Bridge innovation and life-cycle management for your embedded solutions with Linaro

Future-proofing your Linux-based product

What happens when the Linux kernel you built your product on no longer has access to the latest bug fixes and does not meet regulatory requirements? With regulations such as the EU CRA (Cyber Resilience Act) kicking in next year, it is essential that your product is leveraging open source software which aligns with these standards.

Linaro specializes in developing code to meet the demanding quality standards required for upstreaming to the Linux kernel and has supported many companies in contributing their software upstream. By ensuring that your software is updatable to the latest kernel—and by minimizing the amount of non-upstream code you use your products will benefit from the most up-to-date open-source software and a clear strategy to achieve compliance with new cybersecurity regulations.

Once your product aligns closely with the upstream mainline kernel,the cost, complexity and cycle time to update, including new features and security patches, is very significantly reduced. This enables you to focus on innovation instead of managing costly repeated porting of your out-of-tree code to achieve compatibility with every new kernel release.

Back

Lifetime support for secure and innovative industrial products

Industrial end-users still expect an installed life of up to 15–20 years with little or no change to the installed software.The new regulatory requirements require this software to receive updates during its lifetime, yet the open-source software that powers it is normally supported for only 2–6 years. How do you bridge this gap if you don’t have the in-house expertise or costly infrastructure to maintain your product for the remaining decade or more?

Consult with Linaro to better understand the trade-offs for long-term support, vs the possibility of migrating kernel versions in the field for industrial devices, and how to provide the security and stability you need to keep innovating without the risk of disrupting your product. We have spent many years delivering, maintaining, and testing Long Term Support Linux kernels for Arm. We automatically deploy and test operating systems and software, catching regressions early so fixes can be submitted promptly. With the right approach to managing your kernel codebase and minimizing the out-of-tree support load, your customers will appreciate the benefits of a sustainable support model.

Speak with Linaro to learn how our world-class open-source engineers can monitor and integrate the latest fixes and CVEs for projects such as the Linux kernel, OP-TEE, Trusted Firmware-A, and U-Boot.

Back

Achieve regulatory compliance with Linaro’s Experts 

With regulations such as the CRA making it compulsory to conduct cybersecurity risk assessments, continuously run security audits, and more, companies are under pressure to ensure they have the infrastructure, know-how, and processes in place to meet these requirements.

Linaro specialises in continuous testing, having created LAVA and LKFT (Linaro Kernel Functional Test), which runs millions of tests per year to spot security vulnerabilities before they end up in finished products. We have now created tooling to help customers prepare for CRA. The tooling consists of a back-end toolchain that integrates directly into the customer's build system, as well as a front-end dashboard to present data. Combined, the tooling provides the capability to:

• Generate a complete SBOM (Software Bill of Materials)

• Scan each software package for CVE’s to determine whether vulnerabilities are patched, unpatched or ignored.

• Analyse the provenance of each software package to highlight potential cybersecurity risks

• Continuously monitor and achieve compliance by integrating Linaro’s toolchain into your CI/CD pipeline

Back