 Thank you very much. We just finished hearing about Edge X and talking to devices. Zephyr is what runs on devices. So, this comic is from 2016. And Zephyr launched in 2016, okay? We start thinking about it in 2015. Basically, all those devices talking to the Edge, talking to the cloud, there's a lot of potential problems that can occur, okay? We obviously don't want ransomware happening on our devices. We don't want garbage coming out of them, that the AI is analyzing, and then you're getting silly things happening. So preventing garbage in, garbage out, we need to pay attention to security and we need to make sure that we're aiming at something that is going to be trust. You can trust. So, when Zephyr launched, we were looking at trying to make sure we have the best class RTOS out there. Zephyr is pretty much designed for where Linux is just big. You know, under, Linux doesn't get, images don't get smaller than about two meg these days. Zephyr is like, you know, 8K, 512K, that type of size. So you want to have something, running on these sensors, very low footprint, and just doing what you wanted to do in that set. So we built it right from the very start with the view that we want to make sure it's secured and we want to be able to take it through safety certification. And this started, the work started in 2015. We launched the project in 2016. And we've been fairly effective at growing it and building a community out there. What we wanted to do with Zephyr is, it's an RTOS. We wanted to make sure that we could actually have an effective, sustainable project. We entered this space with a lot of other solutions out there. Proprietary as well as open. But we didn't have that consistent focus going on. You had to go to Proprietary if you wanted security. We wanted to be able to have security in the open source. There's cross architectures, there's many architectures that are involved in it now. And we do have the neutral governance and we have the Apache licensing on it. That was the choice of the initial founders. And it is very modular. So you just compile in what you need. And we actually have ready now four products. And I'll go into a little bit of details about that later. But we followed a lot of the same lessons we learned from Linux. And one of those is using a long term support. And so that is what we recommend for products. And we're actually trying to take it through certain certifications. It actually has gone through a Bluetooth certification already from our RTOS. So just to give you a bit of a feel, on the last presentation you saw BLE. You've seen TCP, you didn't see CAN there, but that's another protocol. And KTT and so forth. So this is what connects up to projects like EdgeX. We also talk right to the hardware. So there's a variety of systems that are available here. Zephyr's got a very good Bluetooth low energy stack. Probably got one of the best in the industry. The Bluetooth thing is using it for developing the next generation. So we're pretty much current with it. There is a fairly wide set of open thread as well as POSIX support for it. So it's a pretty complete solution at this point. Back when we started, the way we've been working in approaching this, is we wanted to keep the active development going that you have with the Linux community. You want to have quick innovation. You want to be able to put things out every quarter. We have recently released games. But when we wanted to start to stabilize it, the Linux kernel has an LTS every year. We're Zephyr where we're two years right now. And we're committing to keep it up to date for two years and put security updates there. And then part of that we're slowly and surely transforming over to be ready for audits. So for safety certifications and being able to go through that process. So security certifications as well as technology certifications. And we're basically working on making sure we get that code base robust enough and then things get back ported in. This diagram has come up within 2015 and we're still executing to it. And we finally are actually, it's downshading the first LTS this year. Okay, thanks. So the 1.14 release was our first LTS. It was LTS number one. And we are focused on putting security updates with it as well as making sure that it is compatible with your hardware. And the team has committed to supporting it for two years. However, so it's not feature based and it's not the cutting edge. Cutting edge should be going into the 2.1 frame now. But with this one, 1.14 we released in April. That was our first LTS. And we've released our first update to that LTS now. And we have CVE fixes in it. And so we're keeping the security up to date with it and reporting anything to be fine. As well as here we've gone through a certification process for Bluetooth. So the certifications are available to you if you're using the Zephyr repositories right now. And then there's a long list of issues fixed. But everything is up there. It's public. On the GitHub repo and it's transparent. For auditable, this is what we're going to keep you in sync. And that's right to that back porch. So we're doing a bit of work to transform the code base to make it easier. And the safety committee and the security committee are working together and working with our check with the steering committee to make sure that everyone can agree on the rules. So we've got this collaboration with experts working with the development experts trying to make sure that everyone can look with what we change and the process changes going on. So we've been going after this journey now for a couple of years. We put our security committee right in place when the project started. And then we publicly documented our security processes to date. The Zephyr project is one of the few open source projects that's individually available as a CD numbering authority or a CNA. And it's publicly listed on the Mitre site. And we have a security team, a p-cert team, sometimes they're called, for responding to vulnerabilities and working with researchers to find vulnerabilities. So the fact that we've got that sitting in place is something we're rather proud of. So there's very few open source projects that have that up there and the students themselves publicly that way. We've also, this morning you heard the core infrastructure initiative, the CII badge. Zephyr used the guidelines of that CII badge to help make sure they were following best practices as a team. So the security teams are working with them and we are one of the only three gold badges right now. So if you go to CII best practices badging, all our processes are publicly documented, they're all visible. And we're actually gold badge. And then we've also got a lot of automation going in with Mitre scans as well as with the Covarity scans to make sure we keep up with Russians as well as with lenders and some of the fuzzing stuff we've been working towards. So on the security side what we're looking at is our processes are described in the documentation. The coding dial into there, there's information on how to report vulnerabilities and there's various processes for securing bugs and we also have a very private repo for our security team to access and work on mediations before it hits public, in certain cases. But then we put everything up in public as soon as we have the results available. So another thing we're doing is there are a different random framework. This tends to be an area for a lot of vulnerabilities and we have some active work going on there. We've addressed a bunch of security issues in this area already because some of the mechanisms that are used are more designed for larger systems for entropy and we want to work in very small systems. We do want to make sure that we have these clear APIs so it's easier to do everything right and we're sort of moving it bit by bit through and people who are interested in this are happy to talk more about it. We've got some crypto drivers and hardware and software available and the software are open source ones. There's Tiny, Krypton and Ventil, as they're both integrated well into Zephyr right now and we can use offload hardware too so there's some interfaces for that. There's some instances there. One of the certifications we've been looking at strongly in the security team for is the FIPS 140. Probably going under FIPS 140-S3 this year. That's what the security team wants to focus on and we're working with that with the auditable so it's a subset of the functionality that's in the LTS that we're taking through auditable and so this is what the team will be working on in 2020. And then of course, as we know with Linux and other systems, fuzzing is useful to find problems and avoid them. We do have a native Aposite support for this ecosystem and there's a lot of research that's going on here but there is fuzzing testing working going on and we have been working with some researchers in this area. And then of course, we have threat models associated with the security for these systems. We actually have documented a threat model and you can refer to it from the CII system. We've learned a lot since then and we'll be doing updates in 2020 about this. And basically, we have to do some reorganization or documentation about the analysis. And then if you don't boot securely in a trusted way your compromises are possible. Right now we've got reference systems using MCU boot going on and we have ideas about there's potential stuff for the upgrade story as well as a suit that we're working towards in the project so we can get that secure endpoint so you can put an image on, it's there, it's on your image or something like that and potentially have the ability to revert or not but then have an options available for people who are deploying out with Zephyr. So as you can see from EdgeX talk you can be talking from devices up to clouds into any clouds. There are a variety of other R-tosses out there today and these are some of them. And the integration with specific clouds is one of the things that's been happening in the last couple of years when Amazon acquired free R-toss and then had it connected to its cloud and have a good story there. Huawei has a story with LightOS, Alibaba with Alibaba's Things and Samsung's Tizen so we have these specific cloud stories that have emerged. What we're aiming at with Zephyr and the others is we want to be able to securely connect to any cloud. We want to have that cloud neutral story and better neutral story and then probably Riot's probably in that camp based on the fact that they're working with the EdgeX people too. But these are sort of the R-toss ecosystem that was there and it actually has had a few things added to it since the project launched. But we want to make sure that we have Zephyr to be able to use on these smart devices and in the sensors and controllers that talks through EdgeX and the Crano here in LF Edge. We've got IoT projects working with Zephyr too and we've got proof of concepts on Google's cloud and the Amazon and then some of the other ones are the ones we'd like to see emerge. So there's discussions on that so that's what we're looking at next year. Part of what makes these sorts of things possible is using standard APIs. One of the common set of APIs here is POSIX and we've got basically 51, 52 MPST sockets implemented and available to you in Zephyr. So we don't have the full POSIX but we do have some of the key ones that people have wanted and certainly if something's missing that someone wants to contribute we're certainly welcoming it. This is what we've got here and that's what we're working towards. So the outcome of this is we actually have over 200 boards now supported in Zephyr. It's popular and it's growing in popularity and that's being shown by the number of boards you're seeing in the ecosystem and in our repos. So if you go to Zephyr on GitHub and go down under the drivers you'll see these boards sitting there as a sub-directory. You can go look at all the details and see if your favorite's there. And for a project that's four years old and just has had their first LTS one of the things that's been really exciting for me personally partially it's a discovery path that is finding out the products that are actually using Zephyr. A couple of years ago Phytik made these boards for us for the project and they've got sensors and they're a badge. So it's a little mobile badge with sensors on it and you can write Bluetooth mesh for that with your colleagues. We've had that now for about two years. That was sort of the earlier ones. There's a few other earlier ones that have that timeframe. ProGlove is a glove with a tip sensor with a glove so that when you're scanning barcodes in the factories and it was running a lot in Europe last year in this year and they came out initially from Zephyr even before our LTS and they were sort of fun for me to work with in the sense that I met them first at Embedded World and they told me they're using Zephyr and I was like, oh, that's a really cool first product out there. And I said, well, why don't you contribute stuff upstream? And they're like, oh, we're a startup. We can't. About six months later someone contributed a driver they didn't like and they suddenly understood why they should contribute upstream so they are now contributing into the recall as well. But they're using some of the LEDs. Regato is an IoT gateway that's using multiple cores. One for bunches running on the big core but they're using Zephyr on some of the devices to handle the Bluetooth stack and communicate that way. Another one here I brought if you want to talk to me and look at it later is Adero. And these are smart tags and what you do is put a master tag on and you put little taglets on things and it helps you with the proximity. So you can set these very small systems. We're seeing a fair amount actually of tagging. The Ruby nodes are also a tagging system. Any care, we heard about reindeer earlier and any care is actually for your tags for reindeer that's using the MPIOT long-term communication and that's being used up in Scandinavia for tracking the reindeer herds. And to make sure that they're still alive and moving effectively is what it's coming down to which is better than these great big collars and it's much more cost effective. We have smart glasses that are coming out of France. So there's a lot of very interesting innovative new products coming and because it's open source it's hard to say whether they're using it or not. We only know because they're telling us. Hero core box for instance is from a startup in Israel and I think UK and it's a box that gets welded onto the side of a garbage truck for six months. Okay, so they have this box welded on these garbage trucks. Once the garbage truck tips up the sensors basically sends a signal of its position and so the battery has to last for six months so people don't hack it, right? And that's just to make sure the people are actually dumping in the landfills. When they're claiming they're going to be dumping in the landfills. So these are sort of examples of things I've been finding and we see a lot more coming out of the GAPS family too I think the next year. Zefran now is supported on all these architecture families. There's ports for M and R. I've seen some code suggesting an A port showing up which I was not expecting initially. I was expecting to sustain pretty much 32 bit. We've had a 64 bit RISC 5 port added in this year. We've got XA664 on Intel so I've got some two new architectures that have been talked about publicly on the list. There's a spark and then there's also the open power architecture. The open power architecture is being implemented on MPGA. And so as a stepping point for certain other work, that spark, sorry, power ISA is running as ever. So as you can see we're pretty much a brilliant, pretty diverse community. When we started off in 2016 we had about 80 developers who are now 580. I think what I did this morning this afternoon it was 582. We've gone from just under 3,000 commits to well over 30,000 commits. Four boards initially allowed just over 200. So developers seem to be liking this code base. It's very familiar for a lot of analytics developers. It's using device tree, it's using some of the common mechanisms of Linux that are available to you there here. And when we started it off it was just a couple companies and as you can see we've got a pretty wide range of companies in the last year participating in this and diversifying it out. And if you look at actually the commit behaviors there's been over 10,000 in the last year upstream into Zephyr. To put some of that in context the Linux kernel is basically about nine commits per hour Today if your DLTS for Linux is about one commit per hour Zephyr is about one commit per hour into its repo right now. So we're starting to approach the velocity up there and that's the developer, all those developers are doing these because they need to do it and all those are showing up and so forth. That sort of stats is something I've been keeping track of for the last year and a half is all of these repos that I'm showing you the logos for are up on GitHub with the exception of NatX and this data is I look at total number of contributors total number of commits each month and what's happening in the last month and pretty much all the way along this period the most commits in the last month has been dominated by Zephyr which means that we have a slight different trend line than a lot of the other projects out there right now and you know Riot is also doing really well from a community perspective and Trendline is in bed but Zephyr's are breaking out of the trend and this also means we're also seeing breaking out of the trend in terms of the number of contributors in fact right now I think of all those RTOS's that were out there Zephyr now has the most contributors we have, I think we're like saying 582 this data here ends in October there's been a little bit more so the X is clearer we've got fairly active website traffic worldwide we've got a variety of we've actually started to look at Japan's up there, it's in the top 10 and we have a fairly active footprint on social media as well and we have a Slack channel like EdgeX and others so if anyone wants to hop on and ask a question you can just self invite and over the last you know I took this snapshot from our traffic insights on the project and you know in a two week period there's over a thousand people coming into the repo now so I'm really excited to see what products emerge next year because they're doing something with it it's just going to be detective work now to figure out what so that is pretty much Zephyr what's happening with Zephyr and EdgeX as we see we're focusing very much on security and trying to make it real and there's a security team and so anyone who's interested in learning more about it I'm happy to talk to you about it feel free to just go on to the GitHub site or join us in the Slack channel and see if it works for some of the things you care about with that I'll say thank you