Conclusion
Device manufacturers are increasingly looking to capitalise on the new wave of computing and the proliferation of embedded systems. Linux is the natural choice as the underlying OS to run on the latest silicon on the market for several reasons, from enjoying support for connectivity to benefiting from its scalability and modularity.
When choosing their deployment strategy, device manufacturers must decide whether to roll their own Linux distribution or rely on a commercially-supported OS.
The Yocto Project abstracted and automated Linux for devices to the point that any developer can create an embedded distribution. Yocto allows developers to build a custom Linux system tailored to their specifications. Yocto’s build system provides unmatched granularity over every stage of compiling and building the target at the cost of complexity.
Unfortunately, the contributors of a community-led piece of work like Yocto may just be solving their specific use case or pain point. They may not be interested in the bigger picture and overall architecture, leading to legacy layers in Yocto, unmaintained BSPs, and poor testing resulting in critical vulnerabilities and technical debts. A lack of clear leadership and long-term thinking thus results in an unstable and unreliable product roadmap. Yocto is often the preferred choice for fast prototyping, PoCs and rapid development.
However, as a community-maintained build system, Yocto struggles to meet the requirements of enterprises running embedded Linux in production and at scale, dispersing their efforts and squandering their resources. Maintaining Yocto devices in the field is a full-time job, requiring fully-staffed kernel engineering teams. From updates to security and dependencies, the complexity of Yocto and its ongoing maintenance shift companies’ attention away from their core business objectives.
On the other hand, depending on an enterprise’s reputation for trust and reliability, a more tactical approach to choosing an embedded Linux distribution is worthy of consideration. Paid engineering work on an embedded Linux OS results in a professional and long-term sustainable approach to handling performance issues, fixing bugs, coherently evolving the software, and considering the priorities of several stakeholders.
A commercially-supported embedded Linux distribution like Ubuntu Core provides stable reliance on a long-term product roadmap. Ubuntu Core is Ubuntu for IoT and embedded devices, delivering the resiliency and security developers expect from Ubuntu. It is an OS with a minimal footprint and a modular architecture, built on snaps, the universal Linux packaging format. 29 Security is prominent in Ubuntu Core. The OS automatically confines applications and integrates strict permission rules for all snaps. Canonical, the commercial entity behind Ubuntu, redesigned the entire system from the first boot to create the most secure embedded Linux.
Enterprises can ship embedded devices cost effectively without implementing complex security features themselves, from full-disk encryption to a read-only root filesystem. Managing software and updates across large-scale deployments can be challenging, especially if subsets of hardware require different applications to run on them. Updates on Ubuntu Core devices can be delivered via a software distribution machinery extensively tested in production.
Furthermore, delivering automatic updates and handling software across machines is one of the key features of the application store. Such an enterprise store allows developers to cherry-pick the optimal combination of applications they want their devices to use.
Overall, the combination of the secure OS, snap packages and app store, gives developers a platform for secure development and deployment of embedded Linux devices on a global scale.