- The document describes the Zephyr real-time operating system which is open source, has a vibrant community, and is built with safety and security in mind. It supports multiple architectures and hardware boards and has vendor-neutral governance. - Key features include being highly configurable, modular, and product development ready using long-term supported releases that include security updates. It provides a range of OS services and supports over 100 sensors out of the box. - The project focuses on safety and has established committees to improve security practices and work towards safety certification for applications requiring functional safety standards like IEC 61508.

1. • Open source real time operating system
• Vibrant Community participation
• Built with safety and security in mind
• Cross-architecture with broad SoC and
development board support.
• Vendor Neutral governance
• Permissively licensed - Apache 2.0
• Complete, fully integrated, highly
configurable, modular for flexibility
• Product development ready using LTS
includes security updates
• Certification ready with Auditable
Zephyr Project
Open Source, RTOS, Connected, Embedded
Fits where Linux is too big
Kernel
OS Services
Application Services
HAL
3rd Party Libraries
Zephyr OS

2. Example of Products Running Zephyr Today
Proglove
Rigado IoT Gateway
Intellinium Safety
Shoes
Anicare Reindeer
Tracker
GNARBOX 2.0 SSD
Keeb.io BDN9
Sentrius
BLiXT solid state
circuit breaker
HereO Core Box
RUUVI Tag
Point Home Alarm
Safety Pod
Oticon More
See.Sense AIR
Hati-ACE
Vestas Wind Turbine
Moto Watch 100
Distancer
https://www.zephyrproject.org/products-running-zephyr/

3. Upstream Board Support – 400+ and growing
http://docs.zephyrproject.org/boards/boards.html
NXP FRDM K64F
Arduino Due
Minnowboard
STM Mini A15
BBC Microbit v2
STM32 Olimexino
Synopsys EMSK
Altera MAX10
NRF52 Seed Carbon
Seeed Nitrogen
Nucleo64 L476RG
TI Launchpad Wifi
ARM V2M Beetle
nRF9160-DK
ARM V2M MPS2
NXP FRDM-KW41Z
BBC Microbit Redbear BLE Nano
Zedboard Pulpino
ESP32-C3
STM3210c
STM32373c
Pico PI IMX7D
Atmel SAM E70
NXP i.MX RT1050
SiFive HiFive1
96b Neon Key
Adafruit Feather
Vega Board nRF5340 DK
Nucleo 103RB

4. Sensors : 100+ Already Integrated…
adt7420
adxl345
adxl362
adxl372
ak8975
amg88xx
ams_iAQcore
apds9960
bma280
bmc150_magn
bme280
bme680
bmg160
bmi160
bmi270
bmm150
bmp388
bq274xx
ccs811
dht
dps310
ds18b20
ens210
fdc2x1x
fxas21002
fxos8700
grove
hmc5883l
hp206c
hts221
i3g4250d
icm42605
icm42670
iis2dh
iis2dlpc
iis2iclx
iis2mdc
iis3dhhc
ina219
ina23x
isl29035
ism330dhcx
ite_tach_it8xxx2
ite_vcmp_it8xxx2
lis2dh
lis2ds12
lis2dw12
lis2mdl
lis3mdl
lm75
lm77
lps22hb
lps22hh
lps25hb
lsm303dlhc_magn
lsm6ds0
lsm6dsl
lsm6dso
lsm9ds0_gyro
lsm9ds0_mfd
max17055
max17262
max30101
max31875
max44009
max6675
mchp_tach_xec
mcp9808
mcux_acmp
mhz19b
mpr
mpu6050
mpu9250
ms5607
ms5837
nrf5
nuvoton_adc_cmp_npcx
nuvoton_tach_npcx
nxp_kinetis_temp
opt3001
pcnt_esp32
pms7003
qdec_nrfx
qdec_sam
qdec_stm32
sbs_gauge
sgp40
sht3xd
sht4x
shtcx
si7006
si7055
si7060
si7210
sm351lt
stm32_temp
stm32_vbat
stmemsc
stts751
sx9500
th02
ti_hdc
ti_hdc20xx
tmp007
tmp108
tmp112
tmp116
vcnl4040
vl53l0x
wsen_hids
wsen_itds
https://github.com/zephyrproject-rtos/zephyr/tree/main/drivers/sensor

5. Zephyr Supported Hardware Architectures
Cortex-M, Cortex-R
& Cortex-A
32 & 64 bit
x86 & x86_64
Xtensa
https://docs.zephyrproject.org/latest/hardware/index.html#hardware-support

6. Native Execution on a POSIX-compliant OS
• Build Zephyr as native Linux application
• Enable large scale simulation of network
or Bluetooth tests without involving HW
• Improve test coverage of application
layers
• Use any native tools available for
debugging and profiling
• Develop GUI applications entirely on the
desktop
• Optionally connect to real devices with
TCP/IP, Bluetooth, and CAN
• Reduce requirements for HW test
platforms during development

7. POSIX API on Zephyr
Provides familiar API to non-embedded programmers,
especially to Linux developers
Enable re-use (portability) of existing libraries
based on POSIX APIs
• Provides efficient subset appropriate for small
(MCU) embedded systems
• POSIX API subset is increasingly popular
operating system abstraction layer (OSAL) for IoT
• Supports subsets of PSE51, PSE52, and BSD
sockets API Hardware MCU/SoC
BSP
Zephyr Kernel
Middleware
Networking
Application
File System
BSD Sockets
POSIX PSE52
POSIX
PSE51
POSIX support in Zephyr
https://docs.zephyrproject.org/latest/guides/portability/posix.html

8. Architecture
• Highly Configurable, Highly Modular
• Cooperative and Preemptive Threading
• Memory and Resources are typically
statically allocated
• Integrated device driver interface
• Memory Protection: Stack overflow
protection, Kernel object and device driver
permission tracking, Thread isolation
• Bluetooth®
Low Energy (BLE 5.1) with both
controller and host, BLE Mesh
• 802.15.4 OpenThread
• Native, fully featured and optimized
networking stack
Platform
Radios
Power Management
Kernel Services / Schedulers
Sensors Crypto HW
I2C
SPI
UART
GPIO
…
File
Systems
Logging/
Tracing
Settings
Crypto
IPC
Flash
Sensors
...
Low Level API
Device
Mgmt
802.15.4
IPv6/IPv4
TCP/UDP
BLE Wi-Fi CAN ...
6LoWPAN
Thread
TLS
DTLS
CoAP
HTTP
MQTT
LWM2M
…
Application
Smart Objects / High Level APIs / Data Models
Kernel
OS
Services
Application
Services
Fully featured OS allows developers to focus on the application

9. Code Repositories
Community
Contributions
via DCO
Releases LTS Releases
Safety & Security
Processes
Certifiable
Releases
Forward ports & Keeping
Configurations in Sync
Development
Long Term
Support
“Stable”
Auditable

10. Zephyr OS: Long Term Support (LTS 2.7)
LTS #2 released on 2021/10/16 - it is:
• Product Focused
• Current with latest Security Updates
• Compatible with New Hardware: We will make point releases
throughout the development cycle to provide functional support for new
hardware.
• Tested: Shorten the development window and extend the Beta cycle to
allow for more testing and bug fixing
• Supported for 2 years
It is not:
• A Feature-Based Release: focus on hardening functionality of existing
features, versus introducing new ones.
• Cutting Edge https://github.com/zephyrproject-rtos/zephyr/releases/tag/zephyr-v2.7.0

11. Zephyr OS: Long Term Support (LTS - 1.14)
Have released 3 updates:
• Current with latest Security Updates
• Compatible with New Hardware
• Demonstrated supported for last 2 years
Just a reminder, it is not:
• A Feature-Based Release: focus on hardening functionality of existing
features, versus introducing new ones.
• Cutting Edge

12. Zephyr OS: Long Term Support (LTS - 1.14)
12
Delivered bug fixes and latest security updates for last 2 years!

13. Zephyr OS: Auditable
13
An auditable code base will be established from a subset of the Zephyr OS LTS.
• Code bases will be kept in sync.
• More rigorous processes (necessary for certification) will be applied to the auditable code base.
Processes to achieve selected certification to be:
• Determined by Safety Committee and Security Committee
• Coordinated with Technical Steering Committee

14. Project Security Documentation
●Project Security Overview
●Started with documents from
other projects
●Built around Secure
Development, Secure Design,
and Security Certification
●Ongoing process, rather than
something to just be
accomplished

15. CVE Numbering Authority
● Registered with MITRE
in 2017. We issue our
own CVEs
● Zephyr Project Security
Incident Response
Team (PSIRT) is a
subset of volunteers
from the Security
Subcommittee led by
the Zephyr Security
Architect.

16. OpenSSF Gold Badge
●Core Infrastructure Initiative Best
Practices Program
●Awards badges based on “project
commitment to security”
●Mostly about project infrastructure:
is project hosting, etc following
security practices
●Zephyr achieved gold Feb, 2019

17. Vulnerability Alert Registry
• For an embargo to effective, product
makers need to be notified early so they
can remediate
• Goal: Zephyr to fix issues within 30 days to
give vendors 60 days before publication
of vulnerability
• Product makers can register to receive
these alerts for free by signing up at
Vulnerability Alert Registry

18. Zephyr PSIRT: Remediation and Response
Advisory Issued by project on 20201208:
Zephyr current release (2.4) does not use Fnet or other
stacks.
The Zephyr LTS release 1.14 contains an implementation
of the TCP stack from Fnet.
- Of the vulnerabilities reported in Fnet, 2,
CVE-2020-17468, and CVE-2020-17469, are in the
IPv6 Fnet code, one, CVE-2020-17467, affects
Link-local Multicast Name Resolution LLMNR), and
2, CVE-2020-24383, and CVE-2020-17470 affect
DNS functionality.
- None of the affected code has been used in the
Zephyr project, while 1.14 does use the Fnet TCP,
it does not use the affected IPv6, DNS or LLMNR
code.
https://www.zephyrproject.org/zephyr-security-update-on-amnesia33/

19. Zephyr Security Summary
• Established Security Committee at project launch in 2016 – meets bi-weekly.
• Secure Coding Practices have been publicly documented for project.
• Zephyr Project registered as a CVE Numbering Authority with MITRE since 2017.
• “Gold” Best Practices Badge criteria Core Infrastructure Initiative met in 2018
• Leveraging Automation to prevent security regressions:
• Weekly Coverity Scans to detect bad practices in imported code
• MISRA scans being incorporated, to evolve to conformance and address issues.
• Vulnerability Management in 2020
• Vulnerability response criteria publicly documented
• Product makers can register for free for notification of Zephyr
• SBOM generation in 2021
• Source SBOM’s for releases and updates going forward from version 2.5
• Ability to automatically generate SBOM for built images included in version 2.6

20. Building in Safety for LTS → Auditable
20
• Established Safety Committee in 2019, meets weekly. Community that understands
safety considerations, and implications.
• Representatives from Parasoft, Intel, Synopsys, Google, NXP, Baumer, etc.
• Work closely with the TSC
• Initial target is IEC 61508 SIL 3 / SC 3 (IEC 61508-3, 7.4.2.12, Route 3s) for a limited
scope.
• Multiple safety activities in progress to establish safety plan, coding guideline
compliance, traceability, requirements, test coverage, tooling, etc.
• LTS 2 is starting point for Auditable, branch made November 2021
• Zephyr Project Coding Guidelines based on MISRAC:2021
• Engagement with FSM and certification authority.
• FSM on board June 2021, safety plan drafting in progress
• Certification Authority engagement targeted Q1 2023

21. Zephyr OS: Initial Certification Focus
● Start with a limited scope
of kernel and interfaces
● x86 and ARM arch is initial
focus
● Scope will be extended to
include additional
components as
determined by the safety
committee

22. Safety Collateral Proposal

23. Compliant Development: V-model
It is difficult to map a stereotypical
open-source development to the
V-model
• Specification of features
• Comprehensive documentation
• Traceability from requirements to
source code
• Number of committers and
information known about them
• Goal is to provide the evidences that
open source developers can map to
compliance and meet all requirements

24. • Build from scratch for Zephyr
• Using Zephyr native kernel concepts
• Dual mode IPv4/v6 stack
• DHCP v4; IPv4 autoconf; IPv6 SLAAC; DNS; SNTP
• Multiple network interfaces support
• Time Sensitive Networking support
• 802.1QAV API
• 802.1AS (gPTP, generalized Precision Time Protocol)
• BSD Sockets-based API
• TLS/DTLS supported via setsockopt call
• RAW socket support for IP and non-IP traffic
• Supports IP offloading
• Transparent for application using Socket API
• Compliance and security tested
• >500 automated tests for TCP level using commercial
products like IWL Maxwell Pro
Native IP Stack

25. High-Level Protocols
• CoAP v1
• MQTT Client v3.1.1
• HTTP
• As of Zephyr 2.0 server is
implemented using CivetWEB library
• Native HTTP client
• Websocket client
• SOCKS5
• LWM2M
• Thread
• Supported by OpenThread project
Zephyr Networking Features
Supported technologies
• Ethernet
• Ethernet over USB
• WiFi with IP offload
• IEEE 802.15.4 with 6Lo
• Bluetooth LE with 6Lo
• CANbus with 6Lo
• PPP

26. • Bluetooth 5.1 compliant
• Low Energy & experimental
Bluetooth Classic
• Multiple HCI transports
• Qualified (as of 1.14.1) for LE
and Mesh
• Can be built separately or
combined with the controller
• Active community developing
upcoming standards
• Mesh & GATT reference stack in
Bluetooth SIG training materials
Bluetooth Host and Mesh

27. Second-generation open source BLE software Controller:
• Bluetooth 5.1 compliant and qualified (v1.14.1)
• Split design with Upper and Lower Link Layers
• Support for multiple BLE radio hardware architectures
• Nordic nRF5 on Arm Cortex-M
• VEGAboard on RISC-V
• Proprietary radios (downstream only)
• Support for both Big and Little-Endian architectures
• Asynchronous handling of procedures in the ULL
• Enhanced radio utilization (99% on continuous 100ms scan)
• Latency resilience: Approx 100uS vs 10uS, 10x improvement over 1st gen
• CPU and power usage: About 20% improvement over 1st gen
• Multiple advertiser and scanner instances
Bluetooth Low Energy Controller

28. Zephyr USB Device Stack
• Supports multiple MCU families (STM32, Kinetis, nRF, SAM, …)
• USB 2.0 support
• Full and High speed support
• Supported classes:
• CDC ACM, ECM, EEM
• RNDIS
• HID
• Mass Storage
• Bluetooth
• Device Firmware Update
• Tight integration with the RTOS
• Flexible descriptor instancing
• Native execution support for emulated development on Linux
• WebUSB support

29. Robust Ecosystem Supports Zephyr RTOS
• The Zephyr community provides more
than just a high quality, open source
operating system
• Applications and middleware
providers supplement user-written
layers of the software stack
• Developers have choice in robust
development and debug tool
environments
• Consulting and training providers
offer assistance developers may need
Applications
& Middleware
Development Tools
Training
& Consulting
Firmware & Libraries

30. Development Tools For Zephyr OS
IDE / Debug Tools Debug Tools
IDE
GNU Compilers /
Debug Tools
Simulation / Testing
DesignWare ARC
Metaware DT
NXP MCUXpresso
nRF Connect for
VS Code
Cloud Debugging Platform.io IDE
Tracing / Debug Tools
Cloud Platform
Applications
& Middleware
Development Tools
Training
& Consulting
Firmware &
Libraries

31. Firmware & Libraries For Zephyr OS
Firmware
Intel ZephyrJS
Javascript
SSL/TLS
Python
AI/ML Library
MCUboot
Applications
& Middleware
Development Tools
Training
& Consulting
Firmware/
IoT monitoring
Javascript
Mbed TLS Scientific Library
Sound Open Firmware
Firmware &
Libraries

32. Middleware & Applications For Zephyr OS
Middleware
Micro-ROS
System Management
System Management
Applications
& Middleware
Development Tools
Training
& Consulting
Firmware &
Libraries
System Management
Proximity Detection

33. Zephyr RTOS Training and Consulting
Consulting
Training
Services & Consulting
Training
Services & Consulting
Services
Services & Consulting
Services
Training
Training
Applications
& Middleware
Development Tools
Training
& Consulting
Firmware &
Libraries

34. Zephyr Project Governance
• Serves as the highest technical decision
body consisting of project maintainers and
voting members
• Sets technical direction for the project
• Coordinates X-community collaboration
• Sets up new projects
• Coordinates releases
• Enforces development
processes
• Moderates working groups
• Oversees relationships with other relevant
projects
Governing Board
• Decides project goals and strategic
objectives
• Makes business , marketing and legal
decisions
• Prioritizes investments and oversees
budget
• Oversees marketing such as PR/AR,
branding, others
• Identifies member requirements
Technical Steering Committee Community
• Code base open to all contributors,
need not be a member to contribute.
• Path to committer and maintainer status
through peer assessed merit of
contributions and code reviews
• Ecosystem enablement
Goal: Separate business decisions from meritocracy, technical decisions
Security
Architect
Safety
Architect
Individual
Contributors
Supporting
Organizations
Kernel & Subsystem
Maintainers
Security
Oversight
Safety
Oversight
Financial &
Policy Oversight
Marketing
Oversight
Governing
Board
Member
Organizations
Others
Architecture
Maintainers
Technical Steering
Committee
Contributors

35. Zephyr Participation Information
Orientation:
• https://www.zephyrproject.org/community/
Github:
• https://github.com/zephyrproject-rtos/zephyr
Mail Lists:
• https://lists.zephyrproject.org/g/main
Discord:
• https://chat.zephyrproject.org/ (https://discord.com/invite/Ck7jw53nU2)

36. Zephyr Project: Platinum Members

37. Zephyr Project: Silver Members

38. Member Information
Why Become a Member?
• Industry Leadership
• Fast track to Technical Steering Committee Participation
• Help shape the Zephyr Certification Program
• Marketing Opportunities
• Member Networking Opportunities within the Zephyr Project
• Learning and Engagement
Meeting Schedule
Technical Steering Committee Weekly, Wednesdays
Marketing Committee Bi-weekly, Thursday (members only)
Security Committee Bi-Weekly, Monday (members only)
Safety Committee Bi-Weekly, Tuesday (members only)
Governing Board Monthly (Platinum members only)
Join Today: https://www.zephyrproject.org/join/

39. www.zephyrproject.org