Most Linux distributions include many applications and libraries for maximum flexibility, but many of these are often unused. ELinOS takes a different path: Its automatic library dependency resolver ensures only the necessary libraries for selected programs—whether built-in or custom—are included.

Unlike typical Linux distributions, ELinOS does not enable unnecessary services like HTTP or SSH servers by default. Instead, these remain optional, resulting in a custom, lean, and highly secure embedded system.

Additionally, ELinOS supports all Linux standard Security mechanisms to harden an embedded system such as user privilege separation, read-only file system, kernel memory protection and Address Space Layout Randomization (ASLR).

Embedded Linux ELinOS can run as a so-called partition on an embedded target that is separated in time and space from its host operating system. PikeOS as host system ensures that its guest operating systems don’t access resources that aren't allocated. Only predefined memory and I/O spaces can be controlled in ELinOS.

On top of embedded Linux ELinOS Security approach, its host operating system encapsulates the Linux system in a way that attackers can’t break out of the shell. Interrupt control is managed by the host operating system PikeOS - ELinOS can’t access the hardware independently. This mechanism also applies to the Memory Management Unit (MMU).

Immutable Linux — Secure by Design

An immutable filesystem helps protect your embedded Linux system by preventing unauthorized changes at runtime, ensuring system integrity and simplifying updates.

Watch this quick demo to see how to set up an immutable Linux root filesystem in ELinOS using CODEO — our integrated development environment. This video guides you through the essential steps to build a tamper-resistant system.

ELinOS Security services is an optional offer for our customers. It allows ELinOS customers to improve and maintain the Security of their ELinOS systems by receiving regular customized Security advisories about newly identified Security issues and early access to updated software packages.

Project Consulting

We identify potential Security issues in third party software components supplied with ELinOS. This includes monitoring services such as the coverage of the Common Vulnerabilities and Exposures (CVE) list and also Security advisories by open-source community. We deliver impact analyses and the identification of potential Security issues as well as regular Security fixes in a quarterly time frame.