traffic control • Smart energy management • Collect data to improve processes (cost, quality, speed) • Minimize downtimes by predictive maintenance • Find and rent cars via smartphone • Monitor fleets and provide service Industry Smart City Connected Cars
automation Automatic ticket gates Vehicle control Transport Power Generation Turbine Control Energy Turbine Control Building automation Healthcare Broadcasting Others Industry automation Industrial communication CNC control Industry 5 Linux is a registered trademark of Linus Torvalds. 5
Threat Report https://waterfall-security.com/2024-threat-report/ Cybersecurity Incidents in OT systems on public records since 2010 Cyberattacks are now nearly doubling annually. 8 Ref: https://edition.cnn.com/2021/05/08/politics/colonial-pipeline-cybersecurity-attack/index.html
on LTS kernels) Additional packages (hundreds) CIP Civil Infrastructure Platform Project (https://www.cip-project.org/) LTS Long Term Support CIP Open Source base layer company-specific middleware and applications Scope of a typical Linux distribution Layered Linux distribution for industrial products, utilizing and influencing the relevant Open Source projects: What is “Open Source Base Layer (OSBL)” ? 12
kit Corporate team/ central project Companies/ Divisions Business Units/ Products Firmware Update Security Hardening Container Runtime … Up to 70% effort reduction achievable for OSS license clearing and vulnerability monitoring, kernel and package maintenance, application adaptation and testing for an individual product. “distribution“ Kernel Base packages, SDK, Build chain, QA CIP Core packages (tens) Additional packages (hundreds) CIP Kernel (10+ years maintenance) Domain-specific extensions Domain-specific extensions … Mapping CIP into the company 13
Security Kernel Team • Providing CIP kernels with 10+ years maintenance period • Work with RT Linux project to upstream Real-time enhancement • Provide CIP SLTS kernel with real-time enhancement CIP Core • Provide a reference implementation with Debian based CIP core packages for testing CIP Testing • Providing a test environment to test the CIP kernel and CIP Core Security • Provide guidelines and reference implementations to help developers to meet cybersecurity standard requirements (IEC62443) SW update • Incorporate a common solution for software updates into CIP core 1 2 3 4 5 6 15
SLTS up to 10+ years • IEC62443-4-x assessed platform • Close monitoring of CVEs at user and kernel level • Extended support from Debian ELTS for specific packages • Regular automated testing on multiple SOCs with published test results at KernelCI • Strong support from big players of embedded system industry 18
maintenance (10+ years) Establish and strengthen standards • Security (IEC-62443-4-2), SW Update Boost relevant upstream projects • Currently Debian, Real-time Linux, KernelCI, Reproducible Builds Improve quality • Test infrastructure addressing industrial needs To build and shape the ecosystem for industrial grade software, its use cases, and applications.
of Linux and a defacto standard used at Siemens in hundreds of products”. - Urs Gleim, Head of Smart Embedded Systems at Siemens Summary of case study: Today, we have lots of products that are Linux-based. Many of these products were developed independently, which resulted in a huge number of different Linux versions and distributions. With all of these different versions in use, developers work to maintain all them in parallel. Furthermore, having more and more products connected increases the demand for providing security patches on short notice. Developers have worked in this way for a long time but this set-up is not scalable and cannot be managed like this in the future. To make matters more complicated, many companies are doing the same thing and maintaining several software stacks in parallel. The solution to this complicated issue is the harmonization of the Linux versions used in products. This is called the base layer and it’s the foundation of what CIP is working on. As member companies collaborate on this base layer will save money, resources and time in the long-run.
expect Semiconductor vendors to provide a base software and support for their maintenance services due to its over 10 years product life cycle Maintenance Services: • Software update services for bug/security fixes of the base software • Application updates Mission critical products never accept kernel update, so longer term maintenance is required Leveraging CIP: • Substantially reduces the additional development and maintenance burdens for customers associated with boosting the reliability and real-time responsiveness of software for industrial devices • Enables manufacturers of industrial products to reduce the Total Cost of Ownership (TCO) • Awareness in the industry market can be increased • Expectation of Biz creation with the member companies • Get reference information with regard to the requirements for next gen SoC
a dedicated set of reference boards, i.e., all CIP projects are tested and released for these boards. Reference boards need to go through a nomination process, as defined by the TSC, before being accepted. • Each Platinum Member can provide up to four different reference boards to be deployed and hosted for automated testing processes managed by the TSC; and • each Gold Member can provide up to two different reference boards; • Each member must provide their own physical reference boards. The member needs to provide four units of the same board for each type of board that is accepted. • Boards which are reference boards already by end of December 2021 will stay reference boards, even if they had been nominated by Silver members or Associate members. If brought in by a Platinum Member they count as part of the total number of boards brought in by the respective member. • Beyond that, additional reference boards, that are accepted through the nomination process, can be brought in by any member for an annual fee of $20,000 per board per year, for the time the board is supported. • TSC also is in charge of a decommission process for situations in which a board needs to be removed. Training: • CIP Platinum members entitled to 50-seat, annual subscription granting access to our library of eLearning courses and certification exams. Each seat gets access to up to two certification exams per year along with unlimited learning. (Benefit requires a signed MSA for training)
certain number of event tickets will be guaranteed to the members for events that CIP sponsors. The number of tickets is independent from the number of free tickets included in the respective sponsorship benefits, i.e. missing tickets will be purchased via CIP project budget. • Platinum members always get 2 tickets minimum; and • Gold members receive one ticket • Remaining tickets, if available, will be distributed across Platinum, Gold, and Silver Members • Members can donate their tickets to other persons, e.g., to Associate Members Leadership: • Receive greater insight into CIP strategy and projects through engagement with the CIP leadership team. Platinum level members have the unique opportunity to customize their experience with CIP. The team will make themselves available to help achieve your strategic goals. CIP Team can help with guidance in open source contributions, new market creation, and/or open source project donation. Have ideas? Just ask! Marketing: • Platinum members receive most prominent placement in displays of membership including website, landscape and marketing materials. CIP would like to emphasize those who contribute at the levels required to continue development and provide project stability in our marketing, PR, and event materials. • Contribute 2 thought leadership articles on Linux.com (1M+ unique visitors per month) regarding how your organization is using CIP to accelerate innovation • Platinum members are entitled to an individualized press release upon membership announcement with the PR team. All members are announced individually on the CIP website Blog • All members have the opportunity to be featured in a Member Spotlight on the CIP website Blog
helping build and shape the ecosystem for industrial grade software, its use cases and applications. Unite with other global leaders in power generation, oil and gas, communications and many other industries to establish the software building blocks for civil infrastructure.
CIP Kernel Team Maintainers and Developers 1 2 Providing CIP kernels with 10+ years maintenance period Kernel Team activities • Monitoring and Assessing Vulnerabilities • Continuously monitor security advisories. (e.g. CVEs) • Evaluate impact on CIP kernels. • Backporting Patches • Backport security fixes and important updates from mainline and LTS kernels to SLTS kernels. • Ensure compatibility and stability when integrating patches. • Upstream Contribution • Reviewing all patches to the latest linux-stable tree • Contributing features and fixes that need to be included in CIP kernels • Patch Management • Manage and track patches using repositories like cip-kernel-sec and patchwork • CIP SLTS Kernel release Patch review CVE Check Contributions Kernel Releases Branch / Platform Review and test results/ Fixes Feature mainlining Resources • CIP Kernel https://git.kernel.org/pub/scm/linux/kernel/git/cip/linux-cip.git • Configs, Tools and Review status https://gitlab.com/cip-project/cip-kernel 33
2022 2023 2024 2025 2026 2027 2028 2029 2030 2031 2032 2033 LTS 4.4 4.19 5.10 6.1 CIP SLTS 4.4 4.19 5.10 6.1 We are here Upstream First Self-maintenance Upstream First Self-maintenance Upstream First Self-maintenance Maintained by the LTS Project Upstream First Self-maintenance Started self maintenance 1 2 36
standard Kernel configuration (non-RT) 2 Tested with Real-Time enabled Kernel configuration Supported Kernels Platform Architecture SLTS v4.4 SLTS v4.4-rt SLTS v4.19 SLTS v4.19-rt SLTS v5.10 SLTS v5.10-rt SLTS v6.1 SLTS v6.1-rt AM335x Beaglebone Black Armv7 Y Y1 Y Y1 Y T Cyclone V DE0-Nano-SoC Development Kit Armv7 N N Y Y1 Y T QEMU x86_64 Y Y1 Y Y1 Y T Y Y Armv7(a15) Y Y1 Y Y1 Y T Y Y Armv8(a53) Y Y1 Y Y1 Y T Y Y riscv64 N N N N Y N Y N RZ/G1M iWave Qseven Development Kit Armv7 Y Y2 Y Y2 Y Y RZ/G2M HopeRun HiHope Armv8 N N Y Y2 Y Y SIMATIC IPC227E x86-64 N N Y Y1 Y Y Y Y SIEMENS M-COM x86-64 N N N N Y Y Y Y OpenBlocks IoT VX2 x86-64 N N Y Y1 Y T Y T Zynq UltraScale+ MPSoC ZCU102 Evaluation Kit Armv8 N N T T1 Y Y Candidate Reference Hardware Supported Kernels Platform Architecture SLTS v4.4 SLTS v4.4-rt SLTS v4.19 SLTS v4.19-rt SLTS v5.10 SLTS v5.10-rt Renesas RZ/Five EVK riscv64 N N N N Y T 1 2 38
of all kernel configs par arch • Multiple reference board can be supported by one config • Status • Done for 86 config • Unification script merged as well • https://gitlab.com/cip-project/cip-kernel/cip-kernel- config/-/blob/master/README.merge_kconfig.md • Other arch need to work more to follow x86 39 Board 1 Board 2 Board 3 Board 1 Board 2 Board 3 config1 config2 config3 gen_conf
• Tracks the status of security issues, identified by CVEID, in mainline, stable, and other configured branches. • kernel-cve-triage (Preview) • https://gitlab.com/cip-playground/kernel-cve-triage • Automated CVE Assessment • Evaluates CVEs against CIP kernel versions and configs. • Repository should become official CIP project soon 46
packages for testing CIP Core WG activities • Implement and release the following reference images: • Generic profile ( isar-cip-core, which is actively under development) • Tiny profile ( deby, which is mostly in maintenance mode ) • Isar-cip-core refers Debian 8/10/11/12 • Monitoring and Assessing Vulnerabilities • Provide tooling for CVE updates https://gitlab.com/cip-project/cip-core/debian-cve-checker • Manage CIP Core packages • Add packages based on requests from WG and CIP members • Upstream Contribution • Work with Debian LTS/ELTS for long term maintenance • Using Reproducible build to ensure reproducibility 50 Build tool CIP Core Packages Reference Hardware Reference images CIP Core WG Testing (CI) Kernel Team SLTS Kernel CIP Testing Funding, contribution and collaboration Security/SW Update WG Requirements deploy Request to add packages
in 2018 (75 month) • Started participating Debian ELTS from Debian 8 • Focus on Debian 8 and Debian 10 • The requested package list is publicly available • https://gitlab.com/cip-project/cip-core/cip-pkglist • 84 packages • CIP Core images are now reproducible Ensuring sustainability through Collaboration 3 51 Artifact type Target machine Raw contents Filesystem Images Disk Images QEMU amd64 Reproducible Reproducible* Reproducible* QEMU arm64 Reproducible Reproducible* Reproducible* QEMU armhf Reproducible Reproducible* Reproducible* BBB Reproducible Reproducible* Reproducible* (*) All required patches had been already upstreamed ELTS Funding started Start Debian 10 ELTS Joined Debian LTS
to help developers to meet cybersecurity standard requirements (IEC 62443) * this image represents the planning and is for illustrative purpose only Component User application User manual Design document Evaluation document User equipment S/W Document H/W Guideline and evidence Verified platform Compliant environment for evaluation Implement’n f. security Evaluation evidence Security requirements Application note Implement’n guideline Test cases Equipment for evaluation Reference implementations Application (sample) User manual Design document Evaluation document CIP Reference board Linux Kernel (CIP) Middleware / Libraries (CIP Core) CIP deliverables* 5 53
were not feasible in CIP • Custom developed components from third party • Secure Design best practices • Defense in depth design in deployment • Penetration testing • Secure disposal guidelines CIP IEC62443-4-1 assessment recently concluded Most of the secure development practices can be met by reusing upstream as well as CIP development practices
IEC62443-4-2 final assessment SVV testing (in-progress) CIP Security image package tests • Investigated package tests availability in Debian CI and package upstream • More than 85% packages have tests • Total number of packages 142 • 19 packages need to be care • Plan to work with upstream developers to enhance test coverage
assessment documents • Maintain version of each document • Restricted access of some documents such as secure design and IEC information documents • Versions could be compared • Considering above aspects CIP has decided to maintain assessment documents • Most of the documents are created using Markdown to meet above requirements • CIP plans to migrate to readthedocs format in future • All documents maintained in CIP Gitlab repositories 58 5
updates • 10+ year maintenance period • Open source and upstream first principles • Community-driven improvements • Collaborative patching with upstream community • Faster vulnerability identification • Standardization and interoperability • OSBL as a common software platform • Reduced compatibility issues by CIP testing 60
Layer of industrial-grade software • Industrial-grade OSBL enhances sustainability and cyber resilience for your products and services • IEC62443-4-x compliant platform with Long-term support • Constantly striving to incorporate latest security features and updates • Engagement with multiple security focused open-source projects • CIP follows open source and upstream first principles Collaboration is the key to sustainable living
ystk
garrettdimon
sachag
scottboms
eileencodes
iamctodd
trishagee
destraynor
ddemaree
mongodb
jonrohan
csswizardry
michaelherold
