Menu

IoT FEATURE NEWS

Real-Time All the Time: The Zephyr Project Secures Security

By

The growing Zephyr Project, hosted by the Linux Foundation that aims to build an open-source real-time operating system (RTOS) for the IoT, was recently evaluated by the NCC Group, experts in cybersecurity and risk mitigation. The research was driven by interest from NCC’s clients found that Zephyr is a mature and highly active project with increasing market share.

The Zephyr Project is a small, scalable real-time operating system for use on resource-constrained systems supporting multiple architectures.

The NCC Group issues a report in May 2020 outlining the issues discovered in detail and acknowledged the proactive work of the Zephyr Project Security Committee to fix these issues.

The Zephyr community has attracted over 700 contributors in just a few years, with the most recent release, including integration with the Trusted Firmware M, open-source Trusted Execution Environment framework, which implements Arm’s Platform Security Architecture specification.

According to the foundation, Zephyr has long included support for Arm’s TrustZone hardware, including being able to target the secure side of the firmware. Still, by adding integration with the standard Trusted Firmware M project, it now also offers the option to combine TF-M and Zephyr to create a PSA-certified solution.

“The Zephyr Project brings together a community of experts to participate on all aspects of the solution, from the standards to adopt, policies and processes to follow, and methodologies for build, test, maintenance, distribution and incident response,” said Joel Stapleton, Zephyr Project Governing Board Chair and Technical Product Manager at Nordic Semiconductor. “Our aim is to make a solution that developers can trust for the lifecycle of their products. This third-party research and our security team’s swift and proactive response to the vulnerabilities is the strength of open source and a testament to this community.”

The Zephyr RTOS is unique as it is vendor-neutral, with a scope from multi-architecture board support packages, to cloud connectivity for IoT products. Several high-profile products have leveraged Zephyr, including Intellinium Safety Shoes, ProGlove, and HereO Core Box.

The Zephyr Project also welcomed Laird Connectivity and teenage engineering in June, expanding its ecosystem. The new members join Adafruit, Antmicro, Eclipse Foundation, Foundries.io, Intel, Linaro, Nordic Semiconductor, NXP®, Oticon, SiFive, Synopsys, Texas Instruments and more to create an open hardware and software ecosystem using the Zephyr OS.

"Developers have many options when it comes to selecting an RTOS for embedded microcontrollers, but the Zephyr Project is one of the fastest-growing open-source and broadly contributed RTOS projects of its kind,” said Jonathan Kaye, Senior Director, Product Management at Laird Connectivity. “Joining the Zephyr Project allows Laird Connectivity to deliver more design flexibility than ever across our wireless modules, IoT Devices, and Gateways. Our customers can leverage community support, better device security, high performance in resource-light environments, and license-free use for commercial applications. And by using one shared platform, they can build a highly reusable code base that rapidly accelerates their IoT development with Laird Connectivity products."

“teenage engineering is developing embedded products in a wide range of complexity: from single-core Cortex-M0 to multicore and multiprocessor systems with totals of up to 5 different MCU's from various vendors,” said David Eriksson Head of Hardware at teenage engineering. “Our goal is to build the perfect multi-chip system where we capture what each breed of processor does best and allow them to work together in harmony. With Zephyr, we can develop anywhere. We make sure that code can run on a host as well as device and that interconnectivity is platform-agnostic, allowing a mix of real hardware and desktop emulation. We prefer to develop with open tools, so Zephyr is really the only sane choice for an RTOS where it is possible to achieve true transparency on all layers of the stack. We are happy to become members of The Linux Foundation and the Zephyr Project and to take part in shaping and influencing the future of embedded systems."

In April, Zephyr celebrated 40,000 commits on Github and has now completed more than 41,000 to date with support for more than 200 boards.

The Zephyr Project will be present at the Linux Foundation’s Open Source Summit Virtual event on June 29-July 2. Several members will be giving presentations that include Zephyr, including a keynote by Kate Stewart about open source in safety-critical applications on July 1 at 9 am CST. Additional talks will be given by Zephyr project members from the Eclipse Foundation, Intel, and Linaro. Learn more here.

Additionally, on July 2 from 2-3:30 pm, Zephyr will host a Mini-Summit that will offer an overview of the RTOS, introduction to west, how Bluetooth works with Zephyr and insight into security, safety certification, and a product use case. Registration is free for OSS + ELC attendees. Learn more here.


Arti Loftus is an experienced Information Technology specialist with a demonstrated history of working in the research, writing, and editing industry with many published articles under her belt.

Edited by Ken Briodagh
Get stories like this delivered straight to your inbox. [Free eNews Subscription]

Special Correspondent

SHARE THIS ARTICLE
Related Articles

Rising Edge Computing Investments to Reach $350B by 2027, According to IDC

By: Alex Passett    3/27/2024

Worldwide spending on edge computing is expected to surge (and then keep going) for the foreseeable future, according to the International Data Corpor…

Read More

ZEDEDA Adds Lisa Edwards as New Board Member, Seeks Opportunities to Strengthen Operations and Scale

By: Alex Passett    3/26/2024

Earlier this morning, ZEDEDA announced the addition of Lisa Edwards to its board of directors.

Read More

An Existing IoT Collab, Emboldened: Digi International and Telit Cinterion Transform Solutions with 5G RedCap Integration

By: Alex Passett    3/25/2024

The ongoing industry collaboration between Digi International and Telit Cinterion signals strong support for the mainstream showcasing of 5G for IoT a…

Read More

Telit Cinterion's 5G LGA Modules, Powered by Snapdragon from Qualcomm, to Create a Big Leap in IoT Connectivity

By: Alex Passett    3/25/2024

Telit Cinterion recently unveiled its FE990B34/40 LGA family of modules, powered by the Snapdragon X72 5G Modem-RF System from Qualcomm Technologies, …

Read More

Embracing Innovation in Mining: The Role of Network-Aware Applications in the Digital Transformation

By: Special Guest    3/21/2024

Shabodi leverages private 5G network capabilities and enables the development of network-aware applications to enhance operational efficiency, automat…

Read More