It has been a busy and exciting year on the technical side at Foundries.io. We have been laser focused on extending our FoundriesFactory product feature set based on the requirements of our customers. The intent for these features is to make it easier and faster to build and maintain secure products on our platform.
The latest features have focused on:
- Secure Configuration Management
- Test Framework
- Cache Performance
- Expanded range of SoC & reference board support
- Documentation Enhancements
The first innovation of 2020 was fioconfig, a secure configuration management system we implemented to simplify the process of marshalling data to the end device. At a very high level, each device, when registered to a FoundriesFactory, transmits its public key to the management system. Fioconfig allows a user to fetch a device or fleet's public key, locally encrypt a payload with this key, and push it to said device(s). Only devices with the corresponding private key may decrypt the payload, and once decrypted, the payload changes may be applied.
Naturally, the next feature we implemented was fiotest, a test framework for FoundriesFactory. This builds off both fioctl and fioconfig to allow users of a Factory to define a set of tests, to run either in containerized or natively on the host operating system. The tests run directly after an update has been completed, and a testing report can be accessed via fioctl. This system allows distributed testing on single local or remote devices, or on entire fleets of devices, with the goal to improve QA throughout the development cycle, and even afterwards into production. If you are interested in more details start about fiotest, as Andy Doan explains in detail why and how we developed fiotest.
Another issue we tackled in 2020: was building cache performance. Previously, when you created a FoundriesFactory, it could take anywhere from two to three hours to complete the initial platform builds. This was due to the cache for each Factory having to be created from scratch during initial provisioning. We’ve implemented a way to seed cache in new factories, dramatically reducing the time for the first Factory build to complete. Currently, new Factory creation can be completed in about 20-30 minutes, thus allowing our new users to get started in minutes rather than hours previously.
The ability to remote debug devices in the field, even behind a firewall, has been a feature long requested by our customers. In 2020, we integrated wireguard vpn services into FoundriesFactory, to allow registered devices to join a private VPN network owned and managed by the end customer on demand. This allows devices in the field to be accessed securely, anywhere in the world, and we enable deployment of a private VPN server in minutes. If you are curious for more details, have a look at our wireguard documentation.
As with any software project, the documentation is always something that can be improved. We invested a lot of time and focus in 2020 to transform our documentation to align with our customers' needs. We strive to make FoundriesFactory truly “self serve”, and our latest documentation is key to achieving this. Along with a new website, app, the documentation now has been unified to reflect a one stop shop for all your Factory needs.
Linux microPlatform: 18 New Versions
In 2020, we released 18 new versions of the Linux microPlatform, and upgraded the Linux kernel with latest CVE security patches in 10 of those updates. Currently, the v78 release is the latest revision available and has support for more than 20 hardware platforms, spanning x86, ARM, and RISC-V architectures.