 So I'm George Gray. I'm CEO of Foundries.io, which is a spin-out out of Lunaro. And so what's the latest that you talk about here at the Zephyr booth? So we're here at the Zephyr booth at Embedded World. And what Foundries is doing is creating micro-platforms for Zephyr, for RTOS, and for Linux. And these are over-the-air updateable, cross-architecture, secure platforms built for people to build IoT devices from smart sensors and controllers all the way up to advanced gateways and automotive applications. Because there's a huge demand to have updates for the IoT, right? Yeah, so today most IoT devices are not particularly secure. They're all built using different software, and it's very hard to make them all secure. So one of the challenges in the Embedded space is everybody has their own use case. Everybody wants to build their own product, and they therefore develop their own software. So what we're trying to do is make sure that there's an open-source free platform that everybody can use, one source code base, that we can then enable them to configure for their own use case. And what's the business model? So the business model is that the source code itself is free. It's available on GitHub. You can go to github.com. You can go to github.com. You can go to github.com. You can go to github.com. You can go to github.com. And what we have is Embedded software as a service that will enable you to configure the micro-platform to your own use case and give you lifetime updates over your product lifetime. So you can continue to update your product through its lifetime, even if it's an industrial IoT device that may last 20 or more years. Did you invent the micro-platform? So the micro-platforms are based on open-source technology that we've been working for a long time in the ARM ecosystem in Leonardo. And so what we're doing here is we're leveraging Leonardo's open-source background and our background in Leonardo to provide effectively a free operating system, a rolling distribution for both RTOS, Zephyr, which is the Linux of RTOSes and for Linux itself, where we're using containers to actually minimize the base underlying operating system, which can also be updated, and then your applications and services can be updated in containers. So what's the latest at Founders.io? So what I'd like to do is let Tyler Baker, our CTO, show you some of the things we've been doing, particularly we'll do an over-the-air update of a real Zephyr device. Hi. Do you want to cut it? No. Is it ready to run? No, we can do it. Can you just want to make sure you can actually see the screen? Yeah. Okay. Let me know. Okay, so the first thing we're going to do is we built the app, and so this is the badge. I know it's plugged into USB, but we're going to show you it over the year update anyways. And so it's currently running open thread, but I'm going to go back to BLE 6 low-pan, and I'm going to flash it so we can watch it go back to the state. So what I'll do here, I'll flash it. And we can look at the console as you can see in that game in here. And so to give you an idea of what the Zephyr Micro platform is, it's really two software components. It's MCU Boot, which is a secure bootloader for microcontrollers, and then the Zephyr application. And so we built a reference platform based on this to show people how to securely update their devices. Okay, so you can see the badge is resetting now. Here. Console going. Okay, so as soon as this blue light comes on, it's connected to BLE. Okay, now we're connected. And if you look at the screen, it's actually starting to send data to the LWMDAM server. So it's connected to the internet. This is an IPv6-based networking. And so let me show you a little bit about this first. I'm going to build the open thread app next so we can update it. So if I click here and I find my build target, and I'll show you LWMDAM to modify this device. Okay, so this is the LeSean server. It implements the LWMDAM protocol. And so if I press and hold this user button right here, we've modified it to show the client ID, which is the LWMDAM client ID along with some other sensor data. So that's the XYZ accelerometer. If I move this around, you can see the live sensor data. There's a proximity reading, ambient light reading as well. So let's do something a little different here. So if I press and hold again, I'll go back. So we can see the client ID was 07EC692. So if we go into this, what you're seeing here is LWMDAM objects. And what's really nice about this is they're well-defined by the specification. So you've got things like model number, manufacturer serial number, all that standard stuff. You'll see here, you have a firmware update object. That's what we'll be using to update the firmware to open thread. But you also have temperature, light control, and an addressable text display. So if you look here, what you can see is that something is observing the temp of my batch. So this is an external service running in the cloud, actually consuming this temperature data. And if we want to update the display, so we'll say, Charbox is the best. Because he is, right? Now watch the batch here. It's going to update for just a second. Ready? Charbox is the best. We all knew it. So it's UDP based. It's really fast. And it's nice because if you have multiple displays, you implement the same object. And the API to anybody developing an application is exactly the same. So let's see if we're done building yet. Okay, we're still building open threads. I can show you a few more things. So if we go back, let's look at the light control as well. So there's a green LED right here. And if we go here, and we say, actually let's do this first. So you can read a state. So let's read the state first. Ah, it's false. That brings the lights off, right? So if we go to true, update, you can see the LEDs come on. So showing that you can take a Zephyr device that's essentially connected to the Internet on the cloud service and be able to control the device and read sensor data off there. So let's see if the open thread build is done. Yep, it is done. Great. Okay, so let's take this update command here. So I wrote a little wrapper script. I'll just kind of run you through how this works. So if we go back to the firmware object, there's a couple of things that you need to do. So you need to write a package URI, which is the URL to the firmware. This can be HTTP-based or co-app-based. Then once you write the firmware, the device will start downloading. Once it's finished downloading, it's going to then ask you, tell me when to update. And so the way our updates work on Zephyr is there's an AB partition. So whichever partition is currently not being used, it's going to download and write this new firmware into that piece of flash. At which point, once you call to execute the update, it's going to reboot. An MCU boot is going to check that slot that you just downloaded the firmware into. It's going to check the cryptographic signature on the firmware. And if it matches the keys that it's supposed to have, then it's going to boot that firmware. If it doesn't boot, it rolls back to the old firmware and will report an error code. So that's kind of how the process is going to go. So let's go ahead and do that right now. So what I'll do is I'm going to bring up my terminal. So over here, again, you've got the console, and I'm going to dump this command in here to run the update. So it's going to spin up an HTTP server here, serve the firmware from my laptop back to the internet, and back down. So what you can see here is it's actually starting to write the new flash. So we're initiating the update. This will take about two or three minutes, so we can kind of show some other stuff at the same time. Maybe you want to... Just to get an overview, so Foundry's IO is about updating the firmware and support for that, or is it about the connections between IoT devices? So it's all of that. And really, I think the big takeaway here is security's an arm race, right? No one has a silver bullet. What I believe, and I think a lot of the industry believes is the latest software is the most secure software and the best software we know how to make. Really, our mission is to enable people to start with platforms that are updatable by nature, and it's all built in. What we see a lot of times is in the product development cycle, security and updates are the last thing to happen in a product lifecycle. And so when schedules get pulled in or they shift, those kind of things get overlooked, and it's really bad for the industry. So what we're trying to provide is platforms for Linux and an RTOS, which is being Zephyr, that you can base your product on that already have this built in. So you're starting from something. And then we help you keep it up to date, right? So it's going to stay updated forever? Yeah. Is it the first time that something comes out is going to be forever updated if people stay part of the... Yeah, exactly. That's the whole idea. So on a product that you have to maintain for 20 years, that's a lot of maintenance. That's a lot of engineering effort. People never do that. They never do it, right? And it's really annoying to people in the industry because you'd like to see that new software. All of IoT in the world is outdated. Yeah. And it's a problem. It's a security standpoint and really just software development standpoint. And you've got to realize that companies can't pay for that kind of maintenance over 20 years. It's hard to. So what we're trying to offer is really a solution that allows that to be easy for them. So not to say that they have to update all the time, but they have a mechanism that they can if they need to. So with Spectre Meltdown, it's become apparent that this hardware level exploits need to be patched. And how do you do that if you're not running the latest software? There's a lot of work to update things, right? Absolutely. So are you going to be able to have the whole, what's it called, the staff or army of staff or what's it called to do everything? Well, so, okay. So there's a couple things that we can do that doesn't require so much people to do these updates. So get your software upstream, right? If you're using the Linux kernel and you've got out of the tree stuff, get it upstream. It's going to be maintained up there by the maintainers. It'll essentially not bit rot. Then the other thing you can do is have good software development practices, having a good CI and CD system to allow you to test these updates. So really what we're going to kind of push people towards is saying, we have this single source code base, right? And if you base your product off of that, you have common ancestry with our base. Therefore, we can update the pieces that you haven't changed and we can suggest patches for the pieces that you have changed. And so that alleviates some of the need for that extra engineering resources that you just mentioned. And you do it for the whole world of Zephyr and Linux. So yeah, I can kind of show you the Linux platform while this is updating. So what we have here is a Raspberry Pi 3. It's got the 7-inch touch screen from the Raspberry Pi Foundation. And on the back here, you can see, we've got a little dongle and Ethernet. That dongle is an Nordic 52840 running open thread firmware. Also, this has a Wi-Fi and Bluetooth chip on board. And so the Bluetooth chip is actually connecting that badge to the internet. And then this open thread dongle, once we update it, will connect that badge to the internet again. So what's special about this? So we have secure boot. We have fit images that are signed. So all the device tree bits and kernel image and RAM disk are signed as one big binary. That way, as we update them, all of that can be put into one single binary. We only have to sign one thing. Really handy. So we have a secure boot. We have a Linux kernel that we track the latest release version of the Linux kernel. So I believe this is running 4.18 right now at the time. And it's a really minimal user space. So a lot of it is read-only because of security practices. The more things that have access to write to the file system, there's more potential for risk. So we really try to lock that down. And there's a small space for users to be able to persist and to have things. And so we really try to say you should use containerization for your application. So we basically run a microservice on this Raspberry Pi. I think there's eight containers running. One container is for joining Bluetooth devices. Another container is a web app that actually is this web app that you see here. The other container is an X container that can actually have a Chromium browser in lockdown mode. And then you've got a whole bunch of other services for OpenThread. And they're all contained. Now why is that important? Because I can update the base operating system. So the user space, the kernel, and bootloader independently of the applications running. Or I can update the applications independent of the kernel, user space, and bootloader. So every piece of firmware that you see here can be updated. And it can be all at once. It could be just one piece of that. It's up to the user to define that. So there's a lot of IoT stuff, like this, this, this, all IoT, right? Yep. And which part of that does Foundry's IO provide updates for? Yeah, so. There's a lot of different things. Yeah, there's a lot of different things. It's not the same updates. No, it's not. And so this light is running the same software as this candy machine. And this light is running the same software as this candy machine. So even though they're in different form factors, the chip inside of it is the same in its running zephyr. And we can control it via LWM to M object. So really all that is different is the configuration. How can they run the same software? Yeah, because we're using standards, we're using open source, and everything is built on modularity. So as much code reuse as possible. So our base application that does LWM to M can be configured to be a candy dispenser. And so what we call this is a digital input timer object in LWM to M. So I can throw GPIO high for a certain amount of time, and it'll dispense candy. That could be reused as something else, like this water pump here, or this faucet. It's the same idea. A digital timer object on this will function the same way as a candy machine. Now these lights that we have here, these things are a light control object. It's essentially throwing a GPIO high, or it's using SPI to write to LEDs. So it's the same base application, but configured differently. And that's how we can reuse the same hot software. Is it easy to do that, where there's the same base for everything? Yeah. I mean, is it a reboot of the IoT world, or is it just continuing where it's left? I think it's just being aware of the software architecture that you're building and taking the experience that you've learned in open source and how to maintain software in the same way, and applying that to IoT. I think there's such a gold rush of IoT that's happening that people want to be first to market and totally understandable. But at the same time, when you're first to market, you may have made some trade-offs on your software architecture that can't be fixed easily. And so we want to make sure people can start with a good architecture from the beginning, and we believe that this is kind of what we built here. And I imagine that the industry is getting very excited by this proposition, right? You're getting a lot of traction. Oh, yeah. You know, we had some early traction with some early customers. I think it's hard because the industry, the way it is right now, doesn't update continuously. And I think everybody knows they need to. It's just how do they get there. So it's going to take us more time. I mean, this is a culture shift. I'm under no impression that this is an easy thing for companies to do, but I think all the companies would agree this is what's needed to secure IoT. And how does it work? Good business model then. Yeah, so we sell subscriptions, right? So our platforms, Linux Micro Platform, the Zephyr Micro Platform, if you go to github.com slash foundries.io, all of it's out there. We have our releases and our release notes out there. You can just pick it up and use it. So what you get for the subscription right now is access to continuous updates. We have CI, CD features in there. We have device management. Now we don't want to do device management. We have a reference so that you can set up a Raspberry Pi, install our image, and then take continuous updates through our device management platform. The good news is, if you look at our documentation and you want to deploy that OTA server yourself, you can do that as well. So everything that we offer is open source and is documented. We just try to provide this as a service for convenience and obviously offering enterprise support. So if a customer comes to us with a unique use case that they need to help building, you know, that's what we're there for. So there's a lot of customization too. It's not just... Yeah, I mean, and not so much service work but helping you understand what your needs are and what you're trying to accomplish and what's the best software architecture for you to do long term, right? And what's great about that is that we can take that feedback from customers of what they want and we can build that into our product so that we get this network effect to that. The more people that use our micro-platforms, the more use cases are supported, the better the testing is. Yeah, that's... So micro-platform means as an image. It's a small minimal runtime that has security built in. Well, it's secureable, right? Security built in is kind of a misnomer. The fact that we provide methods of securing communication end-to-end between the microcontroller and the gateway and then from the gateway to the cloud and then even doing secure boot. So making sure that the kernel image that you put on the Linux micro-platform came from us or came from yourself and you're able to sign these things. It's just good security practices that are built in the micro-platforms. So it's everything that you need, nothing that you don't. And it's a reference on how to make a secure IoT device. Can you talk a little bit about the latest... I mean, I did another video about the Zephyr, but there's a lot of things happening, right? Oh, yeah. Well, so Zephyr is moving at the speed of light. I think there's over 300 boards supported. There's over 400 contributors. And so it's just kind of ramping right now. And it's great to see that because I think Zephyr, if you come from the Linux side of things, it uses things like Device Tree, Kconfig, the driver model is very similar to Linux. So there's an easy transition if you've never worked on an RTOS before, but you've worked on Linux to apply your skills to Zephyr. And here, I think maybe the theme a little bit for this show is there's a lot of AI coming to the embedded. So is that part of what you do? Yeah, so absolutely, because what's interesting about AI accelerators and all this hardware is it's a custom piece, right? And so how do you have something custom, but it's also on a common platform. And so those are the type of problems we like to solve looking at what your differentiation is in the hardware and how we can build a common platform to allow you to innovate on that and have your IP, but also do it in a sane software way with good APIs, using standards, using open-source software. Things need to be built because they don't exist. We don't just build them and then kind of hold them away. We try to work upstream and get those APIs accepted so that other people can build on that foundational software. The new ideas are just an app that run on top, kind of. You know, I hate to say that it's an app, but it's so powerful now. And the great thing, like so are containers that run on the Linux micro platform. What we've embraced is security scanning, so scanning them for vulnerabilities and making sure we fix them, but also tuning the runtime. So you can take an app and you can really look at what does it actually need to run. And we can make a runtime in a container that is precisely that and nothing more. And so it's nice because then there's not a whole bunch of dependencies that are bound to your base platform so that they're a little bit more free to move and it's a little bit easier to upgrade in that sense. So Hassan, do you think that potentially this could be the whole industry like this? I think the whole industry knows that they have to do this. It has to happen fast? Yes, absolutely. I think it's... What we can help the industry with is time to market. You can absolutely develop this yourself. You can maintain a team of 25 engineers for 20 years and build this out yourself. In some companies, maybe that makes a lot of sense, but I'm betting that most of the companies don't want to make that investment because they're onto the next product. So what we're offering is a subscription that is on a per product basis, not a per unit charge, so that it's a scalable business model in the sense that you pay a one-time fee per year and you get the support all year. And then if you decide not to end the life of your product or you want to continue to maintaining it, then you just decide to renew your subscription with us. So it's a low-cost, low-effort way of securing IoT devices.