Talk at All Systems Go 2017 Conference

Before the ELC-E conference starts in Prague, Berlin hosts the All Systems Go conference, the successor of the systemd conference. In times of increasing IT security incidents with IoT devices, updating such systems in a secure and reliable way becomes more and more important. Michael Olbrich's talk outlines the challenges and possible solutions for a robust update process.

Common system update patterns from the IT world can not be simply transferred to IoT devices, which usually don't have an administrator and thus need to have absolutely relyable mechanisms for unattended updates.

Our modern update concepts use many open source components, such as barebox, systemd, RAUC and casync.

More about the talk can be found in the conference schedule. Usually, there is a live stream at

Further Readings

FrOSCon 2023

In a few hours, the 18th FrOSCon will begin at the Bonn-Rhein-Sieg University of Applied Sciences. Pengutronix will be there again with a small team. At one of the partner booths we will show some of our activities in the open source community. We will bring our labgrid demonstrator and the FPGA demo.

DjangoCon Europe 2023

Django is Pengutronix' framework of choice for internal applications that handle our business processes. These internal tools are also a great opportunity to try out current developments in the Django universe.

Chemnitzer Linux-Tage 2023

After the Corona break, the Chemnitzer Linux-Tage will actully take place in real life again, and the Pengutronix team will have eight (!) talks there.

Netdevconf 0x16

After a longer time with online-only events, the Netdev 0x16, a conference about the technical aspects of Linux Networking, was organized as hybrid event: online and on-site at Lisbon.

CLT-2022: Voll verteilt!

Unter dem Motto "Voll verteilt" finden die Chemnitzer Linux Tage auch 2022 im virtuellen Raum statt. Wie auch im letzten Jahr, könnt ihr uns in der bunten Pixelwelt des Workadventures treffen und auf einen Schnack über Linux, Open Source, oder neue Entwicklungen vorbei kommen.

Wir haben doch etwas zu verbergen: Schlüssel mit OP-TEE verschlüsseln

Moderne Linux Systeme müssen häufig zwecks Authentifizierung bei einer Cloud- basierten Infrastruktur oder einer On-Premise Maschine eigene kryptografische Schlüssel speichern. Statt der Verwendung eines Trusted Platform Modules (TPM), bieten moderne ARM Prozessoren die TrustZone-Technologie an, auf deren Basis ebenfalls Schlüssel oder andere Geheimnisse gespeichert werden können. Dieses Paper zeigt die Nutzung des Open Portable Trusted Execution Environments (OP- TEE) mit der Standardkonformen PKCS#11 Schnittstellen und i.MX6 Prozessoren von NXP als Beispiel.