Optimized LTS Linux Kernel with Real-Time Linux Support
ELinOS includes the LTS Linux Kernel with optimizations for embedded usage and real-time extensions. The main concept is to reduce the number of device drivers and kernel features. Unlike other Linux distributions ELinOS does not enable all features to support a wide range of applications and devices.
Instead only the device drivers and features required by the system will be enabled. This will reduce the complexity and amount of device drivers in the system to a minimum. A system configured this way reduces the surface of attacks.
Enhanced Security and Hardening Options
ELinOS provides several mechanism to secure the target system. A main advantage of ELinOS is its unique feature driven configuration approach that configures both kernel and user space at once. Similarly, the root file system will contain the selected applications and libraries only. The result is a system tailored to the individual project’s needs without any unnecessary components or functions, reducing complexity, increasing security and keeping the footprint of the Linux environment as small as possible.
Immutable OS
ELinOS as an immutable operating system serves as a secure foundation with container support. The core system files remain unchangeable, ensuring stability. User applications and services operate within containers, promoting a clear separation. Updates can be independently applied to both the base system and containers, enhancing flexibility. This approach increases Security by isolating components and simplifies management. Setting up the system is very user-friendly, facilitated through a template in the simple new project wizard, streamlining the deployment of a consistent and secure environment.
Immutable Linux in the World of Embedded: Watch the Webcast
Immutable Linux with ELinOS: Download the Whitepaper
Setting up an Immutable OS with CODEO: Watch the Video
Over-The-Air Update Support
Devices and software components nowadays are getting more complex. Especially the software provides a huge set of functionality and thus is a potential security risk. Thus it is common to have an update strategy available to do a system upgrade. The easiest way is to provide software updates over-the-air (SOTA). For this purpose ELinOS provides the tool SWUpdate.
SWUpdate is a powerful tool to support the user to provide customized update strategy for its system. The tool supports multiple strategies and is highly configurable. Thus it can be used to update a single user application only or provide a full partition image with a pre and post install processes. SWUpdate uses a single CPIO image and can integrate multiple files or partition images. It is even possible to support different target boards and multiple software channels (stable, debug, ...) in a single update image.
Graphical User Interfaces: HTML5 / Wayland / Qt / GTK
ELinOS provides several graphical user interfaces depending on the user requirements. We support new interfaces based on Web technologies like HTML5 as well as classical graphic interfaces Using Qt, GTK with or /wo Wayland. The web view is based on state-of-the-art QtWebEngine/Chromium and supports latest and well-known HTML5 features.
Using a classical graphical framework allows full control and highly optimized systems. ELinOS supports the developer by easily integrating the well-known frameworks with a graphical configuration interface on the host system.
Container Support: Docker, Isolated Applications
Docker is a set of tools and services that use OS-level virtualization to execute software. The software is distributed in form of images - packages which contain the software itself, all the necessary libraries and configuration files. The host operating system/kernel executes those as so called ”containers”. While those are technically self-sufficient, it’s possible to define communication channels which can be used to orchestrate software into bigger groups of independent components.
wolfSSL
wolfSSL stands out as a top-tier, portable, and embedded Security software creator, specializing in SSL/TLS libraries. Distinguishing itself from OpenSSL, wolfSSL offers a compact size, professional support, and flexible licensing options. With ELinOS, users can seamlessly switch between wolfSSL and OpenSSL, tailoring their security solutions.
For PikeOS customers, a convenient entry point begins with a user-friendly Linux personality, exploring the rich feature set of wolfSSL. As needs evolve, a smooth transition to the native PikeOS environment is facilitated, allowing for a flexible and adaptive Security strategy.
OpenSSH, OpenVPN
OpenSSH: ELinOS provides full support for OpenSSH, allowing secure, encrypted communication between embedded devices and remote servers or systems. OpenSSH, a widely used implementation of the Secure Shell (SSH) protocol, ensures safe remote login and secure file transfers over potentially insecure networks. This support includes both client and server functionalities, enabling developers to remotely manage and configure embedded systems securely. With OpenSSH integrated into the ELinOS environment, users can easily establish secure connections, ensuring confidentiality and integrity of data transmitted over the network, which is crucial for applications in sectors like Industrial Automation, Healthcare, and IoT.
OpenVPN: ELinOS also supports OpenVPN, providing a powerful and flexible solution for establishing secure Virtual Private Networks (VPNs). OpenVPN is an open-source tool that enables encrypted communication between embedded devices and other networked systems, ensuring privacy and Security even in untrusted environments. With OpenVPN integrated into ELinOS, developers can easily configure and manage secure network connections, allowing embedded systems to communicate safely over public networks. This is particularly useful in remote monitoring, secure device management, and Edge Computing applications, where ensuring secure communication is essential for protecting sensitive data and maintaining the integrity of embedded systems.
Integrated Firewall
ELinOS provides network package filtering with nftables and iptables. nftables is part of the netfilter sub-system inside the Linux kernel. It essential for the implementation of Linux based firewalls, routers or any other kind of gateways that require control over incoming network packets. It is the successor of the iptables subsystem, but also provides the functionality of ip6tables, arptables, and ebtables under the same hood.
nftables: Read the Blog Article
Connectivity: Wi-Fi / Bluetooth / Ethernet
Connectivity features are fully integrated into ELinOS and activation can be easily done with the Feature Configurator. The necessary tools to manage the connections as well as a firewall are available as well. For Bluetooth we also offer the Clarinox Bluetooth stack.
Bluetooth: Read the Blog Article
Eclipse-based Integrated Development Environment (IDE)
With CODEO you can conveniently setup your target device via the project configurator. Here, you find all the necessary tools to manage your target and your applications. The IDE grants access to target devices for remote debugging and timing analysis for runtime information. You can focus on developing outstanding embedded applications for the intelligent edge.
CODEO is flexible: You may cross-develop for target devices within Windows and testing it with QEMU.
QEMU-based HW Emulators
The fastest way to start the development is by using a VM based on QEMU. ELinOS offers QEMU for all supported architectures and allows to easily setup a system to run in QEMU. This allows to start application development, configuration and debugging without having a real target on the desk. At the end you can simply switch from QEMU to the real target.
License Scanning Tool
The License Scanning Tool is a pivotal host tool designed to assist customers in analyzing source code closely, identifying licenses, and tracking copyrights. Its versatility extends to handling diverse packages, encompassing license information within OSS archives or individual source files. With the capability to generate SPDX reports, this tool provides comprehensive insights into software licensing compliance. Leveraging the robust foundation of the ScanCode Toolkit, it empowers users with an efficient and reliable means to navigate and manage licensing complexities, ensuring transparency and adherence to legal obligations in software development.
Rust Programming Language
ELinOS fully supports the Security-focused programming language Rust. Rust enhances embedded systems development by offering robust, safe, and efficient programming capabilities, complementing the system programming strengths of C/C++. It ensures strong data type security, advanced memory safety, and eliminates vulnerabilities like buffer overflows, all without the need for a garbage collector. Integrated into the ELinOS environment, Rust enables direct application development, cross-compiling to multiple target architectures, and provides the tools needed for secure, high-performance embedded systems.
Trusted Platform Module (TPM)
ELinOS includes support for Trusted Platform Module (TPM), enhancing embedded system security with hardware-based cryptographic services. TPM provides secure boot, file encryption, system integrity, and key storage by leveraging a dedicated crypto processor chip. With TPMv2 tools and libraries, ELinOS enables secure encryption management and integrity verification through features like secure automatic disk encryption and hardware-based random number generation. This integration ensures a higher level of protection for critical embedded applications.
Python Support
ELinOS offers strong Python support for embedded systems, enabling rapid application development without compromising low-level control. Developers can use Python's high-level features, access its ecosystem of packages, and leverage essential libraries directly on embedded devices. This integration allows for quick prototyping, testing, and development of applications in areas like automation, data processing, and IoT. ELinOS combines Python’s flexibility with real-time and Safety-critical capabilities, making it ideal for projects requiring both rapid development and high-performance execution.
Application Debugging
ELinOS provides powerful tools for application debugging, enabling developers to troubleshoot and optimize embedded systems effectively. The integrated CODEO IDE supports advanced debugging features, including remote debugging, which allows developers to connect to target devices and inspect application behavior in real time. ELinOS supports various debugging methods, such as GDB (GNU Debugger), enabling step-by-step code execution, variable inspection, and breakpoint management. By utilizing open standards, we ensure seamless integration with existing tools, offering a significant advantage for streamlined development workflows. With features like runtime analysis and detailed logging, CODEO ensures developers can identify and resolve issues swiftly, making it ideal for complex embedded applications with strict performance and reliability requirements.
