Secured Industrial Embedded Linux

IoT.bzh investigated on lazy object synchronization techniques combined with an appropriate serialization format and shows that performance can be improved by a ratio from 10 to 100 depending on use cases. This benefits to low-latency and/or high-throughput applications: High frequency sensors, fast CAN messaging, realtime applications, ...

Changing serialization format may provide a performance gain from 20% to 50%. To go further, the only solution is to reduce drastically the number of (de)serializations. This can be achieved by adopting a dual internal and external representation for objects coupled with new transport mechanisms between bindings.

This talk presents the benchmark results obtained by our team and proposes new ways to boost performance in the AGL Application Framework, including a new binding API v4 compatible with current API v3.

Slides: [click here]

Video: [click here]

While Linux “name space” provides a good foundation for embedded application isolation, popular containers mostly focus on Linux fragmentation, and none of the Docker, LXC, Snap or Flatpak focus on embedded systems constrains.

Everyone understands that installing a software component on millions of cars, on a submarine or in a train is very different from installing a new application on a desktop or a phone. Embedded containers target managed systems that, on one hand require less composability than phone or desktop, on the other hand require a stronger control on package qualification and resources usage.

This talk presents how to run a containerise AGL under heavy resource constrains. It exposes how containers permit to operate multiple flavors of a given toolkit and finally exposes how containers simplify configuration management, security model and SOTA.

This presentation deals with the integration of Julius Speech Recognition Engine.

The aim of this Proof of Concept is to have a connectionless speech engine, working on an embedded device, integrated as a binding of the AGL Application Framework. The recognition uses Deep Neural Network realtime decoding, and for safer results and performances purpose, uses a grammar.

Julius does not support wakewords out of the box, some hacking has been done to enable it in an efficient way. Tests have been done on Renesas' H3, and UPSquare boards

Download slides [click here]

 

This presentation was given at International Cybersecurity Forum (FIC) in Lille / France.

While the automotive industry has specific constrains and requirements that OpenID Connect (OIDc) did not dig in, OIDc can still be used to secure vehicle to cloud connection, in car communications or smart-cities interactions.

This talk introduces how IoT.bzh proposes to use OIDc inside Automotive Grade Linux (AGL) to secure the interaction in between car infotainment, instrument cluster, telematic unit or cloud operations.

Download slides [click here]

 

This slideshow was used as support for a lesson given at "École nationale supérieure de techniques avancées Bretagne (ENSTA Bretagne)" (High Scool of Britany).

It presents many aspect of AGL, its security and its framework. It can be used as starter overview browsing every AGL feature.

Download [here]

 

Archived Publications