TEE security infrastructure is now upstream in the Linux kernel, thanks to the hard work of many people in the ARM open source ecosystem. In this upcoming webinar, Joakim Bech and Jens Wiklander of the Linaro Security Working Group explain:
‣ Why upstream Linux kernel driver support is an important milestone.
‣ The relationship with specifications such as GlobalPlatform.
‣ A recap of the design principles for the TEE driver.
‣ How to get involved with TEE development.
This webinar is based on the work of the Linaro Security Working Group. Their work helps Linaro achieve its mission of providing upstream open source support for the ARM ecosystem. The webinar will be of interest to developers and engineering managers who would like the latest status on TEE support in Linux, particularly those looking to develop secure applications with e.g. OP-TEE. It’s also a great case study for those interested in the challenges of Linux kernel upstreaming. There will be the opportunity to ask questions before, during and after the webinar.
🎙 Speakers:
Joakim Bech, Security Working Group Tech Lead, Linaro
Jens Wiklander, Security Working Group Engineer & Upstream Driver Author, Linaro
🎯 Moderator:
Bill Fletcher, EMEA Field Engineering, Linaro
✨ Register here
http://linaro.co/webinar01
For more information on...
On Linaro - Leading Collaboration in the ARM Ecosystem - linaro.org
On OP-TEE - the TEE in Linux using the ARM® TrustZone® technology op-tee.org
----------------------------------------------
Videos & Presentation
--
Introduction to OP-TEE
--
A great introduction to OP-TEE security written from the standpoint of Automotive Grade Linux. It's only 13 slides with some great diagrams explaining trusted execution, secure boot and isolation.
#Automotive #AGL #OP-TEE #Linux
https://www.slideshare.net/YannickGicquel/introduction-to-optee-26-may-2016
--
OP-TEE for Beginners and Porting Review
--
Explains the building blocks involved in Security including TrustZone, OP-TEE, Trusted Firmware etc. Goes into detail on how Secure Boot Works.. and Why. Explains how a simple secure Trusted Application interacts with OP-TEE and works. Brief overview on how to port OP-TEE to an ARM platform. Opens discussions for Potential Challenges and Hardware limitations and how they can be overcome.
#TrustedApplication #Trustzone
http://connect.linaro.org/resource/hkg15/hkg15-311-op-tee-for-beginners-and-porting-review/
HKG15-311: OP-TEE for Beginners and Porting ReviewLinaro
HKG15-311: OP-TEE for Beginners and Porting Review
---------------------------------------------------
Speaker: Victor Chong
Date: February 11, 2015
---------------------------------------------------
★ Session Summary ★
Explains the building blocks involved in Security including TrustZone, OP-TEE, Trusted Firmware etc. Goes into detail on how Secure Boot Works.. and Why. Explains how a simple secure Trusted Application interacts with OP-TEE and works. Brief overview on how to port OP-TEE to an ARM platform. Opens discussions for Potential Challenges and Hardware limitations and how they can be overcome.
--------------------------------------------------
★ Resources ★
Pathable: https://hkg15.pathable.com/meetings/250816
Video: https://www.youtube.com/watch?v=Fksx4-bpHRY
Etherpad: http://pad.linaro.org/p/hkg15-311
---------------------------------------------------
★ Event Details ★
Linaro Connect Hong Kong 2015 - #HKG15
February 9-13th, 2015
Regal Airport Hotel Hong Kong Airport
---------------------------------------------------
http://www.linaro.org
http://connect.linaro.org
BKK16-110 A Gentle Introduction to Trusted Execution and OP-TEELinaro
Smart connected devices such as mobile phones, tablets and Digital TVs are required to handle data with strong security and confidentiality requirements. A “Trusted Execution Environment” (TEE) provides an environment for processing data securely, protected from normal platform applications. This talk is intended as an introduction to Trusted Execution, and the open-source Trusted Execution Environment OP-TEE in particular. It introduces the GlobalPlatform TEE Specifications, explains how Trusted Execution is implemented by ARM TrustZone and OP-TEE, and outlines how trusted boot software manages the secure boot of an ARM platform. Finally, it gives some pointers on how to get started with OP-TEE.
Session ID: SFO17-309
Session Name: Secure storage updates - SFO17-309
Speaker: Jens Wiklander - Jerome Forissier
Track: Security
★ Session Summary ★
The last release of OP-TEE includes big updates to secure storage. Integrity protection is improved and the entire secure storage space is saved as one snapshot on each update.
---------------------------------------------------
★ Resources ★
Event Page: http://connect.linaro.org/resource/sfo17/sfo17-309/
Presentation:
Video:
---------------------------------------------------
★ Event Details ★
Linaro Connect San Francisco 2017 (SFO17)
25-29 September 2017
Hyatt Regency San Francisco Airport
---------------------------------------------------
Keyword:
http://www.linaro.org
http://connect.linaro.org
---------------------------------------------------
Follow us on Social Media
https://www.facebook.com/LinaroOrg
https://twitter.com/linaroorg
https://www.youtube.com/user/linaroorg?sub_confirmation=1
https://www.linkedin.com/company/1026961
SFO15-503: Secure storage in OP-TEE
Speaker: James Kung, Sheng-Yu Chiu
Date: September 25, 2015
★ Session Description ★
Linaro has been refining the secure storage solution in OP-TEE and in this session the audience will get an update about the current status and also will get to know about the implementation details, design decisions and what algorithms that has been used.
★ Resources ★
Video: https://www.youtube.com/watch?v=pChEdObYLRM
Presentation: http://www.slideshare.net/linaroorg/sfo15503-secure-storage-in-optee
Etherpad: pad.linaro.org/p/sfo15-503
Pathable: https://sfo15.pathable.com/meetings/303094
★ Event Details ★
Linaro Connect San Francisco 2015 - #SFO15
September 21-25, 2015
Hyatt Regency Hotel
http://www.linaro.org
http://connect.linaro.org
LCU14-103: How to create and run Trusted Applications on OP-TEELinaro
LCU14-103: How to create and run Trusted Applications on OP-TEE
---------------------------------------------------
Speaker: Joakim Bech
Date: September 15, 2014
---------------------------------------------------
Coresight is the name given to a set of IP blocks providing hardware assisted tracing for ARM based SoCs. This presentation will give an introduction to the technology, how it works and offer a glimpse of the capabilities it offers. More specifically we will go over the components that are part of the architecture and how they are used. Next will be presented the framework Linaro is working on in an effort to provide consolidation and standardization of interfaces to the coresight subsystem. We will conclude with a status of our current upstreaming efforts and how we see the coming months unfolding.
---------------------------------------------------
★ Resources ★
Zerista: http://lcu14.zerista.com/event/member/137703
Google Event: https://plus.google.com/u/0/events/cvb85kqv10dsc4k3e0hcvbr6i58
Presentation: http://www.slideshare.net/linaroorg/lcu14-101-coresight-overview
Video: https://www.youtube.com/watch?v=IQhbM55F23U&list=UUIVqQKxCyQLJS6xvSmfndLA
Etherpad: http://pad.linaro.org/p/lcu14-101
---------------------------------------------------
★ Event Details ★
Linaro Connect USA - #LCU14
September 15-19th, 2014
Hyatt Regency San Francisco Airport
---------------------------------------------------
LCU14-107: OP-TEE on ARMv8
---------------------------------------------------
Speaker: Jens Wiklander
Date: September 15, 2014
---------------------------------------------------
★ Session Summary ★
SWG is porting OP-TEE to ARMv8 using Fixed Virtual Platform. Initially OP-TEE is running secure world in aarch32 mode, but with the normal world code running in aarch64 mode. Since ARMv8 uses ARM Trusted Firmware we have patched it with an OP-TEE dispatcher to be able to communicate between secure and normal world.
---------------------------------------------------
★ Resources ★
Zerista: http://lcu14.zerista.com/event/member/137710
Google Event: https://plus.google.com/u/0/events/c0ef114n77bhgbns9vb85g9n6ak
Presentation: http://www.slideshare.net/linaroorg/lcu14-107-optee-on-ar-mv8
Video: https://www.youtube.com/watch?v=JViplz-ah9M&list=UUIVqQKxCyQLJS6xvSmfndLA
Etherpad: http://pad.linaro.org/p/lcu14-107
---------------------------------------------------
★ Event Details ★
Linaro Connect USA - #LCU14
September 15-19th, 2014
Hyatt Regency San Francisco Airport
---------------------------------------------------
http://www.linaro.org
http://connect.linaro.org
HKG15-311: OP-TEE for Beginners and Porting ReviewLinaro
HKG15-311: OP-TEE for Beginners and Porting Review
---------------------------------------------------
Speaker: Victor Chong
Date: February 11, 2015
---------------------------------------------------
★ Session Summary ★
Explains the building blocks involved in Security including TrustZone, OP-TEE, Trusted Firmware etc. Goes into detail on how Secure Boot Works.. and Why. Explains how a simple secure Trusted Application interacts with OP-TEE and works. Brief overview on how to port OP-TEE to an ARM platform. Opens discussions for Potential Challenges and Hardware limitations and how they can be overcome.
--------------------------------------------------
★ Resources ★
Pathable: https://hkg15.pathable.com/meetings/250816
Video: https://www.youtube.com/watch?v=Fksx4-bpHRY
Etherpad: http://pad.linaro.org/p/hkg15-311
---------------------------------------------------
★ Event Details ★
Linaro Connect Hong Kong 2015 - #HKG15
February 9-13th, 2015
Regal Airport Hotel Hong Kong Airport
---------------------------------------------------
http://www.linaro.org
http://connect.linaro.org
BKK16-110 A Gentle Introduction to Trusted Execution and OP-TEELinaro
Smart connected devices such as mobile phones, tablets and Digital TVs are required to handle data with strong security and confidentiality requirements. A “Trusted Execution Environment” (TEE) provides an environment for processing data securely, protected from normal platform applications. This talk is intended as an introduction to Trusted Execution, and the open-source Trusted Execution Environment OP-TEE in particular. It introduces the GlobalPlatform TEE Specifications, explains how Trusted Execution is implemented by ARM TrustZone and OP-TEE, and outlines how trusted boot software manages the secure boot of an ARM platform. Finally, it gives some pointers on how to get started with OP-TEE.
Session ID: SFO17-309
Session Name: Secure storage updates - SFO17-309
Speaker: Jens Wiklander - Jerome Forissier
Track: Security
★ Session Summary ★
The last release of OP-TEE includes big updates to secure storage. Integrity protection is improved and the entire secure storage space is saved as one snapshot on each update.
---------------------------------------------------
★ Resources ★
Event Page: http://connect.linaro.org/resource/sfo17/sfo17-309/
Presentation:
Video:
---------------------------------------------------
★ Event Details ★
Linaro Connect San Francisco 2017 (SFO17)
25-29 September 2017
Hyatt Regency San Francisco Airport
---------------------------------------------------
Keyword:
http://www.linaro.org
http://connect.linaro.org
---------------------------------------------------
Follow us on Social Media
https://www.facebook.com/LinaroOrg
https://twitter.com/linaroorg
https://www.youtube.com/user/linaroorg?sub_confirmation=1
https://www.linkedin.com/company/1026961
SFO15-503: Secure storage in OP-TEE
Speaker: James Kung, Sheng-Yu Chiu
Date: September 25, 2015
★ Session Description ★
Linaro has been refining the secure storage solution in OP-TEE and in this session the audience will get an update about the current status and also will get to know about the implementation details, design decisions and what algorithms that has been used.
★ Resources ★
Video: https://www.youtube.com/watch?v=pChEdObYLRM
Presentation: http://www.slideshare.net/linaroorg/sfo15503-secure-storage-in-optee
Etherpad: pad.linaro.org/p/sfo15-503
Pathable: https://sfo15.pathable.com/meetings/303094
★ Event Details ★
Linaro Connect San Francisco 2015 - #SFO15
September 21-25, 2015
Hyatt Regency Hotel
http://www.linaro.org
http://connect.linaro.org
LCU14-103: How to create and run Trusted Applications on OP-TEELinaro
LCU14-103: How to create and run Trusted Applications on OP-TEE
---------------------------------------------------
Speaker: Joakim Bech
Date: September 15, 2014
---------------------------------------------------
Coresight is the name given to a set of IP blocks providing hardware assisted tracing for ARM based SoCs. This presentation will give an introduction to the technology, how it works and offer a glimpse of the capabilities it offers. More specifically we will go over the components that are part of the architecture and how they are used. Next will be presented the framework Linaro is working on in an effort to provide consolidation and standardization of interfaces to the coresight subsystem. We will conclude with a status of our current upstreaming efforts and how we see the coming months unfolding.
---------------------------------------------------
★ Resources ★
Zerista: http://lcu14.zerista.com/event/member/137703
Google Event: https://plus.google.com/u/0/events/cvb85kqv10dsc4k3e0hcvbr6i58
Presentation: http://www.slideshare.net/linaroorg/lcu14-101-coresight-overview
Video: https://www.youtube.com/watch?v=IQhbM55F23U&list=UUIVqQKxCyQLJS6xvSmfndLA
Etherpad: http://pad.linaro.org/p/lcu14-101
---------------------------------------------------
★ Event Details ★
Linaro Connect USA - #LCU14
September 15-19th, 2014
Hyatt Regency San Francisco Airport
---------------------------------------------------
LCU14-107: OP-TEE on ARMv8
---------------------------------------------------
Speaker: Jens Wiklander
Date: September 15, 2014
---------------------------------------------------
★ Session Summary ★
SWG is porting OP-TEE to ARMv8 using Fixed Virtual Platform. Initially OP-TEE is running secure world in aarch32 mode, but with the normal world code running in aarch64 mode. Since ARMv8 uses ARM Trusted Firmware we have patched it with an OP-TEE dispatcher to be able to communicate between secure and normal world.
---------------------------------------------------
★ Resources ★
Zerista: http://lcu14.zerista.com/event/member/137710
Google Event: https://plus.google.com/u/0/events/c0ef114n77bhgbns9vb85g9n6ak
Presentation: http://www.slideshare.net/linaroorg/lcu14-107-optee-on-ar-mv8
Video: https://www.youtube.com/watch?v=JViplz-ah9M&list=UUIVqQKxCyQLJS6xvSmfndLA
Etherpad: http://pad.linaro.org/p/lcu14-107
---------------------------------------------------
★ Event Details ★
Linaro Connect USA - #LCU14
September 15-19th, 2014
Hyatt Regency San Francisco Airport
---------------------------------------------------
http://www.linaro.org
http://connect.linaro.org
LCU14 302- How to port OP-TEE to another platformLinaro
LCU14 302- How to port OP-TEE to another platform
---------------------------------------------------
Speaker: Joakim Bech, Jens Wiklander and Pascal Brand
Date: September 17, 2014
---------------------------------------------------
★ Session Summary ★
OP-TEE (Open Portable Trusted Execution Environment) is the source code for the TEE in Linux using the ARM Trustzone technology. This component meets the Global Platform TEE System Architecture specification. Most of the code is generic. However, a number of platform specific characteristics are addressed, such as memory layout or board specific hardware IP. In this session, you can learn the steps to follow to port OP-TEE for your armv7 platform, as the ones that have been defined when porting OP-TEE to A80 (SWG-77). OP-TEE to the Allwinner A80 platform
---------------------------------------------------
★ Resources ★
Zerista: http://lcu14.zerista.com/event/member/137748
Google Event: https://plus.google.com/u/0/events/cnd044lmnid6jcoj1a9svlhmkj0
Video: https://www.youtube.com/watch?v=QgaGJow7hws&list=UUIVqQKxCyQLJS6xvSmfndLA
Etherpad: http://pad.linaro.org/p/lcu14-302
---------------------------------------------------
★ Event Details ★
Linaro Connect USA - #LCU14
September 15-19th, 2014
Hyatt Regency San Francisco Airport
---------------------------------------------------
http://www.linaro.org
http://connect.linaro.org
This introduces the linaro OP-TEE project in the context of the Automotive Grade Linux distribution. This TEE is today considered as a potential key element to provides some security enforcement in the scope of Software OTA for the AGL distribution.
This brief slides set was presented during AGL Face to Face Technical Meeting 25 – 27 May, Vannes, France
SFO15-200: Linux kernel generic TEE driver
Speaker: Jens Wiklander
Date: September 22, 2015
★ Session Description ★
At this session we will get more knowledge about the TEE driver that Linaro has been working on for the last couple of months. Questions to be answered are for example: What are the API’s? How does the TEE driver work as a communication channel. What will a developer need to think of when adding support for another TEE solution?
★ Resources ★
Video: https://www.youtube.com/watch?v=BhLndLUQamM
Presentation: http://www.slideshare.net/linaroorg/sfo15200-linux-kernel-generic-tee-driver
Etherpad: pad.linaro.org/p/sfo15-200
Pathable: https://sfo15.pathable.com/meetings/302831
★ Event Details ★
Linaro Connect San Francisco 2015 - #SFO15
September 21-25, 2015
Hyatt Regency Hotel
http://www.linaro.org
http://connect.linaro.org
Lcu14 306 - OP-TEE Future Enhancements
---------------------------------------------------
Speaker: Joakim Bech, Jens Wiklander and Pascal Brand
Date: September 17, 2014
---------------------------------------------------
★ Session Summary ★
In this discussion session, we will cover the plans Linaro have to enhance the current OP-TEE implementation. Different topics will be covered, among them: Adding a cryptographic layer to support custom cryptographic libraries or HW-acceleration IP / instructions (REQ-413 and REQ-421) PSCI support (REQ-415) Add ECC support for TEE Internal API 1.1 (REQ-419)
---------------------------------------------------
★ Resources ★
Zerista: http://lcu14.zerista.com/event/member/137753
Google Event: https://plus.google.com/u/0/events/cq01taemqeeblb8k8jnu21lifus
Video: https://www.youtube.com/watch?v=GTKEmdUU1lE&list=UUIVqQKxCyQLJS6xvSmfndLA
Etherpad: http://pad.linaro.org/p/lcu14-306
---------------------------------------------------
★ Event Details ★
Linaro Connect USA - #LCU14
September 15-19th, 2014
Hyatt Regency San Francisco Airport
---------------------------------------------------
http://www.linaro.org
http://connect.linaro.org
LAS16-111: Easing Access to ARM TrustZone – OP-TEE and Raspberry Pi 3Linaro
LAS16-111: Raspberry Pi3, OP-TEE and JTAG debugging
Speakers:
Date: September 26, 2016
★ Session Description ★
ARM TrustZone is a critical technology for securing IoT devices and systems. But awareness of TrustZone and its benefits lags within the maker community as well as among enterprises. The first step to solving this problem is lowering the cost of access. Sequitur Labs and Linaro have joined forces to address this problem by making a port of OP-TEE available on the Raspberry Pi 3. The presentation covers the value of TrustZone for securing IoT and how customers can learn more through this joint effort.
Embedded systems security remains a challenge for many developers. Awareness of mature, proven technologies such as ARM TrustZone is very low among the Maker community as well as among enterprises. As a result this foundational technology is largely being ignored as a security solution. Sequitur Labs and Linaro have taken an innovative approach combining an Open Source solution – OP-TEE with Raspberry Pi 3. The Raspberry Pi 3 is one of the world’s most popular platforms among device makers. Its value as an educational tool for learning about embedded systems development is proven.
Sequitur Labs have also enabled bare metal debugging via JTag on the Pi 3 enhancing the value of the Pi 3 as an educational tool for embedded systems development.
The presentation will focus on
ARM v8a architecture and instruction set
ARM Trusted Firmware
TrustZone and OP-TEE basics
JTAG and bare metal debugging the Raspberry Pi 3
★ Resources ★
Etherpad: pad.linaro.org/p/las16-111
Presentations & Videos: http://connect.linaro.org/resource/las16/las16-111/
★ Event Details ★
Linaro Connect Las Vegas 2016 – #LAS16
September 26-30, 2016
http://www.linaro.org
http://connect.linaro.org
HKG18-402 - Build secure key management services in OP-TEELinaro
Session ID: HKG18-402
Session Name: HKG18-402 - Build secure key management services in OP-TEE
Speaker: Etienne Carriere
Track: Security
★ Session Summary ★
The session presents an initiative to build secure key management services in the OP-TEE project. Based on OP-TEE services (persistent storage, cryptography, time, etc) one could build a trusted application of store and use secure keys. An open source implementation for generic key services could be of interest. However there are many client APIs defined in the ecosystem which is a matter of concern for standardization of such services. The session will open a discussion on this and presents the current choice of the PKCS#11 Cryptoki. There can be lot of key attributes and cryptographic schemes to be supported. The session will present the current plans (starting from AES flavors) and what is currently missing in the OP-TEE (as certificate support, bootloader support). This session aims at getting feedback from the community on this topic, discuss about expected services and client APIs.
---------------------------------------------------
★ Resources ★
Event Page: http://connect.linaro.org/resource/hkg18/hkg18-402/
Presentation: http://connect.linaro.org.s3.amazonaws.com/hkg18/presentations/hkg18-402.pdf
Video: http://connect.linaro.org.s3.amazonaws.com/hkg18/videos/hkg18-402.mp4
---------------------------------------------------
★ Event Details ★
Linaro Connect Hong Kong 2018 (HKG18)
19-23 March 2018
Regal Airport Hotel Hong Kong
---------------------------------------------------
Keyword: Security
'http://www.linaro.org'
'http://connect.linaro.org'
---------------------------------------------------
Follow us on Social Media
https://www.facebook.com/LinaroOrg
https://www.youtube.com/user/linaroorg?sub_confirmation=1
https://www.linkedin.com/company/1026961
"Session ID: BUD17-400
Session Name: Secure Data Path with OPTEE - BUD17-400
Speaker: Mark Gregotski
Track: LHG
★ Session Summary ★
LHG is using the ION-based secure memory allocator integrated with OPTEE as the basis for secure data path processing pipeline. LHG is following the W3C EME protocol and supporting Content Decryption Modules (CDMs) from Widevine and PlayReady.
---------------------------------------------------
★ Resources ★
Event Page: http://connect.linaro.org/resource/bud17/bud17-400/
Presentation: https://www.slideshare.net/linaroorg/bud17400-secure-data-path-with-optee
Video: https://youtu.be/6JdzsWZq4Ls
---------------------------------------------------
★ Event Details ★
Linaro Connect Budapest 2017 (BUD17)
6-10 March 2017
Corinthia Hotel, Budapest,
Erzsébet krt. 43-49,
1073 Hungary
---------------------------------------------------
Keyword: LHG, secure-data, OPTEE
http://www.linaro.org
http://connect.linaro.org
---------------------------------------------------
Follow us on Social Media
https://www.facebook.com/LinaroOrg
https://twitter.com/linaroorg
https://www.youtube.com/user/linaroorg?sub_confirmation=1
https://www.linkedin.com/company/1026961"
LCU13: Deep Dive into ARM Trusted Firmware
Resource: LCU13
Name: Deep Dive into ARM Trusted Firmware
Date: 31-10-2013
Speaker: Dan Handley / Charles Garcia-Tobin
LAS16-504: Secure Storage updates in OP-TEE
Speakers: Jerome Forissier
Date: September 30, 2016
★ Session Description ★
Since the presentation back in 2015 (SFO15), there has been functionality added, like RPMB and there has also been some changes in general to the secure storage code. This presentation will summarize what has been happening and will also talk about what’s left to do.
★ Resources ★
Etherpad: pad.linaro.org/p/las16-504
Presentations & Videos: http://connect.linaro.org/resource/las16/las16-504/
★ Event Details ★
Linaro Connect Las Vegas 2016 – #LAS16
September 26-30, 2016
http://www.linaro.org
http://connect.linaro.org
Session ID: HKG18-203
Session Name: HKG18-203 - Overview of Linaro DRM
Speaker: Peter Griffin
Track: Digital Home
★ Session Summary ★
This presentation will provide an overview of the Linaro Digital Rights Management (DRM) integrations with OP-TEE for Linux and Android. Topics covered will include the latest status for ClearKey, Widevine and Playready for supported browsers and boards.
---------------------------------------------------
★ Resources ★
Event Page: http://connect.linaro.org/resource/hkg18/hkg18-203/
Presentation: http://connect.linaro.org.s3.amazonaws.com/hkg18/presentations/hkg18-203.pdf
Video: http://connect.linaro.org.s3.amazonaws.com/hkg18/videos/hkg18-203.mp4
---------------------------------------------------
★ Event Details ★
Linaro Connect Hong Kong 2018 (HKG18)
19-23 March 2018
Regal Airport Hotel Hong Kong
---------------------------------------------------
Keyword: Digital Home
'http://www.linaro.org'
'http://connect.linaro.org'
---------------------------------------------------
Follow us on Social Media
https://www.facebook.com/LinaroOrg
https://www.youtube.com/user/linaroorg?sub_confirmation=1
https://www.linkedin.com/company/1026961
LAS16-406: Android Widevine on OP-TEE
Speakers:
Date: September 29, 2016
★ Session Description ★
In this session we will learn about what has been done to get Android Widevine to run OP-TEE.
★ Resources ★
Etherpad: pad.linaro.org/p/las16-406
Presentations & Videos: http://connect.linaro.org/resource/las16/las16-406/
★ Event Details ★
Linaro Connect Las Vegas 2016 – #LAS16
September 26-30, 2016
http://www.linaro.org
http://connect.linaro.org
BKK16-201 Play Ready OPTEE Integration with Secure Video Path lhg-1Linaro
This presentation provides a current view of the Security work performed in LHG. The focus is on hardware protected DRM integrated with OP TEE, creation of a Secure Data Path coupled with the Open Content Decryption Module, and the lessons learned from integrating third party libraries into trusted applications.
LAS16-402: ARM Trusted Firmware – from Enterprise to EmbeddedLinaro
LAS16-402: ARM Trusted Firmware – from Enterprise to Embedded
Speakers:
Date: September 29, 2016
★ Session Description ★
ARM Trusted Firmware has established itself as a key part of the ARMv8-A software stack. Broadening its applicability across all segments, from embedded to enterprise, is challenging. This session discusses the latest developments, including extension into the 32-bit space.
★ Resources ★
Etherpad: pad.linaro.org/p/las16-402
Presentations & Videos: http://connect.linaro.org/resource/las16/las16-402/
★ Event Details ★
Linaro Connect Las Vegas 2016 – #LAS16
September 26-30, 2016
http://www.linaro.org
http://connect.linaro.org
Getting started with setting up embedded platform requires audience to understand some of the key aspects of Linux. Starting with basics of Linux this presentation talks about basic commands, vi editor, shell scripting and advanced commands
Linux has become integral part of Embedded systems. This three part presentation gives deeper perspective of Linux from system programming perspective. Stating with basics of Linux it goes on till advanced aspects like thread and IPC programming.
Demystifying Security Root of Trust Approaches for IoT/Embedded - SFO17-304Linaro
Session ID: SFO17-304
Session Name: Demystifying Security Root of Trust Approaches for IoT/Embedded
- SFO17-304
Speaker: Suresh Marisetty
Track: LHG,LITE,Security
★ Session Summary ★
The current trend of IoT market segment is expected to enable and deploy about 50 billion connected devices by year 2020. IoT devices will be deployed across the board to cater to multiple use cases like Home/building Automation, Automotive, a highly fragmented embedded segment: gateways, set top boxes, security cameras, industrial automation, digital signage, healthcare, etc. This trend will bring about a great challenge of securing the connected end point IoT devices from a myriad of physical and remote attacks ex: DDOS Mirai botnet launched through IoT devices like digital cameras and DVR players
Problem Statement: Each use cases has its own IoT device constraints like: Cost, Power, Performance, memory footprint, security objectives, etc. The fundamental basis for any secure IoT and Embedded solution is the Root of Trust (RoT), which provides assurance of the integrity of the system software from: boot and runtime firmware, to OS loader, to the Kernel, to the user Applications. This poses a serious issue and challenges the one-size fits all RoT solution model.
ARM has taken on this challenge head on to come up with a microcontroller security architecture solution that caters to the various IoT devices constraints, by offering ARM Cortex-M family of processors. ARM’s flexible and scalable architecture solution will allow an OEM or Silicon partner to adapt the base security architecture and to extend it in a seamless way. This caters to the requirements of different market segments through add-on hardware, firmware and software security enhancements.
The session will present the ARM’s base security system and software architecture based on the upcoming Cortex V8M solution that will provide a hardware and firmware assisted Trust Zone based Security RoT aka TBSA-M for a range of markets, to include the highly constrained IoT devices. Furthermore, the session will discuss about how the base RoT capability can be extended in a seamless way with additional hardware assisted mechanisms to offer high levels of functionality and/or robustness for less constrained IoT devises with options like TBSA-M+, TBSA-HSM and platform level security software abstraction framework to decouple the chosen RoT capability for various OSes and the Cloud security frameworks.
---------------------------------------------------
★ Resources ★
Event Page: http://connect.linaro.org/resource/sfo17/sfo17-304/
Presentation:
Video: https://www.youtube.com/watch?v=aIwmRXFOshs
---------------------------------------------------
★ Event Details ★
Linaro Connect San Francisco 2017 (SFO17)
25-29 September 2017
Hyatt Regency San Francisco Airport
TSC Sponsored BoF: Can Linux and Automotive Functional Safety Mix ? Take 2: T...Linaro
Session ID: SFO17-218
Session Name: TSC Sponsored BoF: Can Linux and Automotive Functional Safety Mix ? Take 2: Towards an open source, industry acceptable high assurance OS - SFO17-218
Speaker:
Track:
★ Session Summary ★
All are welcome!
At the first edition of the Automotive BoF held at Budapest David Rusling and
Robin Randhawa broached the topic of open source software use in the safety
critical parts of the Automotive domain. That discussion led to some important
realisations about Linux possibilities and realities. In this second edition
of the Automotive Bof David and Robin provide further interesting insights
from discussions with major Tier 1 Automotive OEMs. Overall, things seem to be
trending towards some concrete proposals for the role of Linaro in this space.
Join us at the BoF to learn more.
---------------------------------------------------
★ Resources ★
Event Page: http://connect.linaro.org/resource/sfo17/sfo17-218/
Presentation:
Video:
---------------------------------------------------
★ Event Details ★
Linaro Connect San Francisco 2017 (SFO17)
25-29 September 2017
Hyatt Regency San Francisco Airport
---------------------------------------------------
Keyword:
'http://www.linaro.org'
'http://connect.linaro.org'
---------------------------------------------------
Follow us on Social Media
https://www.facebook.com/LinaroOrg
https://twitter.com/linaroorg
https://www.youtube.com/user/linaroorg?sub_confirmation=1
https://www.linkedin.com/company/1026961
LCU14 302- How to port OP-TEE to another platformLinaro
LCU14 302- How to port OP-TEE to another platform
---------------------------------------------------
Speaker: Joakim Bech, Jens Wiklander and Pascal Brand
Date: September 17, 2014
---------------------------------------------------
★ Session Summary ★
OP-TEE (Open Portable Trusted Execution Environment) is the source code for the TEE in Linux using the ARM Trustzone technology. This component meets the Global Platform TEE System Architecture specification. Most of the code is generic. However, a number of platform specific characteristics are addressed, such as memory layout or board specific hardware IP. In this session, you can learn the steps to follow to port OP-TEE for your armv7 platform, as the ones that have been defined when porting OP-TEE to A80 (SWG-77). OP-TEE to the Allwinner A80 platform
---------------------------------------------------
★ Resources ★
Zerista: http://lcu14.zerista.com/event/member/137748
Google Event: https://plus.google.com/u/0/events/cnd044lmnid6jcoj1a9svlhmkj0
Video: https://www.youtube.com/watch?v=QgaGJow7hws&list=UUIVqQKxCyQLJS6xvSmfndLA
Etherpad: http://pad.linaro.org/p/lcu14-302
---------------------------------------------------
★ Event Details ★
Linaro Connect USA - #LCU14
September 15-19th, 2014
Hyatt Regency San Francisco Airport
---------------------------------------------------
http://www.linaro.org
http://connect.linaro.org
This introduces the linaro OP-TEE project in the context of the Automotive Grade Linux distribution. This TEE is today considered as a potential key element to provides some security enforcement in the scope of Software OTA for the AGL distribution.
This brief slides set was presented during AGL Face to Face Technical Meeting 25 – 27 May, Vannes, France
SFO15-200: Linux kernel generic TEE driver
Speaker: Jens Wiklander
Date: September 22, 2015
★ Session Description ★
At this session we will get more knowledge about the TEE driver that Linaro has been working on for the last couple of months. Questions to be answered are for example: What are the API’s? How does the TEE driver work as a communication channel. What will a developer need to think of when adding support for another TEE solution?
★ Resources ★
Video: https://www.youtube.com/watch?v=BhLndLUQamM
Presentation: http://www.slideshare.net/linaroorg/sfo15200-linux-kernel-generic-tee-driver
Etherpad: pad.linaro.org/p/sfo15-200
Pathable: https://sfo15.pathable.com/meetings/302831
★ Event Details ★
Linaro Connect San Francisco 2015 - #SFO15
September 21-25, 2015
Hyatt Regency Hotel
http://www.linaro.org
http://connect.linaro.org
Lcu14 306 - OP-TEE Future Enhancements
---------------------------------------------------
Speaker: Joakim Bech, Jens Wiklander and Pascal Brand
Date: September 17, 2014
---------------------------------------------------
★ Session Summary ★
In this discussion session, we will cover the plans Linaro have to enhance the current OP-TEE implementation. Different topics will be covered, among them: Adding a cryptographic layer to support custom cryptographic libraries or HW-acceleration IP / instructions (REQ-413 and REQ-421) PSCI support (REQ-415) Add ECC support for TEE Internal API 1.1 (REQ-419)
---------------------------------------------------
★ Resources ★
Zerista: http://lcu14.zerista.com/event/member/137753
Google Event: https://plus.google.com/u/0/events/cq01taemqeeblb8k8jnu21lifus
Video: https://www.youtube.com/watch?v=GTKEmdUU1lE&list=UUIVqQKxCyQLJS6xvSmfndLA
Etherpad: http://pad.linaro.org/p/lcu14-306
---------------------------------------------------
★ Event Details ★
Linaro Connect USA - #LCU14
September 15-19th, 2014
Hyatt Regency San Francisco Airport
---------------------------------------------------
http://www.linaro.org
http://connect.linaro.org
LAS16-111: Easing Access to ARM TrustZone – OP-TEE and Raspberry Pi 3Linaro
LAS16-111: Raspberry Pi3, OP-TEE and JTAG debugging
Speakers:
Date: September 26, 2016
★ Session Description ★
ARM TrustZone is a critical technology for securing IoT devices and systems. But awareness of TrustZone and its benefits lags within the maker community as well as among enterprises. The first step to solving this problem is lowering the cost of access. Sequitur Labs and Linaro have joined forces to address this problem by making a port of OP-TEE available on the Raspberry Pi 3. The presentation covers the value of TrustZone for securing IoT and how customers can learn more through this joint effort.
Embedded systems security remains a challenge for many developers. Awareness of mature, proven technologies such as ARM TrustZone is very low among the Maker community as well as among enterprises. As a result this foundational technology is largely being ignored as a security solution. Sequitur Labs and Linaro have taken an innovative approach combining an Open Source solution – OP-TEE with Raspberry Pi 3. The Raspberry Pi 3 is one of the world’s most popular platforms among device makers. Its value as an educational tool for learning about embedded systems development is proven.
Sequitur Labs have also enabled bare metal debugging via JTag on the Pi 3 enhancing the value of the Pi 3 as an educational tool for embedded systems development.
The presentation will focus on
ARM v8a architecture and instruction set
ARM Trusted Firmware
TrustZone and OP-TEE basics
JTAG and bare metal debugging the Raspberry Pi 3
★ Resources ★
Etherpad: pad.linaro.org/p/las16-111
Presentations & Videos: http://connect.linaro.org/resource/las16/las16-111/
★ Event Details ★
Linaro Connect Las Vegas 2016 – #LAS16
September 26-30, 2016
http://www.linaro.org
http://connect.linaro.org
HKG18-402 - Build secure key management services in OP-TEELinaro
Session ID: HKG18-402
Session Name: HKG18-402 - Build secure key management services in OP-TEE
Speaker: Etienne Carriere
Track: Security
★ Session Summary ★
The session presents an initiative to build secure key management services in the OP-TEE project. Based on OP-TEE services (persistent storage, cryptography, time, etc) one could build a trusted application of store and use secure keys. An open source implementation for generic key services could be of interest. However there are many client APIs defined in the ecosystem which is a matter of concern for standardization of such services. The session will open a discussion on this and presents the current choice of the PKCS#11 Cryptoki. There can be lot of key attributes and cryptographic schemes to be supported. The session will present the current plans (starting from AES flavors) and what is currently missing in the OP-TEE (as certificate support, bootloader support). This session aims at getting feedback from the community on this topic, discuss about expected services and client APIs.
---------------------------------------------------
★ Resources ★
Event Page: http://connect.linaro.org/resource/hkg18/hkg18-402/
Presentation: http://connect.linaro.org.s3.amazonaws.com/hkg18/presentations/hkg18-402.pdf
Video: http://connect.linaro.org.s3.amazonaws.com/hkg18/videos/hkg18-402.mp4
---------------------------------------------------
★ Event Details ★
Linaro Connect Hong Kong 2018 (HKG18)
19-23 March 2018
Regal Airport Hotel Hong Kong
---------------------------------------------------
Keyword: Security
'http://www.linaro.org'
'http://connect.linaro.org'
---------------------------------------------------
Follow us on Social Media
https://www.facebook.com/LinaroOrg
https://www.youtube.com/user/linaroorg?sub_confirmation=1
https://www.linkedin.com/company/1026961
"Session ID: BUD17-400
Session Name: Secure Data Path with OPTEE - BUD17-400
Speaker: Mark Gregotski
Track: LHG
★ Session Summary ★
LHG is using the ION-based secure memory allocator integrated with OPTEE as the basis for secure data path processing pipeline. LHG is following the W3C EME protocol and supporting Content Decryption Modules (CDMs) from Widevine and PlayReady.
---------------------------------------------------
★ Resources ★
Event Page: http://connect.linaro.org/resource/bud17/bud17-400/
Presentation: https://www.slideshare.net/linaroorg/bud17400-secure-data-path-with-optee
Video: https://youtu.be/6JdzsWZq4Ls
---------------------------------------------------
★ Event Details ★
Linaro Connect Budapest 2017 (BUD17)
6-10 March 2017
Corinthia Hotel, Budapest,
Erzsébet krt. 43-49,
1073 Hungary
---------------------------------------------------
Keyword: LHG, secure-data, OPTEE
http://www.linaro.org
http://connect.linaro.org
---------------------------------------------------
Follow us on Social Media
https://www.facebook.com/LinaroOrg
https://twitter.com/linaroorg
https://www.youtube.com/user/linaroorg?sub_confirmation=1
https://www.linkedin.com/company/1026961"
LCU13: Deep Dive into ARM Trusted Firmware
Resource: LCU13
Name: Deep Dive into ARM Trusted Firmware
Date: 31-10-2013
Speaker: Dan Handley / Charles Garcia-Tobin
LAS16-504: Secure Storage updates in OP-TEE
Speakers: Jerome Forissier
Date: September 30, 2016
★ Session Description ★
Since the presentation back in 2015 (SFO15), there has been functionality added, like RPMB and there has also been some changes in general to the secure storage code. This presentation will summarize what has been happening and will also talk about what’s left to do.
★ Resources ★
Etherpad: pad.linaro.org/p/las16-504
Presentations & Videos: http://connect.linaro.org/resource/las16/las16-504/
★ Event Details ★
Linaro Connect Las Vegas 2016 – #LAS16
September 26-30, 2016
http://www.linaro.org
http://connect.linaro.org
Session ID: HKG18-203
Session Name: HKG18-203 - Overview of Linaro DRM
Speaker: Peter Griffin
Track: Digital Home
★ Session Summary ★
This presentation will provide an overview of the Linaro Digital Rights Management (DRM) integrations with OP-TEE for Linux and Android. Topics covered will include the latest status for ClearKey, Widevine and Playready for supported browsers and boards.
---------------------------------------------------
★ Resources ★
Event Page: http://connect.linaro.org/resource/hkg18/hkg18-203/
Presentation: http://connect.linaro.org.s3.amazonaws.com/hkg18/presentations/hkg18-203.pdf
Video: http://connect.linaro.org.s3.amazonaws.com/hkg18/videos/hkg18-203.mp4
---------------------------------------------------
★ Event Details ★
Linaro Connect Hong Kong 2018 (HKG18)
19-23 March 2018
Regal Airport Hotel Hong Kong
---------------------------------------------------
Keyword: Digital Home
'http://www.linaro.org'
'http://connect.linaro.org'
---------------------------------------------------
Follow us on Social Media
https://www.facebook.com/LinaroOrg
https://www.youtube.com/user/linaroorg?sub_confirmation=1
https://www.linkedin.com/company/1026961
LAS16-406: Android Widevine on OP-TEE
Speakers:
Date: September 29, 2016
★ Session Description ★
In this session we will learn about what has been done to get Android Widevine to run OP-TEE.
★ Resources ★
Etherpad: pad.linaro.org/p/las16-406
Presentations & Videos: http://connect.linaro.org/resource/las16/las16-406/
★ Event Details ★
Linaro Connect Las Vegas 2016 – #LAS16
September 26-30, 2016
http://www.linaro.org
http://connect.linaro.org
BKK16-201 Play Ready OPTEE Integration with Secure Video Path lhg-1Linaro
This presentation provides a current view of the Security work performed in LHG. The focus is on hardware protected DRM integrated with OP TEE, creation of a Secure Data Path coupled with the Open Content Decryption Module, and the lessons learned from integrating third party libraries into trusted applications.
LAS16-402: ARM Trusted Firmware – from Enterprise to EmbeddedLinaro
LAS16-402: ARM Trusted Firmware – from Enterprise to Embedded
Speakers:
Date: September 29, 2016
★ Session Description ★
ARM Trusted Firmware has established itself as a key part of the ARMv8-A software stack. Broadening its applicability across all segments, from embedded to enterprise, is challenging. This session discusses the latest developments, including extension into the 32-bit space.
★ Resources ★
Etherpad: pad.linaro.org/p/las16-402
Presentations & Videos: http://connect.linaro.org/resource/las16/las16-402/
★ Event Details ★
Linaro Connect Las Vegas 2016 – #LAS16
September 26-30, 2016
http://www.linaro.org
http://connect.linaro.org
Getting started with setting up embedded platform requires audience to understand some of the key aspects of Linux. Starting with basics of Linux this presentation talks about basic commands, vi editor, shell scripting and advanced commands
Linux has become integral part of Embedded systems. This three part presentation gives deeper perspective of Linux from system programming perspective. Stating with basics of Linux it goes on till advanced aspects like thread and IPC programming.
Demystifying Security Root of Trust Approaches for IoT/Embedded - SFO17-304Linaro
Session ID: SFO17-304
Session Name: Demystifying Security Root of Trust Approaches for IoT/Embedded
- SFO17-304
Speaker: Suresh Marisetty
Track: LHG,LITE,Security
★ Session Summary ★
The current trend of IoT market segment is expected to enable and deploy about 50 billion connected devices by year 2020. IoT devices will be deployed across the board to cater to multiple use cases like Home/building Automation, Automotive, a highly fragmented embedded segment: gateways, set top boxes, security cameras, industrial automation, digital signage, healthcare, etc. This trend will bring about a great challenge of securing the connected end point IoT devices from a myriad of physical and remote attacks ex: DDOS Mirai botnet launched through IoT devices like digital cameras and DVR players
Problem Statement: Each use cases has its own IoT device constraints like: Cost, Power, Performance, memory footprint, security objectives, etc. The fundamental basis for any secure IoT and Embedded solution is the Root of Trust (RoT), which provides assurance of the integrity of the system software from: boot and runtime firmware, to OS loader, to the Kernel, to the user Applications. This poses a serious issue and challenges the one-size fits all RoT solution model.
ARM has taken on this challenge head on to come up with a microcontroller security architecture solution that caters to the various IoT devices constraints, by offering ARM Cortex-M family of processors. ARM’s flexible and scalable architecture solution will allow an OEM or Silicon partner to adapt the base security architecture and to extend it in a seamless way. This caters to the requirements of different market segments through add-on hardware, firmware and software security enhancements.
The session will present the ARM’s base security system and software architecture based on the upcoming Cortex V8M solution that will provide a hardware and firmware assisted Trust Zone based Security RoT aka TBSA-M for a range of markets, to include the highly constrained IoT devices. Furthermore, the session will discuss about how the base RoT capability can be extended in a seamless way with additional hardware assisted mechanisms to offer high levels of functionality and/or robustness for less constrained IoT devises with options like TBSA-M+, TBSA-HSM and platform level security software abstraction framework to decouple the chosen RoT capability for various OSes and the Cloud security frameworks.
---------------------------------------------------
★ Resources ★
Event Page: http://connect.linaro.org/resource/sfo17/sfo17-304/
Presentation:
Video: https://www.youtube.com/watch?v=aIwmRXFOshs
---------------------------------------------------
★ Event Details ★
Linaro Connect San Francisco 2017 (SFO17)
25-29 September 2017
Hyatt Regency San Francisco Airport
TSC Sponsored BoF: Can Linux and Automotive Functional Safety Mix ? Take 2: T...Linaro
Session ID: SFO17-218
Session Name: TSC Sponsored BoF: Can Linux and Automotive Functional Safety Mix ? Take 2: Towards an open source, industry acceptable high assurance OS - SFO17-218
Speaker:
Track:
★ Session Summary ★
All are welcome!
At the first edition of the Automotive BoF held at Budapest David Rusling and
Robin Randhawa broached the topic of open source software use in the safety
critical parts of the Automotive domain. That discussion led to some important
realisations about Linux possibilities and realities. In this second edition
of the Automotive Bof David and Robin provide further interesting insights
from discussions with major Tier 1 Automotive OEMs. Overall, things seem to be
trending towards some concrete proposals for the role of Linaro in this space.
Join us at the BoF to learn more.
---------------------------------------------------
★ Resources ★
Event Page: http://connect.linaro.org/resource/sfo17/sfo17-218/
Presentation:
Video:
---------------------------------------------------
★ Event Details ★
Linaro Connect San Francisco 2017 (SFO17)
25-29 September 2017
Hyatt Regency San Francisco Airport
---------------------------------------------------
Keyword:
'http://www.linaro.org'
'http://connect.linaro.org'
---------------------------------------------------
Follow us on Social Media
https://www.facebook.com/LinaroOrg
https://twitter.com/linaroorg
https://www.youtube.com/user/linaroorg?sub_confirmation=1
https://www.linkedin.com/company/1026961
On making standards organizations & open source communities work hand in handBenjamin Cabé
Did you know that the Eclipse Foundation is home to many open source implementations of standards from a dozen of standards defining organizations: IETF, ISO, oneM2M, OASIS, etc.
We do believe that open source is key to standards' adoption, and this presentation shares some thoughts on what makes a standard successful, and how Eclipse has proved with recent success stories that open source and open communities are a key factor.
SFO15-100K1: Welcome Keynote: George Grey, Linaro CEOLinaro
SFO15-100K1: Welcome Keynote: George Grey, Linaro CEO
Speaker: George Grey
Date: September 21, 2015
★ Session Summary ★
Welcome Keynote
★ Resources ★
Google Event to Watch Live: https://plus.google.com/u/1/events/c08doi39pdhb5j7p2cro4l1c1c0
Pathable: https://sfo15.pathable.com/meetings/302600
Video: https://www.youtube.com/watch?v=5viiqYeOATI
Etherpad: pad.linaro.org/p/sfo15-100k1
Video on server (if unable to view on YouTube):
Presentation on server (if unable to view on Slideshare): N/A
★ Event Details ★
Linaro Connect San Francisco 2015 - #SFO15
September 21-25, 2015
Hyatt Regency Hotel
http://www.linaro.org
http://connect.linaro.org
Voxxed Days Villnius 2015 - Burning MarshmallowsRon Munitz
My talk from Voxxed Days Vilnius. In this talk we talked about the Android security model, how it has been affected by some publicly disclosed weaknesses in 2015, and what the Android Marshmallow future holds
Iot development from prototype to productionMender.io
This is my talk on IOT connected device development. Topics include hardware, system software, application software, patching/updating, and other design considerations.
Not my problem - Delegating responsibility to infrastructureYshay Yaacobi
Slides for for my talk, appeared on Code-Europe Poznan 12.06.2018
(https://www.codeeurope.pl/en/speakers/yshay-yaacobi)
https://github.com/yshayy/not-my-problem-talk
https://github.com/Yshayy/not-my-problem-talk/blob/master/slides/demo.md
The PSCG's Ron Munitz's talk on MobSecCon, September 3rd, 2015.
A PDF is available in: http://thepscg.com/events/MobSecCon
Israel's first Android (and mobile) Internals conference coming up this November!
http://www.thepscg.com/events/MobModCon
TensorFlow is the most popular machine learning framework nowadays. TensorFlow Lite (TFLite), open sourced in late 2017, is TensorFlow’s runtime designed for mobile devices, esp. Android cell phones. TFLite is getting more and more mature. One the most interesting new components introduced recently are its GPU delegate and new NNAPI delegate. The GPU delegate uses Open GL ES compute shader on Android platforms and Metal shade on iOS devices. The original NNAPI delegate is an all-or-nothing design (if one of the ops in the compute graph is not supported by NNAPI, the whole graph is not delegated). The new one is a per-op design. When an op in a graph is not supported by NNAPI, the op is automatically fell back to the CPU runtime. I’ll have a quick review TFLite and its interpreter, then walk the audience through example usage of the two delegates and important source code of them.
Talking TUF: Securing Software DistributionDocker, Inc.
The Update Framework (TUF) secures new or existing software update systems by providing a specification and library that can be flexibly and universally integrated or natively implemented. The update procedure is notoriously susceptible to malicious attacks and TUF is designed to prevent these and other updater weaknesses.
Docker's Notary project integrates the Go implementation of TUF with Docker Content Trust to verify the publisher of Docker images.
https://github.com/theupdateframework/tuf
LAS16-108: JerryScript and other scripting languages for IoTLinaro
LAS16-108: JerryScript and other scripting languages for IoT
Speakers: Paul Sokolovsky
Date: September 26, 2016
★ Session Description ★
Overview of small-size/low-resource VHLL (very high-level languages)/scripting languages available for embedded/IoT usage (JavaScript, Python, Lua, etc.). Typical/possible usage scenarios and benefits. Challenges of running VHLLs in deeply embedded/very resource-constrained environments. Progress reports on porting JerryScript to Zephyr. (Possibly, architecture comparison of JerryScript and MicroPython).
★ Resources ★
Etherpad: pad.linaro.org/p/las16-108
Presentations & Videos: http://connect.linaro.org/resource/las16/las16-108/
★ Event Details ★
Linaro Connect Las Vegas 2016 – #LAS16
September 26-30, 2016
http://www.linaro.org
http://connect.linaro.org
BUD17-405: Building a reference IoT product with Zephyr Linaro
"Session ID: BUD17-405
Session Name: Building a reference IoT product with Zephyr - BUD17-405
Speaker: Michael Scott, Ricardo Salveti
Track: LTD
★ Session Summary ★
An example of a reference IoT product can be thought of supporting several core technologies such as IPv4/IPv6, 6LoWPAN, Bluetooth LE and also several protocols such as MQTT, CoAP and LWM2M. Additional requirements such as having a complete secure boot and execution environment, besides being able to be securely updated with FOTA support are also critically important. This session will cover the development and challenges faced when producing a reference IoT product implementation with Zephyr, describing the state of the project, and the current gaps to productization.
---------------------------------------------------
★ Resources ★
Event Page: http://connect.linaro.org/resource/bud17/bud17-405/
Presentation: https://www.slideshare.net/linaroorg/bud17405-building-a-reference-iot-product-with-zephyr
Video: https://youtu.be/TOJkzIJ_3jg
---------------------------------------------------
★ Event Details ★
Linaro Connect Budapest 2017 (BUD17)
6-10 March 2017
Corinthia Hotel, Budapest,
Erzsébet krt. 43-49,
1073 Hungary
---------------------------------------------------
Keyword: LTD, Zephyr. IoT
http://www.linaro.org
http://connect.linaro.org
---------------------------------------------------
Follow us on Social Media
https://www.facebook.com/LinaroOrg
https://twitter.com/linaroorg
https://www.youtube.com/user/linaroorg?sub_confirmation=1
https://www.linkedin.com/company/1026961"
LAS16-100K1: Welcome Keynote
Speakers: George Grey
Date: September 26, 2016
★ Session Description ★
George Grey, CEO of Linaro will welcome attendees to the conference and give an update on the latest projects taking place at Linaro.
★ Resources ★
Etherpad: pad.linaro.org/p/las16-100k1
Presentations & Videos: http://connect.linaro.org/resource/las16/las16-100k1/
★ Event Details ★
Linaro Connect Las Vegas 2016 – #LAS16
September 26-30, 2016
http://www.linaro.org
http://connect.linaro.org
LAS16-200: Firmware summit - Tianocore Progress and StatusLinaro
Title: Tianocore Progress and Status
A brief update on the progress of ARM64 support in EDK2 and OpenPlatformPkg. Also covering the next steps. Followed by a discussion period.
Speaker: Leif Lindholm
Deep Learning Neural Network Acceleration at the Edge - Andrea GalloLinaro
Short
The growing amount of data captured by sensors and the real time constraints imply that not only big data analytics but also Machine Learning (ML) inference shall be executed at the edge. The multiple options for neural network acceleration in Arm-based platforms provide an unprecedented opportunity for new intelligent devices. It also raises the risk of fragmentation and duplication of efforts when multiple frameworks shall support multiple accelerators.
Andrea Gallo, Linaro VP of Segment Groups, will summarise the existing NN frameworks, accelerator solutions, and will describe the efforts underway in the Arm ecosystem.
Abstract
The dramatically growing amount of data captured by sensors and the ever more stringent requirements for latency and real time constraints are paving the way for edge computing, and this implies that not only big data analytics but also Machine Learning (ML) inference shall be executed at the edge. The multiple options for neural network acceleration in recent Arm-based platforms provides an unprecedented opportunity for new intelligent devices with ML inference. It also raises the risk of fragmentation and duplication of efforts when multiple frameworks shall support multiple accelerators.
Andrea Gallo, Linaro VP of Segment Groups, will summarise the existing NN frameworks, model description formats, accelerator solutions, low cost development boards and will describe the efforts underway to identify the best technologies to improve the consolidation and enable the competitive innovative advantage from all vendors.
Audience
The session will be useful for executives to engineers. Executives will gain a deeper understanding of the issues and opportunities. Engineers at NN acceleration IP design houses will take away ideas for how to collaborate in the open source community on their area of expertise, how to evaluate the performance and accelerate multiple NN frameworks without modifying them for each new IP, whether it be targeting edge computing gateways, smart devices or simple microcontrollers.
Benefits to the Ecosystem
The AI deep learning neural network ecosystem is starting just now and it has similar implications with open source as GPU and video accelerators had in the early days with user space drivers, binary blobs, proprietary APIs and all possible ways to protect their IPs. The session will outline a proposal for a collaborative ecosystem effort to create a common framework to manage multiple NN accelerators while at the same time avoiding to modify deep learning frameworks with multiple forks.
Huawei’s requirements for the ARM based HPC solution readiness - Joshua MoraLinaro
Talk Title: Huawei’s requirements for the ARM based HPC solution readiness
Talk Abstract:
A high level review of a wide range of requirements to architect an ARM based competitive HPC solution is provided. The review combines both Industry and Huawei’s unique views with the intend to communicate openly not only the alignment and support in ongoing efforts carried over by other ARM key players but to brief on the areas of differentiation that Huawei is investing towards the research, development and deployment of homegrown ARM based HPC solution(s).
Speaker: Joshua Mora
Speaker Bio:
20 years of experience in research and development of both software and hardware for high performance computing. Currently leading the architecture definition and development of ARM based HPC solutions, both hardware and software, all the way to the applications (ie. turnkey HPC solutions for different compute intensive markets where ARM will succeed !!).
Bud17 113: distribution ci using qemu and open qaLinaro
“Delivering a well working distribution is hard. There are a lot of different hardware platforms that need to be verified and the software stack is in a big flux during development phases. In rolling releases, this gets even worse, as nothing ever stands still. The only sane answer to that problem are working Continuous Integration tests. The SUSE way to check whether any change breaks normal distribution behavior is OpenQA. Using OpenQA we can automatically run tests that hard working QA people did manually in the old days. That way we have fast enough turnaround times to find and reject breaking changes This session shows how OpenQA works, what pitfalls we had to make ARM work with OpenQA and what we’re doing to improve it for ARM specific use cases.”
OpenHPC Automation with Ansible - Renato Golin - Linaro Arm HPC Workshop 2018Linaro
Speaker: Renato Golin
Speaker Bio:
He started programming in the late 80's in C for PCs after a few years playing with 8-bit computers, but he only started programming professionally in the late 90's during the .com bubble. After many years working on Internet's back-end, he moved to UK and worked a few years on bioinformatics at EBI before joining ARM, where he worked on the DS-5 debugger and on the EDG-to-LLVM bridge, where he became the LLVM Tech Lead. Recently, he worked with large clusters and big data at HPCC before moving to Linaro.
Talk Title: OpenHPC Automation with Ansible
Talk Abstract: "In order to test OpenHPC packages and components and to use it as a
platform to benchmark HPC applications, Linaro is developing an automated deployment strategy, using Ansible, Mr-Provisioner and Jenkins, to install the
OS, OpenHPC and prepare the environment on varied architectures (Arm, x86). This work is meant to replace the existing ageing Bash-based recipes upstream while still keeping the documents intact. Our aim is to make it easier to vary hardware configuration, allow for different provisioning techniques and mix internal infrastructure logic to different labs, while still using the same recipes. We hope this will help more people use OpenHPC with a better out-of-the-box experience and with more robust results"
HPC network stack on ARM - Linaro HPC Workshop 2018Linaro
Speaker: Pavel Shamis
Company: Arm
Speaker Bio:
"Pavel is a Principal Research Engineer at ARM with over 16 years of experience in development HPC solutions. His work is focused on co-design software and hardware building blocks for high-performance interconnect technologies, development communication middleware and novel programming models. Prior to joining ARM, he spent five years at Oak Ridge National Laboratory (ORNL) as a research scientist at Computer Science and Math Division (CSMD). In this role, Pavel was responsible for research and development multiple projects in high-performance communication domain including: Collective Communication Offload (CORE-Direct & Cheetah), OpenSHMEM, and OpenUCX. Before joining ORNL, Pavel spent ten years at Mellanox Technologies, where he led Mellanox HPC team and was one of the key driver in enablement Mellanox HPC software stack, including OFA software stack, OpenMPI, MVAPICH, OpenSHMEM, and other.
Pavel is a recipient of prestigious R&D100 award for his contribution in development of the CORE-Direct collective offload technology and he published in excess of 20 research papers.
"
Talk Title: HPC network stack on ARM
Talk Abstract:
Applications, programming languages, and libraries that leverage sophisticated network hardware capabilities have a natural advantage when used in today¹s and tomorrow's high-performance and data center computer environments. Modern RDMA based network interconnects provides incredibly rich functionality (RDMA, Atomics, OS-bypass, etc.) that enable low-latency and high-bandwidth communication services. The functionality is supported by a variety of interconnect technologies such as InfiniBand, RoCE, iWARP, Intel OPA, Cray¹s Aries/Gemini, and others. Over the last decade, the HPC community has developed variety user/kernel level protocols and libraries that enable a variety of high-performance applications over RDMA interconnects including MPI, SHMEM, UPC, etc. With the emerging availability HPC solutions based on ARM CPU architecture it is important to understand how ARM integrates with the RDMA hardware and HPC network software stack. In this talk, we will overview ARM architecture and system software stack, including MPI runtimes, OpenSHMEM, and OpenUCX.
It just keeps getting better - SUSE enablement for Arm - Linaro HPC Workshop ...Linaro
Speaker: Jay Kruemcke
Speaker Company: SUSE
Bio:
"Jay is responsible for the SUSE Linux server products for High Performance Computing, 64-bit ARM systems, and SUSE Linux for IBM Power servers.
Jay has built an extensive career in product management including using social media for client collaboration, product positioning, driving future product directions, and evangelizing the capabilities and future directions for dozens of enterprise products.
"
Talk Title: It just keeps getting better - SUSE enablement for Arm
Talk Abstract:
SUSE has been delivering commercial Linux support for Arm based servers since 2016. Initially the focus was on high end servers for HPC and Ceph based software defined storage. But we have enabled a number of other Arm SoCs and are even supporting the Raspberry Pi. This session will cover the SUSE products that are available for the Arm platform and view to the future.
Intelligent Interconnect Architecture to Enable Next Generation HPC - Linaro ...Linaro
Speakers: Gilad Shainer and Scot Schultz
Company: Mellanox Technologies
Talk Title: Intelligent Interconnect Architecture to Enable Next
Generation HPC
Talk Abstract:
The latest revolution in HPC interconnect architecture is the development of In-Network Computing, a technology that enables handling and accelerating application workloads at the network level. By placing data-related algorithms on an intelligent network, we can overcome the new performance bottlenecks and improve the data center and applications performance. The combination of In-Network Computing and ARM based processors offer a rich set of capabilities and opportunities to build the next generation of HPC platforms.
Gilad Shainer Bio:
Gilad Shainer has served as Mellanox's vice president of marketing since March 2013. Previously, Mr. Shainer was Mellanox's vice president of marketing development from March 2012 to March 2013. Mr. Shainer joined Mellanox in 2001 as a design engineer and later served in senior marketing management roles between July 2005 and February 2012. Mr. Shainer holds several patents in the field of high-speed networking and contributed to the PCI-SIG PCI-X and PCIe specifications. Gilad Shainer holds a MSc degree (2001, Cum Laude) and a BSc degree (1998, Cum Laude) in Electrical Engineering from the Technion Institute of Technology in Israel.
Scot Schultz Bio:
Scot Schultz is a HPC technology specialist with broad knowledge in operating systems, high speed interconnects and processor technologies. Joining the Mellanox team in 2013, Schultz is 30-year veteran of the computing industry. Prior to joining Mellanox, he spent the past 17 years at AMD in various engineering and leadership roles in the area of high performance computing. Scot has also been instrumental with the growth and development of various industry organizations including the Open Fabrics Alliance, and continues to serve as a founding board-member of the OpenPOWER Foundation and Director of Educational Outreach and founding member of the HPC-AI Advisory Council.
Yutaka Ishikawa - Post-K and Arm HPC Ecosystem - Linaro Arm HPC Workshop Sant...Linaro
Yutaka Ishikawa - Post-K and Arm HPC Ecosystem - Linaro Arm HPC Workshop Santa Clara 2018
Bio: "Yutaka Ishikawa is the project leader of developing the post K
supercomputer. From 1987 to 2001, he was a member of AIST (former
Electrotechnical Laboratory), METI. From 1993 to 2001, he was the
chief of Parallel and Distributed System Software Laboratory at Real
World Computing Partnership. He led development of cluster system
software called SCore, which was used in several large PC cluster
systems around 2004. From 2002 to 2014, he was a professor at the
University Tokyo. He led a project to design a commodity-based
supercomputer called T2K open supercomputer. As a result, three
universities, Tsukuba, Tokyo, and Kyoto, obtained each supercomputer
based on the specification in 2008. He was also involved with the
design of the Oakleaf-PACS, the successor of T2K supercomputer in both
Tsukuba and Tokyo, whose peak performance is 25PF."
Session Title: Post-K and Arm HPC Ecosystem
Session Description:
"Post-K, a flagship supercomputer in Japan, is being developed by Riken
and Fujitsu. It will be the first supercomputer with Armv8-A+SVE.
This talk will give an overview of Post-K and how RIKEN and Fujitsu
are currently working on software stack for an Arm architecture."
Andrew J Younge - Vanguard Astra - Petascale Arm Platform for U.S. DOE/ASC Su...Linaro
Event: Arm Architecture HPC Workshop by Linaro and HiSilicon
Location: Santa Clara, CA
Speaker: Andrew J Younge
Talk Title: Vanguard Astra - Petascale Arm Platform for U.S. DOE/ASC Supercomputing
Talk Desc: The Vanguard program looks to expand the potential technology choices for leadership-class High Performance Computing (HPC) platforms, not only for the National Nuclear Security Administration (NNSA) but for the Department of Energy (DOE) and wider HPC community. Specifically, there is a need to expand the supercomputing ecosystem by investing and developing emerging, yet-to-be-proven technologies and address both hardware and software challenges together, as well as to prove-out the viability of such novel platforms for production HPC workloads.
The first deployment of the Vanguard program will be Astra, a prototype Petascale Arm supercomputer to be sited at Sandia National Laboratories during 2018. This talk will focus on the arthictecural details of Astra and the significant investments being made towards the maturing the Arm software ecosystem. Furthermore, we will share initial performance results based on our pre-general availability testbed system and outline several planned research activities for the machine.
Bio: Andrew Younge is a R&D Computer Scientist at Sandia National Laboratories with the Scalable System Software group. His research interests include Cloud Computing, Virtualization, Distributed Systems, and energy efficient computing. Andrew has a Ph.D in Computer Science from Indiana University, where he was the Persistent Systems fellow and a member of the FutureGrid project, an NSF-funded experimental cyberinfrastructure test-bed. Over the years, Andrew has held visiting positions at the MITRE Corporation, the University of Southern California / Information Sciences Institute, and the University of Maryland, College Park. He received his Bachelors and Masters of Science from the Computer Science Department at Rochester Institute of Technology (RIT) in 2008 and 2010, respectively.
HKG18-501 - EAS on Common Kernel 4.14 and getting (much) closer to mainlineLinaro
Session ID: HKG18-501
Session Name: HKG18-501 - EAS on Common Kernel 4.14 and getting (much) closer to mainline
Speaker: Chris Redpath
Track: Mobile, Kernel
★ Session Summary ★
This session will introduce the changes to EAS planned for 4.14 kernel, and how Arm hopes that EAS will develop in future. EAS has already evolved from an Arm/Linaro joint project to involving a much wider community of SoC vendors, Google and interested device manufacturers. We will highlight the product-specific pieces remaining in the Android Common Kernel EAS implementation, and our plans to provide an upstreaming plan for each product feature. In particular, the new 'simplified energy model' is designed to provide mainline-friendliness and comparable performance using a simple DT expression of cpu power/performance.
---------------------------------------------------
★ Resources ★
Event Page: http://connect.linaro.org/resource/hkg18/hkg18-501/
Presentation: http://connect.linaro.org.s3.amazonaws.com/hkg18/presentations/hkg18-501.pdf
Video: http://connect.linaro.org.s3.amazonaws.com/hkg18/videos/hkg18-501.mp4
---------------------------------------------------
★ Event Details ★
Linaro Connect Hong Kong 2018 (HKG18)
19-23 March 2018
Regal Airport Hotel Hong Kong
---------------------------------------------------
Keyword: Mobile, Kernel
'http://www.linaro.org'
'http://connect.linaro.org'
---------------------------------------------------
Follow us on Social Media
https://www.facebook.com/LinaroOrg
https://www.youtube.com/user/linaroorg?sub_confirmation=1
https://www.linkedin.com/company/1026961
HKG18-501 - EAS on Common Kernel 4.14 and getting (much) closer to mainlineLinaro
"Session ID: HKG18-501
Session Name: HKG18-501 - EAS on Common Kernel 4.14 and getting (much) closer to mainline
Speaker: Chris Redpath
Track: Mobile, Kernel
★ Session Summary ★
This session will introduce the changes to EAS planned for 4.14 kernel, and how Arm hopes that EAS will develop in future. EAS has already evolved from an Arm/Linaro joint project to involving a much wider community of SoC vendors, Google and interested device manufacturers. We will highlight the product-specific pieces remaining in the Android Common Kernel EAS implementation, and our plans to provide an upstreaming plan for each product feature. In particular, the new 'simplified energy model' is designed to provide mainline-friendliness and comparable performance using a simple DT expression of cpu power/performance.
---------------------------------------------------
★ Resources ★
Event Page: http://connect.linaro.org/resource/hkg18/hkg18-501/
Presentation: http://connect.linaro.org.s3.amazonaws.com/hkg18/presentations/hkg18-501.pdf
Video: http://connect.linaro.org.s3.amazonaws.com/hkg18/videos/hkg18-501.mp4
---------------------------------------------------
★ Event Details ★
Linaro Connect Hong Kong 2018 (HKG18)
19-23 March 2018
Regal Airport Hotel Hong Kong
---------------------------------------------------
Keyword: Mobile, Kernel
'http://www.linaro.org'
'http://connect.linaro.org'
---------------------------------------------------
Follow us on Social Media
https://www.facebook.com/LinaroOrg
https://www.youtube.com/user/linaroorg?sub_confirmation=1
https://www.linkedin.com/company/1026961"
HKG18-315 - Why the ecosystem is a wonderful thing, warts and allLinaro
"Session ID: HKG18-315
Session Name: HKG18-315 - Why the ecosystem is a wonderful thing warts and all
Speaker: Andrew Wafaa
Track: Ecosystem Day
★ Session Summary ★
The Arm ecosystem is a vibrant place, but it's not always smooth sailing. This presentation will go through the highs and lows of getting the ecosystem fully Arm enabled.
---------------------------------------------------
★ Resources ★
Event Page: http://connect.linaro.org/resource/hkg18/hkg18-315/
Presentation: http://connect.linaro.org.s3.amazonaws.com/hkg18/presentations/hkg18-315.pdf
Video: http://connect.linaro.org.s3.amazonaws.com/hkg18/videos/hkg18-315.mp4
---------------------------------------------------
★ Event Details ★
Linaro Connect Hong Kong 2018 (HKG18)
19-23 March 2018
Regal Airport Hotel Hong Kong
---------------------------------------------------
Keyword: Ecosystem Day
'http://www.linaro.org'
'http://connect.linaro.org'
---------------------------------------------------
Follow us on Social Media
https://www.facebook.com/LinaroOrg
https://www.youtube.com/user/linaroorg?sub_confirmation=1
https://www.linkedin.com/company/1026961"
HKG18- 115 - Partitioning ARM Systems with the Jailhouse HypervisorLinaro
"Session ID: HKG18-115
Session Name: HKG18-115 - Partitioning ARM Systems with the Jailhouse Hypervisor
Speaker: Jan Kiszka
Track: Security
★ Session Summary ★
The open source hypervisor Jailhouse provides hard partitioning of multicore systems to co-locate multiple Linux or RTOS instances side by side. It aims at low complexity and minimal footprint to achieve deterministic behavior and enable certifications according to safety or security standards. In this session, we would like to look at the ARM-specific status of Jailhouse and discuss applications, to-dos and possible collaborations around it with the ARM community. The session is intended to be half presentation, half Q&A / discussion.
---------------------------------------------------
★ Resources ★
Event Page: http://connect.linaro.org/resource/hkg18/hkg18-115/
Presentation: http://connect.linaro.org.s3.amazonaws.com/hkg18/presentations/hkg18-115.pdf
Video: http://connect.linaro.org.s3.amazonaws.com/hkg18/videos/hkg18-115.mp4
---------------------------------------------------
★ Event Details ★
Linaro Connect Hong Kong 2018 (HKG18)
19-23 March 2018
Regal Airport Hotel Hong Kong
---------------------------------------------------
Keyword: Security
'http://www.linaro.org'
'http://connect.linaro.org'
---------------------------------------------------
Follow us on Social Media
https://www.facebook.com/LinaroOrg
https://www.youtube.com/user/linaroorg?sub_confirmation=1
https://www.linkedin.com/company/1026961"
"Session ID: HKG18-TR08
Session Name: HKG18-TR08 - Upstreaming SVE in QEMU
Speaker: Alex Bennée,Richard Henderson
Track: Enterprise
★ Session Summary ★
ARM's Scalable Vector Extensions is an innovative solution to processing highly data parallel workloads. While several out-of-tree attempts at implementing SVE support for QEMU existed, we took a fundamentally different approach to solving key challenges and therefore pursued a from-scratch QEMU SVE implementation in Linaro. Our strategic choice was driven by several factors. First as an ""upstream first"" organisation we were focused on a solution that would be readily accepted by the upstream project. This entailed doing our development in the open on the project mailing lists where early feedback and community consensus can be reached.
---------------------------------------------------
★ Resources ★
Event Page: http://connect.linaro.org/resource/hkg18/hkg18-tr08/
Presentation: http://connect.linaro.org.s3.amazonaws.com/hkg18/presentations/hkg18-tr08.pdf
Video: http://connect.linaro.org.s3.amazonaws.com/hkg18/videos/hkg18-tr08.mp4
---------------------------------------------------
★ Event Details ★
Linaro Connect Hong Kong 2018 (HKG18)
19-23 March 2018
Regal Airport Hotel Hong Kong
---------------------------------------------------
Keyword: Enterprise
'http://www.linaro.org'
'http://connect.linaro.org'
---------------------------------------------------
Follow us on Social Media
https://www.facebook.com/LinaroOrg
https://www.youtube.com/user/linaroorg?sub_confirmation=1
https://www.linkedin.com/company/1026961"
HKG18-113- Secure Data Path work with i.MX8MLinaro
"Session ID: HKG18-113
Session Name: HKG18-113 - Secure Data Path work with i.MX8M
Speaker: Cyrille Fleury
Track: Digital Home
★ Session Summary ★
NXP presentation on Secure Data Path work with i.MX8M Soc. Demonstrate 4K PlayReady playback with Android 8.1 running on i.MX8M. Focus on security (MS SL3000 and Widevine level 1)
---------------------------------------------------
★ Resources ★
Event Page: http://connect.linaro.org/resource/hkg18/hkg18-113/
Presentation: http://connect.linaro.org.s3.amazonaws.com/hkg18/presentations/hkg18-113.pdf
Video: http://connect.linaro.org.s3.amazonaws.com/hkg18/videos/hkg18-113.mp4
---------------------------------------------------
★ Event Details ★
Linaro Connect Hong Kong 2018 (HKG18)
19-23 March 2018
Regal Airport Hotel Hong Kong
---------------------------------------------------
Keyword: Digital Home
'http://www.linaro.org'
'http://connect.linaro.org'
---------------------------------------------------
Follow us on Social Media
https://www.facebook.com/LinaroOrg
https://www.youtube.com/user/linaroorg?sub_confirmation=1
https://www.linkedin.com/company/1026961"
HKG18-120 - Devicetree Schema Documentation and Validation Linaro
"Session ID: HKG18-120
Session Name: HKG18-120 - Structured Documentation and Validation for Device Tree
Speaker: Grant Likely
Track: Kernel
★ Session Summary ★
Devicetree has become the dominant hardware configuration language used when building embedded systems. Projects using Devicetree now include Linux, U-Boot, Android, FreeBSD, and Zephyr. However, it is notoriously difficult to write correct Devicetree data files. The dtc tools perform limited tests for valid data, and there there is not yet a way to add validity test for specific hardware descriptions. Neither is there a good way to document requirements for specific bindings. Work is underway to solve these problems. This session will present a proposal for adding Devicetree schema files to the Devicetree toolchain that can be used to both validate data and produce usable documentation.
---------------------------------------------------
★ Resources ★
Event Page: http://connect.linaro.org/resource/hkg18/hkg18-120/
Presentation: http://connect.linaro.org.s3.amazonaws.com/hkg18/presentations/hkg18-120.pdf
Video: http://connect.linaro.org.s3.amazonaws.com/hkg18/videos/hkg18-120.mp4
---------------------------------------------------
★ Event Details ★
Linaro Connect Hong Kong 2018 (HKG18)
19-23 March 2018
Regal Airport Hotel Hong Kong
---------------------------------------------------
Keyword: Kernel
'http://www.linaro.org'
'http://connect.linaro.org'
---------------------------------------------------
Follow us on Social Media
https://www.facebook.com/LinaroOrg
https://www.youtube.com/user/linaroorg?sub_confirmation=1
https://www.linkedin.com/company/1026961"
"Session ID: HKG18-223
Session Name: HKG18-223 - Trusted Firmware M : Trusted Boot
Speaker: Tamas Ban
Track: LITE
★ Session Summary ★
An overview of the trusted boot concept and firmware update on the ARMv8-M based platform and how MCUBoot acts as a BL2 bootloader for TF-M.
Trusted Firmware M
In October 2017, Arm announced the vision of Platform Security Architecture (PSA) - a common framework to allow everyone in the IoT ecosystem to move forward with stronger, scalable security and greater confidence. There are three key stages to the Platform Security Architecture: Analysis, Architecture and Implementation which are described at https://developer.arm.com/products/architecture/platform-security-architecture.
_Trusted Firmware M, i.e. TF-M, is the Arm project to provide an open source reference implementation firmware that will conform to the PSA specification for M-Class devices. Early access to TF-M was released in December 2017 and it is being made public during Linaro Connect. The implementation should be considered a prototype until the PSA specifications reach release state and the code aligns._
---------------------------------------------------
★ Resources ★
Event Page: http://connect.linaro.org/resource/hkg18/hkg18-223/
Presentation: http://connect.linaro.org.s3.amazonaws.com/hkg18/presentations/hkg18-223.pdf
Video: http://connect.linaro.org.s3.amazonaws.com/hkg18/videos/hkg18-223.mp4
---------------------------------------------------
★ Event Details ★
Linaro Connect Hong Kong 2018 (HKG18)
19-23 March 2018
Regal Airport Hotel Hong Kong
---------------------------------------------------
Keyword: LITE
'http://www.linaro.org'
'http://connect.linaro.org'
---------------------------------------------------
Follow us on Social Media
https://www.facebook.com/LinaroOrg
https://www.youtube.com/user/linaroorg?sub_confirmation=1
https://www.linkedin.com/company/1026961"
PHP Frameworks: I want to break free (IPC Berlin 2024)Ralf Eggert
In this presentation, we examine the challenges and limitations of relying too heavily on PHP frameworks in web development. We discuss the history of PHP and its frameworks to understand how this dependence has evolved. The focus will be on providing concrete tips and strategies to reduce reliance on these frameworks, based on real-world examples and practical considerations. The goal is to equip developers with the skills and knowledge to create more flexible and future-proof web applications. We'll explore the importance of maintaining autonomy in a rapidly changing tech landscape and how to make informed decisions in PHP development.
This talk is aimed at encouraging a more independent approach to using PHP frameworks, moving towards a more flexible and future-proof approach to PHP development.
UiPath Test Automation using UiPath Test Suite series, part 4DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 4. In this session, we will cover Test Manager overview along with SAP heatmap.
The UiPath Test Manager overview with SAP heatmap webinar offers a concise yet comprehensive exploration of the role of a Test Manager within SAP environments, coupled with the utilization of heatmaps for effective testing strategies.
Participants will gain insights into the responsibilities, challenges, and best practices associated with test management in SAP projects. Additionally, the webinar delves into the significance of heatmaps as a visual aid for identifying testing priorities, areas of risk, and resource allocation within SAP landscapes. Through this session, attendees can expect to enhance their understanding of test management principles while learning practical approaches to optimize testing processes in SAP environments using heatmap visualization techniques
What will you get from this session?
1. Insights into SAP testing best practices
2. Heatmap utilization for testing
3. Optimization of testing processes
4. Demo
Topics covered:
Execution from the test manager
Orchestrator execution result
Defect reporting
SAP heatmap example with demo
Speaker:
Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...DanBrown980551
Do you want to learn how to model and simulate an electrical network from scratch in under an hour?
Then welcome to this PowSyBl workshop, hosted by Rte, the French Transmission System Operator (TSO)!
During the webinar, you will discover the PowSyBl ecosystem as well as handle and study an electrical network through an interactive Python notebook.
PowSyBl is an open source project hosted by LF Energy, which offers a comprehensive set of features for electrical grid modelling and simulation. Among other advanced features, PowSyBl provides:
- A fully editable and extendable library for grid component modelling;
- Visualization tools to display your network;
- Grid simulation tools, such as power flows, security analyses (with or without remedial actions) and sensitivity analyses;
The framework is mostly written in Java, with a Python binding so that Python developers can access PowSyBl functionalities as well.
What you will learn during the webinar:
- For beginners: discover PowSyBl's functionalities through a quick general presentation and the notebook, without needing any expert coding skills;
- For advanced developers: master the skills to efficiently apply PowSyBl functionalities to your real-world scenarios.
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...UiPathCommunity
💥 Speed, accuracy, and scaling – discover the superpowers of GenAI in action with UiPath Document Understanding and Communications Mining™:
See how to accelerate model training and optimize model performance with active learning
Learn about the latest enhancements to out-of-the-box document processing – with little to no training required
Get an exclusive demo of the new family of UiPath LLMs – GenAI models specialized for processing different types of documents and messages
This is a hands-on session specifically designed for automation developers and AI enthusiasts seeking to enhance their knowledge in leveraging the latest intelligent document processing capabilities offered by UiPath.
Speakers:
👨🏫 Andras Palfi, Senior Product Manager, UiPath
👩🏫 Lenka Dulovicova, Product Program Manager, UiPath
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf91mobiles
91mobiles recently conducted a Smart TV Buyer Insights Survey in which we asked over 3,000 respondents about the TV they own, aspects they look at on a new TV, and their TV buying preferences.
Search and Society: Reimagining Information Access for Radical FuturesBhaskar Mitra
The field of Information retrieval (IR) is currently undergoing a transformative shift, at least partly due to the emerging applications of generative AI to information access. In this talk, we will deliberate on the sociotechnical implications of generative AI for information access. We will argue that there is both a critical necessity and an exciting opportunity for the IR community to re-center our research agendas on societal needs while dismantling the artificial separation between the work on fairness, accountability, transparency, and ethics in IR and the rest of IR research. Instead of adopting a reactionary strategy of trying to mitigate potential social harms from emerging technologies, the community should aim to proactively set the research agenda for the kinds of systems we should build inspired by diverse explicitly stated sociotechnical imaginaries. The sociotechnical imaginaries that underpin the design and development of information access technologies needs to be explicitly articulated, and we need to develop theories of change in context of these diverse perspectives. Our guiding future imaginaries must be informed by other academic fields, such as democratic theory and critical theory, and should be co-developed with social science scholars, legal scholars, civil rights and social justice activists, and artists, among others.
Search and Society: Reimagining Information Access for Radical Futures
TEE - kernel support is now upstream. What this means for open source security
1.
2. Introducing today’s webinar subject
● Trusted Execution Environment - a software
isolation environment for executing security
applications
● Work originally on ARM TrustZone(R) technology
for hardware isolation between the trusted and
non-trusted worlds (see the diagram on the left)
● An open source project op-tee.org/about/
● The driver source for the TEE has been recently
accepted upstream for the 4.12 Linux kernel
3. Who is this webinar for?
● Members of the development community:
○ developing secure applications under Linux
○ contributing to open source
○ working in the ARM ecosystem
○ interested in upstreaming
○ anyone with supported hardware
4. What we’ll cover in this webinar
● A backgrounder on
○ OP-TEE
○ the components that make it up
○ the design principles behind it
● Why it’s important
● How the code got upstream
● How to get involved
5. We welcome your questions!
● There will be a Q&A at the end of the presentation. You can raise a question at
any time as we go along in the chat window.
● We’ll try to answer as many questions as we can at the end of the presentation
● It’s useful to us if you can click on the dropdown speech bubble next to the chat
for your comment to ‘Mark as a question’
How to mark your chat comment as a question
6. Today’s Presenters
● Joakim Bech
● Security Expert
● Bill Fletcher
● Moderator
● Jens Wiklander
● Security Working Group
Senior Engineer &
Upstream Driver Author
7. TEE - kernel support is now upstream.
What this means for open source
security
Joakim Bech
9. What is OP-TEE?
2010 2013 2014 2015
GP compliance!
OP-TEE
● Open Portable Trusted Execution Environment
● Open Source and GlobalPlatform based TEE
● Origins from ST-Ericsson / STMicroelectronics proprietary TEE
○ Used in NovaThor products (mainly U8500)
● Linaro owns and maintains OP-TEE since 2015.
Ownership from
STM to Linaro
10. Where does OP-TEE run?
● ARMv7-A (32bit)
● ARMv8-A (64/32bit)
● Development devices
○ ARM Juno board, RPi3, HiKey etc.
● Consumer products
○ Tablets, mobile phones, set-top boxes, cars
● In OP-TEE upstream +20 platforms are officially
supported.
○ We are aware of quite a few vendors using OP-TEE, but
their platform is still not found in the upstream tree
for one or another reason.
11. GlobalPlatform compliance / qualification?
● The software itself cannot be tested for compliance, it is always a combination
of software + hardware that is tested
● To support the Self Testing and Product Qualification Processes,
GlobalPlatform has developed a GlobalPlatform Test Suite
Proprietary era Open Source era
2010 2014 2017
ST-Ericsson based devices
passed compliance test
Decision by individual
companies
Some members of Linaro runs the
GP test suite on regular basis!
12. OP-TEE components
Normal World Secure World
User space
optee_client
optee_test
Linux kernel
TEE framework +
OP-TEE driver
Secure user space
Trusted Applications
(like optee_test)
Secure privileged
mode
optee_os
Secure Monitor
v7-A: optee_os
v8-A: ARM-TF
This is what we
are going to
talk about
today!
14. Why a TEE framework in kernel?
● Linux kernel is everywhere, from tiny
devices to industrial systems
● Source code has been scrutinized
○ Kernel maintainers are very honest experts
and not as “nice” as your corporate friend
sitting next to you in the office
○ As a result of that the code actually being
merged generally keeps a high standard
● Maintenance for “free”
● SoC vendors and OEM prefer pulling
(official) patches from a single tree
● Use cases? Only DRM? No!
● It’s about unifying TEE protocols!
Image courtesy of xkcd.com https://imgs.xkcd.com/comics/supported_features.png
15. GlobalPlatform? What is their role in the TEE driver
● Is the TEE driver in kernel a GlobalPlatform TEE driver?
○ A TEE driver uses a generic TEE framework, i.e., not tied to GP interfaces
● GlobalPlatform specifications define APIs for the end points ...
○ Client in Normal World - GP Client API specification
○ Trusted Applications in Secure World - GP Internal Core API specification
● … but does not mandate how layers in between shall handle the data
Secure world Normal world
Trusted app TEE core Linux kernel Client
GlobalPlatform GlobalPlatform
Generic TEE
driver
Vendor
specific
● So the answer is, not much, but ideas etc are definitely inherited!
● But OP-TEE is a GlobalPlatform TEE, right?
16. Generic TEE Framework - design principles
● Keep it small and simple
○ A small set of IOCTL’s
■ include/uapi/linux/tee.h
■ static long tee_ioctl(struct file *filp, unsigned int cmd, unsigned long arg)
● The data being transferred is opaque to the driver itself
● Use existing infrastructure in kernel
● Multi-core support
● A TEE driver uses the new framework
○ TEE Generic Framework ...
○ … is used by a TEE Vendor to implement a driver for their TEE solution
○ Currently only OP-TEE uses this new framework
17. IOCTL’s - Version
● TEE_IOC_VERSION
○ Identifies the TEE implementation
○ Query the TEE for specific features
○ Eventually used when there is more than one (?) TEE implementation on the system
● OP-TEE example:
struct tee_ioctl_version_data v = {
.impl_id = TEE_IMPL_ID_OPTEE,
.impl_caps = TEE_OPTEE_CAP_TZ,
.gen_caps = TEE_GEN_CAP_GP,
};
TEE is OP-TEE
OP-TEE capabilities
Generic capabilities: GlobalPlatform
18. ● TEE_IOC_OPEN_SESSION
○ The command that opens a communication channel between the client and the Trusted
Application.
● TEE_IOC_CLOSE_SESSION
○ Closes an open session
IOCTL’s - Sessions
User space
Linux kernel
Trusted Applications
Secure OS
Secure Monitor
Communication channel
19. IOCTL’s - Commands
● TEE_IOC_CANCEL
○ The command that gives the users the ability to cancel an ongoing operation.
● TEE_IOC_INVOKE
○ The main command to invoke commands that in turn will run Trusted Application specific
functionality.
○ The principle is to use a unique Trusted Application command identifier together with data we
are working with.
● Some out of TEE drivers out there have very specific commands for various use
cases. Such drivers would need to change this behavior to instead “tunnel” all
the data in invoke command.
○ Trustonic-tee-driver: 17
○ QSEE: +30
20. IOCTL’s - Supplicants
● TEE_IOC_SUPPL_RECV
● TEE_IOC_SUPPL_SEND
● A supplicant is typically a daemon running in normal world
○ Serves secure side with various services
■ File system access
■ RPMB
■ REE time
■ etc
● We believe most TEE vendors have some kind of supplicant to support their TEE
21. Probe function
● As for drivers in general, we need a probe function
● Example, OP-TEE’s probe function
○ static struct optee *optee_probe(struct device_node *np)
■ Get the invoke function (SMC or HVC?)
■ Check UUID and revision
■ Check capabilities
■ Configure shared memory
■ Allocate TEE device(s) - both for the
client(s) and for the supplicant
● The probe will not be called if there is
no firmware section in the Device
Tree blob
22. Challenges upstreaming a TEE Framework
● There are many kernel experts, but not that many of them are security experts
○ TEE driver is just one part of the entire TEE solution
● Getting people to review
○ Corporate policies
○ Unawareness of how to communicate on kernel mailinglists
● Chicken and egg problem
○ Keep patchsets small (submit early, submit often mentality)
○ But there must be enough to prove that it is actually working
● Other features being developed while doing upstream
○ Kernel TEE interface (GlobalPlatform Client API like), Secure Data Path, Benchmarking etc.
● Getting enough input from other TEE vendors
23. How to contribute?
● New to TEE development?
○ Study and try the driver with OP-TEE for example.
● TEE vendor?
○ Give feedback on the Linux kernel mailinglists about the current driver
○ (Try to) rewrite your current driver to use the new generic TEE framework
● Review patches!
● Talk to Linaro directly or?
○ For OP-TEE related questions and discussions: Yes!
○ For generic TEE framework discussions? No! Use the Linux kernel mailinglists.
● Subscribe to the mailinglists
○ linux-arm-kernel@lists.infradead.org
○ linux-kernel@vger.kernel.org
24. What does all this mean to Open Source Security?
● Another step in trying to unify TEE protocols
○ As mentioned, GlobalPlatform has defined the endpoints in the communication channel, but
nothing has been defined between the endpoints!
● Reduce fragmentation
○ Many other subsystems share common frameworks in Linux
○ TEE implementations should be able to do that too!
● A common code base
○ Regardless what TEE we are working with, we have a common source code repository (if we
want to…)
25. We welcome your questions!
● Next up -the Q&A. You can raise a question in the chat window.
● We’ll try to answer as many questions as we can at the end of the presentation
● It’s useful to us if you can click on the dropdown speech bubble next to the chat
for your comment to ‘Mark as a question’
How to mark your chat comment as a question
26. LEADING COLLABORATION
IN THE ARM ECOSYSTEM
About Linaro
● Linaro delivers engineering effort to develop key technologies for the ARM
ecosystem
● Linaro develops lots of key software technologies:
○ Tools and Languages, Firmware, Security, Virtualization, Power Management
○ Technology enablers for Mobile, Server, Multimedia, Networking and Embedded/IoT segments
● Linaro delivers its output to its members, into open source projects, and into the
community. Check out our websites and projects which we host or support:
○ linaro.org/downloads, linaro.cloud
○ 96boards.org, op-tee.org, opendataplane.org,
○ kernelci.org
● Linaro works with its members to maximize the return on their open source
investment
27. We welcome your questions!
● It’s the Q&A. You can raise a question in the chat window.
● If we run out of time we’ll try to follow up any remaining questions by mail
● It’s useful to us if you can click on the dropdown speech bubble next to the chat
for your comment to ‘Mark as a question’
How to mark your chat comment as a question