Secured Open Source Embedded Software

While Linux “name space” provides a good foundation for embedded application isolation, popular containers mostly focus on Linux fragmentation, and none of the Docker, LXC, Snap or Flatpak focus on embedded systems constrains.

Everyone understands that installing a software component on millions of cars, on a submarine or in a train is very different from installing a new application on a desktop or a phone. Embedded containers target managed systems that, on one hand require less composability than phone or desktop, on the other hand require a stronger control on package qualification and resources usage.

This talk presents how to run a containerized AGL under heavy resource constrains. It exposes how containers permit to operate multiple flavors of a given toolkit and finally exposes how containers simplify configuration management, security model and SOTA.

This presentation deals with the integration of Julius Speech Recognition Engine.

The aim of this Proof of Concept is to have a connectionless speech engine, working on an embedded device, integrated as a binding of the AGL Application Framework. The recognition uses Deep Neural Network realtime decoding, and for safer results and performances purpose, uses a grammar.

Julius does not support wakewords out of the box, some hacking has been done to enable it in an efficient way. Tests have been done on Renesas' H3, and UPSquare boards

Download slides [click here]


This presentation was given at International Cybersecurity Forum (FIC) in Lille / France.

While the automotive industry has specific constrains and requirements that OpenID Connect (OIDc) did not dig in, OIDc can still be used to secure vehicle to cloud connection, in car communications or smart-cities interactions.

This talk introduces how proposes to use OIDc inside Automotive Grade Linux (AGL) to secure the interaction in between car infotainment, instrument cluster, telematic unit or cloud operations.

Download slides [click here]


This slideshow was used as support for a lesson given at "École nationale supérieure de techniques avancées Bretagne (ENSTA Bretagne)" (Univisersity of Britany).

It presents many aspect of AGL, its security and its framework. It can be used as starter overview browsing every AGL feature.

Download [here]


This presentation was given at DevOps Wold / Jenkins World in Lisbona.

As today automotive software capabilities are one of the main motivation to choose one model over an other. Thus a modern car easily runs 50 to 100 millions lines of code distributed on more than one hundred SoC/ECU connected by ten or more different networks. At the same time, automotive remains a very strongly cost driven market where short term profits are impossible. This imposes OEMs to keep running the same hardware platform for a minimum of 5 years. OEMs have to both apply security patches and add as many new functionality as expected by the market while having little or even no margin to improve hardware. This conflict of inovation versus stability is only possible with ten years or more long term maintenance contract and a very strict test and continuous software integration process.

This talk details the reasons why these new trends are key for automotive and many other industries. It exposes how based on lessons learn proposes a solution to fulfill embedded software long term support. How to scale it to very complex systems with “in production” multiple software versions, multiple hardware revisions, thousands of components coming from multiple sources and last but not least hundreds of developers.

Download slides [click here]


Archived Publications

About us

Our redpesk® product: a software factory in a white box enabling you to speed up and control your embedded developments from the initial design cycle to your product end of life.

Contact information

Halles St Louis,
    rue Docteur Bodelio
56100 Lorient
02 57 62 02 47