Linux: Selecting the Open Source Operating System for your IoT Application

23-07-2015 |   |  By Davide Head

What should a developer look for in a Linux distribution that makes it suitable for deployment in an IoT world? First, check the builder is a participant in the Yocto Project, writes Davide Ricci, Director of Open Source Platforms at Wind River.

The disruptive force of the Internet of Things (IoT) is making itself visible in almost every market sector. Promising to deliver the myriad of data on which organisations will structure transformative business models, IoT and its associated hardware and software elements will become truly “mission critical.” Such critical business functions and systems are the norm for providers of enterprise IT systems. However, the reach of IoT extends well outside the physically secure, environmentally controlled and managed world of the data center.

lores

Before data gets to the world of the cloud, it has to go through a variety of real-time systems, gateways and network devices, not forgetting the edge node that created the data. Many or all of these parts of the IoT architecture will be embedded systems where today’s development pressures are on providing flexibility and scalability. Additionally, the variety as to how each IoT application or architecture is designed means that no one vendor, as in the past, is likely to build the complete solution. Single-vendor, closed systems have no place in the IoT; open source has become a sought-after. This is partly because of the need to support many open standards and network protocols, and partly because many suppliers are no longer developing all the hardware components themselves.

The rise in popularity of compact, small form factor, single-board computers, many with pre-certified wireless communications, has drastically cut the development budget and timescales. Such boards are readily available and allow developers to concentrate on integrating the necessary sensors and peripherals or whatever other features the design requires. This approach allows developers to consider running their application on a commercially available hardware platform that meets the compute, connectivity and size criteria the specific design requires. It is of little surprise, then, that open source Linux has become the de facto operating system for a growing number of hardware platforms. The open source route gives developers of IoT applications far more flexibility and interoperability from edge devices all the way through to the cloud, and especially for the IoT, Linux is very scalable and thus, perfectly designed for IoT needs. The cloud computing servers typically running IoT analytics and business operational systems are increasingly using an open source Linux-based operating system.

Linux clearly has many benefits serving the IoT. However, with many different Linux distributions available in the market, developers and system architects are faced with the support challenges and potential for incompatibility issues that come with having multiple distributions to manage. The ability to use the same distribution builder for an edge device on one type of processor architecture with a multi-core server on a different architecture is an attractive, common sense offering.

electrofeature-lores

So, what should a developer look for in a Linux distribution that makes it suitable for deployment in an IoT world? When it comes to promoting open standards, the Yocto Project provides an open source collaboration to create Linux-based systems regardless of the hardware archectiture. The Yocto Project is recognised as the most powerful and flexible build system framework today and fully supports the need to scale one common runtime across any architecture and footprint. It is highly recommended that developers check that a selected Linux builder is a participant in the Yocto Project, since it is not only a good technical choice, but it also drives development and on-going support efficiencies. By working with a great network of partners, the Yocto Project provides well-maintained and up-to-date layers supporting all major architectures. Using a compatible base allows IoT devices with very different hardware requirements to leverage the same software upon a common platform.Yocto is supported and nurtured by the major players in the industry, allowing for an open-platform, open-project supported ecosystem that makes it a great way to go with Linux in the IoT space.

The next key criterion a developer in IoT needs to assess is security, particularly for the always-connected world of IoT. The developer needs to have faith and confidence that the distribution builder is taking a proactive, 24/7 approach to security checking, updates, regression testing and responding to potential security vulnerabilities and security threats. As an example, Wind River security teams responded in under 24 hours with hot patches to Wind River Linux, a Yocto Project compliant Linux. This was in response to recent threats such as HeartBleed and ShellShock, but the security monitoring and remediation practices never stop. Every year thousands of vulnerabilities are analysed by the security team. Typically, 10% of these vulnerabilities must be fixed, and some require the expertise of a highly experienced, reliable and responsive team to ensure risk reduction for businesses as they adopt an IoT infrastructure.

Another security feature that should be present in your selected Linux should include Secure boot. Secure boot establishes a “root of trust” when a system is ini¬tially booted through a sequence of steps to validate the integ¬rity of a downloaded Linux kernel by verifying its cryptographic signature. Also present should be features that (a) implement an integ¬rity measurement architecture that provides a tamper-proof file system that allows only authorised applications to run on the device and (b) a secure package management approach that ensures soft¬ware updates issued in the form of secure packages do not expose the system to external threats. The GRsecurity set of Linux kernel patches is key, as it enhances system security by adding role-based access control policies and system resource management capabilities. Encrypted storage, intelligent firewall and various methods of encrypting data being transported over the IP stream are also key components of a Linux distribution. Many of these security features are covered by the Common Criteria for Protection Profiles as covered by the internationally recognised ISO/IEC 15408 standard, a Wind River Linux security offering.

In order to further accelerate a Linux-based IoT deployment, developers might also investigate any additional applications or frameworks the distribution builder might have tightly integrated with their Linux. An example of this is Wind River Edge Management System. Edge Management System is a cloud-based platform that helps sensors, devices, and machines connect securely to the network or cloud; enabling connectivity to facilitate capabilities such as data capture, rules-based data analysis and response, configuration, file transfer and other features. Using the industry standard RESTful protocol, Edge Management System is seamlessly integrated into Wind River Linux and uses the industry standard RESTful connectivity protocol.

Wind River

www.windriver.com


By Davide Head

Davide Ricci leads the Open Source Platforms team at Wind River. His expertise includes embedded operating systems design and development, including embedded Linux development and product management and technical marketing. Prior to joining Wind River, Ricci worked in software engineer positions at Pirelli Broadband Systems and Info Solution S.p.A. Ricci studied at Politecnico di Milano.

Related articles