Open Source Summit Europe 2025: Full Schedule

25-27, August 2025
Amsterdam, Netherlands
View More Details & Registration
Note: The schedule is subject to change.

The Sched app allows you to build your schedule but is not a substitute for your event registration. You must be registered for Open Source Summit Europe 2025 to participate in the sessions. If you have not registered but would like to join us, please go to the event registration page to purchase a registration.

This schedule is automatically displayed in Central European Summer Time, CEST (UTC +2). To see the schedule in your preferred timezone, please select from the drop-down menu to the right.

IMPORTANT NOTE: Timing of sessions and room locations are subject to change.

arrow_back View All Dates

06:45 CEST

Morning Yoga

Monday August 25, 2025 06:45 - 08:00 CEST

Meeting Room Vanilla - Hotel nHow Amsterdam RAI

Kick off your Open Source Summit Europe experience with intention and energy at our guided yoga session—perfect for all experience levels. Whether you're looking to stretch it out, center your mind, or simply connect with fellow attendees, this peaceful morning flow is the ideal way to start the week.

Participants must be registered for Open Source Summit Europe 2025, and have their event badge. There is no cost to participate. Space is first-come, first-served.

We’ll see you on the mat!

Monday August 25, 2025 06:45 - 08:00 CEST
Meeting Room Vanilla - Hotel nHow Amsterdam RAI Europaboulevard 2b, 1078 RV Amsterdam, Netherlands.

Special Events / Exhibits / Breaks

07:30 CEST

Registration & Badge Pick-Up

Monday August 25, 2025 07:30 - 17:30 CEST

Diamond Lounge

Monday August 25, 2025 07:30 - 17:30 CEST
Diamond Lounge

Special Events / Exhibits / Breaks

07:30 CEST

Coat & Bag Check

Monday August 25, 2025 07:30 - 18:00 CEST

RAI Amsterdam

Monday August 25, 2025 07:30 - 18:00 CEST
RAI Amsterdam Europaplein 24, 1078 GZ Amsterdam, Netherlands

Special Events / Exhibits / Breaks

08:00 CEST

Hacker Space

Monday August 25, 2025 08:00 - 17:10 CEST

RAI Amsterdam

Discover a space, where you can collaborate, create, and explore new ideas with fellow attendees. Whether you’re here to learn or build, our space is open for everyone to enjoy throughout the conference!

Monday August 25, 2025 08:00 - 17:10 CEST
RAI Amsterdam Europaplein 24, 1078 GZ Amsterdam, Netherlands

Special Events / Exhibits / Breaks

08:00 CEST

Zen Zone

Monday August 25, 2025 08:00 - 17:10 CEST

D406 (Elicium Level 4)

All attendees may feel free to use the Zen Zone as needed. It is a physical space where attendees can go if for any reason they can’t interact with other attendees at that time where conversation and interaction are not allowed.

Monday August 25, 2025 08:00 - 17:10 CEST
D406 (Elicium Level 4)

Special Events / Exhibits / Breaks

09:00 CEST

Navigating Security Tradeoffs in Embedded Linux Systems - Olivier Benjamin, Bootlin

Monday August 25, 2025 09:00 - 09:40 CEST

Elicium 2

Embedded systems vary wildly in purpose, characteristics and usage. They are therefore faced with very different adversaries, that engineers and designers must take into account to achieve a secure system or product.
The tradeoff between security and convenience can only be properly arbitrated by evaluating the benefits of each security measure against the cost of its implementation, and the added complexity to the system, which will eventually be surfaced to the user.

In this talk, we will explore the security guarantees of various
security measures popular in embedded Linux systems: Secure Boot, Disk encryption, dm-verity, Secure Enclaves as well as someapplication-level security features from the point of view of what they bring to a system, and what they cost to the implementer or theuser. Ultimately, we will present what type of systems they are a good fit for, and which systems are probably better off not using them.

Speakers

Olivier Benjamin

Embedded Systems Security Engineer, Bootlin

Olivier is a security engineer with 13 years of experience. He joined Bootlin in 2024. Prior to joining Bootlin, he has worked in various

Monday August 25, 2025 09:00 - 09:40 CEST
Elicium 2

Embedded Linux Conference

Audience Experience Level Intermediate

09:00 CEST

Open Source for ESIM Integration - Harald Welte, sysmocom GmbH

Monday August 25, 2025 09:00 - 09:40 CEST

D201

When integrating eSIMs into a Linux based embedded device, one of the questions is how to manage that eSIM. In case of SGP.21 consumer eSIM or the new SGP.31 IoT eSIM, some software component for management and download of eSIM profiles (LPA or IPA) is required. In the past, this was mostly achieved by proprietary software.

More recently, Free and Open Source Software alternatives for this have materialized, like the "lpac" software. This talk covers those projects, what you can do with them and how to integrate them in your cellular-enabled embedded device.

The talk will also compare this approach of eSIM integration with other approaches such as the venerable SGP.02 M2M eSIM or using an eUICC-integrated LPA/IPA (LPAe/IPAe).

Speakers

Harald Welte

Senior Telecommuincations Protocol Nerd, sysmocom GmbH

In his former life, Harald was a Linux Kernel developer, primarily active in the netfilter/iptables subsystem. In 2004, he founded the gpl-violations.org project, which achieved considerable success in early GPL enforcement.

Monday August 25, 2025 09:00 - 09:40 CEST
D201

Embedded Linux Conference

Audience Experience Level Intermediate

09:00 CEST

Why Won't My CPU Sleep? Debugging CPUIdle Mysteries on ARM SoCs - Dhruva Gole, Texas Instruments India Ltd & Kevin Hilman, BayLibre, Inc.

Monday August 25, 2025 09:00 - 09:40 CEST

Elicium 1

Linux power management has relied on CPUIdle to transition CPUs into low-power states for a long time. More recently, suspend-to-idle (s2idle) was added which relies heavily on the CPUidle infrastructure to support system-wide suspend & resume using low-power idle states.

On modern Arm SoCs, deeper idle states can shut down not just the CPU, but also local per-CPU timers, interrupt controllers and peripherals, sometimes leading to unexpected entry-exit failures, scheduling delays, and even system hangs.
Debugging such issues can be complex since common debug methods may not be available in low-power modes and because the kernel, platform-specific firmware and dedicated hardware all interact to enable low-power modes. Therefore, debugging requires a good understanding of the CPUIdle internals, PSCI firmware interactions and wakeup timer behavior.

Through real-world case studies, attendees will learn how to trace idle state transitions, identify CPU wakeup failures, ARM Trusted Firmware's PSCI framework internals and apply effective debugging strategies to ensure correct working of the CPUIdle framework on their ARM Linux systems.

Speakers

Dhruva Gole

Senior Software Engineer, Texas Instruments India Ltd

Dhruva is currently leading Power Management initiatives at Texas Instruments for ARM-based SoCs. With hands-on experience across the software stack—from the Linux Kernel to bootloaders and Trusted Firmware-A—he has played a key role in enabling power management across various... Read More →

Kevin Hilman

co-founder and CTO, BayLibre, Inc.

Kevin is the co-founder and CTO of BayLibre, and embedded software consultancy focused on low-level systems software like Linux, Zephyr, and trusted firmware, as well as GCC and LLVM toolchains. Kevin's primary interest in Linux has been in the various subsystems related Power Management... Read More →

Monday August 25, 2025 09:00 - 09:40 CEST
Elicium 1

Embedded Linux Conference

Audience Experience Level Intermediate

09:00 CEST

Keynote Sessions to be Announced

Monday August 25, 2025 09:00 - 10:50 CEST

Auditorium

Monday August 25, 2025 09:00 - 10:50 CEST
Auditorium

Keynote Sessions

09:55 CEST

Designing a Multi-PMIC Linux Driver: Key Decisions for Effective Mainline Submission - Shree Ramamoorthy, Texas Instruments

Monday August 25, 2025 09:55 - 10:35 CEST

Elicium 2

This session dives into the hardware and software design decisions behind restructuring a PMIC driver to support multiple device families with minimal upstream churn. We'll explore techniques for scalable driver design, lessons learned from managing variations across similar devices, and strategies for maximizing code reuse across subsystems. Real-world examples of accepted and discarded approaches will be shared. The goal is to spark a community discussion around best practices for future multi-device driver development across various hardware families.

Speakers

Savithri Ramamoorthy

Software Engineer , Texas Instruments

Shree Ramamoorthy is a software engineer for the Power Management Integrated Circuit (PMIC) team at Texas Instruments. She focuses on PMIC Linux driver development and customer GUIs.

Monday August 25, 2025 09:55 - 10:35 CEST
Elicium 2

Embedded Linux Conference

Audience Experience Level Beginner

09:55 CEST

Snag It, Flash It, Ship It: Rethinking Factory Flashing With Open Tools - Romain Gantois, Bootlin & Paresh Bhagat, Texas Instruments

Monday August 25, 2025 09:55 - 10:35 CEST

D201

Factory flashing is a critical stage in the lifecycle of any embedded product. It can quickly become a bottleneck in the supply chain, and its correct execution is essential to ensure that shipped devices are both fully functional and secure. Today’s available tools are often closed-source and tightly coupled to specific vendors, limiting flexibility and making customization difficult.

In 2023, Bootlin introduced Snagboot—an open-source, vendor-agnostic tool designed for recovering and reflashing embedded platforms. Building on this foundation, Bootlin and Texas Instruments collaborated in 2024 to expand Snagboot into a comprehensive factory flashing solution, maintaining its open-source and vendor-neutral nature.

In this talk, we’ll present Snagboot as a recovery and reflashing solution, highlighting its core tools, snagrecover and snagflash. We’ll then dive into the unique challenges of factory flashing and explain how our extended toolset—Snagfactory—addresses them effectively.

Speakers

Romain Gantois

Embedded Linux and kernel engineer and trainer, Bootlin

Romain's journey at Bootlin started with his end of studies internship, during which he developed Snagboot, an open-source and vendor-agnostic embedded platform recovery and reflashing tool. He is currently still maintaining Snagboot, which has attracted several contributions since... Read More →

Paresh Bhagat

Embedded Software Engineer, Texas Instruments

I am an Embedded Software Engineer at Texas Instruments with nearly 3 years of experience in developing and integrating solutions for embedded Linux systems. My work spans across multiple areas including Hypervisor like Jailhouse, custom Linux build systems using Buildroot and Yocto... Read More →

Monday August 25, 2025 09:55 - 10:35 CEST
D201

Embedded Linux Conference

Audience Experience Level Any

09:55 CEST

TPM Is No Silver Bullet: Pitfalls in Embedded Device Security - David Gstir, sigma star gmbh

Monday August 25, 2025 09:55 - 10:35 CEST

Elicium 1

With the growing adoption of TPMs (Trusted Platform Modules) in the Linux ecosystem, thanks to features like TPM-backed disk encryption in systemd and the longstanding use in Windows BitLocker, TPM chips are seeing a resurgence as a go-to for secure secret storage. This trend is increasingly making its way into embedded devices. Often as a measure to fulfill NIS2, EU Cyber Resilience Act or similar requirements.

However, embedded systems present a vastly different threat model compared to desktops or servers, and TPMs often don’t deliver the level of security many developers assume. In this talk, David will demystify TPM functionality in embedded Linux environments. He will give a concise overview of security threats for embedded devices and where a TPM can and or where it cannot. Special focus will be put on using TPMs for disk encryption and integrity.

The session will wrap up with a discussion of alternative approaches, other usage scenarios for TPMs, and how to make informed decisions when designing secure embedded systems.

Speakers

David Gstir

Senior Security Expert, sigma star gmbh

David Gstir is a security engineer with 15+ years of hands-on experience. He has been actively involved in security-related projects, successfully identifying vulnerabilities in various consumer and enterprise software.

Monday August 25, 2025 09:55 - 10:35 CEST
Elicium 1

Embedded Linux Conference

Audience Experience Level Any

09:55 CEST

Cryptography Support in Zephyr: Recent Changes and Upcomings - Valerio Setti, BayLibre

Monday August 25, 2025 09:55 - 10:35 CEST

D202

In the last year Zephyr’s cryptographic support saw a lot of changes, the main ones being the deprecation of TinyCrypt and an increased usage of PSA Crypto API following the long standing goal to move toward a common interface for crypto operations.

The main reason for TinyCrypt deprecation is basically that it’s no longer maintained so it cannot get any security fix/improvement nor be adapted to the upcoming PSA interface. This basically leaves Mbed TLS as the only crypto provider in Zephyr, which can either used directly (i.e. building Mbed TLS as library to be linked against other Zephyr’s ones) or being integrated in TF-M image.

This talk will start from an overview of the recent history of Zephyr’s crypto support, presenting reasons for TinyCrypt deprecation and the adoption of PSA Crypto API. The focus will then shift toward Mbed TLS as the only crypto library available today in Zephyr, its layers (TLS and crypto), how it relates to TF-M and the recent improvements added to reduce footprint problems. In the last part of the talk we’ll focus on the future plans for Mbed TLS: what to expect from the next release which is expected in September 2025 and vendor driver support.

Speakers

Valerio Setti

Embedded software developer, BayLibre

Valerio joined BayLibre in 2022 and since then he’s been extensively working with the Mbed TLS team to help them follow their roadmap. Since 2024 he’s also a collaborator for the Zephyr’s project for the crypto topics which include Mbed TLS integration, TF-M and crypto drivers... Read More →

Monday August 25, 2025 09:55 - 10:35 CEST
D202

Zephyr Developer Summit

Audience Experience Level Beginner

09:55 CEST

Running Zephyr in a Light Bulb - Alexandre Bailon, BayLibre

Monday August 25, 2025 09:55 - 10:35 CEST

D203

For many years, we have seen more and more connected devices entering our homes. In most cases, these devices run closed source software, which relies on cloud servers to work and is not always respectful of our privacy.

Alexandre Bailon, who is not really satisfied with the current offerings, has been looking for an alternative using Zephyr.

He has taken an existing device and developed a Zephyr firmware for it. He will present the technologies already available or in development to build a connected light bulb using Zephyr which should be more robust, secure, and respectful of privacy.

Speakers

Alexandre Bailon

Software Engineer, BayLibre

Alexandre Bailon is co-founder of BayLibre. He used to be a Linux kernel developer and has helped many companies build successful devices running Linux and Android.

Monday August 25, 2025 09:55 - 10:35 CEST
D203

Zephyr Developer Summit

Audience Experience Level Intermediate

10:50 CEST

Coffee Break

Monday August 25, 2025 10:50 - 11:20 CEST

Special Events / Exhibits / Breaks

11:20 CEST

Dig Smart: Building a Reliable Cloud Native DNS for Modern Networks - Joel Studler & Fabian Schulz, Swisscom

Monday August 25, 2025 11:20 - 12:00 CEST

Emerald Room

Join us for a tech talk where we'll demonstrate how we operate and automate a highly available, geo-redundant DNS service for Swisscom's 5G mobile network using a cloud-native tech stack. We'll provide an in-depth look into our multi-cluster architecture that leverages ExternalDNS, PowerDNS, and CoreDNS. Additionally, we'll showcase how the system behaves when a cluster breaks down, and how we monitor and troubleshoot this multi-cluster setup at scale.

This talk will be particularly interesting for those with demanding DNS requirements—such as applications which require rare DNS resource records like NAPTR—as well as engineers and architects tasked with building a DNS service using cloud-native tools who, due to compliance, governance, or availability concerns, cannot use publicly available DNS-as-a-service offerings.

Speakers

Fabian Schulz

Senior DevOps Engineer, Swisscom

Fabian Schulz is a cloud architect and Kubernetes specialist known for his expertise in building resilient cloud-native solutions. Currently at Swisscom, he focuses on designing next generation 5G core services using open-source technologies. With a passion for innovation, Fabian... Read More →

Joel Studler

DevOps Engineer and System Architect, Swisscom

Joel is a DevOps Engineer currently in a team that builds the cloud native 5G core at Swisscom. He is experienced in infrastructure automation, software defined networking and highly available databases and passionate about automation. He is CK* certified and has written several CRD/Operator... Read More →

Monday August 25, 2025 11:20 - 12:00 CEST
Emerald Room

Cloud & Containers

Audience Experience Level Any

11:20 CEST

The Hypervisor Hierarchy: Why Architecture Matters for Performance, Security, and Flexibility - Cody Zuschlag, Xen Project (Linux Foundation)

Monday August 25, 2025 11:20 - 12:00 CEST

G001-002

Not all hypervisors are created equal. Some claim to be "bare metal" but rely on an underlying OS, while others truly separate hardware from workloads, enhancing security, stability, and performance. This session breaks down the differences between Type 1 and Type 2 hypervisors, why some architectures blur the lines, and how Xen stands apart as a true, independent Type 1 hypervisor. We’ll explore how Xen can run with dom0 or dom0less, offering flexibility for both dynamic and fixed VM environments. We’ll also discuss how Xen’s streamlined, unified ecosystem avoids the fragmentation seen in other virtualization stacks. Attendees will leave with a clear understanding of why hypervisor design matters and how it impacts security, efficiency, and long-term infrastructure choices.

Speakers

Cody Zuschlag

Community Manager, Xen Project (Linux Foundation)

Cody Zuschlag is the Community Manager for the Xen Project and a passionate advocate for open-source solutions. Since 2022, he’s been speaking internationally on full-stack, embedded, and decentralized technologies. Through his work, talks, and teaching, Cody promotes using tech... Read More →

Monday August 25, 2025 11:20 - 12:00 CEST
G001-002

Cloud & Containers

Audience Experience Level Intermediate

11:20 CEST

Decentralized Technologies and Public Infrastructure - Sean Bohan, LF Decentralized Trust

Monday August 25, 2025 11:20 - 12:00 CEST

TBA

In a digital-first world, how are governments adapting the public infrastructure underpinning services for public administrations, businesses, organizations, and citizens? What risks and challenges do they face as they digitize these services? Sean Bohan of LF Decentralized Trust will sit down for a Q+A with the incoming director of Europeum EDIC about delivering EU-wide cross-border services via the European Blockchain Services Infrastructure (EBSI) network. This session will dive into the roll-out of EBSI as a secure, trustworthy digital verification infrastructure for Europe. It will cover how EBSI and other public infrastructure projects serve as a model for verifying identities, credentials, and data integrity with reduced inefficiencies and fraud.

Topics will include:
-Services EBSI supports—verifiable educational, medical, and travel credentials; patent protections; product authentication, and more
-Adoption and interoperability challenges of deploying across 30+ countries, each with its own regulatory framework and infrastructure
-Decision to build on Besu, an enterprise Ethereum client.
-Role of open source, decentralized tech in delivering digital verification at scale

Speakers

Sean Bohan

Community Architect, LF Decentralized Trust

In a 20+ year career in technology, Sean has built digital experiences for clients like ABC Television and JetBlue, defined global digital strategy for GM and advised investors on where technology is going. He spent the last dozen years as an entrepreneur and executive working on... Read More →

Monday August 25, 2025 11:20 - 12:00 CEST
TBA

Digital Trust

Audience Experience Level Any

11:20 CEST

32-bit Linux Support Now and in the Future - Arnd Bergmann, Linaro

Monday August 25, 2025 11:20 - 12:00 CEST

D201

Over the last few years, 64-bit Linux has made it from Servers, PCs and high-end embedded machines lower down in the market, everywhere including the smallest embedded Linux targets. This gives new challenges for users that rely on existing 32-bit hardware being kept up to date, while new features development and testing on those machines keeps winding down.

Arnd gives an overview of which 32-bit systems are still supported, and how long that is going to be the case. This covers modern ARMv7/v8 hardware, older ARMv4/v5/v6 machines, and other embedded CPU architectures.

Specific issues include MMU-less microcontrollers, large memory, small memory, 32-bit userland on 64-bit hardware and the state of the 2038 epochalypse.

Speakers

Arnd Bergmann

Arm SoC kernel maintainer, Linaro

Arnd Bergmann has been with Linaro since almost the beginning. He's worked on the kernel across many CPU architectures over his career is and currently co-maintaining the soc tree that is used for merging platform support into the kernel.

Monday August 25, 2025 11:20 - 12:00 CEST
D201

Embedded Linux Conference

Audience Experience Level Any

11:20 CEST

Clocking Strategies in the Linux Kernel: Optimizing Power and Performance in High-End SoCs - Varada Pavani & Bala Naveena Nivetha M, Samsung Semiconductor India Research

Monday August 25, 2025 11:20 - 12:00 CEST

Elicium 1

Modern System-on-Chips (SoCs) are designed for a wide range of applications, including mobile devices, automotive systems, AI accelerators, and data servers. As SoCs become more powerful with increasing core counts, heterogeneous architectures, higher clock speeds, and enhanced AI processing capabilities, power consumption also rises. This increased power demand introduces challenges such as heat dissipation, battery life, clock management complexity and system reliability. In this talk, we explore various techniques to optimize power consumption and enhance performance using Common Clock Framework (CCF) in the Linux kernel.

We begin by discussing the role of clock management in Linux and covers various clocking strategies available in CCF to achieve optimal power and performance. Topics include dynamic clock scaling, disabling unused clocks, efficient parent clock selection and the notifier mechanism. We also explore clock usage monitoring in Linux through debugging tools such as clk_summary and kernel tracing.

Overall, this talk demonstrates how effective clocking strategies in the Linux kernel can significantly improve power efficiency and system performance in high-end SoCs.

Speakers

Bala Naveena Nivetha M

Associate Staff Engineer, Samsung Semiconductor India Research

Embedded Software Developer with 6+ years of experience in Embedded Linux BSP.

Varada Pavani

Staff Engineer, Samsung semiconductor India Research

An embedded software engineer with 7 years of experience. I am passionate about learning SoC internals. I have worked on bootloaders, device drivers and kernel internals.

Monday August 25, 2025 11:20 - 12:00 CEST
Elicium 1

Embedded Linux Conference

Audience Experience Level Intermediate

11:20 CEST

Combining White-labelled Hardware With Open Source Software To Quickly Bring Devices To Market - Nick Chen, Blecon Ltd

Monday August 25, 2025 11:20 - 12:00 CEST

Elicium 2

The ODM ecosystem — such as the one found in Asia — offers a rich selection of pre-designed hardware intended for white-labelling. This hardware can be produced and shipped with short lead times. However, a typical weakness of these devices is their software, which usually consists of outdated kernels and poorly documented components. Wholesale replacement of the system’s software stack while leveraging the hardware offers a path toward creating robust devices that can sidestep many of the complexities of manufacturing a fully custom design.

In this session we share tips and learnings from our experience creating a replacement software stack using Yocto for an existing white-label IoT gateway device. With this approach, we were able to take a new device with an up-to-date Linux stack to production in under 6 months.

The session will cover topics including: choosing of an appropriate hardware platform, coordinating with the hardware vendor, setting up an efficient development environment using similar hardware and simulators, and using the system’s OTA update infrastructure to create a factory image that’s compatible with an ODM’s existing manufacturing and testing flows.

Speakers

Nick Chen

Principal Software Engineer, Blecon Ltd

Nick Chen is a Principal Software Engineer at Blecon, specialising in embedded Linux and UX. After receiving a Ph.D. in Computer Science from the University of Maryland, Nick was a researcher at Microsoft Research where he created new user interfaces and interactions for networks... Read More →

Monday August 25, 2025 11:20 - 12:00 CEST
Elicium 2

Embedded Linux Conference

Audience Experience Level Intermediate

11:20 CEST

Creating a Healthy Vibrant Kernel Subsystem Community - Hans de Goede, Red Hat

Monday August 25, 2025 11:20 - 12:00 CEST

G102-103

End 2020 I became the maintainer of the drivers/platform/x86 (pdx86) kernel subsytem. The subject of this talk is my experience in creating a friendly welcoming environment, growing the pdx86 community and how this helped me to avoid burnout by being able to delegate to community members.

Keywords:
- Making your mailinglist a friendly welcoming medium
- Patience is a virtue
- Leading by example
- Growing a community
- My personal experience with burnout
- External (non kernel-devel) stress factors
- Delegating
- Handing over the reins

Speakers

Hans de Goede

Principal Software Engineer, Red Hat

Hans de Goede is a FOSS developer and enthusiast with 20 years of experience. He is a maintainer for the kernel’s x86 platform drivers subsystem.

Monday August 25, 2025 11:20 - 12:00 CEST
G102-103

Linux

Audience Experience Level Intermediate

11:20 CEST

Rethinking Writeback: Scaling Linux Filesystem and Memory Performance for the Next Decade - Kundan Kumar, Samsung R&D Institute India - Bangalore & Anuj Gupta, Samsung Semiconductor India

Monday August 25, 2025 11:20 - 12:00 CEST

G104

Linux’s current writeback infrastructure, while robust, was designed before large folios, CXL-tiered memory, and AI workloads demanding low-latency, high-throughput I/O. Today, workloads like RAG pipelines using vector databases with buffered I/O, and memory tiering on CXL, are exposing scalability limits in how the kernel handles writeback.

This talk presents a forward-looking view on evolving Linux’s writeback model. We’ll explore how the single-threaded design stalls page migration and reduces memory compaction effectiveness—affecting hugepage allocations and folio movement across memory tiers, contributing to fragmentation. On the storage side, parallelizing writeback improves throughput and responsiveness under dirty-page pressure, especially for sustained-write workloads with large memory footprints on High capacity SSDs.

We’ll also touch on early experiments within the kernel community, including efforts to make writeback more filesystem-geometry aware and parallelize it based on overwrites/new allocations.

This session invites open source community to reimagine writeback as a scalable, performance-critical component in Linux.

Speakers

Kundan Kumar

Staff Engineer, Samsung R&D Institute India - Bangalore

Kundan is a Linux kernel developer in Global Open Source Team at Samsung. He possesses 10+ granted patents in areas such as storage, performance and OS internals. Kundan is also a co-author of the book "Linux Internals Simplified," which provides a comprehensive overview of Linux's... Read More →

Anuj Gupta

Linux kernel developer, Samsung Semiconductor India

Anuj Gupta is a Linux kernel developer in Global Open Source Team at Samsung. His contributions focus on kernel I/O stack improvements across io_uring, block layer, and NVMe driver. Speaker at Open Source Summit and SNIA SDC. He has also published a paper at USENIX FAST. Contributes... Read More →

Monday August 25, 2025 11:20 - 12:00 CEST
G104

Linux

Audience Experience Level Intermediate

11:20 CEST

Cloud Security Wildlife: A Tale of Otters, Monkeys and Security? - Marcus Tenorio, ControlPlane

Monday August 25, 2025 11:20 - 12:00 CEST

G109

When we talk about cloud security, the first thing that comes to mind is otters. Obviously.

In this talk, we’ll dive into the fascinating analogy between the world of cloud security and wildlife. We’ll explore Falco, eBPF, and others and how they relate to our very own animal ecosystem. This perspective offers a unique and intuitive way to understand cloud security.

Think of chameleons and adaptive security: changing colours to match evolving threats.

We’ll migrate like birds, discovering security’s role in real-world workload transitions across clouds.

We’ll collaborate like bees, protecting the hive with policies, alerts, and shared responsibility.

We’ll defend like armadillos, layer by layer, showing how strong defence is often the best offence.

And we’ll feel our spider-sense tingle — like observability tools catching anomalies across the great web of services.

And, just like otters, we’ll hold hands to stay together in the rushing currents of the cloud.

And who’s heard of chaos monkeys? Clever and unpredictable, just like attackers exploiting misconfigurations and edge cases! We’ll take a look at how that plays out in the wild world of cloud-native security.

Speakers

Marcus Tenorio

Security Engineering Manager, ControlPlane

Mart is an engineering manager at ControlPlane, where he enjoys managing various consultants who teach him every day how to break things and become a better manager and engineer.

Monday August 25, 2025 11:20 - 12:00 CEST
G109

Open Source 101

Audience Experience Level Intermediate

11:20 CEST

Panel Discusssion: Educating the Next Generation of Open Source Project Contributors - Dawn Foster, CHAOSS; Stephen Walli, Microsoft; Ruth Ikegah, CHAOSS Africa & Abby Crimlis, OpenUK

Monday August 25, 2025 11:20 - 12:00 CEST

Auditorium

There are so many open source projects and not enough contributors to sustain them all over the long term. With many open source projects desperate for contributors, how do we educate the next generation of open source contributors to grow the contributor base for all of us?

In this panel, we’ll talk about education programs for school children and university students. We’ll discuss the landscape of open source contributors in the different regions along with the motivations for participation in open source and how those differ across regions. Because we want contributors who will continue contributing, we’ll also talk about some challenges that prevent sustainable contributions over the long term.

Our panelists have experience teaching open source to university students, school children in New Zealand, and building new open source communities in Africa. In this panel, we’ll talk about what we’ve learned, what’s worked, and provide tips for you to grow the next generation of contributors from within your local communities.

Speakers

Abby Crimlis

Project Manager, OpenUK

Dawn Foster

Director of Data Science, CHAOSS

Dr. Dawn Foster works as the Director of Data Science for CHAOSS where she is also a board member / maintainer. She is co-chair of CNCF TAG Contributor Strategy and an OpenUK board member. She has 20+ years of experience at companies like VMware and Intel with expertise in community... Read More →

Stephen Walli

Principal Program Manager, Microsof

I'm a principal program manager at Microsoft in the Azure Office of the CTO. I was technical director at the Outercurve Foundation, and an open source software start-up founder. I've been around open source software for 30+ years. I'm presently Microsoft governing board member for... Read More →

Ruth Ikegah

Community Manager, CHAOSS Africa

Ruth Ikegah is an Open Source Program Manager, Technical Writer, GitHub Star, and Public Speaker. She serves as the Community Lead at CHAOSS Africa, working to improve the health of Open Source communities on the continent. She also doubles as a maintainer in the Diversity, Equity... Read More →

Monday August 25, 2025 11:20 - 12:00 CEST
Auditorium

Open Source Leadership

Audience Experience Level Beginner

11:20 CEST

Securing Software Supply Chains: OpenCode as Building Block for Sovereign Digital Infrastructure - Leonhard Kugler, Zentrum Digitale Souveränität

Monday August 25, 2025 11:20 - 12:00 CEST

G105

As software becomes increasingly critical to the functioning of the state, economy, and society, ensuring its security and stability is a core task for governments. Secure software supply chains are a key component of this effort and a decisive factor for successful digitalisation. To effectively guarantee supply chain security, a new approach to IT security architecture is required, one that brings together the expertise of security experts, developers, and government agencies to standardise testing procedures and facilitate collaborative security analyses. The openCode platform, run by the German Centre for Digital Sovereignty (ZenDiS), is central in addressing this challenge: by establishing binding security standards, promoting transparency, and enabling the tracing of origins for critical software components, openCode helps build resilient, sovereign OS infrastructure for public administration. A recent strategy paper published by ZenDiS and the German Federal Office for Information Security develops a strategy on how to secure software supply chains with openCode, which will be presented in this talk.

Speakers

Leonhard Kugler

Head of Open Source Platform, Zentrum Digitale Souveränität

Leonhard Kugler, head of ZenDiS' openCode software platform, has over 20 years of experience in IT, digitalisation, and organisational development. With a background that spans software development, founding a software development and services agency, and serving as an interim manager... Read More →

Monday August 25, 2025 11:20 - 12:00 CEST
G105

OpenGovCon

Audience Experience Level Any

11:20 CEST

The State of OSPOs and OSS Management 2025 Research Findings by TODO Group - Ana Jiménez Santamaría, The Linux Foundation

Monday August 25, 2025 11:20 - 12:00 CEST

D204

Speakers

Ana Jiménez Santamaría

Project Manager , Linux Foundation, Developer Relations Foundation

Ana is the Project Manager at the Linux foundation TODO Group collaborative project, whose aim is to create and share knowledge on open source management and operations best practices. Formerly she worked at Bitergia, a Software Development Analytics firm, and she has finished her... Read More →

Monday August 25, 2025 11:20 - 12:00 CEST
D204

OSPOCon

11:20 CEST

The CRA, Where Are We Six Months After Its Approval - Timo Perala, Nokia

Monday August 25, 2025 11:20 - 12:00 CEST

G106

The Cyber Resielience Act (CRA) was approved late 2024 by European Union.
Open source community was heavily involved in influencing drafting of the CRA. But the need for active engagement with the regulator did not end there. During the three-year period from late 2024 to late 2027 a lot of standardisation and guidance needs to be created to guide industries, manufacturers and open source community to best comply and cope with the CRA. Open source communities have organised to address these challenges.

Here we shortly explain the motivation for, and the main requirements set forth by the CRA, the various relevant organisations working on the regulation and the timelines of the work, as well as the achievements of the open source community in this work so far, and what is the work ahead of us towards the final deadline in late 2027. After the presentation you should be able to understand what the CRA is and why it is introduced, how it impacts world wide - also open source, how open source community is addressing this new regulation and how you can join the community.

Speakers

Timo Perala

Head of Open Source Network and Service Automation, Nokia

Timo has over 25 years of experience in network systems, systems architecture research, new business incubation, to mobile network and operations systems standardization. In his current role Timo is with Nokia OSPO, responisble for Automation related open source projects and Regulatory... Read More →

Monday August 25, 2025 11:20 - 12:00 CEST
G106

Standards & Specifications

Audience Experience Level Any

11:20 CEST

CPatch: Optimising OTA Upgrades Through Binary Diffs - Jordan Yates, Embeint

Monday August 25, 2025 11:20 - 12:00 CEST

D202

Do you find yourself twiddling your thumbs while waiting for dozens of devices to upgrade over Bluetooth? Or do you think twice before pressing the “Firmware Rollout” button due to the anticipated LTE data bill? Introducing Constrained Patch (CPatch), a binary patching algorithm designed specifically for Firmware Over-the-Air (FOTA) upgrades of constrained devices running Zephyr.

In this session I will step through the design and implementation of the algorithm, including:
* Prerequisites for a diff based solution
* Constraints the algorithm works within
* Embedded patching implementation
* Python patch generation
* Comparisons against existing algorithms
* Live demo!

Speakers

Jordan Yates

Co-founder @ Chief Engineer, Embeint

Embedded developer focusing on ultra-low power wireless devices.

Monday August 25, 2025 11:20 - 12:00 CEST
D202

Zephyr Developer Summit

Audience Experience Level Any

11:20 CEST

Zephyr Workqueues: How They Work and Queue - Loic Domaigne, Doulos GmbH

Monday August 25, 2025 11:20 - 12:00 CEST

D203

Zephyr provides workqueue, a mechanism used to offload non-urgent processing to a lower priority thread. Workqueues are typically found in ISR (interrupt service routine) and high-priority threads.

In this talk, we shall present:
- what workqueues are, and what they are not,
- their typical use case
- how workqueues, scheduling and meta-IRQ threads relate,
- some best practices to address some common challenges, like sysworkq bottleneck, passing data or handling cancellation
- some lesser known workqueues, like the p4_wq

This is a practical hands-on talk. We’ll therefore run demo code and investigate what’s going on under the hood by looking at the Zephyr internal implementation! This will help us to get a solid understanding of workqueues, their usages and limitations, “directly from the source” (code).

Speakers

Loïc Domaigné

Senior Technical Staff Member, Doulos GmbH

Loïc loves sharing knowledge and is an enthusiastic instructor at Doulos since 2018. Loïc enjoys teaching Embedded Linux, Yocto, Python, Edge AI… and Zephyr Essentials, the new training he designed.

Monday August 25, 2025 11:20 - 12:00 CEST
D203

Zephyr Developer Summit

Audience Experience Level Any

12:00 CEST

Lunch (Provided Onsite for All Attendees)

Monday August 25, 2025 12:00 - 13:30 CEST

Special Events / Exhibits / Breaks

12:00 CEST

Women & Non-Binary Lunch

Monday August 25, 2025 12:00 - 13:30 CEST

First Floor Restaurant

We’d like to invite all attendees who identify as women or non-binary to join each other for a networking lunch at the event. We will begin with a brief introduction and then attendees will be free to enjoy lunch and mingle with one another. All attendees must identify as a woman or non-binary and must be registered for the conference to attend.

We will do our best to accommodate all interested attendees, but please note that participation is on a first-come, first-served basis.

Monday August 25, 2025 12:00 - 13:30 CEST
First Floor Restaurant

Special Events / Exhibits / Breaks

12:30 CEST

Zephyr Documentation BoF - Benjamin Cabé, The Linux Foundation

Monday August 25, 2025 12:30 - 13:10 CEST

D202

Over the past couple years, the Zephyr documentation has been steadily improving—or so I hope! One thing that has clearly helped is having a yearly check-in where we can openly discuss what’s working, what’s not, and where our priorities should be for the year ahead.

Join this Birds of a Feather session to catch up on some of the recent improvements to the documentation that you may have missed, and bring your suggestions for what we should be focusing on next.

Speakers

Benjamin Cabé

Developer Advocate, The Linux Foundation

Benjamin Cabé is a technology enthusiast with a passion for empowering developers to build innovative solutions.

Monday August 25, 2025 12:30 - 13:10 CEST
D202

Zephyr Developer Summit

Audience Experience Level Beginner

13:30 CEST

Mainframes Aren’t Dead, They’re Just Running Kubernetes Now - Josephine Pfeiffer, Red Hat

Monday August 25, 2025 13:30 - 14:10 CEST

G001-002

Mainframes have been declared dead more times than JavaScript frameworks have been invented—but here they are, still running the backbone of global finance, government, and enterprise computing. And now? They’re running Kubernetes too.

This talk dives into the why and how of running Kubernetes on mainframes, from containerization on z/OS to networking, workload orchestration, and real-world use cases. We’ll break down the challenges, the benefits, and whether this is a clever hack or a genuinely viable approach for modern infrastructure. If you think mainframes are relics, think again—because they’re running microservices now.

Speakers

Josephine Pfeiffer

Senior Consultant, Red Hat

Josephine is a consultant specializing in developer productivity and infrastructure. She has worked for enterprises, SMEs, and startups in roles spanning platform engineering, DevOps, Site Reliability Engineering, and technology management.

Monday August 25, 2025 13:30 - 14:10 CEST
G001-002

Cloud & Containers

Audience Experience Level Intermediate

13:30 CEST

Reliable and Cost-Effective: Open Storage Strategies for Kubernetes - Shriya Mulay, IBM

Monday August 25, 2025 13:30 - 14:10 CEST

Emerald Room

As the modern applications running on Kubernetes become more dynamic, a reliable stateful storage becomes essential. These applications don’t just need storage; they need it to be fast, intelligent, and cost-effective.
With so many open source tools available—like Rook-Ceph, NooBaa, and Longhorn—how do you pick the right one? And once you do, how do you make sure it’s reliable and doesn’t break the budget?

In this session, we’ll discuss how one can use open storage in Kubernetes—what works well, what causes problems, and how to avoid common mistakes. We’ll cover storage for different use cases (like block, file, and object), and talk about features like dynamic provisioning, snapshots, and scaling.

Whether you're a developer, architect, or admin, this session will help you understand how to choose, deploy, and manage open source storage in Kubernetes.

Speakers

Shriya Mulay

Technical Support Professional, IBM

Shriya has over 7 years of experience in Software Defined Storage technologies, including Ceph, Gluster, Rook-Ceph, and NooBaa. She works closely with cloud-native platforms like Kubernetes, focusing on observability, troubleshooting, and data management. Shriya is passionate about... Read More →

Monday August 25, 2025 13:30 - 14:10 CEST
Emerald Room

Cloud & Containers

Audience Experience Level Beginner

13:30 CEST

Trust, but Verify: Proactive Security in Open Source - Jess McClintock, Google

Monday August 25, 2025 13:30 - 14:10 CEST

TBA

Ken Thompson's "Reflection on Trusting Trust" warns against blindly relying on others' code, emphasizing the gap between reviewed source and built artifacts. This is critical for developers navigating complex trust models, where source code alone offers limited assurance. Recent supply chain attacks on open source packages, like xz and boltdb-go, expose the real-world practicality of deceiving traditional source reviews, threatening the foundation of open source consumption.

In this talk, we discuss a novel method for analysing and investigating the code that actually gets built using Capslock, an open source CLI tool for analyzing Go packages. By analysing and exposing discrepancies between a package’s advertised and actual permissions, potential attacks (such as the malicious version of boltdb-go) can be thwarted. Integrating this capability information into both free public data sources (e.g. deps.dev) and guided code review systems enables developers to shift left, and feel more confident trusting open source.

Speakers

Jess McClintock

Senior Software Engineer, Google

Jess is a senior software engineer on the Open Source Security team at Google. In this role, she develops software solutions to security problems. Previously, Jess completed a PhD in theoretical computer science at the University of Melbourne, and has written papers on approximation... Read More →

Monday August 25, 2025 13:30 - 14:10 CEST
TBA

Digital Trust

Audience Experience Level Any

13:30 CEST

Demystifying the Embedded Linux Graphics Stack: An Easy Introduction for Beginners - Parthiban N, Linumiz

Monday August 25, 2025 13:30 - 14:10 CEST

Elicium 1

Memory to Photons: Whether it's a moving picture or a game, Linux's graphics stack is complex, involving various components in both the Kernel and userspace. Getting my first pixel to appear on an LVDS screen was an exciting journey. This talk will walk through my experience of getting started with Linux graphics, based on my recent work on Allwinner A133 display engine support [1] and my ongoing effort to get Imagination Technologies' GPU GE8300 into the upstream kernel.

Ever heard of DRM, GPU, MIPI, Khronos, OpenGL ES, Vulkan, KMS, Weston, HDMI, framebuffer, or Mesa3D, and wondered what all these are? This talk will detail the basic components of the Linux graphics stack and how it's layered. Additionally, it will discuss the specifics of how the Linux kernel's DRM is structured, which parts you’ll be interested in when building your display pipeline, and how to debug when you don't see your pixel.

[1]: 20241227-a133-display-support-v1-0-abad35b3579c@linumiz.com/" target="_blank">https://lore.kernel.org/all/20241227-a133-display-support-v1-0-abad35b3579c@linumiz.com/

Speakers

Parthiban

Engineer, Linumiz

With over 14 years of experience in software engineering, Parthiban founded Linumiz, a company that provides domain-neutral software services for U-Boot, Linux, and Zephyr, ranging from board bringup, board supported package, customization, device drivers, to over the air software... Read More →

Monday August 25, 2025 13:30 - 14:10 CEST
Elicium 1

Embedded Linux Conference

Audience Experience Level Intermediate

13:30 CEST

Space Grade Linux: Building a Safer, Open Source Future for Space Systems - Ramon Roche, Linux Foundation

Monday August 25, 2025 13:30 - 14:10 CEST

Elicium 2

As launch cadence increases and development cycles tighten, the space industry turns to open source to meet the moment. Enter Space Grade Linux (SGL) — an initiative under the ELISA Project aimed at creating a reusable, safety-aware Linux foundation for spaceflight systems.

This talk will introduce the goals and current status of SGL, highlighting three foundational focus areas:
1. Kernel Configuration – Defining a shared starting point for space-focused Linux systems, emphasizing predictability, determinism, and traceability.
2. Booting into Linux: Exploring the safety-critical implications of system bring-up and strategies for improving reliability in space-grade deployments.
3. Userspace Strategy – Discussing early-stage decisions around minimal runtime environments, supervision, and what a safe, maintainable userspace might look like.

Attendees will get a hands-on overview of what’s already available in the GitHub repository, including a Yocto-based reference implementation and working kernel configuration. More importantly, they’ll learn how to get involved — through technical contributions, architecture discussions, or community collaboration.

Speakers

Ramon Roche

General Manager, Linux Foundation

Ramón Roche is General Manager of the Dronecode Foundation, an open-source project under the Linux Foundation supporting drone and robotics development. He leads a global ecosystem behind technologies like PX4 and Pixhawk, and has over a decade of experience in open source. Ramón... Read More →

Monday August 25, 2025 13:30 - 14:10 CEST
Elicium 2

Embedded Linux Conference

Audience Experience Level Beginner

13:30 CEST

Thinking Outside the (Linux) Box: Security Considerations From Human Actors - Esa Jääskelä, Buutti Oy

Monday August 25, 2025 13:30 - 14:10 CEST

D201

Embedded Linux security often focuses on protecting the devices against attackers using technical safeguards like secure boot and kernel hardening. While essential, this engineering-oriented perspective can result in overlooking a major threat vector: human behavior. Social engineering remains a common attack method, and even embedded devices with limited interactability can be vulnerable to this.

This presentation explores the relationships between developers, users, and attackers to identify security requirements and possible shortcomings in security planning. Core principles include:

- Prevent users (and developers) from compromising security
- Design for resilience against security failures
- Recognize that misunderstandings lead to errors
- Communicate clearly to reduce social engineering risk

While the talk isn't deeply technical, it presents embedded Linux–oriented solutions to these human-centric challenges where applicable. The presentation is accessible to people who are still beginners in the embedded world. My goal is to ensure that device developers consider the actions of both malicious actors and legitimate users in their threat models.

Speakers

Esa Jääskelä

Software Developer, Buutti Oy

Esa Jääskelä is an embedded systems engineer with a focus on Linux, Yocto, and programming. He holds an MSc in Computer Science and Engineering and has worked in embedded Linux development since 2016. Passionate about cybersecurity, Esa explores system hardening and shares technical... Read More →

Monday August 25, 2025 13:30 - 14:10 CEST
D201

Embedded Linux Conference

Audience Experience Level Any

13:30 CEST

Realtime Linux Beyond PREEMPT_RT: Exploring Xenomai's Dual-Kernel Approach - Richard Weinberger, sigma star gmbh

Monday August 25, 2025 13:30 - 14:10 CEST

G104

In the area of Linux-based real-time applications, PREEMPT_RT has become a widely embraced solution. However, it's not the only path to achieving real-time characteristics. Xenomai, utilizing a dual-kernel approach, presents a compelling alternative that merits consideration.

In this session, Richard will delve into the Xenomai project, highlighting its unique architecture and the scenarios where it excels over PREEMPT_RT and where not. Participants will gain a comprehensive understanding of how to deploy Xenomai in real-world applications through step-by-step examples.

This talk is designed not only to introduce attendees to the fundamental concepts of Xenomai but also to equip them with practical skills for implementing their own real-time solutions using this framework. Whether you’re a developer seeking to expand your toolkit or a system architect exploring different real-time options, this presentation will provide valuable insights into a versatile and powerful alternative to the conventional PREEMPT_RT route.

Speakers

Richard Weinberger

CTO, sigma star gmbh

Richard Weinberger is co-founder of sigma star gmbh where he offers consulting services around Linux and IT security.

Monday August 25, 2025 13:30 - 14:10 CEST
G104

Linux

Audience Experience Level Any

13:30 CEST

Upstream Kernel Hardening: Progress on Enabling -Wflex-array-member-not-at-end - Gustavo A. R. Silva, The Linux Foundation

Monday August 25, 2025 13:30 - 14:10 CEST

G102-103

The -Wflex-array-member-not-at-end compiler option was introduced in GCC 14. At the time, it revealed around 60,000 warnings in the upstream Linux kernel. While many of these were duplicates, about 650 are unique and require individual auditing and attention. These issues span different categories and vary in complexity, which adds to the challenge of globally enabling this compiler option in the upstream Linux kernel.

In this presentation, we'll share the progress we've made on this work as part of the Kernel Self-Protection Project (KSPP) over the past few months. We'll go over the challenges we've encountered, show concrete code examples, and demonstrate how to fix these kinds of problems. We'll also discuss why enabling this option is important for the kernel, and how we plan to complete this work in the near future.

Whether you're a seasoned kernel developer or someone looking to start contributing upstream, this presentation will introduce useful helpers and strategies you can use to fix existing code or implement new functionality, and in doing so, help us harden the upstream Linux kernel for the benefit of everyone.

Speakers

Gustavo A. R. Silva

Upstream Linux Kernel Engineer, The Linux Foundation

Gustavo A. R. Silva is an Upstream Linux Kernel Engineer focused on hardening and proactive security. He has spent the past several years fixing all sorts of bugs and hardening the Linux kernel. His work is supported by The Linux Foundation and Alpha-Omega. He's a member of the Kernel... Read More →

Monday August 25, 2025 13:30 - 14:10 CEST
G102-103

Linux

Audience Experience Level Any

13:30 CEST

Open Source Tools To Empower Ethical and Robust AI Systems - Alberto Rodríguez, ControlPlane & Miguel Fontanilla, sennder

Monday August 25, 2025 13:30 - 14:10 CEST

G109

In this talk, we will present open-source tools for evaluating and securing AI models which are key in building responsible AI systems. We'll start with an overview of these tools and their use cases, organized through a simple ontology to help classify them.

We'll cover:

- Tools that assess bias and fairness, such as AIF360

- Evaluation tools like Garak, which offers comprehensive security and safety assessments for LLMs; Promptfoo, which supports prompt engineering and testing; and Giskard, which allows the use of custom evaluation datasets

- Guardrail tools for LLM systems, like NeMo Guardrails

- Tools that focus on prompt security and insights, such as LLMGuard and LangKit

- Tools for traditional ML model security, like the Adversarial Robustness Toolbox

The main goal of the talk is to give attendees a clear overview of the wide range of open-source tools available for securing AI models and provide examples and insights about them that can help in making an informed decision on which one to use.

Speakers

Alberto Rodríguez Fernandez

Cloud Native Engineer, ControlPlane

Cloud Native consultant at Control Plane with a focus in Kubernetes, AI security and Software Supply Chain Security. AWS and Kubernetes Certified.

Miguel Fontanilla

Platform Engineering Lead, sennder

Hello, I'm Miguel, a technology enthusiast who enjoys helping people learn about it!My specialty is cloud infrastructure, with a strong focus on containerization technologies.I currently work as a Staff Engineering Lead on the infrastructure team at Sennder, a European digital logistics... Read More →

Monday August 25, 2025 13:30 - 14:10 CEST
G109

Open Source 101

Audience Experience Level Intermediate

13:30 CEST

101 on Getting Your Customers To Contribute - Nick Veenhof, GitLab

Monday August 25, 2025 13:30 - 14:10 CEST

Auditorium

In heavily regulated financial services, automotive industries or other large enterprise institutions, developers can transform from open source "takers" to strategic "makers."

This presentation showcases GitLab's Co-Create program as a proven contribution framework for organizations. We'll also teach oyu how to reproduce this program for your OSS project or company.

This is not a product pitch. Rather, Nick is drawing from 15+ years in open source communities and experience as an OSS foundation board member, he will present a model that could inspire other open source projects to engage regulated industries often excluded from contribution ecosystems.

Attendees will discover how structured onboarding, engineering collaboration, CLA frameworks, and maintenance-free contributions create sustainable participation models that maintain regulatory compliance while driving innovation.

Through case studies from Thales (where "two developers saved time for 30 million users" in just two months), Siemens, Scania, and a FinOS member, I'll demonstrate how structured contribution programs deliver measurable value while addressing the unique compliance, security, and innovation challenges.

Speakers

Nick Veenhof

Director, Contributor Success, GitLab

Nick Veenhof is Director of Contributor Success at GitLab, where he leads initiatives to enhance open source participation. With 15+ years in open source ecosystems, Nick brings expertise in building contribution frameworks that deliver business value in regulated environments... Read More →

Monday August 25, 2025 13:30 - 14:10 CEST
Auditorium

Open Source Leadership

Audience Experience Level Intermediate

13:30 CEST

Designing Policy and Support for a Sustainable Open Source Adoption in the Public Sector - Johan Linåker & Sachiko Muto, RISE Research Institutes of Sweden

Monday August 25, 2025 13:30 - 14:10 CEST

G105

The public sector has been an active user of Open Source Software (OSS) since its inception. Yet, adoption and reuse have fluctuated, along with the many policies and initiatives providing guidance and support. On the positive side, there is a wealth of experience to draw from.

In this presentation, we aim to inspire and provide insights from a study of 16 countries that are mature in their digital practices, as indicated through a set of digital maturity indicators. These countries are surveyed regarding government policies, rationales, support mechanisms, means of promotion, and success stories on OSS adoption.

We find diverse means in how policy is designed and motivated to support both the adoption and use, as well as development and release of OSS across sectors. The cases further provide in-depth examples of how the policies can be supported and enabled using Open Source Program Offices (OSPOs), communities, and codified knowledge.

Based on our findings, we will provide attendees as well as policy- and decisionmakers at national, regional, and local government levels, with recommendations for designing and fostering sustainable policies for OSS adoption.

Speakers

Sachiko Muto

Senior Researcher, RISE Research Institutes of Sweden

Sachiko Muto is the Chair of OpenForum Europe and a senior researcher at RISE Research Institutes of Sweden. She originally joined OFE in 2007 and served for several years as Director with responsibility for government relations and then as CEO. Sachiko has degrees in Political Science... Read More →

Johan Linåker

Senior Researcher, RISE Research Institutes of Sweden

... Read More →

Monday August 25, 2025 13:30 - 14:10 CEST
G105

OpenGovCon

Audience Experience Level Intermediate

13:30 CEST

The Impact of Copyleft on the EU CRA - Jimmy Ahlberg, Ericsson

Monday August 25, 2025 13:30 - 14:10 CEST

G107

The introduction of the EU Cyber Resilience Act (CRA) marks a transformative milestone in software security regulation within the European Union, with far-reaching implications for global software practices. As the EU seeks to bolster cybersecurity standards across digital products and services, the CRA introduces new requirements aimed at identifying, managing, and mitigating vulnerabilities more effectively.

This session will explore the specific implications of the CRA for Free and Open Source Software (FOSS), with a particular focus on projects under Copyleft licenses such as the GNU General Public License (GPL). Copyleft licenses, which require derivative works to also be open source, present unique challenges in the context of the CRA's provisions.

Join us as we delve into the complexities and opportunities presented by the EU CRA, and explore its impact on the future of Free and Open Source Software.

Speakers

Jimmy Ahlberg

Director Open Source, Ericsson

Currently Mr Ahlberg is the Director of Open Source Policy with the Ericsson OSPO. Prior to the inception of the Ericsson OSPO he worked in different roles with various aspects of Open Source in the Ericsson organization, This included consumption of and contribution to Open Source... Read More →

Monday August 25, 2025 13:30 - 14:10 CEST
G107

Operations Management

Audience Experience Level Any

13:30 CEST

Panel Discussion: Open Source as a Path for a Competitive Automotive Industry - Philipp Ahmann, Etas GmbH; Ana Jiménez Santamaría, Linux Foundation; Masato Endo, Toyota Motor Corporation; Carl-Eric Mols, Volvo Cars; Wolfgang Gehring, Mercedes-Benz Tech In

Monday August 25, 2025 13:30 - 14:10 CEST

D204

Open source software has evolved from a supplement to a strategic element in the Software-Defined Vehicle era, evidenced by the growing number of OSPOs across automotive organizations. This panel examines this transition, focusing on the practical challenges at the intersection of innovation, license plus regulatory compliance, and community contribution.

The panelists will share strategies for maintaining compliance while adopting the development speed supported by modern software development principles. They will address operational aspects of incorporating OSS components into supply chains alongside proper license management and vulnerability tracking, while upstreaming contributions aligned with corporate objectives.

The discussion will highlight how OSS engagement can create resilience against geopolitical disruptions and trade restrictions, providing automotive companies a sustainable path for global operations while navigating regional compliance requirements.

Speakers

Philipp Ahmann

Automotive OSS Process Lead, Etas GmbH (BOSCH)

Philipp Ahmann is a Senior OSS Community Manager at ETAS (a Bosch subsidiary), specializing in safety-critical automotive open source software. With 15+ years' experience in Linux automotive platforms, he has held roles from software engineer to project & line manager.He currently... Read More →

Ana Jiménez Santamaría

Project Manager , Linux Foundation, Developer Relations Foundation

Masato Endo

Project General Manager/ Manager of TOYOTA OSPO, Toyota Motor Corporation

Masato Endo is a Project General Manager of Value Chain Innovation Project in TOYOTA. He focuses also on promoting Open Source Innovation and he set up TOYOTA OSPO in 2024. Furthermore, he plays the following roles in Open Source Communities.

Carl-Eric Mols

Open Source Strategist, Volvo Cars

Carl-Eric Mols has been close to two decades been engaged in Open Source governance. He was for more than a decade the Head of Open Source in Sony Mobile and is currently a member of the Volvo Cars OSPO. He has also over the years engaged in various research project, and have authored... Read More →

Wolfgang Gehring

FOSS Ambassador & OSPO Lead, Mercedes-Benz Tech Innovation

Dr. Wolfgang Gehring is an Ambassador for Open and Inner Source and has been working on enabling and spreading the idea within Mercedes-Benz. A software engineer by trade, Wolfgang’s goal is to help enable Mercedes-Benz to fully embrace FOSS and become a true Open Source company... Read More →

Monday August 25, 2025 13:30 - 14:10 CEST
D204

OSPOCon

Audience Experience Level Intermediate

13:30 CEST

Better PURLs for Better Software Compliance Processes - Philippe Ombredanne, AboutCode & Dennis Roellke, Bloomberg

Monday August 25, 2025 13:30 - 14:10 CEST

G106

Reliably identifying software components is a critical requirement for regulatory compliance.

PURL is the de-facto standard for the reliable naming of components in software applications, products, and systems, across programming languages, package ecosystems, tools, APIs and databases. Every open source and most proprietary tools for Software Composition Analysis (SCA), along with all SBOM and Vulnerability Exploitability Exchange (VEX) specifications and most vulnerability databases, adopted PURL for component identification. But a 2024 Software Composition Analysis (SCA) report demonstrated significant inconsistencies in how different tools create PURLs…

Better PURLs is a comprehensive project of open source tools and open data to correct this problem. The extended PURL syntax validation confirms that the PURL components (namespace, name, version, qualifiers) are correct for a given package ecosystem, according to the specification, and that the PURL locates an existing software package artifact.

In this talk, Philippe from AboutCode and Dennis from Bloomberg will share the latest developments and how accurate and correct PURLs facilitate better compliance processes.

Speakers

Philippe Ombredanne

Lead maintainer, AboutCode

Philippe Ombredanne is a FOSS hacker passionate about enabling easier and safer reuse of open source code. He is the lead maintainer of the AboutCode stack of open source tools for Software Composition Analysis and license and security compliance, including the industry-leading ScanCode... Read More →

Dennis Roellke

Security Architect, Bloomberg

Dennis is a Cloud Security Architect in the CTO Office at Bloomberg.

Monday August 25, 2025 13:30 - 14:10 CEST
G106

Standards & Specifications

Audience Experience Level Any

13:30 CEST

Crabs Flying Kites: Writing a Zephyr Application in Rust - Mohammed Billoo, MAB Labs Embedded Solutions

Monday August 25, 2025 13:30 - 14:10 CEST

D203

Rust is becoming increasingly popular due to its ownership model and its innate ability to guarantee memory safety during compile time. A typical mantra of Rust developers is "if it compiles, it works".

Zephyr is experiencing explosive growth as an RTOS. Its focus on safety, security, flexibility, and vendor neutrality has enabled many product developers to choose Zephyr as the underlying RTOS in their embedded system.

Zephyr 4.1 introduced initial support for Rust. In this talk, Mohammed will guide developers on how to create a custom Zephyr application in Rust. He will demonstrate the process and outline some pitfalls that novices may encounter, and how to work around them.

Speakers

Mohammed Billoo

CEO, MAB Labs Embedded Solutions

Mohammed Billoo is an embedded software consultant with over 15 years of experience. He focuses on The Zephyr Project RTOS, Embedded Linux, and The Yocto Project. He has also developed user interfaces using the Qt framework. He has helped clients across numerous verticals, including... Read More →

Monday August 25, 2025 13:30 - 14:10 CEST
D203

Zephyr Developer Summit

Audience Experience Level Intermediate

13:30 CEST

Zephyr: Evolving To CRA Readiness - Kate Stewart, The Linux Foundation

Monday August 25, 2025 13:30 - 14:10 CEST

D202

The Cyber Resiliance Act (CRA) will be coming into effect in a few short years. Product makers will have different obligations than open source stewards for compliance. The Zephyr project has been working towards making it easier for product makers to comply with the CRA over the last few years, and will continue to work with the community to refine these capabilities.

From automatic "Build SBOM" generation to LTS Vulnerability fixes being extended to 5 years, the project has some useful starting points.

This talk will discuss what is available, and where some of the gaps will be for product makers and other ecosystem vendors to consider in their roadmaps and support plans.

Speakers

Kate Stewart

VP Dependable Embedded Systems, The Linux Foundation

Kate Stewart works with the safety, security and license compliance communities to advance the adoption of best practices into embedded open source projects. Since joining The Linux Foundation, she has launched the ELISA and Zephyr Projects, as well as supporting other embedded projects... Read More →

Monday August 25, 2025 13:30 - 14:10 CEST
D202

Zephyr Developer Summit

Audience Experience Level Any

14:25 CEST

Chain Reaction: Remixing CNCF’s Supply Chain Security Guide for 2025 - John Kjell, ControlPlane

Monday August 25, 2025 14:25 - 15:05 CEST

Emerald Room

The original version of the CNCF Security TAG’s Supply Chain Security Best Practices was published in May 2021. To say “a lot has changed” since then would be a dramatic understatement—software supply chain attacks cost over $45 billion in 2023, with projections exceeding $80 billion by 2026.

In this talk, we'll take a whirlwind tour of the latest updates to the newly released second version of the Supply Chain Best Practices guide. One of the most significant changes is the increased adoption and maturity of SBOMs and attestations, supported by a rapidly growing ecosystem of tools for generating, verifying, and consuming this metadata.

We’ll explore how the open source community has responded to rising threats with a surge of new tools, improved standards, and broader best practice adoption—and how to chain these tools together for maximum impact.

We’ll showcase key open source projects from across the CNCF and OpenSSF ecosystems, including in-toto, TUF, SLSA, Guac, bomctl, SBOMit, and protobom.

Speakers

John Kjell

Principal Consultant, ControlPlane

John is a maintainer for the Witness and Archivista sub-projects under in-toto. Additionally, John is a co-chair to CNCF's TAG Security and active with multiple projects within the OpenSSF. Prior to ControlPlane, John was the Director of Open Source at TestifySec and an engineering... Read More →

Monday August 25, 2025 14:25 - 15:05 CEST
Emerald Room

Cloud & Containers

Audience Experience Level Beginner

14:25 CEST

Sponsored Session: Freedom to Build: Open Source Foundations for Sovereign Cloud Infrastructure - Orlin Vasilev, SUSE

Monday August 25, 2025 14:25 - 15:05 CEST

G001-002

Cloud-native technologies are reshaping infrastructure strategies, especially as organizations embrace hybrid and multi-cloud models. In this session, we explore how the combination of Multi-Linux environments, Kubernetes, and virtualization forms the backbone of sovereign, cloud-native platforms. As regulatory and supply chain pressures elevate the importance of digital sovereignty, open source solutions—like SUSE-supported projects Rancher, K3s, and Harvester—offer a path and choice to control, agility, and compliance without vendor lock-in. We'll examine how diverse Linux distributions operate within Kubernetes clusters, how virtualization enhances workload isolation and portability, and how cloud-native architectures can be designed to meet sovereignty requirements. Attendees will gain insights into real-world implementations and open standards that are driving the next generation of sovereign cloud infrastructure.

Speakers

Orlin Vasilev

Principal Open Source Technology Advocate, SUSE

Orlin Vasilev is Principal Open Source Technology Advocate and Community Manager for Project Harbor and project K3s as part of the Cloud Native team at SUSE. CNCF Ambassador and driving the biggest Meetup Group in Bulgaria. KCD Sofia organizer, KubeCon CfP review board member and... Read More →

Monday August 25, 2025 14:25 - 15:05 CEST
G001-002

Cloud & Containers

14:25 CEST

A First Person Identity System for Open Source - Wenjing Chu, Futurewei Technologies Inc. & Drummond Reed, Gen

Monday August 25, 2025 14:25 - 15:05 CEST

TBA

Open source has a trust problem. One may attribute this to the age old problem of identity frauds and related security vulnerabilities on the Internet. One may further worry that the rise of AI will dramatically increase this risk and even overrun the Internet altogether without mitigation in a fundamental level. One may also see it as an inevitable consequences of 'de-globalization' or 'fragmentation' which sows distrust and threatens to undo many of the progress we had made in the past two plus decades. The Linux Foundation's Executive Director Jim Zemlin highlighted this challenge during the LFDT member summit last year, then re-emphasized it again during the LF member summits in the fall last year and again this spring in 2025. This is a followup to that "Call to Action" to a First Person Project. A decentralized First Person developer ID system is one of the things we can do in the open source infrastructure level, i.e. the fundamental ways of practice that we know as open source, to meet this challenge. In this session, we will examine the issues, discuss the First Person Project and solution approaches, and update the community its progress.

Speakers

Wenjing Chu

Senior Director of Technology Strategy, Futurewei Technologies

Wenjing is a senior directory of technology strategy at Futurewei leading initiatives on trust in the future of computing. He is a Steering Committee member of the Trust over IP (ToIP) Foundation and co-Chairs the TSP and AI & Metaverse task forces. He is a Board Member of the OpenWallet... Read More →

Drummond Reed

Director, Trust Services, Gen

25 years working on Internet identity, security, privacy & trust

Monday August 25, 2025 14:25 - 15:05 CEST
TBA

Digital Trust

Audience Experience Level Any

14:25 CEST

Reducing Friction in Testing Using QEMU and Labgrid for Yocto-based Products - Joschka Seydell, Zühlke Engineering

Monday August 25, 2025 14:25 - 15:05 CEST

D201

This talk emerged from observing reoccurring pain points in providing a usable and reliable test infrastructure for complex products. Significant time is spent on avoiding test bench overload, on an efficient workflow and on infrastructure problems. Especially for distributed or platform software, many configurations need to be tested – but hardware is usually scarce due to its costs. And when using a shared test setup, dealing with device reboots and interfaces can be cumbersome. If tests are executed on hardware for no reason and due to generally limited resources, testing then comes with long feedback cycles.

To address hardware availability and scalability (also regarding tested permutations), the talk proposes the use of emulated, close-to-hardware targets. While not being exact, QEMU can produce relevant feedback for parts of the software fast and location independent. By combining it with Labgrid, tests involve less ‘moving parts’ and reuse the provided device control, reducing overall maintenance.

The example code shown in the talk is meant to augment common test setups and serves to illustrate the conscious decision on which tests to run where, when and how.

Speakers

Joschka Seydell

Embedded Software Engineer, Zühlke Engineering

Joschka Seydell is an Embedded Linux/Yocto and C++ developer with experience from projects in the industrial, automotive, consumer and medical domains. This helped him to accumulate insights on recurring patterns and solutions across market segments. Besides, he specializes in software... Read More →

Monday August 25, 2025 14:25 - 15:05 CEST
D201

Embedded Linux Conference

Audience Experience Level Beginner

14:25 CEST

Towards Mainline Video Capture and Camera Support for Recent Rockchip SoCs - Michael Riesch, Collabora

Monday August 25, 2025 14:25 - 15:05 CEST

Elicium 1

Recent Rockchip SoCs (namely, those of the RK35 generation) integrate dedicated IP blocks for video capture and image signal processing. These additions open the door to a wide range of interesting multimedia applications. However, support for these blocks in mainline Linux remains one of the last missing pieces in an otherwise well-supported SoC lineup. It is time to close that gap!

In this talk, I will provide an overview of the software stack for modern multimedia SoCs, cover the contributions that have already landed in mainline and are currently in flight, respectively, and outline the remaining work needed to fully enable video capture and camera functionality. We will also take a look at the compelling applications that this groundwork makes possible.

Speakers

Michael Riesch

Consultant Senior Software Engineer, Collabora

Michael Riesch is a Consultant Senior Software Engineer at Collabora. His work focuses on hardware enablement (Rockchip SoCs in particular) and multimedia development in the Linux kernel.

Monday August 25, 2025 14:25 - 15:05 CEST
Elicium 1

Embedded Linux Conference

Audience Experience Level Intermediate

14:25 CEST

Unpacking the Linux WiFi Stack: Writing and Integrating Wireless Drivers - Alexis Lothoré, Bootlin

Monday August 25, 2025 14:25 - 15:05 CEST

Elicium 2

WiFi is a cornerstone of modern connectivity, and Linux powers countless devices that rely on seamless wireless communication. But how does a WiFi driver actually work within the Linux kernel? In this talk, we will explore the process of supporting a Wifi device in Linux, focusing on its integration with the mac80211 and cfg80211 subsystems. We’ll cover key aspects such as hardware initialization, packet transmission, regulatory compliance, power management, and more. Additionally, we’ll discuss how userspace tools like iw, hostapd, and wpa_supplicant interact with kernel drivers via nl80211. By the end of this session, attendees will have a better understanding of the Linux WiFi stack and the skills needed to develop, debug, and extend WiFi drivers effectively, whether they want to implement a new one or improve an existing one.

Speakers

Alexis Lothoré

Embedded Linux engineer and trainer, Bootlin

Alexis is an embedded Linux developer and trainer with 9 years of experience, currently working at Bootlin. He has made several contributions to the Linux kernel, specifically around networking: support and improvement for ethernet switches and wireless chips, as well as improvements... Read More →

Monday August 25, 2025 14:25 - 15:05 CEST
Elicium 2

Embedded Linux Conference

Audience Experience Level Intermediate

14:25 CEST

Extending BCC as a Data Source for System Monitoring - Eunseon Lee, LG Electronics

Monday August 25, 2025 14:25 - 15:05 CEST

G104

eBPF enables efficient tracing and monitoring of modern Linux systems. However, tools in the BCC (BPF Compiler Collection) are primarily designed for standalone use, making it challenging to adopt them directly in real-time, streaming-based observability systems.

This talk introduces a practical approach to extending BCC tools for use as data sources in system monitoring pipelines. I demonstrate an architecture that transforms BCC output into time-series data by integrating with InfluxDB, and visualizes the data using Grafana. This enables real-time tracking of kernel and user-space events such as memory allocation over time.

I also explore enhancements to existing BCC tools, such as adding options to output data in time-series–friendly formats (e.g., InfluxDB’s line protocol), enabling easier ingestion by monitoring agents. These modifications help bridge the gap between raw eBPF observability and modern telemetry systems, without compromising BCC’s standalone usability. GitHub PR (https://github.com/iovisor/bcc/pull/5281) demonstrate these improvements.

Attendees will learn to leverage BCC tools for real-time insights and contribute enhancements for broader monitoring use cases.

Speakers

Eunseon Lee

Chief Software Engineer, LG Electronics

I am currently developing an eBPF-based system monitoring tool focused on real-time anomaly detection. Previously, I worked on eBPF-based debugging tools, including a memory leak detection tool applied in LG Electronics’ Car division. I have contributed to BCC by developing CO-RE–based... Read More →

Monday August 25, 2025 14:25 - 15:05 CEST
G104

Linux

Audience Experience Level Intermediate

14:25 CEST

What Have We Found in Git Repos? - Marta Rybczynska, Ygreky

Monday August 25, 2025 14:25 - 15:05 CEST

G102-103

Open source project repositories often expose more than developers intend - and not just the occasional leaked password. In many cases, careful analysis of public Git histories can uncover traces of vulnerabilities being fixed days or even weeks before an official security advisory is published.

In this talk, Marta will present findings from research into the repositories of several high-impact open source projects, revealing how fix commits often hint at upcoming security disclosures.

She will then share practical advice on how to reduce this kind of information leakage - helping maintainers better protect their projects and users from premature exposure.

Speakers

Marta Rybczynska

Technical Program Manager, Security Team, Eclipse Foundation/Ygreky

Marta Rybczynska has a network security background, with 20 years of experience in Open Source. She has worked with embedded operating systems like Linux and various real-time OSes, and with system libraries and frameworks up to user interfaces. She has been involved in various Open... Read More →

Monday August 25, 2025 14:25 - 15:05 CEST
G102-103

Linux

Audience Experience Level Any

14:25 CEST

Mind the Gap - A Developer's Roadmap To Building AI Agents - Ivan Pedrazas, Docker Inc.

Monday August 25, 2025 14:25 - 15:05 CEST

G109

This talk is about software developers' journey into AI Agent creation.

We'll explore the evolving toolkit, from specialized IDEs like Cursor and VS Code (with AI Agents extensions) to frameworks like LangChain and LlamaIndex that simplify complex workflows.

I'll share firsthand experiences comparing local development with models like Ollama, LM Studio and LLM Runner against production deployments using OpenAI and Anthropic APIs. We will explore how to consume MCP Servers to provide tools to our Agents.

We'll address critical decision points: when to use RAG versus fine-tuning, how testing differs from traditional software, and the unique debugging challenges of non-deterministic systems. Finally, we will look at the challenges of deploying AI Agents in production and what we can do as developers to minimise the risk.

Developers will leave with a clear understanding of the technical shifts required when building AI agents, available tools, and practical strategies for overcoming the most common obstacles in this rapidly evolving space.

Speakers

Ivan Pedrazas

Principal Engineer, Docker inc.

Ivan Pedrazas has been designing and building distributed systems for more than 20 years. In the last year, he’s been building developer tools that consume and provide AI capabilities, like AI agents, MCP Servers and LLM models.

Monday August 25, 2025 14:25 - 15:05 CEST
G109

Open Source 101

Audience Experience Level Intermediate

14:25 CEST

Driving the UN Digital Compact With Open Source - Sachiko Muto, RISE/OpenForum Europe

Monday August 25, 2025 14:25 - 15:05 CEST

Auditorium

Open Source Software (OSS) is increasingly recognized as a crucial enabler of the Sustainable Development Goals (SDGs) and digital transformation across the globe. Yet, adoption and contribution remain uneven, with certain regions and actors underrepresented, especially in the global south.

With initiatives such as the UN’s Digital Global Compact and Open Source Principles, there is growing momentum and an opportunity to better understand and measure OSS’s role in digital infrastructure and government strategies. As part of this effort, we are exploring the development of an Open Source Adoption Index, published annually to track adoption trends, highlight successes, and identify challenges faced by UN Member States.

The adoption index will be collaboratively designed through a series of geographically distributed workshops to collect dimensions relevant across various contexts and use cases. In this panel, attendees will be actively engaged, as part of this extensive co-design process, and be urged to provide thoughts and feedback to the panel of representatives from the UN, researchers and stakeholders.

Speakers

Sachiko Muto

Senior Researcher, RISE Research Institutes of Sweden

Monday August 25, 2025 14:25 - 15:05 CEST
Auditorium

Open Source Leadership

Audience Experience Level Intermediate

14:25 CEST

Open, Yet Secure: Rethinking Risk in the Age of Open Source - Avijit Biswas, IKEA IT AB

Monday August 25, 2025 14:25 - 15:05 CEST

G107

Open source is no longer just a developer’s playground—it’s the foundation of modern innovation. But as its influence grows, so do the challenges: security vulnerabilities, compliance concerns, and the risk of unchecked complexity.

At IKEA, we’ve reimagined open source not just as a collection of tools, but as a strategic engine for transformation. In this talk, I’ll share how we’ve integrated automation and AI across our Software Development Life Cycle (SDLC) to scale open-source adoption—safely, responsibly, and at speed.

This isn’t just about securing code. It’s about building trust. It’s about reducing friction. And ultimately, it’s about designing systems that are as resilient and collaborative as the communities that power them.

What you’ll learn:

• How to spot and address risks in open-source components

• Embedding automated security without slowing delivery

• Aligning compliance with innovation

• Real-world lessons from scaling secure OSS in enterprise environments

Join me to explore how smart automation can turn open source into a confident, competitive advantage.

Speakers

Avijit Biswas

Open Source SME, IKEA IT AB

I’m Avijit Biswas—known to most as Avi. I’m a passionate open-source professional and technology strategist with over 15 years of experience in digital transformation and secure software development. At IKEA, I co-lead initiatives like open-source strategy, secure software practices... Read More →

Monday August 25, 2025 14:25 - 15:05 CEST
G107

Operations Management

Audience Experience Level Intermediate

14:25 CEST

Establishing Zephyr RTOS in Corporate Environments: Strategies and Success Stories - Christian Schlotter, ZEISS

Monday August 25, 2025 14:25 - 15:05 CEST

D202

Switching from any RTOS to Zephyr represents a significant transition. Join us as we revisit our journey that led to the selection of Zephyr and explore our efforts to cultivate a vibrant Zephyr developer community within a large multinational corporation.

In this session, we will discuss:

• Strategies for creating a persuading case for Zephyr

• Techniques for motivating development teams to adopt Zephyr

• Initiatives that contributed to the creation of a thriving developer community

• Ways in which the Zephyr community's momentum can energize your projects

• Methods for building a pool of Zephyr talent for recruitment purposes

Attendees will gain insight into the essential steps required to successfully integrate Zephyr RTOS into a corporate environment and sustain its use over the long term.

Speakers

Christian Schlotter

Software Architect, ZEISS

Software Architect at Carl Zeiss Meditec AG, active member of queer ERG Proud@ZEISS 🏳️‍🌈, love nature, hiking and people 😀

Monday August 25, 2025 14:25 - 15:05 CEST
D202

Zephyr Developer Summit

Audience Experience Level Any

14:25 CEST

Rust Meets Zephyr: Building Safer Embedded Applications - Martin Mosler, Zühlke Engineering AG

Monday August 25, 2025 14:25 - 15:05 CEST

D203

Rust revolutionizes systems programming with safety, performance, and concurrency, while Zephyr OS excels in embedded systems with modularity and hardware support. How well do these two technologies work together?

In this talk, we’ll explore the benefits and challenges of developing applications in Rust on top of Zephyr OS. Through a live demo and code walkthrough, I will showcase how Rust’s safety guarantees can enhance embedded application development while leveraging Zephyr’s robust ecosystem.

Key questions addressed include:

• Why should you consider Rust for embedded development?

• How does Rust integrate with Zephyr’s C-based APIs?

• What limitations and tooling gaps should you be aware of?

• How can you get started with Rust on Zephyr today?

This session will provide practical insights from real-world experience, helping you evaluate whether Rust is the right choice for your next embedded project. Whether you’re an embedded developer or a Rustacean curious about RTOS environments, this talk will equip you with actionable knowledge to start your journey.

Speakers

Martin Mosler

Principal Embedded Software Consultant, Zühlke Engineering AG

Martin Mosler is a seasoned software engineer with expertise in developing secure embedded systems. With a background in Rust programming, he has firsthand experience implementing secure concurrent code and is passionate about sharing his knowledge with the community.

Monday August 25, 2025 14:25 - 15:05 CEST
D203

Zephyr Developer Summit

Audience Experience Level Any

14:35 CEST

BoF: Collaboration With Universities and Enterprises OSPO - Ana Jiménez Santamaría, Linux Foundation; Chris Hoeppler, Bosch Research; Leslie Hawthorn, Red Hat GmbH; Cornelius Schumacher, DB Systel GmbH; Ying Wang, ETH Züric; Clare Dillon, CURIOSS

Monday August 25, 2025 14:35 - 15:05 CEST

D204

Join the TODO Group and CURIOSS community for an interactive session where attendees can share use cases on how their organizations are investing in academic research. Explore best practices for transferring knowledge from academia and the research community.

We welcome open source managers, OSPO leaders, and other stakeholders from organizations and universities engaged in research or interested to learn more.

Speakers

Ana Jiménez Santamaría

Project Manager , Linux Foundation, Developer Relations Foundation

Chris Hoeppler

Senior Expert Open Source, Bosch Research

Chris is Open Source Officer at Bosch Research and member of Bosch's corporate Open Source Expert Team. Since joining Bosch Research a decade ago Chris has been working on a wide range of open source topics from compliance to strategy. Currently, he focuses on working with internal... Read More →

Leslie Hawthorn

Director - Industry Community Strategy, Red Hat GmbH

An internationally known strategist & engagement expert, Leslie Hawthorn has spent her career creating and enabling successful communities. She has driven open source strategy in Fortune 10 companies, pre-IPO startups, and Foundation Boards including roles at Red Hat, Google, the... Read More →

Cornelius Schumacher

Open Source Steward, DB Systel GmbH

Cornelius helps teams at Deutsche Bahn, the German railway company, to use and contribute to open source software. He has a background from more than two decades in the open source community and industry. Originally a software developer he now focus on management of open source.

Clare Dillon

CURIOSS Community Lead, CURIOSS

Clare Dillon is community lead for CURIOSS, a community for university & research institution OSPOs. Clare is also a researcher with Lero, the Science Foundation Ireland Research Centre for Software and a member of Lero's OSPO team. From 2021-2023, Clare served as the inaugural ED... Read More →

Ying Wang

Technology and licensing manager, ETH Züric

Ying holds a Ph.D. from the California Institute of Technology in geochemistry and a Juris Doctor from the Georgia State University College of Law, with a focus on Intellectual Property.

Monday August 25, 2025 14:35 - 15:05 CEST
D204

OSPOCon

Audience Experience Level Any

15:05 CEST

Coffee Break

Monday August 25, 2025 15:05 - 15:35 CEST

Special Events / Exhibits / Breaks

15:35 CEST

Managing Telco Infrastructure and Applications at Scale: An Open Source Approach - Kashif Khan, Ericsson

Monday August 25, 2025 15:35 - 16:15 CEST

Emerald Room

Telco infrastructure is rapidly evolving to adopt cloud-native paradigms, but operating Kubernetes in telecom-grade environments brings unique challenges—stringent SLAs, real-time performance, and complex hybrid infrastructure. At Ericsson, we've embraced the open source ecosystem to build scalable, resilient, and fully automated platforms tailored to telco needs. This talk presents our technical journey in managing large-scale infrastructure using Kubernetes, Cluster API, and multiple open-source providers—including Metal3 for bare metal provisioning and Cluster API Provider OpenStack (CAPO) for cloud-based workloads. We’ll demonstrate how we orchestrate heterogeneous environments, spanning bare metal and OpenStack-based compute, through a unified, declarative lifecycle approach. We’ll also cover observability and alerting using tools like Prometheus and more, as well as real-world strategies for zero-downtime upgrades, failure remediation, and long-term cluster maintenance—all aligned with demanding telecom-grade requirements like high availability and real-time traffic handling.

Speakers

Kashif Khan

Open Source Architect, Ericsson

Kashif Khan is a maintainer of the CNCF project Metal3.io for 5+ years. He works as an open source Architect and Product Owner for Ericsson Software Technology, Finland. He holds a PhD in Computer Science. Kashif is a research and open source enthusiast and his current area of interest... Read More →

Monday August 25, 2025 15:35 - 16:15 CEST
Emerald Room

Cloud & Containers

Audience Experience Level Intermediate

15:35 CEST

Zero-Touch SBOM Generation: Secure Your Build From the Inside Out - Kaushlendra Pratap Singh & Gaurav Mishra, Siemens

Monday August 25, 2025 15:35 - 16:15 CEST

G001-002

In the world of continuous delivery, speed is everything - but security and compliance often lag. Open-source developers and DevOps engineers face a key challenge: how do you ship fast and stay audit-ready?

With SBOMs becoming mandatory under various regulatory Acts, compliance is no longer optional. This talk shows how to proactively integrate open-source tooling into your pipelines—securely, automatically, and at scale.

We’ll discuss how to bring compliance into the early stages of the software development lifecycle—using open-source tools that enable zero-touch, high-quality SBOM generation. Powered by the battle-tested FOSSology toolchain, these solutions integrate seamlessly into your CI/CD pipelines, whether you’re using GitHub Actions or GitLab CI.

It automates:

• Dependency scanning in Python and Node.js projects

• License and copyright detection

• SPDX SBOM generation in JSON, YAML, RDF, or Tag formats

• Seamless CI-native package scanning on every pull request

Lightweight, Docker-based, and already on Docker Hub and GitHub Marketplace, this tool makes compliance and SBOM generation effortless.

Speakers

Kaushlendra Pratap Singh

Research Engineer, Siemens

Kaushlendra Pratap is a Research Professional at Siemens and a passionate advocate for open-source software. With nearly four years of experience in semantic web, license compliance, and machine learning, he has played a key role in contributing to and maintaining tools like FOSSology... Read More →

Gaurav Mishra

Research Engineer, Siemens

Gaurav Mishra, a Research Professional at Siemens, is a passionate advocate for open-source software. Leveraging his seven years of expertise in the domain of semantic web, license compliance and software architectures, he leads the SW360 & FOSSology organizations and drives inno... Read More →

Monday August 25, 2025 15:35 - 16:15 CEST
G001-002

Cloud & Containers

Audience Experience Level Beginner

15:35 CEST

Faster, More Reliable Identity & Access Management Using Verifiable Credentials - Heather Dahl, Indicio

Monday August 25, 2025 15:35 - 16:15 CEST

TBA

Identity and Access Management is a delicate balance of security and usability. Passwords are simple for a user to understand, but suffer from a lack of security and have a long history of being compromised. Passkeys and third party providers can add an additional layer of security, but tend to be more complex on the backend, and prone to technical errors, downtime, and a more frustrating user experience when things go wrong. What we need is a fast way to access accounts that is simple to use, easy to implement, and secure.

Verifiable Credentials offer a secure way to issue your users complete digital identities to be stored locally on their mobile device using a decentralized network. Once stored in this way, the credential can quickly be verified by anyone with the authentication software, and access can be granted with a simple scan of a QR code, no multifactor authentication required.

In this session we will discuss and show a demonstration of how APIs can quickly enable your existing applications to accept these credentials, and start providing a better user experience for your employees and customers.

Speakers

Heather Dahl

CEO, Indicio

Heather Dahl is CEO and co-founder of Indicio and has built the company into a global market leader in verifiable identity and data building on open-source decentralized identity technology. Under her leadership, Indicio is driving the adoption of faster, more secure digital identities... Read More →

Monday August 25, 2025 15:35 - 16:15 CEST
TBA

Digital Trust

Audience Experience Level Beginner

15:35 CEST

Graphic Testing Without Hardware: Discovering the Power of VKMS! - Louis Chauvet, Bootlin

Monday August 25, 2025 15:35 - 16:15 CEST

Elicium 1

As a userspace developer, creating graphical applications is a common task. While software and frameworks like Weston or Qt make it straightforward to display content on a screen, ensuring compatibility across various displays poses significant challenges. Users may have different screen sizes, resolutions, and capabilities, making comprehensive testing complex. How will your application perform on a small screen? What about an extremely large one? How does it react to displays being connected/disconnected? Moreover, if your application must run on diverse devices, how will it leverage or adapt to varying hardware capabilities?

VKMS addresses these challenges by enabling graphic testing without the need for physical hardware. VKMS is a Linux kernel DRM driver that allows you to emulate a wide range of display configurations on any device. This talk will introduce VKMS, highlight its current capabilities, demonstrate practical test examples, and provide details on additional features we are currently working on upstreaming into VKMS.

Speakers

Louis Chauvet

Kernel engineer, Bootlin

Louis Chauvet is a kernel engineer at Bootlin who specializes in graphics and display technologies.

Monday August 25, 2025 15:35 - 16:15 CEST
Elicium 1

Embedded Linux Conference

Audience Experience Level Beginner

15:35 CEST

Security in Large Scale Embedded Linux Projects - Martin Lang, BMW Car IT GmbH

Monday August 25, 2025 15:35 - 16:15 CEST

Elicium 2

Modern cars use a high integration architecture with a smaller amount of powerful Electronic Control Units (ECUs). They easily accommodate more than 150 different services and are developed by more than 1000 developers in dozens of companies across the world. Ensuring security in such an environment is a challenge in multiple dimensions: Attack surface, overall system complexity and communication.

In this talk, I want to share our insights from building three generations of Yocto-based infotainment systems. How do we ensure basics such as the least privilege principle and privilege separation? What is our approach to trusted computing with secure boot and dm-verity? What are our lessons learned to enable SELinux on this large scale? Which best-practices do we have so that the system can be developed, tested and debugged in a (security) configuration that is close to the final product?

Furthermore, I would like to give positive examples how a good open-source ecosystem can support our cause of building secure embedded Linux systems as well as some impulses which improvements could help us a lot.

Speakers

Martin Lang

Engineering Lead Infotainment Security, BMW Car IT GmbH

Martin studied computer science at RWTH Aachen University. He is interested in embedded systems, cybersecurity, math and open-source software. After a PhD in formal logic, he joined BMW Car IT in Ulm to work on security for infotainment systems as engineer and system architect. For... Read More →

Monday August 25, 2025 15:35 - 16:15 CEST
Elicium 2

Embedded Linux Conference

Audience Experience Level Intermediate

15:35 CEST

When Your Budget Laptop Needs a Custom Kernel: A Linux Troubleshooting Adventure - Andrei Pokhilko, Komodor

Monday August 25, 2025 15:35 - 16:15 CEST

G104

This talk chronicles my journey of troubleshooting a Linux kernel issue on a budget Intel GeminiLake-based Chinese mini-laptop. What began as a simple hardware purchase escalated into a two-month deep dive into the i915 GPU driver when the display mysteriously went blank during initialization.

I'll walk through the systematic troubleshooting approach: isolating the issue to the i915 driver, identifying the kernel configuration options triggering the problem, and developing a practical patch that bypasses problematic GPIO pin activation sequences. Along the way, I'll share surprising discoveries about hardware compatibility, kernel development complexity, and the limitations of AI tools when facing real-world Linux challenges.

This presentation is designed for Linux enthusiasts and IT professionals curious about kernel troubleshooting. Attendees will leave with practical knowledge about GPU driver internals, confidence that such issues are solvable without specialized expertise, and inspiration to tackle their own hardware compatibility challenges.

Speakers

Andrei Pokhilko

Open Source Dev Lead, Komodor

Andrei is the Open Source Dev Leader at Komodor, a startup building the next-gen troubleshooting platform for Kubernetes. Over 20 years of experience in the dev space, Andrei is known as the founder of multiple successful Open Source projects, such as JMeter-Plugins.org, Helm Dashboard... Read More →

Monday August 25, 2025 15:35 - 16:15 CEST
G104

Linux

Audience Experience Level Intermediate

15:35 CEST

Between Building and Testing Your Linux Driver - Krzysztof Kozlowski, Linaro

Monday August 25, 2025 15:35 - 16:15 CEST

G109

Linux kernel code (and any C project in general) can greatly benefit from several static code analyzers. Let's dive into open and free (as in free beer as well) tools for static code analysis used in the Linux kernel, because there is more than one tool

The session will describe in detail how to check your Linux kernel code around build time to improve the code quality.

Many techniques will be applicable to other projects, but session focuses on the Linux kernel due to its own build process.

Speakers

Krzysztof Kozlowski

Linux Kernel Maintainer , Linaro

Krzysztof Kozlowski is an active Linux Kernel developer, working currently for Linaro. Krzysztof maintains several upstream kernel subsystems: Devicetree bindings (as a co-maintainer with Rob and Conor), Memory controller drivers, NFC subsystem with drivers, and Samsung Exynos SoC... Read More →

Monday August 25, 2025 15:35 - 16:15 CEST
G109

Open Source 101

Audience Experience Level Any

15:35 CEST

Of Queens and Other Benevolent Dictators – the Role of Succession Planning in Open Source Community - Aeva Black, Independent & Hazel Weakly, Nivenly Foundation

Monday August 25, 2025 15:35 - 16:15 CEST

Auditorium

Several high-profile incidents have raised global awareness that single-maintainer projects can become single points of global risk. However, a similar risk exists among established and mature projects – the attrition of a small “core” group of maintainers can be just as damaging to downstream dependencies.

Today, many established projects are facing significant maintainer attrition while vibrant and younger communities have formed around derivatives and forks. Meanwhile, entire new ecosystems have emerged and become characterized by generational divides.

Why is this happening, and what can you do to prepare to pass the mantle of project leadership?

We will discuss factors contributing to a rising participation barrier, then explore strategies for community growth and educate policymakers on ways to support the longevity and security of mid- and large-sized open source projects.

Speakers

Aeva Black

Distinguished Technology Advisor, Independent

Aeva Black is a distinguished technology advisor focused on the secure and sustainable development of free and open source software. With a 25-year career across roles in the public sector, private sector, and at non-profits, Ms. Black has presented at international forums, led large... Read More →

Hazel Weakly

Fellow, Nivenly Foundation

Hazel spends her days working on building out teams of humans as well as the infrastructure, systems, and tooling to make life better for others. She’s worked at a variety of companies and knows that the hardest problems to solve are the social ones. One of her favorite things is... Read More →

Monday August 25, 2025 15:35 - 16:15 CEST
Auditorium

Open Source Leadership

Audience Experience Level Any

15:35 CEST

The Chain of Command: Building Trust Across Public Sector Software Pipelines - John Kjell, ControlPlane

Monday August 25, 2025 15:35 - 16:15 CEST

G105

The CNCF’s Cloud Native Public Sector User Group, founded in 2023, aims to advance cloud-native best practices within the public sector, with a focus on improving workflows and supply chain security.

Public sector organizations face unique and evolving challenges that complicate software supply chain security. These include the absence of standardized practices for what software can enter isolated networks, no shared root of trust, and a lack of frameworks for integrating public and private attestations. There's also no guidance for using shared, non-public infrastructure—hindering trust and automation.

This talk, based on learnings from the groups recent publications, explores how public sector consumers can receive trusted attestations that prove origin, integrity, and authorship—across companies, networks, and government entities. It also asks: what’s the minimum assurance needed for trust, and how do we balance stringent requirements without sidelining small suppliers?

Key Takeaways:

• Current challenges in public sector supply chain security

• Emerging needs for trust, attestations, and integration

• Ideas for equitable, scalable solutions across supplier sizes

Speakers

John Kjell

Principal Consultant, ControlPlane

Monday August 25, 2025 15:35 - 16:15 CEST
G105

OpenGovCon

Audience Experience Level Beginner

15:35 CEST

Centralized Approach To Implement OSS Compliance Program for Various Software Products - Venugopal Baswaraju, Sony India Software Centre & Anupama Sobhana, Sony India Software Centre

Monday August 25, 2025 15:35 - 16:15 CEST

G107

Sony Semiconductor Solutions(hereafter "SSS"), a subsidiary of Sony Group Corporation, is developing a device solution business centered on image sensors.

In this talk, we share our experience on how open-source-support team works with various product dev teams to ensure license compliance. SSS deals with many software products( from embedded firmware to cloud-based-solutions). To ensure license compliance, SSS created a dedicated open-source support team(part of OSPO) in Sony India Software Centre.

We showcase our streamlined license-clearance-workflow which has helped us to serve >250 license clearance requests for many product teams. You will get insights on how a centralized team of license experts augment product dev teams with licensing knowledge, suggestions for source code modifications, report generation, standards adoption SPDX SBOM. We also share the details about the tools we use for clearance. Towards the end of the talk, we share some benefits of a centralized team of experts (seamless sharing of licensing knowledge between experts, consistent quality of output,etc). As an effect, by unblocking License Compliance we have reduced the time to release for Product Teams.

Speakers

Venugopal Baswaraju

Program Manager, Sony India Software Centre, Sony India Software Centre

Venugopal Baswaraju is the Program Manager managing the OSS Compliance Program since its inception in 2022. In Sony Group, he has extensive experience in areas like product development, standards, certification and OSS compliance. He leads the strategy and execution of various technical... Read More →

Anupama Sobhana

Lead Software engineer, Sony India Software Centre

Anupama is an OSS License Compliance Lead and software engineer. She has extensive experience in Ubuntu/Debian based distribution management. She has extensive experience leading a team of License Clearance experts and cares deeply about the value of collaboration with open-source... Read More →

Monday August 25, 2025 15:35 - 16:15 CEST
G107

Operations Management

Audience Experience Level Beginner

15:35 CEST

Panel Discussion: Open Source & AI: Where OSPOs Make It Work - Ana Jiménez Santamaría, Linux Foundation, Developer Relations Foundation; David Peter Hirsch, Dynatrace; Natali Vlatko, Cisco; Ashley Wolf, GitHub; Richard Bian, Ant Group; Alexios Zavras, Int

Monday August 25, 2025 15:35 - 16:15 CEST

D204

As organizations race to integrate AI into their infrastructure, products, and processes, they face a shared set of challenges, ranging from data fragmentation, ethical governance, to cost management and sustainability. What’s often overlooked in these conversations is the essential role of open source: the AI technology stack today is built upon thousands of open source projects and frameworks, as well as some not-so open source offerings. Yet, many organizations still lack a coordinated strategy for engaging with and contributing to this foundational ecosystem.

This BoF session aims to provide a collaborative space for OSPO teams, platform architects, AI engineers, compliance professionals, etc to come together and explore how open source management talent helps organizations navigate AI adoption, and creation, sustainably and effectively. An open floor to exchange experiences and identify issues such as:

- Interface with legal and compliance teams

- New standards related to AI models and infrastructure, such as model cards, etc

- Balancing OSS transparency with Responsible AI development

- Do AI communities differ from traditional OSS communities, and how to approach them

Speakers

David Hirsch

Open Ecosystem Lead, Dynatrace

David is the OSPO Manager at Dynatrace, driving open-source strategy, governance, and security. He works with engineering teams to grow adoption and communities for projects like Keptn, OpenFeature, and OpenTelemetry. With 10+ years in cloud-native and open source, he builds industry... Read More →

Richard Sikang Bian

Head of Open Source , Ant Group

Richard Bian (Chinese: 边思康) led Ant Group Open Source initiative from day 1 and developed the initiative from a single person effort to a cross-functional Open Source Program Office (OSPO) team covering governance, strategy, developer experience, product development, growth... Read More →

Ana Jiménez Santamaría

Project Manager , Linux Foundation, Developer Relations Foundation

Natali Vlatko

Open Source Lead Architect, Cisco

Natali Vlatko (she/her) is an Open Source Lead Architect at Cisco, specializing in open software, policy, and governance. She is a SIG Docs Co-Chair for Kubernetes and a member of the TODO Group Steering Committee. She plays on the fun computer in her spare time. Her academic background... Read More →

Ashley Wolf

Director, Open Source Programs, GitHub

Ashley Wolf is the Director of Open Source Programs at GitHub. She runs initiatives and programs to empower developers to be successful with open source. She is also passionate about helping companies participate in the open source community. Prior to joining GitHub, Ashley led the... Read More →

Alexios Zavras

Chief Open Source Compliance Officer, Intel

Alexios Zavras is the Chief Open Source Compliance Officer of Intel Corporation. He has been involved with Software Bill of Materials and SPDX since 2011. Alexios has 40 years of experience in Free and Open Source Software and holds a PhD in Computer Science after having studied in... Read More →

Sachin Bhakar

Open Source Strategist, Shell

Sachin is responsible for designing the Open Source & AI strategy for the CSDI at Shell. He dons two hats as he has a degree in law & engineering, he has previously held positions such as Open Source counsel, Evangelist & IP analyst with HPE, HERE Technologies & Honeywell respectively... Read More →

Monday August 25, 2025 15:35 - 16:15 CEST
D204

OSPOCon

Audience Experience Level Intermediate

15:35 CEST

Confirming Safety of IAM Specifications and Their OSS Implementations: Keycloak as a Case Study - Takashi Norimatsu, Hitachi, Ltd.

Monday August 25, 2025 15:35 - 16:15 CEST

G106

To securely deploy an identity and access management product implementing authentication & authorisation specifications like OpenID Connect 1.0 and OAuth 2.0 respectively, we need to ensure that the specifications are safe, the product correctly implements the specifications, and the product does not contain any vulnerabilities specific to the specifications. Methods for checking these points are formal analysis, conformance testing, and vulnerability testing, respectively. However, developers are not usually familiar with them. Based on the speaker’s investigation on academic research, the speaker describes them in a straightforward way.

The speaker is a maintainer of Keycloak, identity and access management open source software, CNCF incubating project. Therefore, the speaker will use Keycloak as a case study and explain how the specifications that Keycloak implements are verified to be secure and how Keycloak is verified to be compliant with the specifications.

The audience could gain insight into how to ensure that the identity and access management product they use or develop is secure.

Speakers

Takashi Norimatsu

OSS Specialist, Hitachi, Ltd.

Takashi Norimatsu, Doctor of Philosophy (PhD) in Engineering, Senior OSS Specialist, Hitachi, Ltd. is a maintainer of Keycloak, IAM OSS and CNCF project. He has been implemented and contributed security features like Financial-grade API (FAPI) security profiles, W3C WebAuthn/Passkey... Read More →

Monday August 25, 2025 15:35 - 16:15 CEST
G106

Standards & Specifications

Audience Experience Level Intermediate

15:35 CEST

Machine Learning on Microcontrollers With Zephyr and Emlearn - Jon Nordby, Soundsensing

Monday August 25, 2025 15:35 - 16:15 CEST

D202

Modern Machine Learning makes it possible to automatically extract valuable information from sensor data, and it has become feasible to deploy ML systems to low-cost embedded devices and sensors. This niche is often referred to as "TinyML", and is enabling a range of new applications in consumer electronics, science and industry.

emlearn is an open-source project for deploying Machine Learning models to any device with a C99 compiler. It provides a Python library for converting models made with scikit-learn or Keras to efficient C code. The library has been used for many applications across a range of sensor modes, such as audio, vibration, power-line, radar, et.c.

Zephyr RTOS is a comprehensive open-source operating system that runs on a wide range of microcontrollers. The support for low-power operation, communication protocols, and standardized "sensors" API makes it a very attractive platform for TinyML applications.

In this presentation, we introduce the emlearn project, and show how it can be used together with Zephyr. We will cover the key features and tools that the library provides, and demonstrate how to perform practical Machine Learning tasks.

Speakers

Jon Nordby

Head of Data Science, Soundsensing

Jon is a Machine Learning Engineer specialized in IoT systems,

Monday August 25, 2025 15:35 - 16:15 CEST
D202

Zephyr Developer Summit

Audience Experience Level Any

15:35 CEST

ZMS a New Lightweight Storage System - Riadh Ghaddab, Baylibre

Monday August 25, 2025 15:35 - 16:15 CEST

D203

Zephyr Memory Storage is a new key-value storage system that is designed to work with all types of non-volatile storage technologies. It supports classical on-chip NOR flash as well as new technologies like RRAM and MRAM that do not require a separate erase operation at all, that is, data on these types of devices can be overwritten directly at any time.

We will explore during this session the new functionalities introduced by this new storage system as well as the upcoming enhancements.

Speakers

Riadh Ghaddab

Senior Software Engineer, Baylibre

Riadh Ghaddab is a Senior Software Engineer currently working at Baylibre.

Monday August 25, 2025 15:35 - 16:15 CEST
D203

Zephyr Developer Summit

Audience Experience Level Any

15:35 CEST

My First Kernel Driver Workshop - Hans de Goede, Red Hat

Monday August 25, 2025 15:35 - 17:10 CEST

G102-103

Attendees will be given an USB (ch341t) to qwiic converter + a qwiic sht40 temperature/humidity sensor.

A github repo with preparation instructions + a ready-to-build driver to instantiate an i2c-device/-client for the sensor will be provided.

The goal of the workshop is for attendees to write their own (very simple) kernel driver for the sensor offering sysfs attributes providing temperature and humidity readings. Example code snippets of a skeleton i2c-driver and example communication code will be provided to make it possible to write a simple driver in 2 hours.

Attendees will be expected to know the C-programming language at an intermediate (or better) level.

Speakers

Hans de Goede

Principal Software Engineer, Red Hat

Hans de Goede is a FOSS developer and enthusiast with 20 years of experience. He is a maintainer for the kernel’s x86 platform drivers subsystem.

Monday August 25, 2025 15:35 - 17:10 CEST
G102-103

Linux

Audience Experience Level Any

16:30 CEST

Know Your Crypto: Standardizing and Detecting Crypto Algorithms the Open Source Way - Matias Daloia, SCANOSS

Monday August 25, 2025 16:30 - 16:45 CEST

G106

Regulatory pressures, quantum computing threats or security breaches in complex supply chains have elevated cryptographic algorithm management to unprecedented importance. Understanding which crypto algorithms your software includes, and the implications for downstream users, is increasingly valued by developers and organizations. Several open source initiatives are now emerging to make cryptographic algorithm detection and declaration universal, enhancing the existing Bill of Materials (xBOM) generation.

This presentation explores some of those emerging initiatives, putting focus in two of the most promising ones:

* SPDX Crypto Algorithms List (https://github.com/spdx/crypto-algorithms): This aims to standardize crypto algorithm declaration.

* Open Dataset for Keyword-Based Detection (https://github.com/scanoss/crypto_algorithms_open_dataset): open dataset for detecting crypto algorithms via keywords, useful for automated scanning.

After a short demo of a simple PoC on how to implement them, the talk will cover the background behind these efforts, the latest news and plans, their relevance for security and transparency, and how participants can use and contribute to them.

Speakers

Matias Daloia

Software Engineer, SCANOSS

Matias was born and studied in Argentina, were he got his degree before moving to the southeast part of Spain, where he currently lives with his family. Matias enjoys developing open source software, leading some of the SCANOSS SCA tools and back-end integration development

Monday August 25, 2025 16:30 - 16:45 CEST
G106

Standards & Specifications

Audience Experience Level Beginner

16:30 CEST

Building Europe's Cloud Future: NeoNephos' Platform Mesh - Mirza Kopic, SAP SE & Marvin Beckers, Kubermatic

Monday August 25, 2025 16:30 - 17:10 CEST

Emerald Room

The open source Platform Mesh project, is part of an open reference architecture for building a multi-provider cloud-edge continuum that should span the European continent. Some of the central questions the project wants to answer are: How can the different service offerings across a wide array of providers be unified? How can they communicate in a common language?

We discuss how a combination of Cloud Native building blocks (kcp and kube-bind, among others) is used to create the foundation for the next generation of cloud platforms. We demonstrate a prototype which meshes together Kubernetes-like APIs that allows us to consume services across multiple control plane instances, instantiating what we call the “Platform Mesh”. Platform Mesh is a project in the newly founded Linux Foundation sub-foundation, NeoNephos, originating from the ApeiroRA initiative.

This talk is for operators of cloud service providers and internal developer platforms (IDPs), giving them an outlook at a technology that unifies both worlds and creates a standard to consume services from (nearly) everywhere.

Speakers

Mirza Kopic

Principal Software Engineer and Lead Architect, SAP SE

Mirza Kopic is a Principal Engineer and Lead Architect with ApeiroRA Platform Mesh project. Previously Mirza has worked in many different roles, including managing global analytics teams, working with Machine Learning teams and leading diverse projects in the that involve kubernetes... Read More →

Marvin Beckers

Team Lead, Kubermatic

Marvin is a team lead and senior software engineer at Kubermatic, maintainer for the kcp project and CNCF Ambassador. He started out as a Linux sysadmin, and found himself gradually turning into a software engineer while automating Kubernetes cluster operations. He has been working... Read More →

Monday August 25, 2025 16:30 - 17:10 CEST
Emerald Room

Cloud & Containers

Audience Experience Level Beginner

16:30 CEST

From Chaos To Clarity: Building Observability-First Mindsets in African Engineering Teams - Omolade Akinwumi, Max

Monday August 25, 2025 16:30 - 17:10 CEST

G001-002

In this session, I’ll walk through the journey of introducing observability practices in fast-moving, resource-constrained engineering teams—particularly in Africa, where open-source tooling plays a vital role in production environments. I’ll share the common cultural and technical roadblocks I’ve faced while helping teams shift from reactive firefighting to proactive monitoring and performance tuning.

We'll explore how open-source tools like Prometheus, Grafana, and OpenTelemetry were deployed to bridge observability gaps, how we democratized metrics across dev, infra, and support teams, and what lessons can be applied globally to build resilient systems in under-documented regions. Whether you’re an SRE, DevOps, or developer, this talk will provide insights into how to champion observability where there’s little buy-in and how to scale it organically from the ground up.

Speakers

Omolade Akinwumi

DevOps Engineer, Max

Omolade Akinwumi is a DevOps Engineer passionate about driving observability-first culture within resource-constrained teams. Her work centers around open-source tooling, performance tuning, and empowering teams to move from reactive to proactive operations. As a woman in tech, she’s... Read More →

Monday August 25, 2025 16:30 - 17:10 CEST
G001-002

Cloud & Containers

Audience Experience Level Beginner

16:30 CEST

End of Life of Software: Can Expired Milk Become a Security Breach? - José Carlos Chávez & Archita Aparichita, Okta Identity

Monday August 25, 2025 16:30 - 17:10 CEST

TBA

Would you drink milk past its expiration date? Probably not—because you know it could make you sick. Yet, many organizations keep using software long past its End-of-Life (EOL) date, exposing themselves to security breaches, compliance failures, and operational breakdowns. Just like spoiled food, outdated software can have hidden dangers that aren’t always visible—until it’s too late.

In this talk, we’ll explore:

- What happens when software expires? (Like food, software deteriorates over time)

- The hidden risks of EOL software (Security vulnerabilities = the mold you don’t see)

- Why do businesses ‘keep’ expired software (Cost? Inconvenience? Same reason some people keep old condiments!)

- Best practices for a healthy eating (Regular upgrades, patching, and a strong tech lifecycle strategy) based on our experience managing a EoL Software at Okta.

- Case studies of organizations that ‘got food poisoning’ (Real-world consequences of ignoring EOL software)

Speakers

José Carlos Chávez

Security Software Engineer at Okta, Okta

José Carlos Chávez is a Security Software Engineer at Okta, an OWASP Coraza co-leader and a Mathematics student at the University of Barcelona. He enjoys working in Security, compiling to WASM, designing APIs and building distributed systems. While not working with code, you can... Read More →

Archita Aparichita

Security Engineering Manager, Okta Identity

Security professional with a focus on application security and DevSecOps. Previously a bug bounty hunter, been transitioned to exploring platform security.

Monday August 25, 2025 16:30 - 17:10 CEST
TBA

Digital Trust

Audience Experience Level Beginner

16:30 CEST

ESSTRA: A Software Suite To Enhance Software Transparency and Traceability in Software Supply Chain - Takuya Namae, Sony Group Corporation

Monday August 25, 2025 16:30 - 17:10 CEST

Elicium 1

When you use OSS, do you want to know which source files are compiled and included in the binaries? Project ESSTRA (https://github.com/sony/esstra) is a tool that collects a list of source files while compiling your software and embeds the data into the binaries.

Recently, the importance of using SBOMs has been increasing, and there is a growing demand for improved transparency and traceability in the software supply chain from the perspectives of vulnerability management and OSS license compliance. However, it is difficult to trace the details of which files are included in the binaries used in your product or service, and which OSS licenses to comply with based on this data.

To solve this issue, Sony has developed ESSTRA. It is available now as open source itself, and includes both a GCC plugin to record source files during a build and embed it into resulting binaries, as well as a tool to manage the information.

ESSTRA is already supported by Binary Analysis Next Generation (BANG) tool.

Attendees of this session will learn how to use ESSTRA and take the first steps to improve the transparency and traceability of your project's software.

Speakers

Takuya NAMAE

Open Source Compliance Tooling Lead, Sony Group Corporation

Takuya NAMAE is an Open Source Compliance Tooling Lead and Software Engineer in Sony Group Corporation. He works on OSS license compliance of Linux-based system software for various Sony products. He also leads the development of tools and workflows to efficiently carry out the continuous... Read More →

Monday August 25, 2025 16:30 - 17:10 CEST
Elicium 1

Embedded Linux Conference

Audience Experience Level Any

16:30 CEST

Remote Core Power Management in AMP Systems - Akashdeep Kaur, Hari Nagalla & Kendall Willis, Texas Instruments

Monday August 25, 2025 16:30 - 17:10 CEST

Elicium 2

Power management in heterogeneous SoCs with multiple asymmetric multi processing cores running different operating systems needs a coordinated approach to attain SoC level low power states.

In order to choose a suspend to RAM mode, requirements from applications running on co-processors need to be communicated and honored.

This talk shall cover how the Linux remoteproc driver should implement the system suspend resume functions that will coordinate with firmware running on a remote core during suspend and resume of the system.

This talk will give attendees the understanding of what it takes for a heterogeneous SoC to leverage the remoteproc subsystem to implement graceful suspend and resume of remote cores.

We shall also look at the existing state of remoteproc driver in kernel, areas of improvements and optimization, and blockers we are facing in upstreaming suspend resume functionality in the TI’s remoteproc driver.

Speakers

Akashdeep Kaur

Software Engineer, TEXAS INSTRUMENTS

Akashdeep Kaur is lead embedded engineer in Texas instruments. She mainly works in power management firmware that involves security and device management to handle low power sequences.

Hari Nagalla

Staff Software Engineer, Texas Instruments Inc.

Embedded software engineer at Texas Instruments Inc.

Kendall Willis

Software Engineer, Texas Instruments

Kendall Willis is an Embedded Software Engineer working at Texas Instruments. She primarily focuses on power management in ARM SoCs by enabling various low power modes in the Linux kernel.

Monday August 25, 2025 16:30 - 17:10 CEST
Elicium 2

Embedded Linux Conference

Audience Experience Level Intermediate

16:30 CEST

Upstream LTS Component for Product Delivery - Michael Nazzareno Trimarchi, Amarula

Monday August 25, 2025 16:30 - 17:10 CEST

D201

Transitioning product delivery to upstream Long-Term Support (LTS) components (Linux, U-Boot, Buildroot) presents significant advantages, yet poses challenges. This presentation details a company's experience moving from vendor-specific solutions to upstream, emphasizing the process, hurdles, and ensuing benefits. We explore the strategic shift, highlighting the initial complexities of adapting to upstream workflows. Notably, we analyze the impact on platform maintenance, demonstrating a substantial reduction in time and resources required for updates. By leveraging community-driven LTS releases, the product's security and stability were enhanced, streamlining the delivery pipeline. This analysis underscores the efficacy of upstream adoption in fostering sustainable, efficient product lifecycles, and reducing the overhead associated with maintaining an up-to-date embedded platform.

Speakers

Michael Nazzareno Trimarchi

Software Engineer, Amarula

I'm a Linux Software Engineer specializing on both Linux based and custom embedded and RT systems with a keen interest in mobile technology. After receiving his Master Degree in Software Engineering from Pisa University in 2000, I have started working on Embedded system and research... Read More →

Monday August 25, 2025 16:30 - 17:10 CEST
D201

Embedded Linux Conference

Audience Experience Level Beginner

16:30 CEST

Guiding Newcomers: A Mentor’s Journey Through Linux Kernel Development - Daniel Baluta, NXP Semiconductors

Monday August 25, 2025 16:30 - 17:10 CEST

G109

Helping newcomers step into the Linux kernel community is not an easy task, but

with the right mentorship it becomes a transformative journey for both the mentor and the

the mentee.

This talk shares lessons from over a decade of hands-on mentoring experience, helping students

grow from their first patch to becoming meaningful contributors.

This presentation focuses on real world examples from subsystems like IIO, ALSA and device tree

bindings and explains the practical steps to get beginners started. Each steps is important:

from selecting the appropriate tasks and hardware platfroms, to explaining kernel workflows

and mailing list culture.

Attendees will gain practical guidance on building effective mentorship practices, learning

how to support newcomers as they evolve from learners to contributors. Also, this presentation

is valuable for newcomers looking to take their first step into kernel development, offering

a clear view of the journey ahead and how to access mentoring programs like Outreachy Program for Women

or Google Summer of Code.

Speakers

Daniel Baluta

Software Engineer, NXP Semiconductors

Daniel works at NXP in Romania hacking on Linux kernel audio drivers for i.MX boards. He is a teaching assistant for Operating System Internals class at University POLITEHNICA in Bucharest and very passionate about helping newcomers to the Linux kernel world while being a mentor for... Read More →

Monday August 25, 2025 16:30 - 17:10 CEST
G109

Open Source 101

Audience Experience Level Any

16:30 CEST

Private To Open Source Through InnerSource: IKEA's Journey To Open Source - Shanmugapriya Manoharan & Supriya Chitale, IKEA

Monday August 25, 2025 16:30 - 17:10 CEST

Auditorium

Launching an open source initiative within a company is more than just publishing source code. It involves shift in mindset to foster a culture of openness, gaining support from leadership, establishing governance policy and infrastructure to facilitate it. In this talk, we will share how our OSPO enabled teams to take their first steps to open source, from internal advocacy to successfully publishing their repositories. We will dive into the key challenges like promoting a collaborative-development mindset, leadership buy-in and bringing enablement teams together to set up necessary process ensuring security. We will share the strategies that worked - teaming up with the right pilot team, building InnerSource maturity internally, recognizing contributors and maintainers of open source and innersource projects, gaining support from the leadership, conducting events like InnerSource hackathon to spread awareness about reuse and co-creation. Whether you are looking to start an open source initiative in your organization or to improve existing processes, this talk will give you insights on innovative strategies that worked for us and that can be leveraged by other organizations too.

Speakers

Supriya Chitale

Open Source Program Office Manager, IKEA

Supriya Chitale is currently working at IKEA as Open Source Program Office Manager. She has 20 years experience in software industry with specialization in topics related to Open Source and InnerSource. She is a parent to a teenager and in her free time, she loves to travel and learn... Read More →

Shanmugapriya Manoharan

Open Source Engineering Advisor, IKEA IT AB

Shanmugapriya is an Open Source & InnerSource SME, working as Engineering Advisor at OSPO, IKEA IT AB. She has 15+ years of experience in driving initiatives and projects including Open Source and InnerSource projects, while working in organizations like HPE and Dell Technologies... Read More →

Monday August 25, 2025 16:30 - 17:10 CEST
Auditorium

Open Source Leadership

Audience Experience Level Intermediate

16:30 CEST

Prepare for the CRA: Open Source Governance in the Age of Cyber Resilience - Andrew Martin, ControlPlane

Monday August 25, 2025 16:30 - 17:10 CEST

G105

The Cyber Resilience Act’s implementation deadline is 2027, but most organisations are reporting their current unreadiness. In this panel we lay bare the responsibilities individuals, maintainers, and foundations are required to conform to through four varying lenses: the CEO of open source foundation OpenUK; CTO of open source supply chain firm Kursai; OSPO PM for security multinational Sonatype; and CEO of open source security consultants ControlPlane. They hold current and previous security and open source leadership positions across The Linux Foundation, Canonical, OpenSSF, CNCF, FINOS, and OpenUK, and have been working on CRA responses and accountability since 2022.

Join us to discuss community responses to compliance, the Linux Foundation’s approach to self-attestation, and strategies for preparing your organisation's response to the impending legislation.

Speakers

Andrew Martin

CEO, ControlPlane

Andrew has an incisive security engineering ethos gained building and destroying high-traffic web applications. Proficient in systems development, testing, and operations, he is at his happiest profiling and securing every tier of a cloud native system, and has battle-hardened experience... Read More →

Monday August 25, 2025 16:30 - 17:10 CEST
G105

OpenGovCon

Audience Experience Level Beginner

16:30 CEST

Streamlining Open-Source License Compliance With the Continuous Clearing Tool - Amrit Kumar Verma & Dearsh Oberoi, Siemens

Monday August 25, 2025 16:30 - 17:10 CEST

G107

We present Continuous Clearing (CA) Tool, an open-source solution designed to automate & accelerate the license clearing of OSS components. This tool streamlines the identification & license compliance of 3rd party OSS components within various projects, including those using NPM, NuGet, Maven, Python, Alpine & Debian. It ensures that orgs. maintain a SBOM for all builds within the DevOps pipeline. It is designed with 3 different modules:

1. Package Identifier: This module accepts a package file or BOM as input & produces a SBOM file as output. It classifies each dependency type & incorporates into the output SBOM.

2. SW360 Package Creator: Utilizing the SBOM from the package identifier, this module identifies & creates any missing components or releases in SW360. Then associates components with the relevant project in SW360 & triggers the upload to FOSSology & automatically updates the clearing state in SW360. It also offers an option to exclude dev dependencies, if they are not relevant for compliance.

3. Artifactory Uploader: This final module takes the updated BOM & uploads components tagged as "Report approved" clearing state to the JFrog artifactory.

Speakers

Dearsh Oberoi

Research Engineer, Siemens

Open source contributor and Research Engineer at Siemens, passionate about fostering inclusive communities. Active contributor at SW60 and LicenseDB. Focused on license management and SBOMs.

Amrit Kumar Verma

Research Engineer, SIEMENS

Research Professional | Open-Source Contributor | Mentor

Monday August 25, 2025 16:30 - 17:10 CEST
G107

Operations Management

Audience Experience Level Any

16:30 CEST

DevRel Foundation Ask Me Anything Session

Monday August 25, 2025 16:30 - 17:10 CEST

G104

The DevRel Foundation is a vendor-neutral initiative aimed at building shared understanding, resources, and best practices to elevate the professional practices of developer relations across industries. In response to recent challenges, including industry layoffs and the evolving landscape of DevRel roles, the foundation has established working groups to tackle pressing issues such as metrics and reporting, career support, and resource aggregation. This session offers attendees the opportunity to connect with thought leaders in the DevRel Foundation community, engage in discussions about current challenges, and explore ways to get involved in shaping the future of the developer relation foundation. Key questions to explore include: What strategies can showcase the return on investment of DevRel initiatives to stakeholders? What skills are becoming important in the evolving DevRel landscape, and how can professionals acquire them? How can engaging with the DevRel Foundation’s working groups enhance your career?

The final output will result in a report capturing the roundtable's insights and recommendations authored by the attendees, hosted under Developer Relations' Foundation GH organization under CC-BY 4.0.

Speakers

Divya Mohan

Senior Systems Administrator, HSBC

Middleware engineer with HSBC, Cloud, Serverless, and Chaos Engineering fangirl. Troubleshooting and Fixing broken systems are my favorite brands of poison.

Ana Jiménez Santamaría

Project Manager , Linux Foundation, Developer Relations Foundation

Stacey Kruczek

Marcos Placona

Monday August 25, 2025 16:30 - 17:10 CEST
G104

Wildcard

16:30 CEST

Boosting Product Development With the Zephyr RTOS – a Critical Reflection - Moritz Marquardt, Carl Zeiss AG & Stephan Linz, Navimatix GmbH

Monday August 25, 2025 16:30 - 17:10 CEST

D202

In the fast-paced realm of embedded systems, rapid product development is essential for market success. Being quick by not having to rewrite code for solved problems was therefore the most interesting promise of Zephyr RTOS when we used for a product prototype of an optical instrument. We'd now like to share what we learned in this context, how exactly Zephyr helped here - especially in the prototyping phase - as well as where it doesn't.

Emphasizing the need for a reassessment of development processes, we’ll discuss the importance of engaging with the Zephyr community and actively participating in the project. Training developers on Zephyr’s functionalities is crucial for maximizing its potential.

The goal is to provide insights into using Zephyr RTOS for efficient product development and encourage well-prepared initiatives, by showing how Zephyr lets one accelerate development while maintaining quality early on.

Speakers

Moritz Marquardt

Firmware Engineer, Carl Zeiss AG

Moritz Marquardt has been a firmware engineer at ZEISS Corporate Research & Technology in Jena since 2022, following the completion of his M.Sc. in Computer Engineering at Otto-von-Guericke University Magdeburg. He specializes in the application of embedded operating systems, with... Read More →

Stephan Linz

FOSS Technology Expert, Zephyr & Linux Devicetree, Similarities and Differences – Practical Guide To Boards, Shields and Con - Stephan Linz,

With 25 years of hardware-related software development using only freely available technologies for scientific instrumentation, industry, medical devices, automotive, I have seen many frameworks and tools for Linux and deeply embedded systems. Since 2016, this has also included Zephyr... Read More →

Monday August 25, 2025 16:30 - 17:10 CEST
D202

Zephyr Developer Summit

Audience Experience Level Beginner

16:30 CEST

Video4Zephyr: From Basic APIs Towards a Full-fledged Video Subsystem - Phi Bang Nguyen, NXP Semiconductors

Monday August 25, 2025 16:30 - 17:10 CEST

D203

Originally introduced in 2019, the Video4Zephyr (v4z) APIs provided a foundational interface for interacting with video devices in Zephyr. However, with minimal changes over the years, their limitations have become apparent—especially as video hardware grows more complex and camera-based applications become increasingly demanding.

This talk presents the current status of v4z, hightlighting recent improvements as well as sharing ongoing and upcomming works which turns the v4z from a simple driver API into a robust video subsystem. We’ll cover the devicetree video port/endpoint mechanism, a unified video control framework, enhanced buffer management, and support for memory-to-memory (m2m) devices, etc. These efforts aim to shift commont functionality and logic into the subsystem itself, significantly reduce the burden on driver developers - bringing the Zephyr’s video stack closer to a mature multimedia framework.

Speakers

Phi Bang Nguyen

Senior Embedded System Engineer, TechLead at NXP, NXP Semiconductors

I am currently an embedded system engineer and Multimedia IoT TechLead at NXP since 3 years. I am also an active collaborator of the Zephyr video subsystem. I am particularly passionate about image and video and was working on various related topics including computer vision, HCI... Read More →

Monday August 25, 2025 16:30 - 17:10 CEST
D203

Zephyr Developer Summit

Audience Experience Level Intermediate

16:45 CEST

Lottie: Establishing an Open Standard for Vector Animation - Mattia Basaglia, Lottiefiles & Brandon Wilson, Google

Monday August 25, 2025 16:45 - 17:00 CEST

G106

Lottie is an efficient, feature-rich, vector animation format that delivers animations across platforms without sacrificing performance or file size, maintaining quality at any resolution. Lottie is widely adopted across various tools spanning the web, mobile and desktop systems.

In this session, we'll explore the journey of Lottie and the Lottie Animation Community (LAC) in establishing the official Lottie 1.0 specification under the Linux Foundation.

We'll examine the technical challenges addressed in standardizing this format, cross-platform compatibility, and feature consistency across different renderers. Attendees will gain insight into the collaborative process behind creating an open specification with input from diverse stakeholders across industries. We'll discuss the key components of the Lottie format, the standardization work that improved interoperability between creation tools and rendering engines, and demonstrate real-world applications showing the format's capabilities. Finally, we will provide a preview of upcoming efforts and welcome collaboration.

Speakers

Mattia Basaglia

Principal R&D Engineer, Lottiefiles

Mattia has contributed to several Open Source projects, including Glaxnimate — a vector animation program now joining KDE, and other tools to export Lottie. He was heavily involved the Lottie Animation Community standardization process.

Brandon Wilson

Senior Software Engineer, Google

Brandon has been working at Google for five years. He currently works on Lottie/Animation tooling and ensuring motion design partners get the most out of their animations. He is an active participant in the Lottie Animation Committee and helps to organize/lead the meetings.

Monday August 25, 2025 16:45 - 17:00 CEST
G106

Standards & Specifications

Audience Experience Level Any

17:00 CEST

Empowering AI Innovation Through Open Geospatial Ecosystems - Albi Wiedersberg, Overture Maps Foundation

Monday August 25, 2025 17:00 - 17:15 CEST

G106

IIn today's evolving tech landscape, open collaboration is driving the next wave of AI innovation. This session will explore how open source principles—transparency, community collaboration, and shared innovation—are transforming the way we build and integrate open geospatial data. From autonomous vehicles and smart cities to AR/VR and logistics, industries worldwide depend on high quality, interoperable mapping data. We’ll look at real‑world use cases where open ecosystems not only lower barriers for innovators but also advance the development of standards that benefit all. Join us to learn how initiatives like the Overture Maps Foundation are uniting developers, enterprises, and communities to create sustainable, scalable solutions that power the future of AI.

Speakers

Albi Wiedersberg

Vice President of Product Management, Overture Maps Foundation

Albi Wiedersberg is the VP Product Management at Overture. With over 15 years of experience in product and technology leadership, he is dedicated to building high-quality, open maps as a shared resource for innovation. At Overture, Albi leads the product vision and roadmap for our... Read More →

Monday August 25, 2025 17:00 - 17:15 CEST
G106

Standards & Specifications

Audience Experience Level Beginner