Menu

IoT FEATURE NEWS

As Linux Foundation's Zephyr Project Turns Five, Addressing Constrained Device Challenges is More Important Than Ever

By

Noting nearly 1,000 contributors, 50,000 commits building advanced support for multiple architectures including ARC, Arm, Intel, Nios, RISC-V, SPARC and Tensilica, and more than 250 boards; the Zephyr Project is throwing a virtual party that will run from June 8 – 10 this year.

The first-ever Zephyr Developer Summit is open to the public, free of charge, and full of Zephyr leaders from around the world presenting real-world use cases, best practices, mini-conferences, and more.

Zephyr is an open-source project at the Linux Foundation that builds a safe, secure, and flexible real-time operating system (RTOS) for resource-constrained devices. Led by Kate Stewart, Vice President of Dependable Embedded Systems at the Linux Foundation, a visionary behind the project since day one, participation continues to soar with new members.

Launched in 2016, this first Developer Summit has an "impressive line-up of Zephyr thought leaders and ambassadors for the growing Zephyr community of contributors and users," said Joel Stapleton, Chair of the Zephyr Project Governing Board and Principal Engineer Manager at Nordic Semiconductor.

"The strength of engagement the project has with its members and IoT solution providers reflects the importance of open-source efforts to build secure and safe embedded technologies for increasingly connected applications in industrial, smart home, wearables and energy; and for computing platforms integrating microcontrollers with ever-increasing capabilities and functions," Stapleton continued.

Sample summit sessions include power management, USB support, motor control, user presentations that showcase Zephyr with Renode and TensorFlow Lite and RISC-V, and contributor spotlights for securing MCUBoot, using OPC UA, energy-efficient device testing, and developing hardware. Proposals were reviewed by the Programming Committee, which includes Anas Nashif, Intel; Carles Cufi, Nordic Semiconductor; Jonathan Beri, Golioth; Keith Short, Google; Maureen Helm, NXP; and Olof Johansson, Facebook.

One of the hot topics being discussed at the summit is the U.S. Executive Order on Cybersecurity and how Zephyr helps address the surge in attacks.

Less than a month ago, the United States White House released an Executive Order on Improving the Nation's Cybersecurity that addressed the malicious cyberattacks that have become more frequent in the last few years. In a blog, the Linux Foundation responded how Zephyr RTOS, along with several other projects, has already built some of the support needed for a more secure future.

Zephyr now generates the Software Bill of Materials (SBOMs) automatically during the build, and this capability will be available in the upcoming 2.6 release. It is one of the few open-source projects that is a CVE Numbering Authority (CNA) and has an active Project Security Incident Response Team (PSIRT) that manages responsible disclosure of vulnerabilities to product makers. 

Product creators using Zephyr can sign up for free to be notified of vulnerabilities. 

"SBOMs can communicate details about a software package's contents; being able to understand exactly which source files are included in a resource-constrained software image is key to understanding if it may be vulnerable to an exploit," Stewart said. "SBOMs created by manual processes can often be incomplete, incorrect, or out-of-date as a software package advances. By being able to generate the SBOM during the build, and take it to the source file level, not just the component level, better diagnosis and detection of vulnerable states is possible and addresses some of the best practices mentioned in the EO. Zephyr is being used today in thousands of wearables and other products with constrained environments. By automatically creating SBOMs during builds, the development process becomes easier, more efficient, and improves maintainability in the field."

The Zephyr Project also announced a new array of members, including AVSystem, Golioth, Pat-Eta Electronics, RISC-V, and RISE Research Institutes of Sweden, to its global RTOS ecosystem.

These new members join Adafruit, Antmicro, BayLibre, Eclipse Foundation, Facebook, Fiware, Foundries.io, Google, Intel, Laird Connectivity, Linaro, Memfault, Nordic Semiconductor, NXP, Oticon, Parasoft, SiFive, Synopsys, and teenage engineering, among others.

"We see amazing opportunities for IoT deployments involving resource-constrained devices operating in cellular LPWA networks," said Marcin Nagy, Product Director for IoT, AVSystem. "We are sure that combining the Zephyr RTOS with our expertise in the Lightweight M2M standard will contribute to the acceleration of secure and standards-based IoT launches."

"We can speak at length about the technical merits of Zephyr - the kernel design, native networking, scalable board support model, and so on - but the largest differentiator is the community," says Jonathan Beri, CEO of Golioth. "From chipset vendors to ecosystem players, it feels like we're rising the tide for everyone to make the most secure & reliable open-source RTOS in the market, and we couldn't be more excited to contribute to the project and community."

"We are happy to be part of the Zephyr Project and hope to bring it more into the academic environment, especially within STEM (Science Technology, Engineering, and Mathematics)," said Sanyaade Adekoya, Developer, Programmer, and Lecturer at Pat-Eta Electronics. "It has been challenging to bring RTOSes within the academic research sector and getting them in the hands of undergraduate learners. Our research extends the use of Zephyr RTOS in IoT, Edge Computing, Robotics, Smart and Wearable devices. The Zephyr Project will be a driving platform for our students that will make it easier for them to create ideas, projects, innovations, and more. We look forward to showcasing our students' Zephyr-related projects."

"RISC-V and Zephyr were both designed to drive innovation in the hardware space with open-source technologies that are accessible to everyone," said Mark Himelstein, CTO of RISC-V. "Many of our members are already taking advantage of the flexibility of RISC-V and Zephyr to design end-to-end open-source solutions for resource-constrained devices. We look forward to collaborating with the Zephyr Project to offer even more opportunities for the open-source community to innovate."

"Zephyr RTOS enables us to rapidly prototype Thread wireless networks and is an excellent research platform for our work in IoT security," said Samuel Lindemer, Research Engineer at RISE Research Institutes of Sweden. "The interactive shell and configuration menu make it intuitive for new users, and the open-source community support is unparalleled."

Videos and presentations from the Zephyr Developer Summit will be available on the website. Stay tuned at www.zephyrproject.org for more.


Arti Loftus is an experienced Information Technology specialist with a demonstrated history of working in the research, writing, and editing industry with many published articles under her belt.

Edited by Luke Bellos
Get stories like this delivered straight to your inbox. [Free eNews Subscription]

Special Correspondent

SHARE THIS ARTICLE
Related Articles

Your Secret Weapon for Enhanced Liability Defense

By: Contributing Writer    6/23/2026

Running a business has its benefits. It can free you from a traditional 9-5 structure. However, it also introduces new layers of risk-especially in a …

Read More

The Digital Supply Chain: Resilience, Visibility, and the End of Flying Blind

By: Carl Ford    5/26/2026

Digital supply chain transformation is helping enterprises replace fragile, efficiency-only models with resilient, real-time operations powered by end…

Read More

The CIO Reimagined: From IT Keeper to Digital Business Leader

By: Carl Ford    5/26/2026

The modern CIO is evolving from an IT operations leader into a strategic digital business executive, responsible for driving AI governance, cloud stra…

Read More

Industrial IoT and the Rise of Smart Level Monitoring

By: Contributing Writer    5/18/2026

Industrial operations are becoming increasingly data-driven. From manufacturing plants and oil terminals to water treatment facilities and agricultura…

Read More

How Does Anthropic's Mythos Foretell the Post Quantum Nightmare?

By: Carl Ford    5/14/2026

AI security tools like Anthropic's Mythos are exposing hundreds of exploitable flaws in legacy software stacks, underscoring the urgent need for bette…

Read More