Just six short years ago, seven engineers and executives who had worked at embedded software company Linaro came together to launch a start-up that was intended to fill a gap in the embedded computing market. Their idea was to create a software platform to relieve OEMs of the chore of creating bespoke software platforms for IoT and edge devices. In their minds, it was to be to embedded and IoT devices what the Android™ software platform was to the mobile phone market.
Their IoT start-up development company soon became Foundries.io, and their original idea has been realized successfully: today, the Foundries.io Linux microPlatform™ (LmP) provides a ready-made operating system for connected and IoT devices. It is supported by the FoundriesFactory® cloud native (DevSecOps) toolchain for managing the whole product lifecycle from proof-of-concept development, through deployment in the field, to disposal.
In the life of a start-up, though, there are many possible alternative versions of history: paths not taken, opportunities missed, mistakes avoided. So we’ve asked some of the founders to look back over the past six years. What turned out the way they expected? And what has surprised them about the impact of Foundries.io on the embedded market?
Our Ambitious Vision for Embedded Software
Through all the twists and turns of developing new embedded software, the grand vision that inspired the ex-Linaro staff has always remained the team’s North star, the guiding light for the whole company. As CEO George Grey puts it, ‘We were absolutely right to have identified a huge opportunity in the IoT and edge computing markets because of the lack of a standard platform, which created a huge amount of technical debt – OEM after OEM continually reinventing the wheel every time they wanted to start developing a connected smart device. The PC market had the Windows operating system, servers had Red Hat/Linux – but the IoT market had nothing.
‘Nevertheless, it was massively ambitious of us to take on the task of creating that platform from scratch, because we realised that it was not just about creating the equivalent of the Android operating system: the market needed a full set of tooling for embedded product lifecycle management, as well as the OS.’
This is described in more earthy terms by Andy Doan, principal software engineer. He says: ‘We knew first-hand and from painful experience which itches we wanted to scratch – the same itches as any proper embedded developer would also want to be scratched.’
Daunting as the task was, senior software engineer Milo Casagrande says the founding team was blessed in two ways: because they were all highly capable engineers, and because they were friends. He says: ‘It’s unusual to have a founding team as big as ours, but it worked in our favour; good teamwork is such an important element of a new company’s success.’
However, start-up life is never smooth sailing. What have the founders learned along the way? Andy Doan nails one basic truth that they learned early on from customers: manufacturing products that people want to buy at scale is hard. As he says, ‘Anyone can have an idea for a product. But I was surprised by how difficult it was for companies to turn an idea into a product prototype, and then to get that design into volume production and out into the market.’
In fact, according to principal software engineer Ricardo Salveti the challenge of bringing products to market has only become harder since Foundries.io was founded. He says, ‘Global markets today require even more product variants, both in hardware and software, than they did six years ago. This choice is essential in order to meet the wider range of regulations imposed in different regions, to reflect differences in the supply chain, and to respond to different customer preferences. That complexity is incredibly difficult to manage if you don’t have a dedicated tool to automate most of the process. That shows how much value we were creating when we conceived the idea for the FoundriesFactory product.’
CTO Tyler Baker says that, before they could settle on the design of the FoundriesFactory platform, the team had to learn some hard lessons about who their customers needed to be. ‘Our customers fit a very specific profile: it’s companies that are building products. We wasted a certain amount of time and energy addressing the requirements of companies such as service providers, SaaS outfits and SoC manufacturers that don’t themselves manufacture embedded or IoT devices.’ Now George Grey says that Foundries.io is crystal clear about its mission: to ‘help customers develop, make and maintain secure IoT and edge products that are based on the Linux operating system’.
Securing IoT and Embedded Devices: Too Often Neglected by Device Manufacturers
The emphasis on ‘secure’ IoT devices and products points to the second big lesson that the Foundries.io team learned: that implementation of embedded security protection tended to lose out to other more urgent development priorities as it’s not an easy and seamless part of the embedded development workflow. As Andy Doan points out, ‘Making products at scale is hard, and in the scramble to get a product into the market, it’s easy to treat security as an add-on rather than a core feature – and then it can slip through the cracks.’
In other words, it’s not that OEMs intentionally or recklessly ignore the need for security – rather, they are like a hot air balloonist in an uncontrolled descent who jettisons valuable cargo to try to avoid crashing to earth. In the embedded world, it’s security that often gets jettisoned in the rush to meet a go-to-market budget and deadline.
Yet tools for embedded device security protection are at the heart of the FoundriesFactory platform. So has Foundries.io’s promotion of the security cause given the team the feeling that it has been swimming against the tide?
George Grey puts it this way: ‘I think we have always been about three years ahead of the market in taking lifetime security seriously. With hindsight, would we have done things any differently, or downplayed the push for security? I don’t think so. We were right to invest time and expertise into security, because now we are the only company in the world that tackles the lifetime security problem holistically, end to end from device boot to cloud. And the market is turning our way, because companies recognise the huge financial risks associated with exposure to security breaches, and because legislation and standards are forcing them to implement a base level of security protection in devices.’
And the flipside of embedded OEMs’ reluctance to develop their own security capabilities is that when they discover that the FoundriesFactory product integrates it seamlessly into their development flow, the barriers drop away entirely. CTO Tyler Baker says, ‘When you make it quick and easy for OEMs to implement over-the-air updates, as we do in the FoundriesFactory toolchain, they love it – all of a sudden, they can’t get enough of security, and they are knocking on our door asking for the latest Linux microPlatform updates as soon as they can get them!’
Scaling our Embedded Company, Foundries.io to Meet Future Challenges
It speaks to the huge task that the founders took on when developing the FoundriesFactory product that they can still talk of the work that remains to be done. Milo Casagrande says that one unfulfilled ambition is to make Foundries.io as successful in India and China as it has been in the other parts of the world that have substantial embedded computing markets. He says that these countries are hard to break into, and require adaptation to specific cultural and business practice requirements.
To principal software engineer Mike Scott, this highlights one of the most important priorities for the developers at Foundries.io. ‘Today, setting up a customer to use our products is a fairly manual process that needs the support of engineers on our side for each customer engagement. That limits our ability to scale up, both in terms of numbers of customers and in terms of our geographical reach.’
He says that it is exciting to think how many more customers the company can get on board by automating the process of configuring and installing Foundries.io products in the OEM’s development workflow. He says, ‘That’s a work in progress – it needs the right UI, documentation, app notes, tutorial videos and other assets – but when we roll out an automated version of the FoundriesFactory product, it’s going to be a big moment in the history of Foundries.io.’
As Foundries.io celebrates its sixth anniversary in October 2023, there is much to celebrate with the many customers that already derive value from the provision of an end-to-end solution for IoT and embedded device management and security. The force of the company’s original vision, and the appeal of the solutions that it provides to realise that vision, are reflected in the growth of our embedded software company: from the original seven members of staff, head count today has grown to 35, and continues to rise as the company brings on board more staff in engineering and other roles.
Proof positive that the founders’ work is not finished: the next six years promise as much development and innovation as the first six years have already seen.
In memory of Alan Bennett, a co-founder of Foundries.io