Publications
This presentation was given at Automotive Linux Submit in Tokyo.
AGL natively supports secure micro-services through its Application Framework binder/binding mechanism. A ready to go system may easily run tens or hundreds of micro-services. Consequently monitoring exchanges between binders/bindings is critical. Monitoring may need to be “realtime” to help debugging, or offline when tracking global performances and security issues.
This talk starts by presenting current AGL Application Framework monitoring capabilities to track basic inter-bindings communications. It then exposes how existing supervision service can be used to analyze end-to-end transactions when crossing multiple bindings. Finally it illustrates how AGL supervision can leverage Time Serie Database to collect data, allowing monitoring frameworks like Grafana to render a global vision of the system both in term of performance and cybersecurity.
Download slides [click here]
This presentation was given at Automotive Linux Submit in Tokyo.
In order to embrace the global automotive ecosystem, AGL micro-services architecture should support not only all Linux in a car, but also seamlessly retrieve data from small ECUs and securely send collected information to the cloud.
Because of existing application framework dependencies, as today, AGL bindings run only on Linux. In order to extend to global automotive ecosystem, AGL’s binders/bindings architecture needs to be reviewed. On one hand, remove Linux’s systemD dependencies and extend security model. On a second hand, support ‘alien’ transport protocols including non TCP/IP ones.
This talk presents the lesson learned from a POC to run a subset of current AGL binder onto a micro-controller with Zephyr. How to solve binder/binding dependencies, how to map the transport onto a non TCP/IP link, how to extend AGL security model, ...
Download slides [click here]
As today, AGL mostly leverages Wayland IVI-shell as inherited from Genivi. Worse than having technical limitations, the main issue of IVI-Shell is the persistent lack of interest from the Wayland community. As a result, the IVI-shell ailed to gain adoption from any generic software like browsers or well known social/media applications. Since the early days of Wayland, new options appear to better support compositors/wm.
On one hand, Gnome and KDE ship their own flavour of compositor/wm; nevertheless those solutions remain too monolithic and too desktop centric for the embedded world.
On the other hand Wlroots was designed upfront, not as a Wayland compositor/wm but as a foundation to create compositor. Furthermore, because it’s more recent, the authors were able to leverage the lesson learnt from older toolkit as Weston or WLC and created a far more advanced and flexible toolkit.
Download Slides [here]
Demo video [here]
Isolating components of different criticalities is a desirable feature of safety-critical systems used in the automotive industry. IoT.bzh and Kernkonzept therefore cooperated in creating a virtualization Proof-of-Concept that isolates selected components of AGL.
The purpose of this PoC is to split CAN signal processing into two virtual instances of AGL running under the control of the L4Re hypervisor.
The 1st virtual instance runs a minimal AGL realtime(preemptRT) profile and is responsible for CAN data acquisition. The 2nd virtual instance
runs a traditional AGL IVI profile and receives CAN decoded signals directly from AGL application framework through the hypervisor VIRTIO transport layer.
This talk starts by presenting the different components of the architecture used in the PoC. Then it explains how a hypervisor can be used to split AGL into multiple instances and the constrains such an architecture introduces. Finally it proposes some options and remaining work before such a solution gets production ready.
Download pdf slide [here]
A slideshow updated since the latest presentation in Karlsruhe in 2016 with a presentation of a full stack signaling stack using the Signal Composer service.
Archived Publications
-
2021
- Testing Continuously Applications Using a Cloud Based Infrastructure Using Virtualization and Real Hardware in the Loop
- Connected ships and data flows: from the on-board sensor to the cloud
- Cross debugging on Linux : A history, current state of the art and coming improvements
- Release of redpesk Arz 1.0
- Introduction to SMACK and SELinux
- From embedded Linux boat sensors to the cloud, a data journey
- Running Zephyr and Linux on the same SoC: making both worlds live together !
- Hardware Isolation Running RTOS Concurrently with AGL on Renesas R-Car
- Data continuity, from vehicle sensors to cloud databases in the AGL ecosystem
- From Smack To SELinux
- redpesk® factory demo video
-
2020
-
2019
- Embedded Linux, case of AGL. Lesson at ENSTA 2019
- Current Market Conditions for Automotive Supply Implies Long Term Support
- Cloud based test infrastructure to enhance software quality assurance (SQA) in AGL application developments
- Current market condition for automotive supply implies Long Term Support
- AGL-Supervision : From AGL Supervisor to platform global data collection
- AGL-µBinder : a fast, secure and seamless option to connect AGL to small ECUs?
- Wlroots : a potential foundation for Next Generation of AGL Wayland Compositor
- L4RE hypervisor consolidating multiple AGL profiles
-
2018
- Updated overview of AGL signaling
- Cybersecurity for Connected Vehicle with AGL (Automotive Grade Linux)
- Skim down AGL Application Framework to bridge AGL with hard realtime subsystems
- AGL application design
- 4A (Audio Advanced Architecture) Kickstart with AGL/FF
- Moving AGL toward production with the latest test/monitoring tools.
- From Connected Cars to Connected Boats
- Presentation of AGL
- AGL Development Tools, what's new in FF
- AGL & Real Time: Architecture Options
- Véhicule Connecté Cybersécurité et Open Source
- Projet Etudiant ENSIBS - Analyseurs Statiques de code
- Binding API version 3
- X(cross) Development System update - April 2018
- Vehicle 2 Cloud - Telematics and Data collection - April 2018
- AGL 4a and audio roadmap - April 2018
- Vehicle 2 Cloud - Signaling and Data collection - April 2018
- Industrialisation of applications build in embedded environment
- AGL Audio Advanced Architecture
- IoT.bzh and AGL presentation to ENSIBS' students
- Updated AGL Security Blueprint
-
2017
- Cybersecurity a fundamental challenge for connected cars
- Deploy AGL OS and SDK as a Binary Packaging Distribution for Developer
- AGL integration of systemd and user management
- The AGL Swiss Knife for Quick Application Prototyping
- X(cross) Development System - make AGL app development easier
- Vehicle to Cloud: Connecting Cars to Non-Automotive Internet Services
- Low level CAN binding for AGL: a generic way to handle CAN signals
- AGL Development Kit - Features and Roadmap
- Vehicule Signaling Leveraging OpenXC
- AGL Security Framework Review
- Homescreen a New AGL Platform Service
-
2016
- Cybersécurité et Véhicules Connectés
- Ostro Project Analysis
- AGL 2.0 - BSP Development Kit
- Connected cars & Security challenges
- Writing secure HTML5 applications for automotive systems
- Secure Boot - Secure Software Updates
- AGL-2.0 Security Architecture Proposal
- Automotive Grade Linux Security White Paper
- AGL Kickstart on Renesas Porter Board
- SDK for Application - Kickstart
- AGL Software Development Kit
- Leveraging Docker in Automotive projects based on AGL/GENIVI
-
2015
Halles St Louis, 
02 57 62 02 47