What Is Embedded Linux?
Embedded Linux is built on the same Linux kernel, available from kernel.org, as all Linux systems. But embedded systems have tight constraints that enterprise systems simply don’t have, ranging from higher reliability and security requirements to tighter resource availability and the need for engineering support that often lasts 10 years or more. Furthermore, embedded devices usually need to communicate with each other and with cloud resources.
Linux for embedded systems, then, requires additional packages beyond the original kernel. Which specific packages are required for your distribution depends on what you are going to build, and the best solution will differ for different use cases. Ultimately, each embedded Linux system is unique, purpose built for the intelligent edge.
Embedded Linux is an open source operating system that is purpose built for the intelligent edge.
Open Source Foundational Principles
Linux developers must follow these three foundational principles for all open source software and tools:
Collaborate: Share code, review others’ code, contribute to fixes and patches, write documentation, and participate in discussion boards and mailing lists.
Innovate: Adapt and adopt new technologies.
Comply: Review regulatory standards and licenses, including license compliance and license contamination.
Embedded Linux offers developers several advantages over other OSes
Embedded Linux Advantages
Embedded Linux offers developers several advantages over other operating systems:
- Cross-compilation for any supported platform
- Community reflection of Common Vulnerabilities and Exposures (CVE) fixes in updated releases
- Deployment to commonly used Linux infrastructure and tools
- Modern, cloud-native environment
- Broad hardware support
- Product lifecycle through community LTS
Hardware Needs for Embedded Systems
Embedded devices are restricted by environments that generally dictate low power consumption, reduced processing power, memory limitation, and peripheral availability by design. There are a multitude of hardware architectures, including x86, Arm, PPC, and RISC-V, each having their own advantages and limitations (such as low power consumption and limited software support).
Embedded Linux Architecture
At the most basic level, an embedded Linux system is one that uses Linux as the operating system that sits between the hardware and the application of an embedded device. There are five key components to an embedded Linux system:
- Hardware processor
- Hardware abstraction layer (HAL)
- Linux operating system
- Service layer
- Application layer
Components of an Embedded Linux System
Embedded Linux Development
A board support package (BSP) is a layer of software containing hardware-specific drivers and other routines that allow Linux to function in a particular hardware environment. It should be customized not just to the correct architecture/OS combination but down to the exact system-on-chip (SoC) and board configuration. To optimize an embedded environment, the BSP should also include a customized version of Linux (or another OS). Your BSP vendor can provide customized test suites, developer assistance from experts, and other professional services.
An aggregation of subsystems cooperates so that the system can deliver overarching functionality and ensure that the subsystems function together as a system. System integration involves coordinating existing, often disparate, embedded systems so that the specialized use case can be addressed.
Types of Linux Distros for Embedded Systems
There are a bewildering variety of flavors of Linux distributions — some built for enterprise use, some specifically for embedded; some from the open source community, some supported commercially; some that are provided as part of a package with hardware, some that are developed in-house — and all these categories can overlap.
Embedded Linux Distro Examples
|Embedded Linux||Enterprise Linux|
|Hardware Vendor Linux||Community Embedded||Commercial Embedded||Commercial Enterprise||Community Enterprise||Roll-Your-Own|
Linux Communities (e.g., kernel.org)
“Roll-your-own” or RYO Linux refers to a Linux distribution that is developed and customized in-house using free and open source components. Three of the most important and popular open source components used to build RYO Linux distros are the Yocto Project, Buildroot, and Raspberry Pi.
The Yocto Project was created to standardize the platform for embedded Linux, thereby enabling interoperability and extensibility for an ecosystem of hardware and software vendors working with a common set of standards and tools.
Buildroot is a simple tool that generates embedded Linux systems through cross-compilation. (For example, you can use an existing cross-compilation toolchain and build only your root file system with Buildroot.)
Raspberry Pi is a free operating system based on Debian and optimized for Raspberry Pi hardware. Raspberry Pi Imager provides a quick and easy way to install Raspberry Pi OS and other operating systems to a microSD card, ready to use with your Raspberry Pi.
The general-purpose server and desktop Linux distributions from Red Hat, Ubuntu, and others are intended for well-resourced, multipurpose, and often multiuser solutions and are typically configured to support a wide range of devices. Supported customizations are usually limited to package installation and configuration files. The results are a solid user experience, reliability suitable for general-purpose use, and an inexpensive support model for three to five years. However, off-the-shelf enterprise Linux is usually a poor choice for embedded systems: It is resource intensive, has a large attack surface, and offers short maintenance windows .
Enterprise Linux vs. Embedded Linux
|Enterprise Linux||Embedded Linux|
Commercially Supported Embedded Linux
Commercially supported embedded Linux boasts advantages that are similar to those of enterprise Linux. With specific use cases in mind, most commercially supported embedded Linux vendors create a compact core that supports low-resource or resource-constrained environments, greater security requirements, high performance and reliability needs, and a build system that requires only local support for extensions. The approach is not a one-size-fits-all distribution. Commercially supported Linux offers strong support and maintenance over the product lifecycle, leading to desirable savings. However, this solution also offers the ability to customize the platform, speed development, and get to market faster.
Community vs. Commercial Linux
Community and commercial Linux distributions are mutually inclusive. Every major commercial distribution has a free open source variant from the community based on and used for upstreaming content. Technology investment (such as that from the Linux Foundation) or commercial investment backs the various communities that produce these variants.
|Community Linux||Commercial Linux|
How to Choose the Right Linux Distro
There is no one distro to rule them all, but Linux is extremely versatile and brings power to the use cases it is deployed for. Server and cloud infrastructure platforms, together with workstations, rely on general-purpose distributions, whereas embedded devices and systems are specialized and purpose built. It is difficult to find a distribution for embedded solutions, so you may need to rely on a distribution builder to tailor your solution. Below are challenges and capabilities to consider when choosing a Linux distro and building a solution.
Business Challenges to Address
- Maintenance, including CVE monitoring and fixes
- Support, including resolution of build and other technical issues
- Repeatable build process
- License compliance and bill of materials
- Documentation and community mailing list
- SDKs provided by silicon vendors
- Ability to create your own purpose-built embedded Linux OS
- Flexibility to use a binary or source-based Linux release
- Open source OS innovation with no vendor lock-in
- Available and free to use with proper license compliance
- Full source code included
Solution Development Speed
- Access to a customized, purpose-built Linux for embedded applications
- Sustained innovation with periodic releases and a long-term stable option
- Wide range of BSPs available through hardware vendor SDKs
- Support for standard and preempt_rt real-time Linux kernels
Build vs. Buy
Although it may seem counterintuitive, over the lifecycle of the product, proven commercial embedded Linux with support and maintenance tends to be much less expensive than maintaining a roll-your-own Linux solution in-house. It is difficult to predict the cost of creating and maintaining a large, complicated RYO Linux system, and it is expensive to support, patch, and manage security vulnerabilities in an ongoing fashion. The bottom line is that the cost will be considerable and that it is easy to underestimate it, especially if your organization is new to embedded development, deployment, and servicing.
Total Cost of Ownership (TCO)
“Roll-your-own” Linux distributions offer the up-front appeal of control and perceived price efficiency. However, unexpected consequences can include the following:
- As products mature in the field and new generations of products are released, the effort required to manage and maintain open source increases significantly.
- More staff are needed to sustain multiple versions and check for security vulnerabilities and exposures in each release.
- Companies that do not prioritize maintenance and modifications can end up with custom “forked” versions that require years of maintenance.
- Many organizations are unaware of the compliance obligations for shipping solutions based on Linux.
RYO Linux is inexpensive in the beginning, but costs rise steeply over time.
KEY COMMERCIAL BENEFITS
- Time-to-market: Start with code that was pre-validated for your commercial use case, instead of building from scratch.
- BSP development: Ensure that hardware peripherals are well supported and optimized for your deployment.
- Hardware optimization: Architect your solution based on commercial off-the-shelf (COTS) or custom hardware, considering resource constraints such as disk space or boot time.
- Streamline development: Accelerate feature development and design with professional services.
- Long-term savings: Evaluate the total cost over the entire lifecycle of the deployed device and choose a commercial vendor who leverages economy of scale to provide cost-effective support and maintenance.
- Compliance and export artifacts: Rely on pre-generated artifacts to comply with regulatory requirements for your deployment worldwide.
- Continuous delivery/continuous integration (CI/CD): Stay current with the latest innovations by continuously improving your device through updates and fixes, ensuring long-term operational capability.
- Premium support SLAs: Rely on industry experts, available to address your issues 24/7, with strict terms for delivering fixes and support.
- Linux security: Make sure you build the highest level of security for your device according to your deployment use case, making security part of your development, deployment, and operational processes.
- Development tools: Leverage tools that streamline your processes and help your engineering team achieve goals on time and on budget.
- Community leadership: Count on the expertise of community leaders who can influence the direction of open source projects from strategic and technical perspectives.
How Can Wind River Help?
Wind River Linux
Wind River® provides the industry’s most advanced embedded Linux development platform, with a comprehensive suite of products, tools, and lifecycle services to help our customers build and support intelligent edge devices in segments such as aerospace and defense, industrial, medical, automotive, and more.
Linux-based edge devices and systems offer less risk and development effort compared to RYO in-house efforts. Wind River provides an offering to keep your code base up-to-date, track and fix defects, apply security patches, and customize your runtime to adhere to strict market specifications and certifications. Additionally, Wind River can facilitate your IP and export compliance and significantly reduce your costs.
For 40 years, Wind River has been the global leader in the embedded software industry, with decades of expertise, more than 15 years as an active contributor and committed champion of open source, and a proven track record of helping customers build and deploy use case–optimized devices and systems.
Wind River Linux runs on hundreds of millions of deployed devices worldwide, and the Wind River Linux suite of products and services offers a high degree of confidence and flexibility for prototyping, developing, and moving to real deployment.>> Learn more
Wind River Studio Linux Services
Wind River offers a comprehensive suite of support and integration services to enhance the speed and quality of a market-differentiated Linux solution for deployment — regardless of which Linux you chose. Whether you sourced your Linux from the Yocto Project, from a board vendor, or from another commercial vendor, Wind River has deep expertise in Linux with more than 20 years of embedded, real-time, and Linux expertise across all markets.
Studio Linux Services include:
- Platform architectural assessments, software design, and implementation
- Security vulnerabilities alerts, analysis, and mitigation
- Long-term Linux platform security and defect maintenance and support
- Performance and reliability requirements
- The latest industry-specific features and standards that can be quickly customized to further accelerate development
- IP compliance audits and remediation recommendations
With Wind River, organizations can engage in any way they wish, with access to guidance and assistance available at every step in the product development lifecycle.>> Learn more
Wind River addresses security on many levels:
- CVE monitoring, assessment notification, and remediation
- Inclusion of many common security packages in our distribution
- Regular updates that include security fixes
- OS hardening and cybersecurity capabilities, including Linux kernel hardening and allowlisting
*As of the end of Q3 2021, Wind River CVE Database