Loading…
Open Source Summit + Embedded Linux Conference North America...
May 18-20, 2026
Minneapolis, MN
View More Details & Registration
Note: The schedule is subject to change.

The Sched app allows you to build your schedule but is not a substitute for your event registration. You must be registered for Open Source Summit North America 2025 to participate in the sessions. If you have not registered but would like to join us, please go to the event registration page to purchase a registration.

This schedule is automatically displayed in Central DaylightTime (UTC -5). To see the schedule in your preferred timezone, please select from the drop-down menu to the right, above "Filter by Date."

IMPORTANT NOTE: Timing of sessions and room locations are subject to change.
Company: Beginner clear filter
arrow_back View All Dates
Monday, May 18
 

11:20am CDT

MOT: A Tool To Fight Open-washing in AI - Arnaud Le Hors, IBM
Monday May 18, 2026 11:20am - 12:00pm CDT
211A+B (Level Two)
Many models referred to as "open source" are distributed under restrictive licenses and fail to include the necessary information to actually qualify as open source. Just because a model is on HuggingFace does not mean it is open source.

Several attempts have been made to provide a definition of what "open source AI" ought to be but we now have a tool that can help: the Model Openness Tool (MOT).

The MOT was developed by the Generative AI Commons as an implementation of the Model Openness Framework (MOF) to provide model producers and consumers with a practical way to assess how open a model really is. This session will introduce attendees to the MOT and include a demo showing how it can be used along with Hugging Face and GitHub to provide greater understanding of which models are really open.
Speakers
avatar for Arnaud Le Hors

Arnaud Le Hors

Senior Technical Staff Member, IBM
Arnaud Le Hors is Senior Technical Staff Member of Open Technologies at IBM. He has been working on standards and open source for over 30 years. Arnaud was editor of several key web specifications including HTML and DOM and was a pioneer of open source with the release of libXpm in... Read More →
Monday May 18, 2026 11:20am - 12:00pm CDT
211A+B (Level Two)
  Open AI & Data

11:20am CDT

Kubernetes 2026: The New Operating System for AI & Apps - Mukesh Aurangabadkar, Spectrum & Udit Misra, Salesforce
Monday May 18, 2026 11:20am - 12:00pm CDT
200H (Level Two)
In 2026, Kubernetes is the engine behind every modern app and AI model you use. This beginner-friendly session breaks down "K8s" into simple concepts, showing you how it automatically runs, scales, and repairs your software so you don’t have to. We’ll explore the 2026 essentials—from how it manages AI workloads to its role in saving companies millions in cloud costs. Whether you're a developer or just curious, you'll leave knowing exactly why Kubernetes is the most important skill to have in the cloud-native era.
Speakers
avatar for Mukesh Aurangabadkar

Mukesh Aurangabadkar

Principal Engineer, Spectrum
Mukesh Aurangabadkar is a Principal Engineer specializing in infrastructure automation, platform modernization, and large-scale systems deployment. He has led initiatives that have transformed vendor-dependent, manual operational processes into scalable, automation-driven frameworks... Read More →
avatar for Udit Misra

Udit Misra

Senior Member of Technical Staff, Salesforce
Udit Misra is an IEEE Senior Member and software engineer specializing in infrastructure, platform engineering, and cloud-native systems, with almost 6 years of experience at major technology organizations. His work focuses on Kubernetes, eBPF-based network observability, and AI agents... Read More →
Monday May 18, 2026 11:20am - 12:00pm CDT
200H (Level Two)
  Open Source 101

11:20am CDT

Panel Discussion: OSPOs at Scale: Doing More With Less in 2026 - Ashley Wolf, GitHub; Karolyn Maynard, Comcast; Natali Vlatko, Cisco; Paulette Avolio, Ford; Rashida Toliver, Violane LLC
Monday May 18, 2026 11:20am - 12:00pm CDT
200A (Level Two)
Open Source Program Offices are maturing. What started as license compliance and governance functions have evolved into strategic enablers of security, AI adoption, developer productivity, and ecosystem engagement. At the same time, budgets are tighter and expectations are higher.

In this moderated panel, OSPO leaders from Ford, GEICO, Comcast, Cisco and GitHub will discuss how modern OSPOs are scaling impact. We’ll explore practical approaches to automation, policy design, internal enablement, and cross-functional alignment. We’ll share how OSPOs are using metrics to demonstrate value, navigating AI-era contribution models, and leveraging communities like the TODO Group to accelerate learning.

Attendees will leave with concrete examples of how enterprise OSPOs are evolving beyond compliance, how to prioritize when resources are constrained, and how to build influence across engineering, security, and leadership teams.

Whether you're starting an OSPO or leading a mature one, this session offers candid lessons from practitioners operating at scale.
Speakers
avatar for Ashley Wolf

Ashley Wolf

Director, Open Source, GitHub
Ashley Wolf is the Director of Open Source Programs at GitHub. She runs initiatives and programs to empower developers to be successful with open source. She is also passionate about helping companies participate in the open source community. Prior to joining GitHub, Ashley led the... Read More →
avatar for Karolyn Maynard

Karolyn Maynard

Leader of the Comcast Open Source Program Office and The Comcast Dojo, Comcast
I build systems, I build people. I build trust. I build momentum,

I lead two teams at Comcast focused on engineering enablement and transformation: the Comcast Open Source Program Office, which empowers safe and scalable open source participation, and the Comcast Dojo (NPS: 76), which accelerates developer practices through immersive, outcome-driv... Read More →
avatar for Natali Vlatko

Natali Vlatko

Director of Open Source Software Engineering, Cisco
Natali Vlatko (she/her) is a Director of Open Source Software Engineering at Cisco, specializing in open software, policy, and governance. She is a SIG Docs Co-Chair for Kubernetes and a member of the TODO Group Steering Committee. She plays on the fun computer in her spare time... Read More →
avatar for Paulette Avolio

Paulette Avolio

Open Source Program Office Manager, Ford
I help connect people, policies and products to elevate open source community, compliance and contributions.
avatar for Rashida Toliver

Rashida Toliver

Co-Founder & Security Strategist, Violane LLC
Rashida Toliver is a Security Engineer II at GEICO and Co-Founder of Violane Tech LLC. She builds data-driven vulnerability management systems, leads open-source contribution governance, and mentors emerging engineers. Through Violane Tech, she delivers data management, visualization... Read More →
Monday May 18, 2026 11:20am - 12:00pm CDT
200A (Level Two)
  OSS Enabling & Management

1:30pm CDT

Lightning Talk: SSDF Is Not a Checklist: Turning Tasks Into CI/CD Automation - Tracy Ragan, DeployHub, Inc.
Monday May 18, 2026 1:30pm - 1:40pm CDT
200E (Level Two)
In this lightning talk, we’ll introduce the new open-source security tools guide from the Continuous Delivery Foundation and show how it delivers practical, workflow-driven guidance for integrating OpenSSF security tooling into real CI/CD pipelines—helping DevOps and platform engineering teams map pipeline activities directly to the Secure Software Development Framework (SSDF) tasks.

Attendees will learn how the guide helps organizations:
• Understand tooling to meet SSDF standards
• Integrate security without slowing delivery
• Move from tool sprawl to repeatable, secure delivery patterns

This session offers a fast, practical overview of how the CDF community is helping teams turn cybersecurity from an abstract requirement into an executable CI/CD strategy.
Speakers
avatar for Tracy Ragan

Tracy Ragan

CEO, DeployHub
Tracy is a recognized expert in software supply chain security and DevSecOps, specializing in managing complex, decoupled architectures. She is the CEO of DeployHub, a scalable post-deployment vulnerability detection platform that empowers software to 'self-heal' by automatically... Read More →
Monday May 18, 2026 1:30pm - 1:40pm CDT
200E (Level Two)
  Digital Trust

1:30pm CDT

When Your Budget Laptop Needs a Custom Kernel: A Linux Troubleshooting Adventure - Andrei Pokhilko, Komodor
Monday May 18, 2026 1:30pm - 2:10pm CDT
205C+D (Level Two)
This talk chronicles my journey of troubleshooting a Linux kernel issue on a budget Intel GeminiLake-based Chinese mini-laptop. What began as a simple hardware purchase escalated into a two-month deep dive into the i915 GPU driver when the display mysteriously went blank during initialization.

I'll walk through the systematic troubleshooting approach: isolating the issue to the i915 driver, identifying the kernel configuration options triggering the problem, and developing a practical patch that bypasses problematic GPIO pin activation sequences. Along the way, I'll share surprising discoveries about hardware compatibility, kernel development complexity, and the limitations of AI tools when facing real-world Linux challenges.

This presentation is designed for Linux enthusiasts and IT professionals curious about kernel troubleshooting. Attendees will leave with practical knowledge about GPU driver internals, confidence that such issues are solvable without specialized expertise, and inspiration to tackle their own hardware compatibility challenges.
Speakers
avatar for Andrei Pokhilko

Andrei Pokhilko

Open Source Dev Lead, Komodor
Andrei is an Innovation Researcher in the CTO Office at Komodor with 20+ years of engineering experience spanning, open source leadership at CA Technologies, performance testing at Yandex, and founding Loadosophia.org. He's the creator of multiple successful open source projects including... Read More →
Monday May 18, 2026 1:30pm - 2:10pm CDT
205C+D (Level Two)
  Linux

1:30pm CDT

Crawl, Walk, Run With Your MCP Servers - Lin Sun, solo.io
Monday May 18, 2026 1:30pm - 2:10pm CDT
211A+B (Level Two)
You have built your first MCP server and tested it with the MCP inspector, but it only uses stdio or streamable HTTP without HTTPS. Do you rewrite your server to add authentication and authorization, or is there a smarter way? What if you have multiple MCP servers? Can you unify them under a single virtual server without touching any of the originals? How do you deploy all of this to Kubernetes securely and reliably?

In this demo-driven session, Lin takes you from building a simple MCP server and securing it the hard way. Then she offloads authentication, authorization, and tool multiplexing to an MCP gateway. She will show how to deploy a virtual MCP server in Kubernetes and program an AI agent to call its tools, making complex setups feel effortless. By the end, you will have practical techniques to run, secure, and scale your MCP servers with confidence.
Speakers
avatar for Lin Sun

Lin Sun

Head of Open Source, Solo.io
Lin is the Head of Open Source at Solo.io, contributing full-time to the open-source community. She serves on the CNCF Technical Oversight Committee (TOC), is a CNCF Ambassador, and is a maintainer for Istio, kgateway, and kagent. An international speaker at tech conferences, Lin... Read More →
Monday May 18, 2026 1:30pm - 2:10pm CDT
211A+B (Level Two)
  Open AI & Data

1:30pm CDT

Being a Maintainer in the Age of LLM Mania - Kevin Hannon, Red Hat
Monday May 18, 2026 1:30pm - 2:10pm CDT
200H (Level Two)
AI is all around us. In this talk, I will discuss ways maintainers can also leverage AI to combat AI slop, improve maintainer experience and avoid burnout. I will mention my experience on using AI to aide in development of Kubernetes features, maintaining testing environments and providing a good experience for users of AI assistants.

AI, for better or worse, is here to stay and maintainers should embrace the tools to aide development. In this talk, I will highlight using AI pull request review tools, creating AGENTS.md to streamline dev experience of using tools, leveraging the tools to do those cleanups you know are needed but nobody wants to do and mention ways your project can better support AI tooling.
Speakers
avatar for Kevin Hannon

Kevin Hannon

Senior Software Engineer, Red Hat
Kevin Hannon is focused on improving AI/ML experience on Kubernetes. He started his career as a computational scientist and has always been interested in large scale batch jobs. He is motivated to improve Kubernetes in this area to benefit various use cases that are underserved by... Read More →
Monday May 18, 2026 1:30pm - 2:10pm CDT
200H (Level Two)
  Open Source 101

1:30pm CDT

Turning the Ignition on Safety: Zephyr RTOS in Automotive Compliance - Saravanan Sekar, Linumiz
Monday May 18, 2026 1:30pm - 2:10pm CDT
200D (Level Two)
Embedded Automotive RTOS (Real-Time Operating Systems) must meet stringent requirements for safety, reliability, and security, primarily governed by the ISO 26262 standard, which details ASIL (Automotive Safety Integrity Level) requirements.

This talk covers the Zephyr RTOS complies with key functional needs, including minimal latency, high determinism, efficient memory management, and robust multitasking capabilities to handle critical tasks. Currently, the project is actively moving toward greater alignment with the needs of the automotive industry, with specific plans outlined.
Speakers
avatar for Saravanan Sekar

Saravanan Sekar

Software Engineer, Linumiz
Saravanan graduated in Electrical Engineering and working as Software Engineer at Linumiz. Over the past 13 years his focus is primarily on Embedded Linux, RTOS in DVB, IoT and Automotive domain. His work involves to provide Mainline Linux Kernel and related projects to run on customer... Read More →
Monday May 18, 2026 1:30pm - 2:10pm CDT
200D (Level Two)
  Zephyr

1:45pm CDT

OpenSSH + FIDO Workshop - Dennis Hills & Alan Alvarez, Yubico
Monday May 18, 2026 1:45pm - 3:05pm CDT
200E (Level Two)
OpenSSH has built-in support for FIDO security keys since version 8.2 (released in 2020). This means you can protect your SSH private keys using security keys, similar to how this can be done with OpenPGP smart cards and cryptographic tokens that support PKCS#11.

Although such devices all allow you to protect your private keys using cryptographic hardware, the benefits on using FIDO include:

- FIDO is easier to use, especially for beginners
- security keys can be used on the web as well to store passkeys
- no need for vendor-specific software (like PKCS#11 modules)
- security keys are inexpensive
- FIDO features device attestation, which lets you cryptographically prove you are using a specific security key make and model.

In this talk, we will give a short introduction to FIDO security keys, and provide several demos of the use of security keys with OpenSSH, such as signing arbitrary data, authenticating to remote systems, and using key attestation.

The talk consists of a number of demos that participants can follow along on their system. Participants can bring their own security key (any vendor will do). If they do not own a security key one will be provided to them.
Speakers
avatar for Dennis Hills

Dennis Hills

Sr. Solutions Architect, Yubico
Dennis Hills is a Sr. Solutions Architect for Yubico and a University of Washington graduate in Computing Software & Systems.

He has two decades of web service experience ranging from client support and networking to software open source development across various platforms and la... Read More →
avatar for Alan Alvarez

Alan Alvarez

Developer Advocate, Yubico
Alan Alvarez is a Developer Advocate at Yubico, specializing in WebAuthn, passkeys, and phishing-resistant authentication. Previously, he worked as a software engineer across multiple industries, building and maintaining cloud-based services and DevOps workflows. Alan’s work sits... Read More →
Monday May 18, 2026 1:45pm - 3:05pm CDT
200E (Level Two)
  Digital Trust

2:25pm CDT

Lightning Talk: Alcoholless: Lightweight Security Sandbox for Homebrew, AI Agents, Etc. - Akihiro Suda, NTT
Monday May 18, 2026 2:25pm - 2:35pm CDT
200G (Level Two)
This presentation introduces "Alcoholless" Homebrew, which protects macOS hosts from potential malicious Homebrew packages by running Homebrew with a separate user account. A command running with this tool is only allowed to read and write its current directory.

While Alcoholless puts focus on Homebrew, it is also applicable to other package managers such as `pip install`, `npm install`, and `go install`. Aside from package management, it is even useful for running AI coding agents that may potentially execute harmful commands.

Alcoholless is also an attempt to reexamine the necessity of Linux-style containers that emerged in this century. It just utilizes 1990s' commands (`su`, `sudo`, `rsync`) and the macOS equivalent of `useradd` to implement container-like environments, without extending the XNU kernel to support Linux-style container syscalls.

Repository: https://github.com/AkihiroSuda/alcless
Speakers
avatar for Akihiro Suda

Akihiro Suda

Distinguished Software Engineer, NTT
Akihiro Suda is a software engineer at NTT Corporation. He has been a maintainer of Moby (dockerd), BuildKit, containerd, runc, etc. He is also a founder of nerdctl and Lima (CNCF project).
Monday May 18, 2026 2:25pm - 2:35pm CDT
200G (Level Two)
  Packages + Images + Containers

2:25pm CDT

Booting Up: A Fresh Look at the Modern Init - Antra Purohit & Hemant Bharadwaj, Microsoft
Monday May 18, 2026 2:25pm - 3:05pm CDT
205C+D (Level Two)
For many, systemd is the mysterious engine under the hood of nearly every modern Linux distribution. We use it daily—restarting services and checking logs—but how much do we actually know about how it manages our systems? If your relationship with systemctl begins and ends with copy-pasting commands from Stack Overflow, it’s time to look deeper.

This session is a practical, beginner-friendly deep dive into the most widely adopted (and debated) init system in the open-source world. We will move beyond the "init" label to explore systemd as a comprehensive suite of management tools.

Key takeaways include:

The Unit Hierarchy: Understanding .service, .timer, and .mount files.

The Boot Process: How "Targets" replace traditional runlevels.

Hands-on Management: Mastering systemctl for lifecycle management and journalctl for lightning-fast debugging.

DIY Services: A step-by-step guide to writing your first unit file from scratch.

Whether you are a developer looking to containerize applications or a new sysadmin navigating the CLI, this talk will provide the foundational knowledge needed to stop fearing the daemon and start commanding it.
Speakers
avatar for Antra Purohit

Antra Purohit

Software Engineer, Microsoft
Antra Purohit is a software engineer working on Linux‑based cloud and embedded platforms. She works on Yocto‑based systems and cloud infrastructure, translating open‑source technologies into reliable, production‑ready solutions.
avatar for Hemant Bharadwaj

Hemant Bharadwaj

Senior Site Reliability Engineer at Microsoft, Microsoft
Hemant Bharadwaj is a Senior Site Reliability Engineer working on large-scale Linux infrastructure. He focuses on observability, incident response, debugging, and automation across distributed systems. His work centers on turning operational pain points into repeatable, open, and... Read More →
Monday May 18, 2026 2:25pm - 3:05pm CDT
205C+D (Level Two)
  Linux

2:25pm CDT

Scaling Your OSPO With Agents and Automation: Lessons From GitHub's Open Source Program - Ashley Wolf, GitHub
Monday May 18, 2026 2:25pm - 3:05pm CDT
200A (Level Two)
As open source adoption grows, the role of the OSPO expands with it. At GitHub, we saw an opportunity to scale our capabilities by automating the repetitive work—like checklists, scans, reports, and audits—that every program office handles.

In this session, I’ll outline how we evaluated AI agents to handle the heavy lifting of data gathering and analysis. We’ll look at practical use cases for automating OSPO activities like review, compliance, reporting, including dependency analysis and license detection, using data from sources like ClearlyDefined and OpenSSF Scorecard.

Join me as we explore the patterns that worked, the surprises we encountered, and how these workflows provide a comprehensive view of project health for OSPOs. You’ll leave with a framework for applying AI, agents, agentic workflows to your own OSPO’s challenges, helping you scale your operations efficiently across the entire open source lifecycle.
Speakers
avatar for Ashley Wolf

Ashley Wolf

Director, Open Source, GitHub
Ashley Wolf is the Director of Open Source Programs at GitHub. She runs initiatives and programs to empower developers to be successful with open source. She is also passionate about helping companies participate in the open source community. Prior to joining GitHub, Ashley led the... Read More →
Monday May 18, 2026 2:25pm - 3:05pm CDT
200A (Level Two)
  OSS Enabling & Management, Operations Management & OSPOs

3:35pm CDT

Bots Are Your Best Maintainers: Scaling Governance With Automated Security Tools - Chandra Inguva & Manoj Kumar, Microsoft
Monday May 18, 2026 3:35pm - 4:15pm CDT
200E (Level Two)
Open source projects are under-resourced, yet responsible for maintaining large, security-critical dependency ecosystems. Maintainers are overwhelmed by manual reviews, vulnerability alerts, and patch backlogs—and falling behind is inevitable.
This talk shows how automated security bots can take over the bulk of governance work. Using tools like Dependabot, Renovate, and automated security scanners, projects can automatically detect vulnerabilities, open and validate pull requests, enforce policies, and reduce human effort without sacrificing trust or quality.
We’ll walk through a practical bot stack that allows open source projects to scale from a small maintainer group to dozens of contributors, while cutting patch timelines from weeks to days. Attendees will learn which tools to deploy, how to configure them safely, and how to rely on automation for repetitive security work—so humans can focus on decisions that actually require judgment.
Speakers
avatar for Chandra Inguva

Chandra Inguva

Product Manager, Microsoft
Chandra Inguva is a product manager at Microsoft
avatar for Manoj Kumar

Manoj Kumar

Sr. Security Product Manager, Microsoft
Manoj Kumar is a Cybersecurity Leader at Microsoft with 20+ years of experience. A pioneer in AI/ML security, he helped build the Responsible AI Standard for LLMs and led AETHER’s group creating CodeQL rules for AI risk detection. Manoj architected Azure ML for air-gapped government... Read More →
Monday May 18, 2026 3:35pm - 4:15pm CDT
200E (Level Two)
  Digital Trust

3:35pm CDT

Quantum Computing for Software Engineers, Not Physicists - Ram Iyengar, Linux Foundation
Monday May 18, 2026 3:35pm - 4:15pm CDT
200H (Level Two)
All the quantum computing talks I've seen so far are about qubits, spin, superposition, and complicated math. Things that may not be entirely in the realm of software developers.
However, the reality is that there are several resources to aid software developers to simulate, test, and run quantum-based algorithms. Simple applications can be developed to explore the functioning of this new realm of computing.
The talk will consist of a section that explores all the available resources for software engineers to program simple quantum circuits and observe results. The second part will be sample code and runs that demonstrate several of these. Samples written in Python and Rust will be run and demonstrated.
In addition, several Linux Foundation projects and courses will be highlighted during the talk.
Speakers
avatar for Ram Iyengar

Ram Iyengar

India Community lead, OpenSSF
Ram Iyengar is an engineer by practice and an educator at heart. He was (cf) pushed into technology evangelism along his journey as a developer and hasn’t looked back since! He enjoys helping engineering teams around the world discover new and creative ways to work. He is a proponent... Read More →
Monday May 18, 2026 3:35pm - 4:15pm CDT
200H (Level Two)
  Open Source 101

4:30pm CDT

Why Is It Always DNS?: Rethinking & Engineering Node-Level DNS Resolution in Kubernetes - Shaheen Sayyed & Ankur Singh, Red Hat
Monday May 18, 2026 4:30pm - 5:10pm CDT
200F (Level Two)
Is it DNS or is it network? & why is answer always DNS? In K8s, most clusters quietly rely on /etc/resolv.conf on every node for all non-service name resolution. At scale, this dependency becomes a liability, reducing caching & observability while causing fragile forwarding, higher latency, upstream resolver overload, and host-level divergence in multi-cloud environments

This talk will explain how K8s actually consumes node DNS today & then present two solutions: CoreDNS for large, complex clusters; dnsmasq for medium scale that bring deterministic caching, controlled forwarding, traffic steering, and real visibility—turning DNS from black box into an engineered system component

Attendees will gain a framework to choose DNS implementation strategies by understanding trade-offs based on cluster scale, workload type and platform maturity. We’ll compare CoreDNS & dnsmasq, surface real failure modes, & show how different designs affect latency, reliability, & blast radius.
Speakers
avatar for Shaheen Sayyed

Shaheen Sayyed

Site Reliability Engineer, Red Hat
Coding Enthusiast with a keen interest in Building Scalable Cloud Applications
avatar for Ankur Singh

Ankur Singh

Senior Site Reliability Engineer, Red Hat
A diverse Software Engineer with experience as DevOps Engineer, Platform Engineer & Site Reliability Engineer.
Monday May 18, 2026 4:30pm - 5:10pm CDT
200F (Level Two)
  Cloud + Orchestration

4:30pm CDT

Quantum Computing for AI Engineers: Foundations, Limits, and Future Possibilities - Alireza Rahmani, Red Hat
Monday May 18, 2026 4:30pm - 5:10pm CDT
200H (Level Two)
Quantum computing is often described as the next frontier of computation, but for most engineers, it remains abstract and disconnected from practical systems such as AI and distributed infrastructure.

This session introduces the fundamentals of quantum computing in clear, accessible terms. We will explain core concepts such as qubits, superposition, and entanglement without heavy mathematics, and compare them to classical computing models used in today’s AI workloads.

We will then explore realistic intersections between quantum computing and AI, including optimization problems, simulation, and potential long-term impacts on edge and cloud architectures. The session will also briefly review open source quantum development toolkits and how engineers can begin experimenting today.

Attendees will leave with a grounded understanding of what quantum computing can and cannot do, and how it may influence the future of AI systems.
Speakers
avatar for Alireza Rahmani

Alireza Rahmani

Senior Cloud Architect, Red Hat
Alireza Rahmani is a Red Hat Cloud Architect, academic professor, and Doctoral Engineer candidate at Penn State University specializing in AI/ML and cloud-native systems. A Golden Kubestronaut within the CNCF ecosystem, he bridges research and real-world deployment, focusing on security... Read More →
Monday May 18, 2026 4:30pm - 5:10pm CDT
200H (Level Two)
  Open Source 101

4:30pm CDT

Lazy Rivers and Open Source Security: Learn About the OpenSSF With Angelah and Stacey - Angelah Liu & Stacey Potter, Linux Foundation
Monday May 18, 2026 4:30pm - 5:10pm CDT
200A (Level Two)
Some people claim that open source and cybersecurity are two things that don't mix. Come join this informative session to learn how the truth is very much the opposite!

Established in 2020, the OpenSSF is the security subject matter experts for the Linux Foundation. While some might claim that security is a Dark Art, hop onto our lazy river as we show you about all the amazing initiatives our community has to offer open source developers and downstream OSS consumers! Don't forget your towel and some sunscreen, and be careful if you sit in the splash-zone... you MAY get wet! HONK!
Speakers
avatar for Angelah Liu

Angelah Liu

Associate Manager, Marketing and Communications, Linux Foundation
Angelah serves as the Associate Communications & Marketing Manager at the Linux Foundation, where she supports open source projects' cross-functional marketing initiatives for high-impact open source ecosystems. She drives the marketing efforts for multiple key LF projects, including... Read More →
avatar for Stacey Potter

Stacey Potter

Community Manager, OpenSSF
Stacey brings extensive experience in open source community building, marketing, and event coordination. With a background spanning projects like Minder, Flux and Flagger, OpenFeature, and Keptn, she has played a key role in fostering engagement and driving adoption across cloud-native... Read More →
Monday May 18, 2026 4:30pm - 5:10pm CDT
200A (Level Two)
  OSS Enabling & Management, Operations Management & OSPOs

5:25pm CDT

Leveraging U-Boot Binman With Hardware Security Modules (HSM) for Secure Boot - Riya Aysola & Judith Mendez, Texas Instruments
Monday May 18, 2026 5:25pm - 6:05pm CDT
208A+B (Level Two)
Secure boot is becoming essential for more embedded Linux systems, yet secure firmware signing at scale remains challenging. Traditional approaches often rely on manual, locally managed scripts and cryptographic keys, leading to increased security risks from development to production environments. This presentation demonstrates a practical approach to secure boot image creation using U-Boot's Binman tool integrated with Hardware Security Modules (HSMs) for cryptographic signing. We examine how Binman assembles multi-stage boot images and delegates signing to HSMs, protecting private keys while enabling automated builds. We will also explore how Binman's signing workflow can be adapted to support various HSM deployment models. Attendees will understand how image signing with Binman establishes a secure boot chain of trust, why HSM-backed signing is critical for production systems, and how open-source tools can be combined with security best practices to create more robust and scalable firmware signing workflows. The goal is to help the broader open-source ecosystem adopt more standardized and secure practices for firmware image creation and signing suitable for production deployment
Speakers
avatar for Riya Aysola

Riya Aysola

Systems Engineer, Texas Instruments
Riya Aysola is a Systems Engineer in Texas Instruments' Embedded Processing group, focused on embedded security and cybersecurity. She holds a bachelor's degree in computer science from the University of Houston.
avatar for Judith Mendez

Judith Mendez

Embedded Linux Developer, Texas Instruments
Judith Mendez is an embedded Linux developer at Texas Instruments with nearly 4 years of experience on Sitara K3 SoCs and legacy AM335/AM437 platforms. She handles driver development and maintenance for IPs like MMC, PWM, M_CAN, and watchdog, helping deliver quality Linux SDKs and... Read More →
Monday May 18, 2026 5:25pm - 6:05pm CDT
208A+B (Level Two)
  Embedded Linux Conference

5:25pm CDT

Verification Toward Applying SLSA in Automotive IVI Software Development - Yuta Kiyoumi & Takashi Ninjouji, Honda Motor Co., Ltd.
Monday May 18, 2026 5:25pm - 6:05pm CDT
208C+D (Level Two)
In automotive software development—such as IVI (In-Vehicle Infotainment) software—many layers of the supply chain are involved, including automotive OEMs and Tier‑1 suppliers. Automotive OEMs, in particular, are required to manage a complex and multi‑layered software supply chain under strict safety and regulatory constraints.

To evaluate supply chain security efforts within software development, we have been conducting a feasibility study on applying SLSA, a supply chain security framework being developed by the OpenSSF.

In this session, we will share insights gained through our validation of SLSA adoption and discuss approaches to supply chain security in large-scale software development projects such as AAOS.
Speakers
avatar for Yuta KIYOUMI

Yuta KIYOUMI

staff, HONDA MOTOR CO.,LTD.
Yuta Kiyoumi is the Security Architect for IVI software development at Honda Motor Co., Ltd. He also serves as a member of the Honda OSPO promoting secure OSS adoption, and participates as a member of the OpenSSF.
avatar for Takashi Ninjouji

Takashi Ninjouji

Chief Engineer, Honda Motor Co., Ltd.
Takashi Ninjouji is a Chief Engineer at Honda Motor Co., Ltd., with a focus on Software-Defined Vehicles (SDV). He is a manager of the Open Source Program Office (OSPO). His interests also include AI-assisted engineering automation.
Monday May 18, 2026 5:25pm - 6:05pm CDT
208C+D (Level Two)
  Embedded Linux Conference

5:25pm CDT

Kubernetes Cluster Creation Landscape - The Easy and the Hard Ways - Wendy Ha, SEEK
Monday May 18, 2026 5:25pm - 6:05pm CDT
200H (Level Two)
As a Kubernetes user, have you ever wondered how clusters from different vendors and distributions remain consistent? Whether running in the cloud or on-premises, workloads behave the same way without modification, and applications can move between platforms without being rewritten. This consistency is made possible by the Certified Kubernetes Conformance Program run by CNCF, which ensures distributions meet upstream Kubernetes standards.

However, conformance validates runtime behavior, not how clusters are created. Cluster provisioning approaches varies widely across providers, leading to configuration drift, inconsistent upgrades, and operational complexity at scale.

To address these challenges, the Kubernetes Special Interest Group Cluster Lifecycle introduced Cluster API, bringing declarative APIs to cluster provisioning and lifecycle management.

In this beginner-friendly session, I will walk you through the full landscape for Kubernetes cluster creation, and share insights from a contributor’s perspective on why Cluster API exists, the problems it solves, and how community-driven effort helps make cluster creation more consistent and sustainable.
Speakers
avatar for Wendy Ha

Wendy Ha

Software Engineer, CNCF Ambassador, Independent
Wendy is a CNCF Ambassador and a proud advocator for Women in the Cloud Native community. She is also an open source contributor and has contributed to various aspects of Kubernetes, including SIG Release (serving on the Release Team since v1.31), SIG Cluster Lifecycle and SIG Etcd... Read More →
Monday May 18, 2026 5:25pm - 6:05pm CDT
200H (Level Two)
  Open Source 101

5:25pm CDT

From Compliance To Code: The Cyber Resilience Act, SBOMs, DevTeams and YOU! - Marcus Ross, Hamburg Port Authority AöR & Peter Dickten, dcs-fuerth Germany
Monday May 18, 2026 5:25pm - 6:05pm CDT
200A (Level Two)
The EU Cyber Resilience Act (CRA) is reshaping how manufacturers and developers must secure their products—but what does it mean for your Developer platforms, DevOps pipelines, and DevTeams? In this session, we’ll share a real-world implementation for SBOMs (Technical Guideline TR-03183 from the Federal Office of Information Security). We demonstrate how to technically address CRA mandates without drowning in compliance overhead.

You will leave with
- Understand the CRA’s impact on your Developers and Management even outside the EU (and why ignoring it isn’t an option).
- See a production-ready workflow for SBOMs, vulnerability management, and compliance automation with OpenSource-Tools (DependencyTrack, CentralCyclone, GitOps).
- Actionable insights on integrating CRA requirements with SBOM handling into your CI/CD pipelines.
- A clear "why this matters" for your org., and lessons from the trenches of securing critical infrastructure with Kubernetes.
- Get a checklist for team adoption - because compliance is a cultural challenge, not just a technical one.
Speakers
avatar for Peter Dickten

Peter Dickten

Peter Dickten, dcs-fuerth Germany

avatar for Marcus Ross

Marcus Ross

CCoE Lead / Kubestronaut, Hamburg Port Authority
The Hamburg Port Authority (HPA) has been operating future-oriented port management from a single source since 2005 and is active wherever efficiency, safety, and cost-effectiveness are required in the Port of Hamburg. Marcus works as a DevOps Plattform Engineer in a team responsible... Read More →
Monday May 18, 2026 5:25pm - 6:05pm CDT
200A (Level Two)
  OSS Enabling & Management, Operations Management & OSPOs
 
  • Filter By Date
    May 17 - 22, 2026
  • Filter By Venue
    Minneapolis, MN, USA
    All
    101 A-J (Level One)
    200A (Level Two)
    200B (Level Two)
    200C (Level Two)
    200D (Level Two)
    200E (Level Two)
    200F (Level Two)
    200G (Level Two)
    200H (Level Two)
    200I (Level Two)
    200J (Level Two)
    204B (Level Two)
    205C+D (Level Two)
    208A+B (Level Two)
    208C+D (Level Two)
    211A+B (Level Two)
    Ballroom Foyer (Level One)
    Ballroom Lobby (Level One)
    Mill City Museum
    Minneapolis Convention Center
    Seasons (Level Two)
    Solutions Showcase, Ballroom A+B (Level One)
    TBA
  • Filter By Type
    Ask the Experts
    cdCon
    Cloud + Orchestration
    Co-located Event
    Digital Trust
    Embedded Linux Conference
    Keynote Sessions
    Linux
    Mini Summit
    Open AI & Data
    Open Source 101
    OSS Enabling & Management
    All
    Blockchain and Distributed Ledger Technologies
    Operations Management & OSPOs
    Project Leadership
    Standards & Specifications
    Technical Documentation
    Packages + Images + Containers
    PX4 Dev Summit
    Safety-critical Software
    Special Events / Exhibits / Breaks
    Zephyr
  • Audience Experience Level
    Advanced
    Any
    Beginner
    Intermediate
  • Timezone

Get help with the event

Contact event planner Event login
View support guides Find upcoming events
Create an event you'd love to attend!
Explore why organizers choose Sched Success stories
Event App Event scheduling Event registration Event ticketing Sched forms Call for papers Badges Conferences
© 2026. SCHED LLC - All rights reserved - Helping events since 2008
Event Planning App Privacy Terms
Share Modal

Share this link via

Or copy link

Filter sessions
Apply filters to sessions.
Filtered by Date - 
Clear filter
Sunday, May 17
Monday, May 18
Tuesday, May 19
Wednesday, May 20
Thursday, May 21
Friday, May 22
101 A-J (Level One)
200A (Level Two)
200B (Level Two)
200C (Level Two)
200D (Level Two)
200E (Level Two)
200F (Level Two)
200G (Level Two)
200H (Level Two)
200I (Level Two)
200J (Level Two)
204B (Level Two)
205C+D (Level Two)
208A+B (Level Two)
208C+D (Level Two)
211A+B (Level Two)
Ballroom Foyer (Level One)
Ballroom Lobby (Level One)
Mill City Museum
Minneapolis Convention Center
Seasons (Level Two)
Solutions Showcase, Ballroom A+B (Level One)
TBA
  • Ask the Experts
  • cdCon
  • Cloud + Orchestration
  • Co-located Event
  • Digital Trust
  • Embedded Linux Conference
  • Keynote Sessions
  • Linux
  • Mini Summit
  • Open AI & Data
  • Open Source 101
  • OSS Enabling & Management
  • Packages + Images + Containers
  • PX4 Dev Summit
  • Safety-critical Software
  • Special Events / Exhibits / Breaks
  • Zephyr
  • Audience Experience Level
  • Advanced
  • Any
  • Beginner
  • Intermediate