Embedded Linux product development: how to achieve scalable security-focused products at speed

The challenge of scaling embedded Linux product development

Developers of connected embedded and IoT products face a set of challenges which developers of enterprise computing systems or mobile phone apps do not experience. In these other sectors, the foundation for software operation and security is laid by monolithic platform suppliers, such as Microsoft for the Windows® operating system, Google for the Android™ environment, and Apple’s iOS operating system.

In the embedded world, most products are based on an open-source Linux® operating system which is not governed by a single entity but instead provides broad freedom for developers to create their own branches from the main code base. Every homegrown Linux operating system requires its own maintenance and security arrangements, without the updating and protection inputs provided by Microsoft, Google or Apple for their proprietary Operating Systems.

For the manufacturers of embedded and IoT products, a substantial part of the development effort is typically devoted to the orchestration of the multiple open-source software products and frameworks in the Linux OS ecosystem. A large overhead is also generated by the need to apply security protections across all these elements of a connected system, and to keep these protections current through the delivery of over-the-air (OTA) updates.

Growing demand for connected embedded devices

Demand for Linux OS-based IoT devices continues to grow, whether for applications in the smart home, smart factory, smart city, smart farming, smart health or elsewhere. In all these sectors, users are looking to take advantage of wired or wireless connections to cloud computing resources, artificial intelligence support for more autonomous operation, and the advanced capabilities of the latest sensors for capturing vision, audio, motion or environmental data.

Developers thus face the challenge of scaling the products that they develop to meet mass global demand, while maintaining security and functionality over an embedded product’s often long lifetime.

A security-focused, scalable platform for embedded Linux product development

Now developers can meet this challenge by building embedded and IoT products on the FoundriesFactory™ software, which provides a combination of:

• A Linux kernal designed for security, maintenance and a lean footprint the Linux microPlatform (LMP)
• A comprehensive platform which combines a set of open-source tools and utilities supporting continuous integration/continuous development (CI/CD), production tooling, security functions including secure boot and security-focused OTA updating, and tools for fleet management. The FoundriesFactory system provides a unified system for developing, managing, manufacturing and maintaining embedded devices based on a Linux OS.

This allows embedded developers to achieve the productivity and scalability that their peers in the enterprise computing and mobile phone worlds enjoy.

Understanding the benefits of embedded Linux for product development

Despite the challenges of scaling embedded products for mass production and deployment, the Linux OS has become the chosen platform of embedded developers for good reason:

Flexibility – because the Linux code base is open-source software, it gives device manufacturers the flexibility to customize the OS to fit their application requirements. Features and capabilities can be removed or added at will. Frameworks such as the Yocto Project® provide well understood tools for building a unique, optimized Linux distribution.

Attractive cost – as open-source software, the Linux OS relieves embedded product manufacturers of the cost of the license imposed for the use of proprietary software such as the Windows OS.

Broad ecosystem support – the widening use of Linux software has become a self-reinforcing trend: as more developers work on Linux OS-based products, the global pool of experienced Linux product developers grows. Alongside this, the choice of tools and utilities supporting Linux developments has also grown, now providing open-source options for key functions such as containerization, OTA updating, trusted execution environments and more.

This means that a decision to base a new embedded device development on the Linux OS enables the manufacturer to:

• Create more varied and powerful product features by utilizing existing open-source support to achieve higher performance
• Reduce product and development costs
• Shorten time-to-market

Speeding up product development with the FoundriesFactory platform

Much of the time that manufacturers spend on embedded Linux product development is devoted to the integration of disparate software elements, and their deployment to target hardware. In many cases, these tasks are performed with a fragmented set of function-specific tools.

Streamlining these processes and unifying the toolchain enables the manufacturer to accelerate the development process, and so get to market faster with new product designs.

This is the promise of the FoundriesFactory platform. It offers pre-validated software stacks and a fully automated CI/CD pipeline, while providing the developer with a unified set of open-source tools and utilities. These tools operate within a logically orchestrated framework which automates key functions such as generating a software bill-of-materials (SBOM) for every production unit.

Pre-validated software stacks shorten development cycles

Traditional embedded Linux product development involves the manual integration of open-source components and hardware-specific board support packages (BSPs) with layers of custom software developed in-house. This approach is labor-intensive, time-consuming, prone to errors, and often introduces vendor lock-in. It also undermines manufacturers’ attempts to scale up embedded products for mass production and deployment.

The Linux microPlatform (LmP), part of the FoundriesFactory platform, does much to streamline this process. Built with Yocto Project, the LmP provides a superior, security-hardened Linux distribution which abstracts hardware-specific features out to the OS layer. It also provides a standard implementation of the lowest layers of the embedded Linux OS:

• Kernel
• Boot system
• Drivers
• Cryptography unit
• Security-focused update utility

The LmP packages these functions in a way that is repeatable across multiple CPU architectures. This frees OEMs’ engineering teams to focus on application logic and on ways to differentiate their product design, rather than recreating the basic plumbing of an embedded Linux OS each time a board changes. This turns the Linux integration process from a multi-month slog into a few iterations of CI builds and on-device validation.

Accelerating development with automated CI/CD pipelines

CI/CD dramatically speeds up embedded Linux product development by automating repetitive tasks such as builds, testing, and deployments. To implement CI/CD for product designs based on an embedded Linux OS, the FoundriesFactory platform implements a clearly structured, four-repository Git system:

• meta-subscriber-overrides: Yocto Project layers and BSP customizations
• containers: Docker®-based application definitions
• ci-scripts: build pipeline configurations and automated testing workflows
• lmp-manifest: reproducible build manifests and detailed dependency tracking

Developer commits automatically trigger isolated Docker builds through webhooks connected to the cloud-hosted CI service (at ci.foundries.io). This approach ensures reproducibility and significantly accelerates feedback loops. The resulting artifacts, including OS images and container updates, are cryptographically signed, ensuring security-focused and more reliable deployment.

On the deployment side, the FoundriesFactory platform utilizes OTA-lite which employs aktualizr-lite, a lightweight client which provides for security-focused, atomic updates. Devices automatically poll for updates, applying them safely with built-in rollback mechanisms. This superior automation significantly reduces the difficulties inherent in traditional manual deployment, improving product reliability and accelerating iterative development cycles.

By combining modern CI/CD automation with this four-repo separation of concerns, the FoundriesFactory platform turns what used to be manual, week-long build and flash cycles into a feedback loop taking a matter of just a few hours or minutes**.** Teams iterate faster, catch defects earlier, and can push signed, over-the-air updates to fleets with a single commit.

Case study: FORT Robotics substantially reduces time-to-market

FORT Robotics develops security-focused wireless control systems for industrial robots and autonomous machinery. Its endpoint controller supports simultaneous security- connections with up to 30 machines, creating a need for superior system integration and leading security features.

Industry context and challenges

FORT Robotics faced considerable difficulties that were typical of embedded Linux product development:

• Complex cross-vendor integration: the integration of different hardware components, specifically the STMicroelectronics STM32MP1 microprocessor and NXP Semiconductors EdgeLock® SE050 security element, required substantial custom integration efforts.
• Stringent security and certification requirements: helping to meet rigorous security standards, including the requirement for secure boot, a hardware-based root of trust, and immutable audit trails, created additional layers of complexity.
• Risk of vendor lock-in: ensuring flexibility for future hardware migration was critical. FORT Robotics wanted freedom to migrate its design to a different microprocessor at a later date. A product-specific Linux OS distribution tied to STMicroelectronics’ kernel fork would have locked them into a single processor roadmap.
• Aggressive timelines: competitive pressures and industry demands required rapid progress through development milestones to product release.

The FoundriesFactory platform solution

By basing its product development on the LmP and FoundriesFactory platform, FORT Robotics gained multiple benefits:

• Accelerated stack integration: LmP ships with pre-integrated drivers and cryptographic interfaces for both the STM32MP1 and the EdgeLock SE050, enabling FORT Robotics to bring the platform to a verified boot stage in days rather than weeks.
• Parallel workflows: the FoundriesFactory platform’s CI/CD infrastructure generates a reproducible image for every branch, allowing application and platform engineers to iterate concurrently without fighting over resources.
• Support security requirements: secure boot and hardware root-of-trust are activated in the FoundriesFactory platform out-of-the-box, enabling FORT to design security-focused product from the very start of the embedded product development process.
• Streamlined production: a single Git push automatically signs, packages, and publishes a production-ready image to the OTA repository, eliminating manual media preparation, and accelerating release readiness.

Measurable results

By adopting the FoundriesFactory platform, FORT Robotics advanced from project kick-off to certification‑ready hardware in just eight weeks, reducing the duration of system integration by approximately five months compared with the conventional workflow. The accelerated completion of development reduced the company’s engineering overhead, opened revenue opportunities sooner, and materially strengthened FORT’s competitive standing.

Ryan Barnett, Senior Manager, Platform Engineering at FORT Robotics, described the impact: ‘It’s the combination that made the FoundriesFactory solution work for us: open-source tools integrating easily with our chosen hardware and tooling, giving us a quick, easy and security-focused product development, whilst ensuring that we are always in complete control.’

Facilitating a smooth transition to production

Developers have access to a broad set of tools and environments to support the embedded hardware and application development processes. Taking a product from prototype design to volume production, on the other hand, has attracted far less attention from the developer community, and has not seen the emergence of a similar ecosystem for productization tools.

Yet this scaling challenge from prototype to product is of critical importance to embedded device manufacturers’ success. Productization needs to enable high-volume manufacturing while supporting the security, updating and fleet management duties imposed on manufacturers by the latest regulations such as the Cyber Resilience Act enacted by the European Union.

These requirements call for a framework for managing the transition of a product idea through development to production and on to device management and updating, and even through to decommissioning.

This framework is provided by the FoundriesFactory platform. The platform orchestrates a suite of open-source tools, such as Docker for container development and The Update Framework (TUF) for OTA updating, around a comprehensive and granular database for code and device identities, enabling a CI/CD process backed by rollback capabilities and automatic generation of SBOMs unique to each production unit.

At every step of the way between prototype development and decommissioning, the product’s codebase, security and update status are automatically recorded. The information is readily available to support the automation of processes such as firmware flashing, exposure checking, and OTA updating.

Strengthening device security at scale

One of the most important requirements of productization is to control a fleet of thousands or millions of devices in the field. It is common for embedded devices to have long lifespans of ten or more years before replacement or decommissioning, particularly those that are used in industrial, medical, aerospace or military applications. A long lifespan provides attackers with time to experiment with different techniques for compromising the security of a product.

In addition, products based on a Linux OS have a large attack surface, because of the size of the code base and the wide variety of third-party software components embedded in it.

Following the introduction of legislation such as the European Union’s Cyber Resilience Act, embedded device manufacturers are required to implement a strong minimum set of security functions, for example hardware root of trust, secure boot, and encryption of data communication.

Security from design concept to deployed product

By using the FoundriesFactory platform, OEM developers benefit from the integration of a wide range of essential security functions at every stage of the product lifecycle.

Its security features starts with a secure boot architecture. This is integrated with the industry’s most widely used third-party security frameworks, including:

• Platform Security Architecture (PSA)
• Platform Trust Technology (PTT)

These frameworks are implemented throughout the entire software stack, through to security updates and patches delivered via The Update Framework (TUF).

The security stack in the FoundriesFactory platform includes:

• Secure boot – is designed to verify that that a product boots the correct and trusted embedded Linux OS, device firmware and application software
• OP-TEE – a Trusted Execution Environment for TrustZone-based systems-on-chip (SoCs)
• Remote attestation – provides for logging and auditing of security-focused software
• Key installation - installation of keys at manufacturing and/or deployment using tools provided by the SoC manufacturer
• Mostly read-only root file system – backed by an option for comprehensive encryption
• SE-Linux option – for enhanced access control
• TUF-supported incremental security-focused OTA updates - using OSTree and Aktualizr-lite for firmware, blobs, kernel, user space and containers. All updates are encrypted and security focused with per-device and/or per-fleet public keys.
• TUF-supported key revocation and rotation options
• Authentication and security-focused access to public clouds – supported cloud services include Microsoft Azure, Google Cloud and Amazon Web Services
• Configurable security-focused access to remote devices – uses Linux WireGuard security-focused VPN tunnel
• Optional use of third-party Hardware Security Element (HSE) features – includes key generation, secure key, credential and data storage, and cryptographic accelerators from vendors such as Rambus or NXP Semiconductors.

Scaling embedded Linux products beyond the pilot phase

Scaling embedded devices from a prototype design to millions of deployed units presents manufacturers with several challenges to overcome.

Remote device management

The key to successful remote management of devices in the field is effective scaling of the necessary infrastructure. What works for a few hundred devices often breaks catastrophically at scale. Important requirements include:

• Superior device provisioning systems that can handle mass onboarding
• Device identity management across diverse network conditions
• A reliable command-and-control infrastructure that will not buckle when handling thousands or millions of units in the field

Systems for remote device management also need to handle the variety of connectivity technologies and service providers used to connect IoT devices to the cloud. Attempts to connect with deployed devices could encounter unreliable cellular connections, restrictive corporate firewalls and other hazards. Fleet managers require resilient communication protocols which can handle intermittent connectivity, varying latency, and bandwidth constraints while maintaining security: this is much more difficult to provide at scale in embedded Linux products than for a handful of prototypes.

These capabilities need to be sustained across the life of deployed devices, to enable fleet managers to track device health, monitor performance metrics, handle warranty claims, and manage device retirement across potentially years-long deployment cycles. With millions of embedded Linux devices potentially running different firmware versions, experiencing various environmental conditions, and having different configurations, maintaining data integrity and meaningful analytics becomes significantly more challenging.

Security update provision

A crucial element of an embedded Linux product’s security framework is the ability to provide timely updates in a security-focused fashion to help mitigate emerging vulnerabilities and exposures. For security-focused update mechanisms to be dependable at scale, they need to support:

• Cryptographically signed updates
• Security-rich key management systems
• Rollback capabilities

It is also prudent to implement staged rollout strategies: pushing updates to millions of devices simultaneously risks widespread failures. Staged deployment requires sophisticated canary deployment systems, automated rollback triggers, and careful monitoring of update success rates across different device cohorts.

Devices deployed years apart may have different hardware capabilities, and the update system needs to handle this diversity while maintaining security standards.

Regulatory requirements

The requirements of security regulation, RF emissions limits and electromagnetic compatibility (EMC) vary by geography and industry. Managing these requirements across different regions with millions of devices requires sophisticated tracking and reporting systems.

These challenges require architectural decisions made early in the development process. Systems that work perfectly for small deployments often need complete redesign rather than simple scaling to handle millions of devices effectively.

Embedded Linux product developments that are based on the FoundriesFactory platform, on the other hand, have scalability built in from the beginning. The platform provides a unified workflow which maintains data on builds, updates and more from prototype to deployment in the field all the way to decommissioning, individually for every production unit.

The cloud-native FoundriesFactory software, backed by the LmP, which is maintained by Foundries.io, provides a framework for deploying product designs at scale, maintaining security, and managing a fleet.

Why the FoundriesFactory platform is the right choice for scaling embedded Linux devices

In the face of the challenges of scaling devices based on an embedded Linux OS, OEMs can benefit in various ways from using the unified FoundriesFactory platform as the basis for product development, production, deployment, maintenance and decommissioning.

Users of the FoundriesFactory platform enjoy superior outcomes:

• Accelerated development cycles and faster time-to-market
• Provides a framework to maintain a strong security posture during development, production and beyond.
• Reduced development and maintenance costs
• Greater flexibility and control over the device’s Linux OS

To find out more about the FoundriesFactory platform, and to learn about ways to evaluate a trial version of the software, contact Foundries.io’s sales team or book a demo.