Our Services around Secure Embedded Linux
Secure embedded Linux systems require a holistic security concept that starts at the very first instruction executed on the device. With linux secure boot as a foundational building block, combined with systematic linux hardening and a standards-based security approach aligned with IEC 62443, IGLOS supports you throughout the entire lifecycle of your embedded product.
From initial system bring-up to long-term maintenance and certification support, our services are designed to reduce security risks, accelerate time to market, and ensure compliance with current and upcoming regulatory requirements.
Secure Embedded Linux Services – Secure Boot & IEC 62443
Bootstrapping your Embedded System
To kickstart the development of your embedded systems, we will setup IGLOS on the hardware of your choice. Our feature rich building block platform allows to easily tailor the system to your individual needs. In contrast to an embedded system built from scratch, you gain significant advantages in terms of time to market and costs, due to the blueprint implementation provided by IGLOS. Still, if needed, every detail of the system can be adapted to your needs. You pay just for the effort to setup the system, but IGLOS does not come with a recurring license fee.
Security and Software Lifecycle Management
The Cyber Resilience Act and IEC 62443 demand a structured approach for planning, developing, deploying, maintaining, and retiring software. We help you to establish and implement compliant, yet streamlined, processes, and provide all necessary artifacts for the operating system. With risk management based on targeted threat modeling and penetration testing, we ensure peace of mind throughout your product's lifecycle while minimizing operational and security risks — including those addressed through mechanisms such as linux secure boot and systematic linux hardening.
Security and Compliance Consulting
With decades of experience in developing secure embedded systems as well as going through the whole IEC 62443 4-1 and 4-2 certification process, we are not only experts for the operating system, but we are also able to give individual advice for setting up a holistic embedded system. Based on an initial analysis of the architecture or an existing system, we identify security weaknesses that will impede a IEC 62443 4-2 certification of the product and suggest, prototype or realize matching solutions — including measures related to linux secure boot and linux hardening where applicable.
Long-Term Support and Maintenance
We offer long-term support for the Linux kernel and further open source components with continuous updates, security patches, and predictable lifecycles - crucial for mission-critical applications. We do not just monitor and report CVEs to you, but are able to dive in and strive for robust solutions, as demonstrated by our involvement in addressing vulnerabilities such as Meltdown/Spectre and CVE-2024-8176. Also to minimize the risk of supply chain attacks, all components of IGLOS are assessed according to established guidelines, and a comprehensive Software Bill of Materials (SBOM) will be provided.
Linux Kernel Development
Linutronix is deeply rooted in Linux kernel development. During the development of Real-Time Linux, our team has touched literally every subsystem of the Linux kernel to make it suitable for real time systems. Today, several of our colleagues are responsible as maintainers for important subsystems, most prominently the x86 architecture and timers. Also, many device drivers were developed or improved by Linutronix. We can, therefore, support you in every aspect of Linux kernel development, from device driver development, support with mainlining your own code, debugging the kernel or turning whole subsystems inside out — forming a solid technical basis for advanced security concepts such as linux hardening.
Support
Even with a fully working and tested initial system, the most critical issues in terms of time pressure and revenue loss often arise when the product is running in production. With our large team of experts, you can be reassured to get a dependable solution to your problem. One of our specialties is debugging latency spikes in running real time systems, but with diverse experience in all kinds of open source software, our experts can confidently support every industry-related project — including security-relevant issues across the lifecycle of linux secure boot enabled systems.