Automotive software has traditionally focus on safety. Nevertheless with the arrival of connected car cybersecurity is becoming every day more and more critical. On one hand we have to enable and secure dedicated cloud automotive services such as: data analytic, telematics, car sharing, traffic optimisation, etc... On the other hand customers expect their navigation system to update automatically, they want a smooth access to existing well known services as Spotify, Facebook or Traffic Info and find natural to stream their preferred music/news in their car like they already do everyday on their smart phone. Last but not least users expect their private data to remain private.
This talk explains how AGL(Automotive Grade Linux) implements cybersecurity both inside the car to protect applications and services, and outside the car to enable V2C(Vehicle to Cloud) access to non automotive Internet services.
Download slides [click here]
Yocto SDKs or images are currently deployed as monolithic archives.
Projects are more and more complex resulting to larger archives and
consequently, SDKs or target images updates are not efficient at all.
This talk presents a new solution based on incremental updates and binary
packages deployment, which is closer to standard Linux distribution packaging.
This solution offers an easy way to update development environment (SDK)
on the development machine and makes packages management simpler on the target side.
This allows among other to install a minimal set of packages in order to reduce the target filesystem size.
AGL leverages Sytemd for several purposes. Example:
- setup of applications and services (cgroups, namespaces, autostart, permissions)
- use of libsystemd for its programs (event management, dbus interface)
- manage users and user sessions
This presentation explains how using systemd is beneficial for AGL and how the AGL is built to leverage good systemd features.
It reviews the mechanics of systemd integration and how it is used for user management: PAM integration, privacy management.
AGL emphasis a clean separation of applications together and with the underlying system layer. It also provides a mechanism to tune how this is done. This talk presents this aspect. see the presentation
The AGL controller is a new binding that was initially developed to address the lack of AGL mechanism to support policy/access-control in AAAA. The outcome of this effort is a fully generic controller that allows to “glue” many different components directly from a simple JSON configuration file. The resulting service is exposed as a native AGL binder. It is a real Swiss Knife and can be used to many different things for applications or services.AGL Controller is a pure Vanila AGL binding. It can be added transparently to any existing binder through the standard application framework import mechanism. The controller is fully compliant with AGL security model and offers for dynamic APIs the same level of protection that AGL already offers to static APIs.AGL controller is powerful and flexible. It allows developers to simply assemble pre-existing AGL APIs, to expose as AGL native binder a legacy/proprietary technologies. Finally it supports Lua as scripting language to glue everything together. Mixing Native/Script language is supported and a developer may choose to fast track demo in Lua script and later to port all/part in native C/C++ to improve performances.The presentation will show the architecture, the different components and will walk though a set of examples. At the end of the talk attendees should have a clean understanding on how to leverage AGL controller in their own applications.
Download the detailed PDF presentation: [here] (AGL/AMM Dresden/Germany Oct-2017)
This presentation was given at ALS 2017 in Tokyo.
To reduce as much as possible the entry cost for developing automotive applications, AGL should be integrated to IDE and Source Debugger.
Traditionally, installation of an embedded development environment with cross compilation has been difficult and more tortuous that it should. Any developer and especially non system expert, should easily succeed in setting up the AGL development environment on both target & host independently of their preferred OS (Linux, Windows, Mac).
This talk presents a solution that tends to a zeroconf installation of AGL development environment, independently of the chosen target/host.The presented solution allows to locally edit sources with your favorite IDE (i.e. Eclipse, Visual Studio Code, Netbeans...) and either compile locally your application or benefit from a remote server. It also shows how to debug application directly from your preferred editor.
Download the latest presentation (PDF format): [here]
Download older presentations: [here]
- Testing Continuously Applications Using a Cloud Based Infrastructure Using Virtualization and Real Hardware in the Loop
- Connected ships and data flows: from the on-board sensor to the cloud
- Cross debugging on Linux : A history, current state of the art and coming improvements
- Release of redpesk Arz 1.0
- Introduction to SMACK and SELinux
- From embedded Linux boat sensors to the cloud, a data journey
- Running Zephyr and Linux on the same SoC: making both worlds live together !
- Hardware Isolation Running RTOS Concurrently with AGL on Renesas R-Car
- Data continuity, from vehicle sensors to cloud databases in the AGL ecosystem
- From Smack To SELinux
- redpesk® factory demo video
- Embedded Linux, case of AGL. Lesson at ENSTA 2019
- Current Market Conditions for Automotive Supply Implies Long Term Support
- Cloud based test infrastructure to enhance software quality assurance (SQA) in AGL application developments
- Current market condition for automotive supply implies Long Term Support
- AGL-Supervision : From AGL Supervisor to platform global data collection
- AGL-µBinder : a fast, secure and seamless option to connect AGL to small ECUs?
- Wlroots : a potential foundation for Next Generation of AGL Wayland Compositor
- L4RE hypervisor consolidating multiple AGL profiles
- Updated overview of AGL signaling
- Cybersecurity for Connected Vehicle with AGL (Automotive Grade Linux)
- Skim down AGL Application Framework to bridge AGL with hard realtime subsystems
- AGL application design
- 4A (Audio Advanced Architecture) Kickstart with AGL/FF
- Moving AGL toward production with the latest test/monitoring tools.
- From Connected Cars to Connected Boats
- Presentation of AGL
- AGL Development Tools, what's new in FF
- AGL & Real Time: Architecture Options
- Véhicule Connecté Cybersécurité et Open Source
- Projet Etudiant ENSIBS - Analyseurs Statiques de code
- Binding API version 3
- X(cross) Development System update - April 2018
- Vehicle 2 Cloud - Telematics and Data collection - April 2018
- AGL 4a and audio roadmap - April 2018
- Vehicle 2 Cloud - Signaling and Data collection - April 2018
- Industrialisation of applications build in embedded environment
- AGL Audio Advanced Architecture
- IoT.bzh and AGL presentation to ENSIBS' students
- Updated AGL Security Blueprint
- Cybersecurity a fundamental challenge for connected cars
- Deploy AGL OS and SDK as a Binary Packaging Distribution for Developer
- AGL integration of systemd and user management
- The AGL Swiss Knife for Quick Application Prototyping
- X(cross) Development System - make AGL app development easier
- Vehicle to Cloud: Connecting Cars to Non-Automotive Internet Services
- Low level CAN binding for AGL: a generic way to handle CAN signals
- AGL Development Kit - Features and Roadmap
- Vehicule Signaling Leveraging OpenXC
- AGL Security Framework Review
- Homescreen a New AGL Platform Service
- Cybersécurité et Véhicules Connectés
- Ostro Project Analysis
- AGL 2.0 - BSP Development Kit
- Connected cars & Security challenges
- Writing secure HTML5 applications for automotive systems
- Secure Boot - Secure Software Updates
- AGL-2.0 Security Architecture Proposal
- Automotive Grade Linux Security White Paper
- AGL Kickstart on Renesas Porter Board
- SDK for Application - Kickstart
- AGL Software Development Kit
- Leveraging Docker in Automotive projects based on AGL/GENIVI