Sponsored Article

Commercial embedded Linux benefits

31 March 2020

Wind-River_Commercial-Embedded-Linux-Benefits_Cost-of-security_580x280

An increasingly popular choice for embedded solutions, Linux is often considered the default environment for software developers. Organisations looking to create embedded products often utilise a commercially-supported embedded Linux platform for its customisability, low-cost and long-term support & maintenance.

In this article, we will review the key benefits of utilising commercially-supported embedded Linux solutions: 1) getting to market faster, 2) long-term savings & 3) simplified compliance.

1.   Get to market faster with commercially-supported embedded Linux

The right commercial embedded Linux provider will have the additional support, key integrated components, and tools to help you speed up development processes and get to market faster.

Board support packages (BSPs)
A board support package (BSP) is the layer of software that contains hardware-specific drivers and other routines that allow the operating system to function in a particular hardware environment. BSPs are customisable down to the exact system on a chip (SoC) and board configuration. Users can then determine which drivers and routines should be included in the build, based on their hardware and software selections. BSPs include a custom Linux (or another OS if applicable) set up to ensure maximum optimisation for the embedded environment. BSPs provide a polished development and production environment that are perfectly tailored to your use case.

BSPs provide massive time savings – and a big leap forward in reliability and quality, compared to building your own drivers and hardware support package. By using a commercially-supported BSP, like those from Wind River, you are able to benefit from increased speed, additional expertise and economies of scale. These packages come with support and maintenance, so if you ever run into a problem, you can get the help you need.

Cloud-native architecture & container technology
Cloud-native architectures and containers are widely deployed in enterprise IT environments, but generally not for embedded systems. However, the benefits of containers still apply to embedded systems:

•   Code reusability
•   Efficient maintenance
•   Platform independence
•   Optimised resource utilisation

Previously, leveraging cloud-native architectures and containers for embedded systems involved creating custom solutions that caused support and maintenance nightmares. However, the latest version of Wind River Linux provides substantial support for teams looking to use containers and cloud-native architectures with their embedded systems. Wind River Linux includes pre-integrated components from the Cloud Native Computing Foundation (CNCF) configured to deliver a fully functional solution for embedded systems.

Cloud-native architectures and containers have the potential to provide the same benefits to embedded systems as they do to other enterprise IT environments.

Development & build tools
Using a commercially-supported Linux distribution provides you with additional value-added development tools that go beyond what is available from open source. In addition to the standard coding, testing and debugging capabilities, commercial integrated development environments provide additional tools for:

•   Building the Linux and device image
•   System performance and behavioural analysis
•   Memory profiling
•   Tracing
•   Full system simulation

Commercial Linux from Wind River provides you with everything you need for your embedded products. By supplying training, services, maintenance, and support you can significantly increase productivity and get to market faster while also cutting costs.

2.   Long term savings
Commercially-supported embedded Linux provides organisations with the support they need to create customised solutions at a fraction of the cost of developing them on your own. Here’s how commercial Linux can provide long term savings for your organisation:

Commercially-supported embedded Linux helps decrease costs
While commercial embedded Linux tends to have higher upfront costs than community Linux distributions – long-term, it provides significant savings compared to maintaining a customised version of a community distribution.

Support & maintenance
Linux is large, complicated and requires significant effort from your engineers to provide adequate support, patches and vulnerability management over time. In the long run, using a commercial offering is generally less expensive than maintaining a roll-your-own (RYO) solution in-house. Long-term, it’s more expensive to provide support and maintenance on an RYO Linux. While it’s difficult to make broad generalisations about the cost of creating and maintaining your own embedded Linux, two things must always be considered:

1.   The cost is considerable
2.   That cost is almost always wildly underestimated

Here are the main variables that contribute to the long-term cost of maintaining your system:

•    Type of embedded device
•    The life span of the device
•    Security requirements
•    Virtualization
•    Application footprint
•    Internet connectivity
•    High availability or fault tolerance requirements
•    Global vs local deployments
•    Free open-source software/open-source policy requirements
•    Whether you will be updating devices in the field

Want to calculate the total cost of ownership for your specific use case? Try our online cost calculator.

Better & cheaper security
Organisations can no longer rely on ‘fire and forget’ device deployment. The more devices you have, the more entry points you have – and the more potential risk you are exposed to. Every single exploit is making connected devices more vulnerable. Managing and mitigating threats is essential for the protection of end-users, but requires an engagement that is beyond the scope of most IoT developers, device manufacturers and operators.

The more devices you have, the more entry points you have – and the more potential risk you are exposed to.
 
Curious how many threats your device will face before end of life? Try our security threat calculator.

Secure & manage embedded products with Wind River
While the initial costs of a commercially-supported embedded Linux solution may seem daunting, they provide significant savings in the long run. Commercial support ensures there is a dedicated team providing long-term support, maintenance and timely patches to keep interconnected products safe from security threats.

3.   Managing compliance
Commercial embedded Linux provides the tools and support they need to ensure that products remain secure, and have the low-cost long-term maintenance they require. However, when it comes to using embedded Linux you have to consider more than just labour costs; you must also understand the legal implications of using Linux in embedded systems.

Managing compliance with commercially-supported embedded Linux
Creating your device with a Linux operating system or using an RYO Linux OS is legally classified as a redistribution under many of the open-source licenses used in Linux, including the GNU Public License (GPL). This redistribution of Linux packages creates additional legal and compliance challenges, so using commercial embedded Linux is the best way to ensure you meet these requirements.

Licensing
There are on the order of 20 million lines of code for Linux and associated open-source tools – a massive codebase, with a multitude of licenses for organisations to trip over, if they’re not diligent. With redistribution comes the responsibility to make sure your company is complying with all license requirements, such as providing free access to the source code for the open-source portions of your product, including any tools that might ship with the product.

Unlike using Linux on a desktop or server, shipping a product with any type of Linux OS is legally considered to be a redistribution, which opens you up to more licensing requirements.

There are usually clauses in the licenses about derivative works that can include kernel modules, libraries or tools, modification of existing code in Linux, statically linking to open-source libraries, and other stipulations. It’s critical that embedded device manufacturers catalogue the licenses of the software they are using, understand the level of risk associated with the license, and be prepared to fulfill the obligations associated with each of the licenses. Unfortunately, many companies don’t treat this aspect of Linux seriously and open themselves up to needless liability, impact on brand and cost to fix problems after the fact.

Commercial solutions make it easy to reduce this risk and associated time and cost. Commercially supported Linux delivers full licensing compliance and reporting. Commercial vendors are experienced with Linux licensing and can aid in the adoption of open source into your codebase mix.

Using commercially-supported embedded Linux reduces risk, time and cost.

Export compliance & encryption disclosure

Preparing products for international export adds yet another layer of compliance complexity. In addition to the necessary license compliance and documentation requirements, export compliance is focused on the disclosure of cryptography software, which presents security concerns in many countries.

International distribution presents an additional set of challenges and compliance requirements for embedded Linux products.

Organisations must have formal processes in place for tracking open-source software (OSS). When it comes to documenting OSS in general, and cryptography in particular, many technology companies experience a disconnect between the engineering and export teams. Export teams expect engineering to know everything in the codebase, so they can properly report on the cryptography used in a product. If the product has a large number of OSS components, and the engineers did not write the code themselves, however, they may not have a clear understanding of the cryptography inside. But export disclosures rely on accurate information from the engineering team, so organisations need to improve the quality of their cryptography discovery in OSS.

When there are hundreds, or even thousands, of OSS components within a product, a manual search is not practical. Some type of automated tool is needed, but automation alone is likely to yield false positives, which then have to be reviewed manually. The most efficient solution – the one Wind River employs – is a combination of automation and encryption expertise. The process goes as follows:

1.   A tool is used to search the code for encryption
2.   A designated team trained in encryption technology analyses the findings to weed out false positives
3.   A report detailing the levels and types of cryptography found is generated and added to the compliance envelope
4.   An export team can then accurately determine which instances of cryptography need to be reported, based on the requirements of the country

Wind River’s development and maintenance process are certified to the ISO 9001:2015 quality management standard covering the design, deployment, integration, verification and maintenance processes.

Conquer compliance with Wind River

When working with embedded Linux, it’s important that you understand all the legal requirements associated with redistribution and international deployment. Commercially-supported Linux will help your organisation handle compliance with ease.

To learn more about commercial embedded Linux benefits, download our free eBook.


More information...

Contact Details and Archive...

Print this page | E-mail this page