pendingUS 16450826,PCT US1938774
Cortex-M and TrustZoneare registeredtrademarksof Arm Limited
Use case
Multitenant applications
❑ Customer needs the equivalent
of an App Store to provision
and run 3rd party IoT services
❑ The device must run physically
separated, remotely deployed,
untrusted 3rd party applications
❑ Customer can’t afford cost and
security risk of multicore, MMU-
based, Linux capable hardware
MultiZone provides up to 4+
physically separated application
environments – no interference
✓
MultiZone provides remote
deployment of individual apps via
MQTT / TLS / ECC protocols
✓
MultiZone works with the lightweight
PMP built into RISC-V MCUs – no
need for Linux & multi-coreCPUs
✓
17. MultiZoneis a registeredtrademarkof Hex Five Security,Inc. – Patent pendingUS 16450826,PCT US1938774
Cortex-M and TrustZoneare registeredtrademarksof Arm Limited
Use case
Safety-critical applications
❑ Product must comply with
safety critical regulations – i.e.
medical devices, automotive
❑ Customers needs to shield
critical functionality from 100’s
of KB of untrusted 3rd party sw
❑ Customer looking for low-cost
alternatives to proprietary RTOS
and hypervisors
MultiZone guarantees non
interference and spatial and
temporal separation of programs
✓
MultiZone provides high-grade
security and separation for up to 8
execution environments
✓
MultiZone offers a simple
convenient license priced per
customer’s design – no royalties
✓
18. MultiZoneis a registeredtrademarkof Hex Five Security,Inc. – Patent pendingUS 16450826,PCT US1938774
Cortex-M and TrustZoneare registeredtrademarksof Arm Limited
Use case
RISC-V alternative to a TrustZone design
❑ Product needs a mechanism to
separate critical functionality
from untrusted software
❑ Functional requirements
mandate finer granularity than
one “secure world”
❑ Customer is concerned about
time, cost, and technology risk
of a complete system redesign
MultiZone provides hardware
enforced separation via Physical
Memory Protection (PMP)
✓
MultiZone provides 4+ “secure
words” to separate multiple 3rd
party components
✓
MultiZone can retrofit standard
RISC-V hardware and software. No
system redesign is required.
✓
19. MultiZone® Security
MultiZone Security is the quick and safe way to add security and separation to billions of IoT
devices. MultiZone can retrofit existing hardware. If you don’t have TrustZone, or if you require finer
granularity than one trusted area, you can take advantage of high security separation without the
need for a redesign – see http://hex-five.com