We’ve covered CHERI, and our involvement with the development of the ARM Morello yocto layer before, so for those who aren’t aware of what it is we recommend looking back through our previous blog posts on Introducing ARM Morello and CHERI, and Linux Yocto layer for the ARM Morello board, CHERI (Capability Hardware Enhanced RISC …| www.thegoodpenguin.co.uk
A passionate and customer-focused consultancy that delivers bespoke software and expertise to our clients.| www.thegoodpenguin.co.uk
The EU Cyber Resilience Act (CRA) is a piece of legislation designed to significantly enhance the cybersecurity of hardware and software products with digital elements placed on the European Union market. It’s the first regulation of its kind globally to impose such comprehensive cybersecurity requirements across the entire product lifecycle. The CRA came into force …| The Good Penguin
Any software expected to have a long lifetime will require maintenance which in turn means that you need to be able to build the software again in the future. So how can you ensure that in 10 years time that you will even have a system that is capable of running today’s build system? How …| www.thegoodpenguin.co.uk
Embedded Recipes is a conference held in Nice, France which focuses on open-source embedded systems. It’s organisers accurately describe the conference as “talks, workshops, discussions, food, friends and the beach”. The Good Penguin attended (and sponsored) the event and in this blog post we’ll share our highlights. The CRA and what it means for us …| www.thegoodpenguin.co.uk
We are proud and excited to be sponsoring the Embedded Recipes conference, for the first time, this year. Embedded Recipes is a small conference with an exclusive and community feel which focuses on open-source embedded systems. Following in the footsteps of it’s older cousin Kernel Recipes, the 6th edition of this conference will host 15 …| www.thegoodpenguin.co.uk
FOSDEM 2025, one of the largest open-source software conferences in the world, took place in Brussels, Belgium in February this year. The Good Penguin attended and in this blog post we will share some of our highlights. Exploring Open Source Dual A/B Update Solutions for Embedded Linux – Leon Anavi At The Good Penguin we …| www.thegoodpenguin.co.uk
During the Linux boot process, the boot console is responsible for relaying boot messages to the user. On embedded systems this console is often attached to a serial port that can only handle a maximum data rate of a few kilobytes per second which degrades overall boot time. In this post we’ll explore how the …| The Good Penguin
The Zephyr Project is an open-source real-time operating system (RTOS) focused on embedded and IoT platforms. Zephyr is a Linux Foundation hosted ‘Collaboration Project’, and supports a wide array of devices and architectures. The Raspberry Pi Pico is a microprocessor board developed by Raspberry Pi and is based on their RP2040 chip. The RP2040 is …| www.thegoodpenguin.co.uk
In our previous blog post, we explored securing keys and certificates with Toradex’s recently launched i.MX 95 Verdin Evaluation Kit. We also demonstrated how to build and customise a Yocto reference image for the i.MX 95 Verdin EVK, leveraging OP-TEE and PKCS#11 which you can find here. Another essential aspect of achieving a high level …| www.thegoodpenguin.co.uk
Toradex recently launched the i.MX 95 Verdin Evaluation Kit, designed to accelerate next-generation Edge AI, automotive, industrial and medical applications all of which are industries that require high levels of security. An essential aspect of achieving a high level of security is the management and storage of cryptographic keys. This is crucial for authenticating to …| www.thegoodpenguin.co.uk
Protecting devices from malicious use is often a cat-and-mouse game between security researchers identifying software vulnerabilities (CVEs) and product-makers patching them before attackers can exploit them. As a result, devices can no longer be developed, shipped and forgotten. Instead, manufacturers must commit to keeping those devices up to date and free from critical vulnerabilities for …| www.thegoodpenguin.co.uk
We increasingly rely on internet connected devices in our day-to-day lives, with consumer devices that include door bell cameras, thermostats, children’s toys and home assistants. However the cyber security of these devices doesn’t always live up to the trust we place in them to reliability perform their function and protect our personal data. It’s often …| www.thegoodpenguin.co.uk
Code signing is fairly ubiquitous and is a cryptographic technique for verifying the authenticity of a binary. It is often used as part of the secure boot process of an embedded device where software components of the bootchain are verified by the previous component. For example, the on-chip ROM in a SoC will verify the …| www.thegoodpenguin.co.uk
This year’s Linaro Connect event took place in Spain’s capital, the city of Madrid in May and several members of The Good Penguin attended the event for the conference aspects of the gathering. This event was different than your usual open source conference as Linaro Connect is also a vessel for Linaro employee’s to have …| www.thegoodpenguin.co.uk
The latest Long Term Support (LTS) version of Yocto was released last month with the code name “Scarthgap” – presumably named after a mountain pass in the Lake District national park. It promises 4 years of support, meaning regular point releases with security and bug fixes. In the context of increasing regulatory requirements for cyber …| www.thegoodpenguin.co.uk
