Loading…
Open Source Summit + Embedded Linux Conference North America...
May 18-20, 2026
Minneapolis, MN
View More Details & Registration
Note: The schedule is subject to change.

The Sched app allows you to build your schedule but is not a substitute for your event registration. You must be registered for Open Source Summit North America 2025 to participate in the sessions. If you have not registered but would like to join us, please go to the event registration page to purchase a registration.

This schedule is automatically displayed in Central DaylightTime (UTC -5). To see the schedule in your preferred timezone, please select from the drop-down menu to the right, above "Filter by Date."

IMPORTANT NOTE: Timing of sessions and room locations are subject to change.
Company: Any clear filter
arrow_back View All Dates
Monday, May 18
 

11:20am CDT

From Plaintext To Protected: Syslog Over TLS 1.3 in BusyBox for Embedded Routers - Tarun Kundu, Ericsson Software Technology, USA
Monday May 18, 2026 11:20am - 12:00pm CDT
208A+B (Level Two)
BusyBox is a go-to userspace stack for embedded routers, but BusyBox syslogd remote logging is often deployed without transport security—sending logs in plaintext across networks. In enterprise deployments, there exists a security and compliance gap when encrypted log transport, such as RFC 5425-style secure syslog, is expected.

This talk shares a production-driven approach: after evaluating syslog-ng/rsyslog and weighing their integration cost against embedded constraints, we added TLS 1.3 directly to BusyBox syslogd using OpenSSL APIs, reusing crypto already on the device. We’ll demo end-to-end secure logging (router → syslog server), including optional server certificate pinning to reduce MITM risk, and validate the improvement with a packet capture.

We’ll then cover embedded-specific engineering details: preserving UDP logging behavior for backwards compatibility, gating TLS behind a build-time feature flag, testing success/failure paths (handshake and pinning errors), and overnight memory monitoring of syslogd. We’ll close with upstream interest in syslog over TLS and next-step considerations.
Speakers
avatar for Tarun Kundu

Tarun Kundu

Embedded Systems Engineer, Ericsson Software Technology, USA
Tarun Kundu is an Embedded Systems Engineer at Ericsson Software Technology with 21+ years of experience delivering embedded networking and cloud software. An avid learner and AI enthusiast, previously worked at Cisco, AWS, and Altran.
Monday May 18, 2026 11:20am - 12:00pm CDT
208A+B (Level Two)
  Embedded Linux Conference
  • Audience Experience Level Any

11:20am CDT

The Technical Talent Market in 2026: How Decision-makers Are (really) Hiring and Training for AI - Anna Hermansen & Clyde Seepersad, The Linux Foundation
Monday May 18, 2026 11:20am - 12:00pm CDT
200B (Level Two)
In its fourth year, the State of Tech Talent report is now a landmark in the Linux Foundation’s research program. The report provides key insights for employers and practitioners to gain a realistic understanding of the talent landscape as it flexes to meet technical priorities for the current and upcoming years. The 2026 study, which will go live at Open Source Summit North America, examines the survey’s findings on which skills are truly influencing hiring decisions, what current hiring and skilling expectations are, and how AI and emerging technologies are impacting roles and career paths.

In this fireside chat, Anna Hermansen from LF Research and Clyde Seepersad from LF Education will discuss the survey findings from the wider perspective of their work and communities. Anna will review how recent LF research on AI, cloud native, and the Cyber Resiliency Act provides added insight into the tech talent market, and Clyde will lend his training expertise as SVP and general manager of the Linux Foundation’s education program. Both aim to provide wider context to frame the survey findings and distill for audience members the key takeaways to prepare for talent needs this year.
Speakers
avatar for Clyde Seepersad

Clyde Seepersad

General Manager, Training, The Linux Foundation
LF exec in leading the education team
avatar for Anna Hermansen

Anna Hermansen

Senior Researcher and Ecosystem Manager, The Linux Foundation
Anna is a Senior Researcher & Ecosystem Manager for LF Research where she leads research projects and supports end-to-end management of the Foundation's research. Her interests lie at the intersection of open source AI, health informatics, and data sharing. Prior to the Linux Foundation... Read More →
Monday May 18, 2026 11:20am - 12:00pm CDT
200B (Level Two)
  Open AI & Data
  • Audience Experience Level Any

11:20am CDT

Proactive Governance To Build Sustainable OSS Projects - Dawn Foster, Independent
Monday May 18, 2026 11:20am - 12:00pm CDT
200J (Level Two)
We all want our open source projects to be sustainable, healthy, and successful. Good governance has a much larger impact on sustainability, health, and project success than many people realize. Being proactive about governance before something escalates into a crisis can help avoid misunderstandings and make your projects more sustainable and successful.

A lightweight governance model created at the beginning of a project can provide basic guidance about roles, expectations, and decision-making processes. As the project grows and matures, governance can be expanded over time to become more robust as the project evolves. However, good governance is about more than just defining roles and decision-making processes. It can be part of the process of building a sustainable leadership pipeline and can help to create an intentional culture that encourages participation and contributions from others.

This talk will provide details about the importance of governance, how to define project governance, using governance as a pathway to leadership, creating an intentional culture, and making project ownership (e.g., individual, organization, foundation) decisions.
Speakers
avatar for Dawn Foster

Dawn Foster

Open Source Strategy Consultant, Self-Employed
Dr. Dawn Foster is an OSS strategy consultant. She is also on the board of CHAOSS and OpenUK, and was previously a co-chair of the CNCF Contributor Strategy Technical Advisory Group. She has 20+ years of experience at companies like VMware and Intel with expertise in community, strategy... Read More →
Monday May 18, 2026 11:20am - 12:00pm CDT
200J (Level Two)
  OSS Enabling & Management, Project Leadership
  • Audience Experience Level Any

11:20am CDT

The Exploit of Trust: Securing the Open Source Supply Chain - Kadi McKean, ReversingLabs
Monday May 18, 2026 11:20am - 12:00pm CDT
200G (Level Two)
In 2025, the open source supply chain faced a record-breaking escalation in targeted attacks. This talk breaks down the latest research on how attackers exploit the "trust gap" in maintainer workflows, package repositories, and automated publishing pipelines.

Moving beyond the headlines, this session examines the abuse of repository-native features and the rise of dependency compromises. Participants will walk away with a clear understanding of the evolving threat landscape and the defensive strategies—like reproducible builds and continuous validation—essential for modern software resilience. Join us to learn how to maintain the velocity of open source development while building a foundation of verified trust.
Speakers
avatar for Kadi McKean

Kadi McKean

OSS Community Manager, ReversingLabs
Kadi is passionate about the DevOps / DevSecOps community since her days of working with COBOL development and Mainframe solutions. At ReversingLabs she collaborates with developers and security researchers to help entities prioritize their open source risk, reduce technical debt... Read More →
Monday May 18, 2026 11:20am - 12:00pm CDT
200G (Level Two)
  Packages + Images + Containers
  • Audience Experience Level Any

1:30pm CDT

Debug Everything: Building a Debuginfod Backbone for Embedded Linux at Scale - Colin Pinnell McAllister & Joshua Pevehouse, Garmin
Monday May 18, 2026 1:30pm - 2:10pm CDT
208C+D (Level Two)
Embedded Linux debugging has always required difficult trade-offs. Flash storage constraints on target devices force teams to strip debug symbols from most binaries, leaving developers unable to debug critical applications without finding symbols elsewhere.

This presentation examines our transition from limited, on-target debug symbols to comprehensive debuggability across all binaries and build types. The key insight: while flash is expensive on embedded targets, centralized storage is cost-effective and scalable.

We adopted elfutils debuginfod to build enterprise-scale debug infrastructure integrated with our CI/CD pipeline. This has allowed us to host debug artifacts for every binary produced by continuous integration, enabling engineers to debug any component from any build, using standard tools like GDB, without manual symbol management.

This talk covers our journey towards using debuginfod, the architectural decisions we made that allowed debuginfod to scale, integration strategies with the Yocto build system, and the impact on engineering productivity. Attendees will gain practical insights for implementing similar solutions in their organizations.
Speakers
JP
avatar for Colin McAllister

Colin McAllister

Senior Software Engineer, Garmin
Colin McAllister is a software engineer at Garmin, where he focuses on advancing the security, core infrastructure, and development tooling that power Garmin Marine’s diverse range of Embedded Linux products. His passion for embedded Linux began in 2017 while working on a telematics... Read More →
Monday May 18, 2026 1:30pm - 2:10pm CDT
208C+D (Level Two)
  Embedded Linux Conference
  • Audience Experience Level Any

1:30pm CDT

Next Steps in Multi-agent Systems - Deborah Dahl, Conversational Technologies
Monday May 18, 2026 1:30pm - 2:10pm CDT
200B (Level Two)
Special-purpose agentic systems can access proprietary enterprise information or private user information, such as financial, health, or employment data, that isn’t available to large public LLMs. But, by their nature, specialized agents are limited to specialized knowledge. However, more complex applications can be composed of several collaborating agents, each with a specific expertise.
Manual integration of information from several agents by users is possible, but time-consuming and clumsy, and the agents wouldn’t benefit from each other’s knowledge. A better approach would be for agents to converse directly with each other. A standard messaging protocol would enable independent agents to converse and collaborate on tasks.
This presentation will outline two protocols that enable multi-agent systems to collaborate. The first is the Linux Foundation’s Agent-to-Agent protocol, and the second is the Linux Foundation AI & Data Open Voice Interoperability Initiative’s Open Floor Protocol. We will describe each protocol and explain how they complement one another with demonstrations of collaborating agents.
Speakers
avatar for Deborah Dahl

Deborah Dahl

Principal, Conversational Technologies
Deborah Dahl works on innovative, practical and scalable conversational systems that push the boundary between theory and applications. She is the Principal of Conversational Technologies, which assists its clients in creating state of the art solutions using speech and natural language... Read More →
Monday May 18, 2026 1:30pm - 2:10pm CDT
200B (Level Two)
  Open AI & Data
  • Audience Experience Level Any

1:30pm CDT

One Signature To Rule Them All: Portable Supply Chain Verification With Zarf - Brandt Keller, Defense Unicorns
Monday May 18, 2026 1:30pm - 2:10pm CDT
200G (Level Two)
Signed software creates assurances around the integrity and authenticity of how it was produced and by whom. But signing alone is not inherently valuable. The ability to verify the signature in a meaningful way elevates the process to complete the trust cycle.

Blend this idea with many disparate signing mechanisms, add the many layers of exchange as software changes hands and where the software ultimately needs to resolve verification, combine it with many different types of artifacts, and you end up with a complex web of requirements that can be difficult to maintain.

Zarf, an OpenSSF Sandbox project, takes a different approach. Rather than requiring each artifact to be independently verified against external infrastructure, Zarf consolidates artifacts into a declarative package that is pre-verified at creation time. A single signature covers the entire package. The trusted root is embedded in the CLI and the package contains the signature, enabling meaningful verification anywhere, including entirely airgapped environments, with no external connectivity or additional tooling required.
Speakers
avatar for Brandt Keller

Brandt Keller

Staff Software Engineer, Defense Unicorns
Brandt is a Staff Software Engineer with a passion for Open Source. He serves as a Maintainer and Technical Lead for the CNCF Security & Compliance Technical Advisory Group, a Cloud Native Ambassador, and a project maintainer within the OpenSSF. He has lead and contributed to multiple... Read More →
Monday May 18, 2026 1:30pm - 2:10pm CDT
200G (Level Two)
  Packages + Images + Containers
  • Audience Experience Level Any

2:25pm CDT

Building Virtual Drivers With RPMsg: Key Design Principles, Challenges & Trade-offs - Beleswar Prasad Padhi, Texas Instruments
Monday May 18, 2026 2:25pm - 3:05pm CDT
208A+B (Level Two)
Modern heterogeneous SoCs often integrate multiple remote processors (rprocs) that control peripherals for safety purposes, alongside a general-purpose processor running a HLOS like Linux. In automotive systems, these peripherals still need to be shared with Linux for complex use cases like Ethernet traffic sharing, coordinating multiple display pipelines. The Remote Processor Messaging (RPMsg) framework in Linux enables this model by providing an efficient IPC mechanism, allowing devices owned by rprocs to be exposed to Linux as standard devices through virtual kernel drivers built on top of RPMsg. With the growing adoption of this approach, interfaces like rpmsg-gpio, rpmsg-i2c, rpmsg-net are becoming increasingly common.

Using the upstreamed rpmsg-tty driver as an example, this talk presents:
1. The key design principles for building virtual drivers with RPMsg, covering topics like channel & endpoint management(static vs dynamic), synchronization.
2. A comparative study of RPMsg-based solutions with its VirtIO alternative, highlighting trade-offs in latency, resources and use case suitability.
3. Challenges, upstreaming lessons, common pitfalls and scope for future improvement.
Speakers
avatar for Beleswar Prasad Padhi

Beleswar Prasad Padhi

Senior Software Engineer at Texas Instruments, Texas Instruments
Beleswar is a Senior Software Engineer at Texas Instruments, actively working on Upstream Linux Kernel and U-Boot. His work mainly focuses on Remoteproc, RPMsg, Mailbox, Virtio subsystems, as well as boot-time optimizations. He was listed among the top contributors for Linux 6.18... Read More →
Monday May 18, 2026 2:25pm - 3:05pm CDT
208A+B (Level Two)
  Embedded Linux Conference
  • Audience Experience Level Any

2:25pm CDT

Lessons Learned in Embedded Linux Streaming - Tokunbo Quaye, Intelligent Product Solutions
Monday May 18, 2026 2:25pm - 3:05pm CDT
208C+D (Level Two)
In this session, I’ll share practical lessons learned while architecting, building, and supporting a production media system running on custom hardware using open source systems :

Yocto for a customized OS;
GStreamer for media pipelines;
PulseAudio for audio routing;
BlueZ for Bluetooth integration;

This session is relevant because while projects like Yocto, GStreamer, PulseAudio, and BlueZ are powerful individually, integrating them into a production-ready system on custom hardware exposes complexities rarely covered in documentation. Sharing hard-earned lessons helps the ecosystem build more reliable open systems.

Main Points:
- System Overview : Hardware Constraints
- Yocto Custom OS Tradeoffs : Layer Strategy, Packet Selections, Reproducible Builds, Field Updates and Support
- Gstreamer : Pipeline design patterns, Handling dynamic audio devices
- PulseAudio & Bluez Integration
- Field Support and Long Term Maintenance : Logging Strategy; Remote Diagnostics, Managing Updates

Attendees will walk away with concrete integration patterns, design considerations for long-term maintainability, and insights that help when building real-world media systems on embedded Linux.
Speakers
avatar for Tokunbo Quaye

Tokunbo Quaye

Principal Software Engineer, Intelligent Product Solutions
I am a seasoned Software Architect and Engineer with over 20 years of experience in all phases of software development and team technical leadership. My passion lies in designing and delivering high performance, robust, maintainable and scalable software applications that drive business... Read More →
Monday May 18, 2026 2:25pm - 3:05pm CDT
208C+D (Level Two)
  Embedded Linux Conference
  • Audience Experience Level Any

2:25pm CDT

The $300 Enterprise Lab: Democratizing Infrastructure Skills With Raspberry Pis & AI Agents - Derek Bowdle, RTX & Cameron Khorsandi, SAP
Monday May 18, 2026 2:25pm - 3:05pm CDT
200H (Level Two)
Learning to architect robust cloud infrastructure often comes with high barriers: expensive monthly cloud bills and a lack of access to senior mentorship. How can we train the next generation of SREs and Platform Engineers without financial gatekeeping? This session explores a novel pedagogical approach: combining the physicality of a Raspberry Pi "Micro-Data Center" with the instructional power of AI coding assistants.

We will demonstrate how to use low-cost edge hardware to make abstract concepts (clustering, database sharding, and network security) physically tangible. We will then show how to utilize LLM-based chatbots to act as real-time "Senior Architects," guiding learners through complex configuration and troubleshooting tasks that usually require years of experience to master.

Attendees will leave with:

- A blueprint for building a low-cost, enterprise-grade learning lab.

- Strategies for using AI agents to accelerate learning in Kubernetes, networking, and security.

- A method to simulate "Catastrophic Failure" (e.g., pulling a plug) to learn resilience safely.
Speakers
avatar for Cameron Khorsandi

Cameron Khorsandi

Business Development Expert, SAP
Cameron Khorsandi is a Business Development expert at the Office of the CTO at SAP. He specializes in working with Fortune 500 executives to bridge the gap between advanced AI and Machine Learning technologies and real-world business applications. A technologist at heart, Cameron... Read More →
avatar for Derek Bowdle

Derek Bowdle

Senior Machine Learning Engineer, RTX
: Derek Bowdle is a Senior Machine Learning Engineer at RTX and a former math educator. He combines deep technical expertise in Kubernetes and AI with a passion for accessible learning. At RTX, he architects digital threads and predictive models; off the clock, he pushes the limits... Read More →
Monday May 18, 2026 2:25pm - 3:05pm CDT
200H (Level Two)
  Open Source 101
  • Audience Experience Level Any

2:25pm CDT

From Pre‑Silicon To Production: Firmware Development on Zephyr - Dev Bhaveshbhai Joshi, Qualcomm Technologies Inc.
Monday May 18, 2026 2:25pm - 3:05pm CDT
200D (Level Two)
When our production power‑management IC (PMIC) firmware moved to Zephyr, it opened the door for us to streamline our development and validation workflow. Our production firmware used a proprietary RTOS, which required maintaining a separate codebase for pre-silicon validation. By standardizing on Zephyr, an RTOS supported across hundreds of MCUs, we were able to use single application codebase across the entire development flow.

In this talk, I’ll describe how we built a Zephyr‑based pre-silicon PMIC testing platform, enabling the same application to run on both the production as well as pre‑silicon hardware running on a completely different SoC (Raspberry Pi Pico) and a custom evaluation kit. I will briefly outline the software architecture: the application running on Zephyr with board configuration defined through device tree and Kconfig. I will also cover the hardware architecture that connects the Pico to the PMIC evaluation kit, and the Twister‑based Hardware-in-loop tests we incorporated for validation.

I’ll close by highlighting how Zephyr’s broad hardware support and tooling helped simplify our workflow and reduce duplicate effort across multiple platforms.
Speakers
avatar for Dev Joshi

Dev Joshi

Embedded Software Engineer, Qualcomm Technologies Inc.
With a Master of Science in EE from the University of California, Riverside, I contribute to Qualcomm as an Embedded Software Engineer specializing in PMIC software and USB Type-C/PD development. My work focuses on crafting robust Battery Management software for mobile and compute... Read More →
Monday May 18, 2026 2:25pm - 3:05pm CDT
200D (Level Two)
  Zephyr
  • Audience Experience Level Any

2:30pm CDT

Keynote: AI in CI/CD Without the Hype: Practical Patterns for Platform Engineers - Jennifer Mulford, Okta
Monday May 18, 2026 2:30pm - 3:00pm CDT
200C (Level Two)
AI is being discussed as the next evolution of CI/CD, but much of that conversation skips over the realities faced by platform and infrastructure teams responsible for reliability, security, and trust. In practice, introducing AI into pipelines requires restraint, clear boundaries, and a strong understanding of where AI use helps and where it creates risk.
This talk focuses on practical, open-source approaches to using AI in CI/CD pipelines today. We’ll explore patterns where AI acts as a copilot: summarizing pull requests, generating test suggestions, helping engineers interpret CI failures, and enriching security signals while keeping humans firmly in control of decisions.
The session will also cover security concerns, prompt injection risks, secrets exposure, and the importance of treating AI output as untrusted input. We’ll discuss guardrails that help teams experiment safely, such as read-only workflows, explicit review steps, and self-hosted or open-source tooling that avoids sending proprietary code to third-party services.
Attendees will leave with a clear mental model for evaluating AI use cases in their own pipelines and an understanding of the tradeoffs involved.
Speakers
avatar for Jennifer Mulford

Jennifer Mulford

Senior Platform Security Engineer, Okta
Jennifer Mulford is a Senior Platform Security Engineer with 8+ years in DevOps and security, holding certifications including CISSP, CKA, Security+, CEH, and AWS certifications. She focuses on practical, real-world security engineering and automation.
Monday May 18, 2026 2:30pm - 3:00pm CDT
200C (Level Two)
  cdCon
  • Audience Experience Level Any

2:55pm CDT

Lightning Talk: Artifacts That Explain Themselves: Build Metadata in Practice - Socheat Sou & Prajakta Kashalkar-Joshi, IBM
Monday May 18, 2026 2:55pm - 3:05pm CDT
200G (Level Two)
It's common practice to include the Git commit hash in a container image label to serve as a reference, but are you using container labels (and artifact metadata) to their full potential? By embedding metadata into your artifacts you expand your GitOps capabilities. Implement a simple build-cache-like mechanism when building your artifacts, generate robust changelogs across your multi-repo product, or provide better transparency to your security team for their audits and reports. It's even possible to perform Git Bisect-like problem determination between built images. While this talk will explore real-world examples using container images as portable sources of truth, these concepts can be applied anywhere it's possible to add additional metadata to built artifacts.
Speakers
avatar for Socheat Sou

Socheat Sou

Senior Software Engineer, IBM
Socheat has 20+ years of experience at IBM across test, development, and DevOps teams. As a DevOps lead, has led the redesign of CI/CD pipelines, implemented automation tools, and improved release management processes, significantly increasing efficiency and reliability. Socheat is... Read More →
avatar for Prajakta Kashalkar-Joshi

Prajakta Kashalkar-Joshi

Senior technical Staff Member, IBM
Prajakta is a DevSecOps Architect at IBM with 20+ years of experience. A DevOps practitioner since 2010, she leads secure CI/CD pipeline development and mentors aspiring DevSecOps professionals. Passionate about advancing women in tech, she supports various inclusion initiatives... Read More →
Monday May 18, 2026 2:55pm - 3:05pm CDT
200G (Level Two)
  Packages + Images + Containers
  • Audience Experience Level Any

3:35pm CDT

Engineering Quality in a Fast-Moving Open Source Project: WPE WebKit - Mario Sanchez-Prada, Igalia
Monday May 18, 2026 3:35pm - 4:15pm CDT
208C+D (Level Two)
Building an embedded product on top of a large Open Source codebase like WPE WebKit is only the first step. The real challenge is keeping its quality stable as thousands of lines evolve and hundreds of changes land every week across multiple platforms.

In such an environment, errors and regressions are inevitable. What matters is detecting them quickly, understanding their impact, and reacting before they propagate further. This talk focuses on the engineering work that makes this possible, an effort that is essential yet often invisible.

Using WPE WebKit as a case study, we will explore how quality becomes a continuous engineering effort rather than a final validation phase and how CI and QA infrastructure, testing strategies, and processes (e.g. stabilization windows) sustain upstream development while supporting downstream deployments. We will show how these feedback loops reinforce each other and why aligning upstream and downstream processes is critical to keep quality stable over time.

This talk targets engineers, maintainers, and technical leaders working on large Open Source projects, as well as teams building products on top of them who need to sustain quality at scale.
Speakers
avatar for Mario Sanchez-Prada

Mario Sanchez-Prada

Software Engineer and WebKit Team coordinator at Igalia, Igalia
Software engineer and partner at Igalia with 18+ years of experience working on the development of Linux-based Operating Systems, the GNOME platform, Web engines (i.e. WebKit, Blink) and Web browsers (Epiphany, Chromium).

Past experience includes work on the Maemo project, Litl... Read More →
Monday May 18, 2026 3:35pm - 4:15pm CDT
208C+D (Level Two)
  Embedded Linux Conference
  • Audience Experience Level Any

3:35pm CDT

DroneCode Community Update - Ramon Roche, DroneCode Foundation & Lorenz Meier, Creator of PX4 & Auterion
Monday May 18, 2026 3:35pm - 4:15pm CDT
200B (Level Two)

Speakers
avatar for Lorenz Meier

Lorenz Meier

Creator of PX4 & Founder and CEO, Auterion
Dr. Lorenz Meier is Founder and CEO of Auterion and the founder of a number of important open source projects for the drone industry that include PX4, MAVLink, QGroundControl and is the creator of the Pixhawk autopilot. He is a veteran of the drone industry since 2008 with more than... Read More →
avatar for Ramon Roche

Ramon Roche

General Manager, The Linux Foundation
Ramón Roche is General Manager of the Dronecode Foundation, an open-source project under the Linux Foundation supporting drone and robotics development. He leads a global ecosystem behind technologies like PX4 and Pixhawk, and has over a decade of experience in open source. Ramón... Read More →
Monday May 18, 2026 3:35pm - 4:15pm CDT
200B (Level Two)
  PX4 Dev Summit
  • Audience Experience Level Any

4:30pm CDT

The Architecture of Accountability: Transparency in Software - Hayden Blauzvern, Google
Monday May 18, 2026 4:30pm - 5:10pm CDT
200E (Level Two)
In the context of secure systems, "transparency" is often a loaded term. We will propose a precise definition: the guarantee of discoverability and auditability. Transparency is the difference between a system that merely claims to be secure and a system that provides proof of its security claims.

This session offers a high-level primer on the principles of cryptographic transparency. We will discuss how to design transparent applications and explore the tooling available to create tamper-evident systems. We will examine how this pattern has already been used, from Certificate Transparency providing auditability for web PKI, Binary Transparency securing software delivery, and Key Transparency hardening messaging applications. We will demonstrate how transparency can be applied for emerging frontiers as well, such as AI model provenance and news authenticity.

Finally, we will discuss the ongoing specifications work to standardize transparency primitives and highlight opportunities to participate. Attendees will leave with a clear mental model for transparency by design, ready to build systems where accountability is a default feature, not an afterthought.
Speakers
avatar for Hayden Blauzvern

Hayden Blauzvern

Technical Lead Manager, Google
Hayden Blauzvern is a technical lead manager on Google’s Open Source Security Team, focused on making open-source software more secure through code signing and applied transparency. Hayden is a maintainer and the community chair on the Sigstore project.
Monday May 18, 2026 4:30pm - 5:10pm CDT
200E (Level Two)
  Digital Trust
  • Audience Experience Level Any

4:30pm CDT

Bootph: A Swiss Army Knife for Boot-Time Optimization - Gokul Praveen & Beleswar Prasad Padhi, Texas Instruments
Monday May 18, 2026 4:30pm - 5:10pm CDT
208A+B (Level Two)
With more stringent regulations for automotive usecases, every millisecond of boot time is critical. Safety features like rear-view camera and surround view must start working quickly to meet regulations. A typical solution is to have custom boot loaders as they are often faster than U-Boot and the memory footprint of U-Boot has been increasing as device trees grow larger. However, U-Boot provides significant advantages: rich driver model, broad hardware and strong community support.

This raises an important question: how can U-Boot be made a more attractive alternative to custom RTOS bootloaders w.r.t boot time and memory footprint? The answer lies in "bootph" (boot phase) tags, which enable selective node tagging to solve the above-mentioned problems.

This session aims to cover the following:
1. Overview of U-Boot boot phases(SPL, VPL, TPL & U-Boot proper).
2. Deep dive into bootph tags: usage, meaning, and how they affect each boot phase.
3. Common pitfalls: accidentally removing SPL-required nodes, over-tagging shared peripherals, and overusing bootph-all tag.
4. A live case study demonstrating how U-Boot matched the boot time of a custom RTOS bootloader on the TI J7200 SoC.
Speakers
avatar for Beleswar Prasad Padhi

Beleswar Prasad Padhi

Senior Software Engineer at Texas Instruments, Texas Instruments
Beleswar is a Senior Software Engineer at Texas Instruments, actively working on Upstream Linux Kernel and U-Boot. His work mainly focuses on Remoteproc, RPMsg, Mailbox, Virtio subsystems, as well as boot-time optimizations. He was listed among the top contributors for Linux 6.18... Read More →
avatar for Gokul Praveen

Gokul Praveen

Embedded Software Applications Engineer, Texas Instruments, India
I am a Software Applications Engineer with 2 years of experience at Texas Instruments(TI). My work mainly focuses on boot time optimizations, board bring ups with Linux, U-Boot, and handling platform-specific drivers, including those for eMMC, SD, UART, USB, and Timer peripherals... Read More →
Monday May 18, 2026 4:30pm - 5:10pm CDT
208A+B (Level Two)
  Embedded Linux Conference
  • Audience Experience Level Any

4:30pm CDT

Fuzzing Zephyr Apps - Struggles of Dynamic Analysis on Embedded Applications - Jayashree Srinivasan, Analog Devices
Monday May 18, 2026 4:30pm - 5:10pm CDT
200D (Level Two)
Fuzzing, a type of dynamic analysis, is a testing method to find security flaws in software during execution. It involves providing randomized inputs to the application and observing for crashes.

Embedded applications present unique fuzzing challenges. Unlike general-purpose software, they run continuously in real-time without terminating, making it hard to use traditional fuzzing approaches. They receive inputs through specialized peripherals or direct memory/register accesses that require accurate modeling. Fuzzers must generate inputs satisfying highly constrained validation checks while maintaining application state, and crash detection is complicated by the lack of clear program termination.

Existing solutions use hardware, emulation, or rehosted systems with modeled peripherals, employing full source code level, binary-only or API-level fuzzing. Zephyr's current libFuzzer integration targets unit-level API fuzzing but misses system-wide bugs. We aim to integrate AFL++, a popular fuzzing engine, to create a generalized fuzzing strategy across Zephyr's supported platforms. Though still in development, we're exploring the optimal approach to achieve this integration.
Speakers
avatar for Jayashree Srinivasan

Jayashree Srinivasan

Senior Engineer, Research Science Engineering, Analog Devices
I am an Embedded Security enthusiast, currently working as a Senior Engineer in the Product Security team at Analog Devices. My work involves building security solutions for our products with Trusted Execution Environments and open source SW including Trusted Firmware-M, Zephyr and... Read More →
Monday May 18, 2026 4:30pm - 5:10pm CDT
200D (Level Two)
  Zephyr
  • Audience Experience Level Any

5:00pm CDT

Lightning Talk: Why Don't AI Technologies and CI/CD Pipelines Get Along? - Ryo Sugahara, NTT DATA GROUP Corporation
Monday May 18, 2026 5:00pm - 5:10pm CDT
200C (Level Two)
AI technologies are fundamentally transforming the landscape of IT system development. While they are increasingly applied across a wide range of development tasks, their potential remains largely untapped within CI/CD pipelines.

I have personally experimented with applying AI technologies to CI/CD pipelines in an effort to build more effective and intelligent workflows. However, these attempts did not lead to the expected results. This experience raises an important question: why is the integration of AI technologies into CI/CD pipelines so challenging?

In this session, I will explore the practical and conceptual barriers encountered when applying AI technologies to CI/CD pipelines, and examine the underlying reasons behind their apparent lack of compatibility, drawing on firsthand experience. This exploration is still a work in progress. Rather than presenting a success story, this session aims to frame the problem clearly and honestly.

Also, by raising key questions and sharing lessons learned from failed attempts, this session seeks to encourage broader discussion and invite more practitioners to engage with this challenge and collaboratively explore possible paths forward.
Speakers
avatar for Ryo Sugahara

Ryo Sugahara

Evangelist, NTT DATA GROUP Corporation
I joined NTT Data in 2005. Currently, I'm dedicated to driving modernization through the integration of CI/CD and infrastructure automation, transforming traditional projects.
[cdCon2026] Why don't AI technologies and CICD pipelines get along pdf
Monday May 18, 2026 5:00pm - 5:10pm CDT
200C (Level Two)
  cdCon
  • Audience Experience Level Any

5:25pm CDT

From FreeRTOS To Zephyr: A Practical Migration Guide for Embedded Developers - Jacob Beningo, Beningo Embedded Group
Monday May 18, 2026 5:25pm - 6:05pm CDT
200D (Level Two)
FreeRTOS has long been the go-to RTOS for embedded developers. But as projects grow in complexity, demanding better modularity, richer middleware, and long-term maintainability, teams are turning to Zephyr. The migration, however, can feel daunting. Different APIs, build systems, configuration models, and abstractions create a steep learning curve.

This session delivers a practical, step-by-step guide for transitioning from FreeRTOS to Zephyr with confidence. We'll map the similarities and differences between the two RTOSes, demonstrate migration strategies for tasks, queues, and synchronization primitives, and show how to translate existing FreeRTOS designs into Zephyr's ecosystem — covering proven tips to avoid common pitfalls, validate your port, and leverage Zephyr's strengths from device trees to vendor-neutral drivers.

Key Takeaways:
- Core architectural differences between FreeRTOS and Zephyr
- Migrating primitives (tasks, queues, semaphores, timers) to Zephyr equivalents
- Adapting build systems, configuration, and drivers
- Best practices for validating and testing migrated code
- Leveraging Zephyr's ecosystem for scalability and long-term support
Speakers
avatar for Jacob Beningo

Jacob Beningo

CEO, Beningo Embedded Group
Jacob Beningo helps embedded teams modernize software architecture, streamline development, and adopt best practices for high-quality, real-time systems. As founder of Beningo Embedded Group, he provides expert training and guided learning to improve code quality, accelerate development... Read More →
Monday May 18, 2026 5:25pm - 6:05pm CDT
200D (Level Two)
  Zephyr
  • Audience Experience Level Any
 
  • Filter By Date
    May 17 - 22, 2026
  • Filter By Venue
    Minneapolis, MN, USA
    All
    101 A-J (Level One)
    200A (Level Two)
    200B (Level Two)
    200C (Level Two)
    200D (Level Two)
    200E (Level Two)
    200F (Level Two)
    200G (Level Two)
    200H (Level Two)
    200I (Level Two)
    200J (Level Two)
    204B (Level Two)
    205C+D (Level Two)
    208A+B (Level Two)
    208C+D (Level Two)
    211A+B (Level Two)
    Ballroom Foyer (Level One)
    Ballroom Lobby (Level One)
    Mill City Museum
    Minneapolis Convention Center
    Seasons (Level Two)
    Solutions Showcase, Ballroom A+B (Level One)
    TBA
  • Filter By Type
    Ask the Experts
    cdCon
    Cloud + Orchestration
    Co-located Event
    Digital Trust
    Embedded Linux Conference
    Keynote Sessions
    Linux
    Mini Summit
    Open AI & Data
    Open Source 101
    OSS Enabling & Management
    All
    Blockchain and Distributed Ledger Technologies
    Operations Management & OSPOs
    Project Leadership
    Standards & Specifications
    Technical Documentation
    Packages + Images + Containers
    PX4 Dev Summit
    Safety-critical Software
    Special Events / Exhibits / Breaks
    Zephyr
  • Audience Experience Level
    Advanced
    Any
    Beginner
    Intermediate
  • Timezone

Get help with the event

Contact event planner Event login
View support guides Find upcoming events
Create an event you'd love to attend!
Explore why organizers choose Sched Success stories
Event App Event scheduling Event registration Event ticketing Sched forms Call for papers Badges Conferences
© 2026. SCHED LLC - All rights reserved - Helping events since 2008
Event Planning App Privacy Terms
Share Modal

Share this link via

Or copy link

Filter sessions
Apply filters to sessions.
Filtered by Date - 
Clear filter
Sunday, May 17
Monday, May 18
Tuesday, May 19
Wednesday, May 20
Thursday, May 21
Friday, May 22
101 A-J (Level One)
200A (Level Two)
200B (Level Two)
200C (Level Two)
200D (Level Two)
200E (Level Two)
200F (Level Two)
200G (Level Two)
200H (Level Two)
200I (Level Two)
200J (Level Two)
204B (Level Two)
205C+D (Level Two)
208A+B (Level Two)
208C+D (Level Two)
211A+B (Level Two)
Ballroom Foyer (Level One)
Ballroom Lobby (Level One)
Mill City Museum
Minneapolis Convention Center
Seasons (Level Two)
Solutions Showcase, Ballroom A+B (Level One)
TBA
  • Ask the Experts
  • cdCon
  • Cloud + Orchestration
  • Co-located Event
  • Digital Trust
  • Embedded Linux Conference
  • Keynote Sessions
  • Linux
  • Mini Summit
  • Open AI & Data
  • Open Source 101
  • OSS Enabling & Management
  • Packages + Images + Containers
  • PX4 Dev Summit
  • Safety-critical Software
  • Special Events / Exhibits / Breaks
  • Zephyr
  • Audience Experience Level
  • Advanced
  • Any
  • Beginner
  • Intermediate