Blog Posts

Beyond the Release: Managing Long-Term Risk and Compliance in Embedded Linux with Yocto

Beyond the Release: Managing Long-Term Risk and Compliance in Embedded Linux with Yocto

The embedded systems of the future will be judged by their long-term resilience and security. For many manufacturers, however, the shift from a product release to continuous lifecycle management is a significant operational hurdle.
Regulations like the EU’s Cyber Resilience Act (CRA) are formalizing this challenge, demanding ongoing vulnerability management and creating a backdraft of responsibility that impacts the entire supply chain.

This presentation highlights that a robust and reproducible build system is the cornerstone of any sustainable product strategy in this new environment. It will explore how the Yocto Project provides the essential framework for building future-proof and maintainable systems.
The discussion will cover how its architecture enables the critical features needed to manage long-term risk: full-stack patchability for targeted CVE fixes, reproducible builds for maintaining legacy devices, and automated Software Bill of Materials (SBOM) generation for regulatory transparency.
Attendees will gain actionable strategies for implementing lifecycle-aware embedded development and transforming existing product portfolios to meet evolving regulatory requirements.

Read Post
Your Vendor's BSP Is Probably Not Built For Product Longevity - Now What?

Your Vendor's BSP Is Probably Not Built For Product Longevity - Now What?

Vendor Board Support Packages (BSPs) are the standard for bringing new silicon to market, showcasing features, and promising an “easy” start. However, for those of us building products with long-term lifecycles, these BSPs often fail to meet quality requirements. They can be overly intrusive and typically don’t separate feature showcases from the well-maintained base needed for product development. This focus on rapid demonstration frequently results in BSPs which are difficult to maintain, lack transparency, and are built on non-LTS Yocto and kernel versions, making them unsuitable for products expected to last 5, 10, or even 20 years.

Read Post

Categories

Tags