 Thank you for coming and wanting to learn about Zephyr and I'm nice to see a few familiar faces in the audience. What I'm going to be talking about today is some of the changes that have been emerging with Zephyr. For those who are not familiar with it, Zephyr is an open source R-TOS and we've been working on this project. It got launched in 2016 and what we're doing right now is we're starting to finally hit some products emerge in the market. It's an open source project, everything is available to everyone but it's getting a very exciting time for the project right now. My name is Kate Stewart and I'm the director at the Linux Foundation and Zephyr is one of the projects I have. If you have any questions as we go through it please stop me and interrupt and I'm happy to take questions too as we go. Yesterday I was thrilled to see we actually had an announcement coming out from Nordic who's one of Zephyr's Platinum members and this is the ELDA system which is basically controlling a mesh of lighting on the wall and it's coming from a Beijing company. Oh bring my microphone closer, sorry guys. It's coming from a Beijing company and it is now out on the market and it is based on Zephyr. So this type of change is finally hard in the embedded space. It's very hard to understand what software is running in at the lower levels and so one of the things that's a challenge for this project is to tell people, yeah actually there's products out there that are running Zephyr and what was really nice with this one is that the CTO made it visible in this blog post that it is using Zephyr. Now Nordic basically has basically wrapped a Zephyr image in with their reference kit and people are using it to build products and so there are reference kits out there from other manufacturers like Intel and Arc and they have Zephyr available for these platforms as well. So you're seeing more and more of these kits starting to come out and then products start to emerge afterwards. The challenge for the Zephyr project because everything's open source it's all free to download is to figure out who's actually using it in an end product. So it becomes a bit of a detective game, figuring out which products are out there and who actually is going to market with Zephyr. The first product we heard about initially at the start was by Grush Gaming 2 Fresh when we sort of launched that was sort of seeded in but since then there are smart glasses where there's a Zephyr in the frame and this is for long distance drivers and it's from a startup in France and the idea is if people are dozing and their heads are jerking it signals the signal and for safety. McDonough's got a Bluetooth gateway so it's being used for communicating Bluetooth there. There's a smart watch for kids for geo tracking your kids and the same company actually just came out with a core box so that little green box over there on the green is also from the same company but they're using it on garbage trucks and so why would you stick an IoT device on a garbage truck? Well you do it because it's got GPS and tilting and the you know the sensors for understanding whether the garbage truck is dumping or not and they put these two things together and there's a six month battery life on this and so they can weld it onto the side of the truck and they can tell whether or not people are dumping garbage in places they shouldn't. They should only dump it in the landfill after they pay the fees but people will go outside of that space and you know save the fees and dump it and make a problem in the environment so by having these types of very lightweight tracking devices you know there's some interesting applications that are actually good for everyone coming out. Another interesting one that's come out is the anti-care reindeer tracker and so it's little earrings for the reindeers up in Norway for tracking the herds and making sure the herds are there. On the flight over here I was looking at there's a documentary about the pandas in Chengdu and taking them back out to the wild and they were these big radio collars. It kind of struck me that maybe they could have something a lot lighter weight to track these pandas out in the wild as they rehabilitate into the wild systems so these types of applications in Zephyr and MBIOT and so forth are starting to be there and the other one that's up on the top is the Point Home Alarm. It's a very very small little alarm it's not kind of camera but it does have sound detection and a variety of other things you put it in your house to see if there's anything that's abnormal like sun breaking glass or noises there there and so that's another product that's emerged. Probably the one that's been most visible is the Pro Glove and this is basically a hand-mounted glove that sits and there's a little thing and you just touch so rather than holding a big device to look at your barcodes and get confirmation on your barcodes it's integrated into your device and your into the glove and this has actually gone through a second revision. The Reb2 are the of the Pro Glove came out earlier this year but it's been running Zephyr right from the very start and they're kind of interesting in the sense that when I first met them at Embedded World I was asking you know well why don't you upstream your code and they're great oh we're a startup we can't we can't we can't too much work can't upstream and then someone else started to upstream an LED driver that was different than theirs and then all of a sudden they realized hmm if we get the stuff upstream first we have less maintenance down the road which is part of the beauty of open source as we've learned from Linux and other open source projects is if you're up there and you've got a good thing exclusion there people can then build on it but you also have less maintenance yourself so having a good starting point is what we're starting to see so our box is an SSD drive that offloads pictures and it was a big starter campaign made about 10 times amount of money so as you can see Zephyr is hitting products and some of them are winning awards the interminium shoes for noisy factory floor environments they actually have four processes in them and they've got a very interesting way they've architected it and I'd encourage you to read the case study that we've got up on our website but you know the very forward thinkers are seeing Zephyr as useful and they like the code base and one of our platinum members is OdeCon and OdeCon will be talking in August about how they're using it in the next generation of hearing aids so now is it coming into a start but it's also starting to see from major companies their ability and their you know the key product lines around it so it's starting to get there now this is from Google analytics it looks over the last year and what we are seeing is we are seeing a lot of interest in Zephyr in China and India as well as European countries okay and you're starting to see these products emerge now from China as well as these other sites and so this is just people going looking at our website well they're looking at the website because there's something that's there that they care about and then the next step after going to the website is to go on to GitHub and look at the source code now the source code one of the things you can see if you're a member of the project is you can sort of see the traffic stats normally you just can if you just went to GitHub today you wouldn't be able to see this unless you're a member with commit access but if you can look at it you can sort of see that we actually have over a two-week period which is the window it shows you there's been 12,000 almost 12,000 clones of the repo and there's been almost 1,900 unique people taking clones of the code now if people are doing that sort of thing they're doing it because they're making products or doing something with it our challenge is to figure out where those products are in the marketplace and then you know how many people are going there and how many unique visitors do we have and so forth you know there's what what's the number there sorry you know 800,000 that's a lot of people looking at the code when that's just in two weeks period so that's kind of encouraging so just a quick show of hands right now how many here in the room have seen Zephyr before or gone to the website hands up if you've seen it if you've been on the website and I know there's a few here in the front row who have seen it so okay so just to give you some context about Zephyr it's open source and it's a real-time operating system and we actually have a very vibrant community for an embedded operating system we have probably one of the most vibrant and most fast-growing operating communities out there there's multiple architectures with tool support around them and it is actually a very vendor-neutral governance no one company dominates it and so and people can come and participate in it without being members too it is very open to people to submit things into the code repos and contribute technically we're using a permissive license on that that was a decision that the project made when it started and it's very modular so you only compile what you need Zephyr is designed for things where Linux won't fit and things that need long battery life and low resource consumption okay so you're talking something like 8k to 512k space for your stack depending what you want to compile in and you only compile in what you need and this is what makes you that get very small but we are we released our LTS in April which is LTS stands for long-term support so those are familiar with Linux understand the concept of a long-term support release and we've taken that lesson from Linux because if you're always keeping up with development it's changing very fast but if you but it's hard to sort of match up with the product cycle then whereas Linux has found that if you put out an LTS you can link up your products with it and then keep just the security updates happening so most of your android phones or other phones that are you running Linux underneath are based on an LTS with updates that's the sort of concept we're going after here too and one of the things we're going to be working on very hard over the next few years is actually getting it ready for safety audits because as you can see from a lot of these little applications in those products I was showing you we're really heading towards working with people as well as working with sensors and we want to make sure we can use them in a safe way when people start really depending on them so Zephyr currently supports these six architecture families more architecture families are welcome if you are using a different type of core processor and you'd like to get it up into Zephyr start a discussion with the TSC and sort of say what you propose to do and there's doubly pretty rich receptive it is not blocked to any architecture and we can certainly move it forward there's also 32 most of these are all 32 bits but we're seeing some of the 64 bit hardware parts come in there in particular we've seen a 64 bit port show up from Intel and we're seeing one going in right now from RISC 5 okay the other thing that we had a question for and a request for for about the last couple years was actually being native POSIX and with the LTS we finally have a native POSIX port which lets us basically work with hypervisors and so forth and gives more flexibility for our test infrastructure as well now when I went and checked this morning I had to update this slide there was four more board ports than I from the last time I looked so we're up to 170 boards in the repo right now and so there's a lot of good starting points out there they're all at various levels but there's some that we've you know people work on pretty hard and using for products so there's a really good selection out there and they're all well documented because they can't put their boards into the repo until they put the documentation in with the port so hopefully that's useful to people and in fact we actually have some manufacturers like Phytek and Electronuts are actually shipping their boards today with Zephyr images on them by default now I don't know how many people can see this but this is one of the real boards so if you want to come see a little bit more detail on it afterwards it's fine happy to show it to you but if there was someone else here in the room that was had one of them it runs a Bluetooth mesh and it has a variety of sensors on it and Phytek actually built these and donated them to some of these to the project they donated them for a hackathon we had last October in Edinburgh and we had a first session with them and then we they gave us some to hand out an embedded role and so at embedded role we were handing some of them out to the developers who came by and asked for one but they have a lot of interesting sensors on them and some interesting dynamics to play with so I'd encourage you to sort of check them out and the Electronuts the PAPR board is also running Zephyr now the architecture stack for Zephyr is very rich right now and it's getting richer some more things being added day by day we actually have a pretty good networking stack in there that's stabilized and we have probably one of the best Bluetooth low energies and mesh stories out there in fact a lot of people who have worked experience with Zephyr in the past may be in one of Kyren's talks that's happening unfortunately in parallel with this otherwise I would have liked to listen to that one too about using Bluetooth with this device so we've got and the Bluetooth SIG has been putting out reference guides and using Zephyr as a prototyping vehicle so we're staying fairly current and we're when the new versions of the spec come out we're usually there right with Zephyr right from the start which has been great for the project that they're using it to prototype things out and because the code base is very clean and very simple you know it's it's well structured and very clean it's easy to work with but we do have a low energy 4.2 and 5.0 and we do have a mesh the Bluetooth mesh and we've got very good reference versions of that which is why that first product you saw is running a mesh and we have a pretty optimized networking stack available to this project now too now the community when we started the code base usually had come from Wind River and Intel and we have nicely diversified with our LTS to a variety of participants working so about a third of the contributions of the 114 release came from Intel but then probably another third came from our members another third literally came from the community we don't even know who they are you know we've got their names they get up IDs but that's about it or people have just found this a useful code base to work with and are using for their products so we actually this is really truly turning into a real good community project which is part of the reason Linux types of things succeeded is it was community it was wider than just one or two companies people see it useful enough for themselves that they can see how they can contribute so they're motivated and from the growth perspective a funny thing happened on the way to contributors or authors last week when I checked there was 500 and then this morning when I checked there was 499 so somehow one person some ID merged or something happened but I'm sitting there waiting eagerly to look at the GitHub for the next contribution next new contributor into GitHub because they will become the 500 then hopefully after that it will stay at 500 but I don't quite know why we went down one but we did over the weekend um there's probably something logical there um and I'm not quite sure how GitHub counts that part of it but this these are the stats on GitHub you can go look at them yourself right now and just see um and from the commit perspective we've over 31 000 so it's you know a fairly it's not Linux but it's about a tenth of the rate of Linux which is pretty healthy for the embedded space now the space we started off with here and the reason we started separate is because we have a very fragmented embedded space and of course it's only gotten worse since then but these are the different um our tosses that are out there and they all have different strengths and properties and I've got another talk about the various weaknesses and strengths of these ones in terms of many dimensions like licensing um and safety and security and so forth but as you can see there's a lot of options there for people so the question is which option to choose this is that number I was just telling you about the 499 that purple line there is effort okay what I've been doing and I'll show you in a minute every month I go out to GitHub and all of these projects with one exception are on GitHub today okay and there's another place I can find the stats for that project um and I just basically look and say okay over the last 30 days you know what are the new contributions how many committers have been there what's been the new contribution rates and I just basically snapshot it and then I've been putting it into a master chart which I'll show you and then what I did um a month ago or so was I literally plotted it out over time I took all my charts and I just you know put the points up and it sort of nicely illustrates what we were suspecting based on the numbers which is realistically Zephyr is breaking out of the um trend lines from a contributor perspective and I think likely before the next month you know probably before the end of the year definitely we should probably see Zephyr probably having the most contributors to open source project in this space and with those contributors comes obviously commits and as you can see here the two that are probably the strongest um in terms of a trend line are Zephyr and Mbed and with the strength of the army ecosystem and those two are pretty much going parallel but they're again on intercept too to give some context that top line there is um Nuttix Nuttix has been around since 2007 it's been attracting contributors since then Zephyr's been around for just over three years so the fact that we're almost up to that level and we're working towards being that level from just commits and contributions coming in is saying we're doing something right here and I was telling you about that spreadsheet I was just capturing every month those are the numbers that I just pulled them yesterday so if you wanted to go look on github you would see the numbers that match this and you can see where I've taken it from the methodology is very clear it's you just basically go to github for that project and go click on insights and then click on traffic and adjust the traffic to be a one month interval rather than a one week interval which is a default and with that you sort of see a picture but what's worth highlighting is you know literally I don't know if the most is showing here or not but just a second here's Zephyr here 645 um over the last month the next closest is Friartos up till recently in the last month they were not having much much traffic going out in their squash in their commits they suddenly realized they shouldn't squash their commits so they're now starting to show up but then after that we've got embed and then it sort of goes down from there but as you can sort of see it's almost double the rate of what's happening with these other projects and from a community perspective and a commitment perspective that's healthy that's showing that people are interested and are interacting because it's suiting their purpose it's letting them put their own deltas onto it there's other information in this chart if anyone wants to talk about legal licensing issues happy to talk to you about it I know way too much about that sort of stuff from other projects that work on it so net is we've pretty much been the number one in the commits to our master for the last year usually by about double roughly double what any other project has the total contributors we've been number two in both number two total contributors and number two in the total commits for again for last year and I'm kind of looking forward to in a little bit we hopefully should be number one in the total contributors so these are little things I'm just keeping an eye on and hoping we'll make things better over time now Zephyr itself is more than just the RTOS there's actually the ecosystem around it and part of the reasons exceeding is because we're building up this ecosystem tool by tool project by project integration by integration we also in addition to just the kernel which is that center part here Zephyr OS there is SDK and development environments around it they just introduced west as a way of building things together and then we actually have projects outside Zephyr we know are working with Zephyr like the cherry script and the micro python so we can have a more complete environment coming into play right now we have these developer tools available and IAR is another compiler suite and they've just finished donating five licenses to Zephyr so we're working on making sure that that tool chain will work with Zephyr in the next little bit so I'm hoping to have that their logo up here soon and once IAR is working with it we've got rid of the GCCisms and so a lot of proprietary compilers should be working with it just fine too so as I've said at the start support hardware is these six architectures and we do have the native POSIX now so these are giving us a pretty good foundation for Zephyr so what's next well we're aiming towards safety and security certifications this has been the vision for the project right from the start as we wanted to build an RTOS that we could go after these things with in 2015 we came up with this diagram and it's still true today what we've been working on up till just this year has been the development phase on that development repo in April we cut our first LTS for long-term support and from there we're going to be taking a subset of it and making that ready for going through audits and making that part of that safety certified so all of these code bases are available to everyone it's open source and we're one of the few projects that's really looking at trying to do this type of thing with it products ready to be certified using that subset of code base all of these are going to be visible and available the development code base right from this you know we have been focusing pretty hard on in the last year on making sure that we have that mandatory quality inspection you know what people expect us there it is effectively the foundation for it and we are running a lot of tooling covarity caution now some of these other scanning tools to try to make sure that we have the quality there and we will continue to be doing that the long-term support was designed to be available for products as I've said it's also going to have a security updates going with it we have a security team and a pre-cert team specifically that is able to handle vulnerabilities and we have handled vulnerabilities on behalf of the project we are looking at the LTS to be compatible with new hardware and to have been more tested but we're not going to be putting a lot of features in it's not going to be the cutting edge development stays active for that so 114 is our LTS and 2.0 has started and that's the development branch that's the development tree now and from the 114 subset we'll be taking the auditable so as we've been working on it security is obviously key for us in this space and so we do have a security committee it meets bi-weekly our secure compoting practices have been publicly documented the slides for this have been posted and the links you can click on and download one of the things we're rather proud of is that Zephyr is a CNA or CVE numbering authority which means that we're actually getting researchers reaching out and telling us about vulnerabilities in advance because we can assign numbers to them and then we can work with them to help mediate it and make things visible on a reasonable schedule so we're one of the few open source projects that actually has taken that step to participate at that level the other thing that we're kind of proud of as a team is there's a best practices badge that is available in terms of best practices for open source projects and Zephyr is one of the first one of the three that made up to gold so there's a lot of if you have a chance to look at those best practices um they're good project they're good practices for projects but the old level has some interesting ones to work through and we got that we finally got gold in February of this year so we're taking it you know everything we can figure out what to do we're trying to do and so we're learning as we go a little bit but um I think we're on a pretty good track and we have co-varity scans running on behalf of the project the same way the links criminal does and we've also worked on incorporating misery scans so that we've got those available for us um again when we first set out the project we started looking at figuring out what sort of standards we wanted to adhere to and obviously this the coding standard quality of the MISRA is pretty much where we landed up and then 61508 is where most of our members agreed they wanted to work the funding um there is some interest in going to the new FIPS FIPS 3 140-3 just came out and so the security team is looking at working towards that as well now as I said the first target for this project is going to be 61508 and it's going to be a subset of the LTS it's not the full LTS it's just a subset um and then we'll be using more rigorous processes there and then we'll be basically documenting our processes and then working between the three committees the technical steering the security and the safety to make sure we have something that's going to be working as a part of the open source project perspective and right now um if you look for what's publicly available and if people know things that I don't have here please come talk to me and tell me about them I'd like to learn um but uh FreeRTOS has had a path to doing a safety certified project and uh obviously when Amazon acquired FreeRTOS they kept the same path um Zephyr has been publicly visible that they're taking the LTS and auditable here which you've seen about um so we have that explicit path uh these other RTOS's I have not seen a story yet visible that's not to say there isn't one I just don't know it so please come tell me and I'll add them on to the other side but I am trying to figure out who else is trying to go after safety certification so our scope is there's a blog post and I've got the link to the blog post that we've put out in January and the parts in orange are likely to be the initial parts we're going to be taking through the safety certification and making getting all the requirements in reverse engineering and documentation ready for Zephyr itself has a variety of use cases they're starting to emerge now not as always it just being used on a very small sensor cores we're seeing it being used in an opening amp as well as on multi-core systems and with support with hypervisors so we're seeing instances of all of these configurations now starting to be used and of course when you start getting complex the safety and security requirements go up too so these are things that are being considered so our roadmap is looking sort of like this right now in the sense that we are going to be realistically making sure we've got up the commercial compiler support the miserable compliance multi-core split layer for Bluetooth and the events power management stuff kicking in this year as we head to 2020 we'll be adding more of the code base the survival code base we've been working we're working towards on that you know alternate view and at my 2020 while we're trying to get some our safeties publicly visible now one of our members is working on an accelerated path and so we'll see what emerges so maybe this roadmap will change in but that's roughly what our plans are right now so if you're interested in learning more about Zephyr there's more orientation information again I've posted the slides in the conference proceedings and you can go and link to them and then click on the links and that's linked to our github project you can check the insights number yourself as well as our mail list and we have a slack channel which is tend to be how the team tends to interact worldwide we do have participants completely coming in from all over the world including um there's a pretty nice big team here in Shanghai I've been told now there's about 10 15 total between the two companies yep and they're having regular meetups now and so I'd encourage you to reach out um to on the WeChat channels and find them and see if you want to join and learn more about Zephyr and with that any questions please please uh I have several questions yeah the first one is about the safety certification the 61508 and I think it's a general certification of a former certification like ISO 26262 was for the Zephyr the certified crisis certificate organization or only one part of the kernel to be certified so what we're doing is the parts that are in orange we will work with to get 61508 now to get a 26262 26262 if you've got 61508 it's a question of generating a few more tables and so you're pretty close other of our members are very interested in medical which is also a derivative of 61508 and so the fact that we have 61508 as a basic we can go into many directions industrial and railway and so forth so there's a variety of other standards that we can pick up from but getting the discipline with 61508 gives us a good starting point and that's why we chose it okay so uh uh actually the ecosystem is not in in this um I mean in this scope like the I mean the mesh protocol no we're not taking and doing all the the IP stacks there's one some people that are interested in it but to get ourselves there we have to build we have to start small make sure we know what we're doing because we're having to bootstrap ourselves no one else has done it before so we're keeping our scope limited making sure we're solid there and then we'll grow out from there oh yeah yeah I got it and so see another question is about the yes this certification want to be applied to the I mean automotive yeah yeah I some of our members are specifically looking at automotive and 26262 yeah so far other members are looking at different yeah so far now it's only applied on the IOT I mean so in future time it will be applied to automotive yeah um so the the key for certification is you have to look at the entire system okay and what we're trying to do is get our little component ready to be put into analysis of the entire system so we won't be you know blanket 262 ready but we will be having enough there that people can go after 262 without a lot of cost okay that's what we're trying for okay thank you and one more question is about the architecture I saw that that that first support the memory protection so is that depends on the architecture like they will have needed to have an MPU unit or a memory unit yeah it's very much architecture specific what specific features are enabled for the memory protection and what's in the hardware to work from and but if it's there the project has to take advantage okay oh well it to support the MMU or oh yeah oh support the MMU there are some supports in some of the parts so um do you want to do when you guys want to comment more about it okay so it now now it supports the thread only but not the processor s Okay, okay, thank you, I got it. Okay, I think there's some good talk for the stations to go on after the session is over, but again. Do we have time for one more question or are we out of time? I'm out of time? Okay, well, I will be hanging around the back. So thank you again for showing up and thank you for your interest. Bye-bye.