Blog articles, webinars, and podcasts you need to gain a deeper understanding of how to keep your devices secure during their lifecycle.
This article provides an in depth and technical look at Torizon OS provided by Toradex: its architecture, strengths, and the limitations commonly reported by engineering teams. It then introduces Welma, a Yocto based, hardware agnostic alternative that delivers strong ownership, independence, and quality assurance for device manufacturers seeking a production ready Linux platform.
This article is based on a conference given by our technical team at Embedded World.
We dive deep into a topic that every embedded Linux team eventually grapples with: how to upgrade your Linux kernel in Yocto, what constraints shape your roadmap, and how vendor support (or the lack of it) impacts your long-term strategy.
As the European Union prepares to enforce the Cyber Resilience Act (CRA), one topic dominates technical discussions: how the Cyber Resilience Act impacts open-source software. For manufacturers relying on open-source components such as Linux, Yocto, or community-maintained libraries, the regulation introduces new obligations around security, documentation, and vulnerability management.
This article is based on insights shared by Pierre Gal (The Embedded Kit) and Michael Röder (Avnet Silica) in the latest feature of We Talk IoT.
Establishing a verified boot chain on Raspberry Pi 4 is a fundamental requirement for securing the platform against unauthorized code execution and tampering. In this article, Simon, software engineer at The Embedded Kit, details the full procedure for enabling secure boot on Raspberry Pi systems, including hardware prerequisites, build time configuration steps, cryptographic signing operations, and the verification stages involved in establishing a trusted boot sequence.
Our customer came to us with a challenge that many railway manufacturers face today: keeping a 20 year lifecycle product secure in a world where vulnerabilities appear daily and regulations evolve faster than hardware cycles.
Here’s how we helped them turn a growing maintenance risk into a predictable, scalable process.
Embedded Linux is everywhere, but keeping it secure and robust over time is getting painful fast.
This new practitioner‑led report cuts through the chaos and shows you exactly what’s coming next.
With the upcoming European regulation known as the Cyber Resilience Act, or CRA, manufacturers of connected devices must prepare for a series of technical and organizational requirements.
The harmonized standards meant to guide compliance won’t be published until mid-2026, with a final version expected by October 2026. Yet, compliance will be required as early as the end of 2027...
One approach already allows manufacturers to anticipate these requirements effectively: software composition analysis security.
This article is based on a real-world use case: one of our clients in the railway sector needed to strengthen the security of their Zephyr RTOS platforms. Integrating this requirement into our CVE scanning tool revealed several challenges, some of which you may have encountered yourself. In this article, we share the key obstacles we faced and the solutions we developed to overcome them.
Building a solid vulnerability management strategy requires more than just tools. It’s about aligning your process, your team, and your technology. Here’s how to structure your plan effectively.