Open Source Summit + Embedded Linux Conference North America 2026: Full Schedule

May 18-20, 2026
Minneapolis, MN
View More Details & Registration
Note: The schedule is subject to change.

The Sched app allows you to build your schedule but is not a substitute for your event registration. You must be registered for Open Source Summit North America 2025 to participate in the sessions. If you have not registered but would like to join us, please go to the event registration page to purchase a registration.

This schedule is automatically displayed in Central DaylightTime (UTC -5). To see the schedule in your preferred timezone, please select from the drop-down menu to the right, above "Filter by Date."

IMPORTANT NOTE: Timing of sessions and room locations are subject to change.

arrow_back View All Dates

11:20am CDT

Keynote: The Revolution Hiding in Plain Sight: CI/CD Platform Is About to Change Forever - Dadisi Sanyika, Sol Duara, Inc.

Monday May 18, 2026 11:20am - 11:45am CDT

200C (Level Two)

Anyone who has worked on a CI/CD platform knows the feeling: the tools are powerful, but too much energy goes into making everything talk to everything else. Teams sense there should be a better way, but the ecosystem keeps pulling them back toward custom integrations.

This is an industry inefficiency. When hundreds of organizations each build integrations for the same tools, enormous effort is spent solving the same problems again and again. We’ve accepted this as normal, but there’s another pattern.

This talk explores why the status quo must change. Not through better tooling or more connectors, but through the same shift that transformed railroads, email, and the internet: shared protocol.

You’ll see the architecture making this inevitable: CDEvents as a shared vocabulary for SDLC, Workflow Segments as the semantic meaning behind “build” and “deploy,” and Conduit as an orchestration engine that understands the entire workflow. We’ll examine where boundaries exist in every pipeline, and how tools that broadcast proof of reaching those boundaries can coordinate without custom integrations.

The future of CI/CD isn’t more integrations; it’s one integration, used by everyone.

Speakers

Dadisi Sanyika

CEO, Sol Duara, Inc.

I am the Governing Board Chair for the Continuous Delivery Foundation (Linux sub-foundation) and the CEO of Sol Duara, Inc. Previously, at Apple, I led a team of engineers dedicated to improving the Continuous Deployment experience for teams and the community. Our contributions are... Read More →

Monday May 18, 2026 11:20am - 11:45am CDT
200C (Level Two)

cdCon

Audience Experience Level Intermediate

11:20am CDT

Building Trust in the AI Era: Agent-to-Agent Communication With DIDs and VCs - Alexander Shcherbakov, DSR Corporation

Monday May 18, 2026 11:20am - 12:00pm CDT

200E (Level Two)

As AI moves from isolated chatbots to autonomous agent ecosystems, the "identity problem" becomes a critical security bottleneck. How does an agent verify the legitimacy of a requestor before executing a sensitive task? Traditional API keys are insufficient for dynamic, decentralized agent interactions.
This session explores a cutting-edge extension to the Linux Foundation A2A protocol that leverages Decentralized Identifiers (DIDs) and Verifiable Credentials (VCs) to establish high-assurance trust and bridges the gap between Decentralized Identity standards and AI, creating a secure backbone for the next generation of agent interoperability.
We will dive into the technical design of integrating OpenID for Verifiable Presentations (OID4VP) into agent communication flows. Attendees will learn how this proposed extension moves beyond static credentials to enable granular, verifiable Authentication (AuthN) and Authorization (AuthZ) for autonomous tasks. Beyond the protocol basics, we will analyze different patterns for VC presentation—comparing interactive vs. automated flows—and evaluate diverse wallet options, ranging from cloud-based agent wallets to secure edge implementations.

Speakers

Alexander Shcherbakov

Head of Decentralized Systems Department, DSR Corporation

Ph.D. in Mathematics. Master of Applied Mathematics and Computer Science.
More than 10 years of experience in Blockchain, DLT, Decentralized Identity and SSI.
Significant contribution to open source. Maintainer and contributor of popular open-source projects.
Extensive experience sp... Read More →

Monday May 18, 2026 11:20am - 12:00pm CDT
200E (Level Two)

Digital Trust

Audience Experience Level Intermediate

11:20am CDT

From Closed To Collaborative: Lessons From Qualcomm’s Open Development Experience - Rashmi Chitrakar, Qualcomm Technologies, Inc.

Monday May 18, 2026 11:20am - 12:00pm CDT

208C+D (Level Two)

For more than 15 years, Qualcomm’s been actively involved in a range of Open Source ecosystems. Until recently, some parts of our development were handled behind closed doors, with contributions coming later and upstream enablement sometimes being limited. We tried various projects and partnerships to push things upstream sooner, but it wasn’t until lately that we truly made a complete shift.

Over the past 18 months, we’ve totally revisited our approach—moving an entire Linux product development ecosystem, with hundreds of contributors, from a private downstream setup to a full-blown Open Development model. This wasn’t just a surface change: it meant overhauling how our engineers work, syncing up our internal systems with open practices, and fundamentally changing the way our developers connect and collaborate.

In this session, we’ll share what made this transition work for us—including how we managed to weave our internal systems into Open Source workflows, encouraged developers to embrace new ways of thinking, and built scalable processes that can handle all sorts of Linux ecosystems and distributions.

Speakers

Rashmi Chitrakar

Sr Director, Engineering, Qualcomm Technologies, Inc

Rashmi Chitrakar is the Engineering Lead for Qualcomm’s Open Source Program Office. Her team does the balancing act of catering to Qualcomm’s Open Source Legal Group’s due-diligence needs and fostering an Engineering community that both leverages and contributes to Open Source... Read More →

Monday May 18, 2026 11:20am - 12:00pm CDT
208C+D (Level Two)

Embedded Linux Conference

Audience Experience Level Intermediate

11:20am CDT

Zephyr at 10 Years: Survey Feedback - Kate Stewart & Hilary Carter, The Linux Foundation

Monday May 18, 2026 11:20am - 12:00pm CDT

200D (Level Two)

Ten years ago, Zephyr set out to solve a problem that many embedded teams quietly struggled with: how to build dependable real-time systems without being locked into a single vendor, toolchain, or proprietary stack. Before beginning the project, open source developers were surveyed to identify the key problems they wanted to see a new open source RTOS to solve, such as security and safety certifications.

What followed over the next decade was more than steady adoption. Zephyr introduced a new model built around portability, adoption of security best practices, modern tooling, and a shared ecosystem of drivers and middleware. Contributors collaborate in the open to improve performance, connectivity, and reliability, enabling it to now be found embedded in products which need to last many years, if not decades.

As we head into our next 10 years, the Zephyr project reached out again to survey RTOS users and understand better what they value, and what the project should focus on improving in the years ahead. This talk will go through the results that LF Research team has identified from the survey and interviews, giving a peak at the focus points going forward.

Speakers

Hilary Carter

SVP Research, The Linux Foundation

Hilary Carter is a writer, researcher, and team leader, producing engaging, decision-useful insights that broaden the understanding of open source and emerging technologies and their impact on business, government, and society. She has contributed to books and numerous research reports... Read More →

Kate Stewart

VP Dependable Embedded Systems, The Linux Foundation

Kate Stewart works with the safety, security and license compliance communities to advance the adoption of best practices into embedded open source projects. She has launched the ELISA and Zephyr Projects, as well as supporting other embedded projects. With more than 30 years of experience... Read More →

Monday May 18, 2026 11:20am - 12:00pm CDT
200D (Level Two)

Zephyr

Audience Experience Level Intermediate

1:30pm CDT

Lightning Talk: From Embedded Artifacts To Durable Entities: Fixing State in Spinnaker - Ben Powell, Apple

Monday May 18, 2026 1:30pm - 1:40pm CDT

200C (Level Two)

Spinnaker historically embedded artifact data directly into pipeline execution context. As workflows grew more complex, this approach led to oversized context payloads, fragile retries, and tight coupling between pipeline logic and storage representation.

The Entity Store rethinks this model. By replacing embedded state with URI-based references and delegating persistence to pluggable handlers, Spinnaker separates semantic identity from storage mechanics. Execution context becomes lighter, more stable, and easier to evolve.

In this talk, we’ll explore the architectural shift, implementation tradeoffs, migration strategy, and what this change means for future extensibility in Spinnaker and other CD systems.

Speakers

Ben Powell

Software Engineer, Apple

Ben is a software engineer at Apple for the Spinnaker team with previous experience at AWS for the AWS SDK and ECS team. He has contributed to various different tools, services, and proposals through the years, governs the Cloud SIG for Spinnaker, and is an active participant for... Read More →

Monday May 18, 2026 1:30pm - 1:40pm CDT
200C (Level Two)

cdCon

Audience Experience Level Intermediate

1:30pm CDT

OpenBao: Horizontally Scaling Secrets Management - Alexander Scheel, ControlPlane

Monday May 18, 2026 1:30pm - 2:10pm CDT

200F (Level Two)

OpenBao is an OpenSSF project and a fork of HashiCorp Vault. It is an open-source secrets manager with support for static and dynamic secrets including identities and certificates.

The OpenBao community recently landed support for horizontal scalability, formerly a Vault Enterprise exclusive feature, in partnership between multiple organizations in the community.

This session will outline the design and development process of the feature, showcase how horizontal scalability improves performance on Kubernetes, and highlight future improvements the community is considering to offer write scalability.

Speakers

Alexander Scheel

Head of OpenBao Development, ControlPlane

Alex Scheel is the Head of OpenBao Development at ControlPlane and a member of the OpenBao Technical Steering Committee. He has built a career on open source contributions, previously working at GitLab with OpenBao, at Keyfactor on Bouncy Castle, at HashiCorp on Vault, and at Canonical... Read More →

Monday May 18, 2026 1:30pm - 2:10pm CDT
200F (Level Two)

Cloud + Orchestration

Audience Experience Level Intermediate

1:30pm CDT

Do You Need GCC To Build Embedded Linux ? - Khem Raj, Comcast

Monday May 18, 2026 1:30pm - 2:10pm CDT

208A+B (Level Two)

GCC is default toolchain for Linux based systems, ever since the Linux Distributions were being put together from early days of Linux. However, there have been important developements in compiler technologies and LLVM project has come along. The LLVM infrastructure has been used to build various different compilers for different languages, Clang is the C/C++ static compiler and rust also uses LLVM. There is LLD ( LLVM Linker ) LLDB, ( LLVM Debugger ). binutils like objcopy, objdump, strip etc. are also added. C/C++ compiler runtime in compiler-rt/libc++ has matured as well. The compiler has been used to build Linux Kernel already, However, it can be used to build full Embedded Linux Systems using infrastructure like Yocto project. This talk will showcase that a Linux system can be built completely using LLVM toolchain, replacing the compiler, compiler-runtime, binutils with LLVM built tools. In addition it will also discuss the modern tooling provided with LLVM and Clang and static analyser ( clang-scan ), clang-tidy, clanf-format etc. show-casing additional tooling that can be used by developers e.g. sanitizers.

Speakers

Khem Raj

Fellow, Comcast

Khem Raj is a yocto project maintainer and long time OpenSource contributor to many projects e.g. LLVM, Glibc, Musl, OpenEmbedded etc., he has been helping several open source initiatives in industry. He is guiding the company's adoption of open source software, and becoming an active... Read More →

Monday May 18, 2026 1:30pm - 2:10pm CDT
208A+B (Level Two)

Embedded Linux Conference

Audience Experience Level Intermediate

1:30pm CDT

EOL, Relicensing, Forks: A Cautionary Tale of CVEs - Bridget Kromhout & Lachlan Evenson, Microsoft

Monday May 18, 2026 1:30pm - 2:10pm CDT

200J (Level Two)

Project X goes EOL at the end of this sentence; good luck with the CVEs. Project Y has a new license meaning you can’t use it anymore; what do you mean, your team built something important on it? Project Z works great but you built a new feature in your fork, and now you can’t take the upstream patches. Half of your open source environments may have a dependency on some now-defunct project, and now everyone’s scrambling for solutions.

Join experienced open source maintainers to discuss what warning signs can help prevent abrupt retirement or relicensing from taking your end users by surprise. We’ll outline the ways you can get visibility into your software supply chain and become active in the upstreams that matter most for your needs, ensuring that you’re in control of your own destiny no matter what storm of alphabet soup comes your way.

Speakers

Bridget Kromhout

Principal Product Manager, Microsoft

Bridget Kromhout is a Principal Product Manager at Microsoft Azure, focusing on the open source cloud native ecosystem.

Lachlan Evenson

Principal Product Manager - Azure Cloud Native Ecosystem, Microsoft

Lachlan is a Principal Product Manager on the Azure Cloud Native Ecosystem team. Lachlan has served in many different roles in the cloud native community including cloud native ambassador, Kubernetes steering committee and release lead, and has deep operational knowledge of many cloud... Read More →

Monday May 18, 2026 1:30pm - 2:10pm CDT
200J (Level Two)

OSS Enabling & Management, Project Leadership

Audience Experience Level Intermediate

1:30pm CDT

Strategic Approach To Demonstrating the Value of OSS Efforts - Dawn Foster, Independent

Monday May 18, 2026 1:30pm - 2:10pm CDT

200A (Level Two)

We’ve probably all had company leadership question the value of our OSS efforts. It can be difficult to frame the value in ways that resonate with leadership and clearly articulate the organizational benefits gained through continued OSS contributions. Taking a strategic approach that connects the OSS work with the broader goals and objectives of the organization can demonstrate the value of this work so that the organization can continue to allocate resources to the OSPO or other OSS teams.

Using examples from my decades of experience in OSS, this talk will provide details about how to demonstrate value by focusing on how your OSS work helps the organization achieve their strategies and goals. Every organization has unique needs and goals based on what they are trying to achieve, so there is no “one size fits all” way of demonstrating value, but aligning your OSS strategy with your organization’s goals and focusing on the most strategic projects can help show the value of your efforts. This talk will help you reason about how OSS efforts allow your organization to achieve its goals along with framing and communicating that value in ways that resonate with your leadership team.

Speakers

Dawn Foster

Open Source Strategy Consultant, Self-Employed

Dr. Dawn Foster is an OSS strategy consultant. She is also on the board of CHAOSS and OpenUK, and was previously a co-chair of the CNCF Contributor Strategy Technical Advisory Group. She has 20+ years of experience at companies like VMware and Intel with expertise in community, strategy... Read More →

Monday May 18, 2026 1:30pm - 2:10pm CDT
200A (Level Two)

OSS Enabling & Management, Operations Management & OSPOs

Audience Experience Level Intermediate

1:45pm CDT

Lightning Talk: Ortelius V12: Post-Deployment Security Defense for DevSecOps - Steve Taylor, DeployHub

Monday May 18, 2026 1:45pm - 1:55pm CDT

200C (Level Two)

Most DevSecOps pipelines stop protecting software once it is deployed, leaving organizations blind to newly disclosed vulnerabilities impacting live systems. Ortelius addresses this gap with post-deployment security powered by a digital twin of deployed software. By mapping SBOMs to running packages, versions, environments, and endpoints, Ortelius continuously correlates live systems with vulnerability databases, detecting critical and high-risk CVEs the moment they are published.

This session will introduce the latest Ortelius release, demonstrate new features, and show how teams can reduce MTTR from months to days by identifying which vulnerabilities truly impact production. Attendees will learn how Ortelius integrate with platform engineering workflows to provide continuous visibility and security beyond release.
Take Aways:
- Why pre-deployment SCA tools alone cannot protect production systems
- How Ortelius builds a digital twin of deployed software across clusters, clouds, and environments
- How SBOMs are mapped to live endpoints to identify true attack surface exposure
- How teams are reducing MTTR for critical CVEs to under 10 days

Speakers

Steve Taylor

CTO, DeployHub

Steve Taylor is a technology leader and innovator with deep expertise in service-based architecture, DevSecOps, open-source security, and secure software delivery. As CTO of DeployHub, he leads product strategy focused on build and release automation, vulnerability management, and... Read More →

Monday May 18, 2026 1:45pm - 1:55pm CDT
200C (Level Two)

cdCon

Audience Experience Level Intermediate

2:00pm CDT

Lightning Talk: CDEvents: Ending the "Glue Code" Tax on Engineering Velocity - Mihir Vora & Prem Dhayalan, Capital One

Monday May 18, 2026 2:00pm - 2:10pm CDT

200C (Level Two)

We’ve achieved industry-wide standards for containers (docker) and orchestration (kubernetes), yet our delivery pipelines remain stuck in the "scripting era." In most organizations, the connection between a security scanner, a CI runner, and a deployment engine isn't a standard interface—it’s mostly a fragile web of custom Python scripts and yaml/jenkinsfile hacks.

This is the Glue Code Tax: a massive, invisible drain on resources that forces engineers to spend nearly half of their time maintaining integrations rather than shipping features.

This session tackles the "scripting fatigue" head-on. We will explore how to move away from fragile, one-off pipelines toward a truly modular, event-driven ecosystem. Using something like CDEvents standard as a blueprint, we’ll demonstrate how tools can "signal" their status natively, allowing you to swap out parts of your stack without rewriting your entire delivery logic. We’re moving past the era of digital duct tape and into the era of interoperable DevOps.

Speakers

Mihir Vora

Senior Distinguished Engineer, Capital One

Mihir is a Sr. Distinguished Engineer at Capital One with a passion for empowering teams and driving innovation. Mihir successfully led multiple projects that drive digital transformation and enhance customer experience over the years. Mihir has successfully balanced technical contributions... Read More →

Prem Dhayalan

Senior Distinguished Engineer, Capital One

Thought leader, evangelist in the areas of DevSecOps, Continuous Delivery, Developer Experience, Cloud Computing, Open Source Adoption, Digital Transformation. A hands-on developer

Monday May 18, 2026 2:00pm - 2:10pm CDT
200C (Level Two)

cdCon

Audience Experience Level Intermediate

2:25pm CDT

Troubleshooting Like a Senior on Day 1: ReAct Agents With Real-Time Cluster Evidence - Bohyun Choi, UCLIX; Woobin Hwang, NEOWIZ Partners; TaeJi Kim, Bungaejangter Inc

Monday May 18, 2026 2:25pm - 3:05pm CDT

200F (Level Two)

If a production incident hits on your first day, can you debug it? Or if you are a senior engineer, do you find it impossible to download your years of debugging intuition into a new hire’s head?
Kubernetes troubleshooting often depends on undocumented decision paths: where to look first, which signals to trust, and how to turn a sea of logs into a testable hypothesis.

In this talk, we introduce KUBE-RCA, an open-source incident assistant that plugs into your preferred external LLM and provides real-time cluster evidence (metrics, logs, events) as structured context. Using a ReAct loop, the agent proposes hypotheses, runs an allowlisted set of read-only commands/queries, ties each claim back to evidence, and publishes a concise RCA draft directly to your team channel.

We’ll share the design decisions behind our guardrailed execution loop and how we encode SRE intuition into prompts and checks. You’ll walk away with an understanding of how to make incident response more systematic. So engineers of any tenure can resolve issues faster, with less senior interruption.

Speakers

Bohyun Choi

NVIDIA SW Engineer, UCLIX

Bohyun Choi builds Kubernetes platforms for GPU/AI workloads and NVIDIA orchestration. She architects and operates scalable GPU clusters on Kubernetes and focuses on production reliability and incident response.

She holds four CNCF Kubernetes certifications and is developing kube-rca, an open-source, guardrailed LLM-assisted tool that produces evidence-backed incident triage and RCA drafts from live cluster signals... Read More →

Woobin Hwang

DevOps Engineer, NEOWIZ Partners

DevOps for Web3 (Blockchain Validator Node Operator | DeFi Infra Operator)

"Engineering mission-critical validator node in zero-trust environments. Designing and operating 24/7 high-availability infrastructure for global DeFi protocols within the Web3 ecosystem."

TaeJi Kim

DevSecOps Engineer, Bungaejangter Inc.

DevSecOps Engineer at Bungaejangter Inc. and team lead of KUBE-RCA, an open-source Kubernetes incident assistant that pairs ReAct-based LLM agents with real-time cluster evidence for automated root cause analysis. Leads the project's architecture and guardrailed execution design to... Read More →

Monday May 18, 2026 2:25pm - 3:05pm CDT
200F (Level Two)

Cloud + Orchestration

Audience Experience Level Intermediate

2:25pm CDT

Automating MCP Server Testing: Engineering Reliability for Agentic Systems - Neethu Elizabeth Simon, Arm

Monday May 18, 2026 2:25pm - 3:05pm CDT

200B (Level Two)

AI agents don’t fail like traditional software. They don’t just throw exceptions, they drift. They misinterpret tools, invoke the wrong functions or behave differently across environments. When deploying Arm’s Open Source custom MCP server to power AI assistants for architecture development, migration, and optimization, we faced a critical question: how do we test a system built for nondeterministic interaction? In this talk, I’ll share how we moved from manual validation to a repeatable, CI-enforced testing strategy using Pytest and Testcontainers. We spin up real MCP server in Docker during tests, validating tool discovery, invocation, and protocol compliance end-to-end.
This isn’t about mocking LLM output. It’s about testing the contract between agents and tools. The key insight: treat your MCP server like production infrastructure, not experimental glue code. Because “it worked on my machine” is not a deployment strategy.
Session takeaways:
• A demo of Arm’s Open Source MCP server(github.com/arm/mcp)
• Why unit tests are insufficient for agent-facing systems
• How we run MCP server inside containerized test environments
• How GitHub Actions automate CI integration testing

Speakers

Neethu Elizabeth Simon

Staff Solution Architect, Arm Ltd

Neethu Elizabeth Simon, Staff Solution Architect, Arm (previously at Intel Corporation), with vast industrial experience(10+ ys) in building AI/ML/IoT-based solutions across retail, industrial & healthcare domains for external customers and open-source developer communities. She is... Read More →

Monday May 18, 2026 2:25pm - 3:05pm CDT
200B (Level Two)

Open AI & Data

Audience Experience Level Intermediate

2:25pm CDT

From Image To Itinerary: Multimodal Agentic Travel Planning With MCP, A2A, and BeeAI - Ezequiel Lanza, Intel

Monday May 18, 2026 2:25pm - 3:05pm CDT

211A+B (Level Two)

Planning a trip is a deceptively complex problem for AI, especially when the journey starts from visual context rather than text. In this session, we present a multimodal-first, local-first agentic architecture where a user uploads an image (e.g. “where is this place?”), and the system builds a travel plan from that visual input using Model Context Protocol (MCP), A2A (Agent-to-Agent), and BeeAI — all running fully locally without cloud dependencies.

The system employs a router and specialist agent pattern, where dedicated agents handle image understanding, hotel search, and flight search, each backed by MCP servers. A multimodal model extracts meaning from the image, after which the router decomposes the task and delegates work through A2A to the appropriate specialists.

We will walk-through how BeeAI manages agent lifecycles, how A2A enables explicit agent collaboration, and how MCP acts as a stable contract layer between reasoning and real-world capabilities. The focus is on practical architecture, configuration, and lessons learned, showing how to build MCP-centric, multimodal systems that remain extensible, reproducible, and maintainable as new agents and tools are added.

Speakers

Ezequiel Lanza

Ai Software Evangelist, Intel

Passionate about helping people discover the exciting world of artificial intelligence, Ezequiel is a frequent AI conference presenter and the creator of use cases, tutorials, and guides that help developers adopt open source AI tools.

Monday May 18, 2026 2:25pm - 3:05pm CDT
211A+B (Level Two)

Open AI & Data

Audience Experience Level Intermediate

2:25pm CDT

Merge, Maintain, or Move On? Deciding the Fate of an Open Source Project - Robin Ginn, OpenJS Foundation

Monday May 18, 2026 2:25pm - 3:05pm CDT

200J (Level Two)

When does maintaining a project become more harmful than helpful? As the leader of the OpenJS Foundation, home to Node.js and more, I will give a candid talk to unpack the hardest question in open source: how do you know when it’s time to let go? Drawing from real-world examples from leading one of the web’s most widely used open source foundations and its JavaScript projects like Lodash, jQuery, and Express, I will explore what it means to responsibly sunset a project, merge with others, or double down on maintenance. You’ll learn how to read the signs for security and sustainability, engage the community, and what it takes to wrap up a project with integrity, especially when billions of developers still rely on it.

Speakers

Robin Bender Ginn

Executive Director, OpenJS Foundation

Robin Bender Ginn is the Executive Director of the OpenJS Foundation. Hosted by the Linux Foundation, OpenJS is the neutral home to grow and sustain the JavaScript and web ecosystem with 35 projects including Appium, Electron, Jest, jQuery, Node.js and webpack. Previously, Robin led... Read More →

Monday May 18, 2026 2:25pm - 3:05pm CDT
200J (Level Two)

OSS Enabling & Management, Project Leadership

Audience Experience Level Intermediate

3:35pm CDT

Lightning Talk: When Pipelines Decide: Governing Speed, Trust, and Accountability in AI-Driven CI/CD - Sundeep Bobba, Southwest Airlines & Naga Sujitha Vummaneni, Ripple

Monday May 18, 2026 3:35pm - 3:55pm CDT

200C (Level Two)

AI and autonomous agents are now coming into CI/CD pipelines more and more. Earlier they only followed instructions. Now they help in testing, deciding releases, approving deployments, and sometimes fixing problems on their own. This is a big change. Because of this, we need to think again about speed, security, and who is responsible when something goes wrong.

This session talks about few important things, in simple way:

• Moving from only making pipelines faster to also adding control. DevOps is not just optimization now, it also needs governance and good system design.
• Practical patterns from real work. Architecture and team setups that people can actually use and scale.
• Rules for bots that do not slow humans. Policy driven guardrails for autonomous pipelines.
• Clear decision points. Who decides what, and when humans must step in.
• Human oversight at scale. Reviews that still matter but do not block delivery.
• Security from the beginning. Audit logs, policy enforcement, and safe handling when signals are not very clear.

Speakers

Sundeep Bobba

Tech Lead Cloud DevOps Engineer, Southwest Airlines

Sundeep Bobba is a Tech Lead Cloud DevOps Engineer at Southwest Airlines with 15+ years of experience building large-scale, cloud-native CI/CD and automation platforms. He leads enterprise DevOps modernization supporting millions of customers and billions in digital revenue. He is... Read More →

Naga Sujitha Vummaneni

Sr. Security Engineer, Ripple

Naga Sujitha Vummaneni is a Senior Security Engineer at Ripple with 10+ years of experience in cloud security automation and infrastructure engineering across Google, Nike, eBay, and other tech leaders. AWS Certified Security and CISM credential holder, she specializes in blockchain... Read More →

Monday May 18, 2026 3:35pm - 3:55pm CDT
200C (Level Two)

cdCon

Audience Experience Level Intermediate

3:35pm CDT

Status of Linux Boot-time Work - Tim Bird, Sony Electronics

Monday May 18, 2026 3:35pm - 4:15pm CDT

208A+B (Level Two)

In this talk, Tim will describe the status of work to reduce boot-time for Linux systems. This include work by the Boot-Time Special Interest Group (SIG), as well as others in the Linux ecosystem. We will cover patches that have gone upstream to the Linux kernel and to systemd in the past year, their potential boot-time savings, and how to use them in your own projects. Patches in progress will also be discussed. Tim will summarize recent boot-time talks from other events (particularly Linux Plumbers Conference), highlighting some of the techniques that were described. Finally, Tim will present his own work to build a boot-time wizard program, to help developers find boot-time bottlenecks and areas where boot speed can be improved.

Speakers

Tim Bird

Principal Software Engineer, Sony Electronics

Tim Bird is a Principal Software Engineer for Sony Corporation, where he helps Sony use Linux and other open source software in their products. Tim is the organizer of the Linux Boot-Time Special Interest Group, a contributor to the Linux kernel, and is involved with numerous Linux... Read More →

Monday May 18, 2026 3:35pm - 4:15pm CDT
208A+B (Level Two)

Embedded Linux Conference

Audience Experience Level Intermediate

3:35pm CDT

KernelScript: Unifying EBPF, Userspace, and Kernel Extensions in One Language - Cong Wang, Multikernel Technologies

Monday May 18, 2026 3:35pm - 4:15pm CDT

205C+D (Level Two)

eBPF has made Linux highly extensible, but production eBPF systems remain fragmented and complex. Developers must write raw C for eBPF, separate userspace loaders, manage BTF compatibility, handle tail calls, dynptr APIs, and sometimes build kernel modules for kfunc support, all across different build systems.

KernelScript is a domain-specific open-source programming language that unifies eBPF, userspace, and kernel extension development in a single, type-safe source file. It introduces multi-target compilation, automatic tail-call orchestration, transparent map and dynptr handling, lifecycle-safe program loading/attaching, and built-in kfunc support that generates kernel module scaffolding automatically.

This talk presents the language design, verifier-aware type system, and compiler architecture behind KernelScript, along with real examples combining XDP, TC, probes, userspace coordination, and custom kernel functions.

KernelScript explores a broader question: what should the next generation of Linux extensibility tooling look like?

Speakers

Cong Wang

Founder and CEO, Multikernel Technologies

Cong Wang is a professional Linux kernel developer mainly focuses on Linux networking and eBPF, he is also a Linux kernel maintainer for the networking traffic control subsystem. He has contributed over 1000 patches to the Linux kernel project.

Monday May 18, 2026 3:35pm - 4:15pm CDT
205C+D (Level Two)

Linux

Audience Experience Level Intermediate

3:35pm CDT

Who You Gonna Call? Taming OpenClaw's Rogue AI Agents With OpenTelemetry and Tetragon - Henrik Rexed, Dynatrace

Monday May 18, 2026 3:35pm - 4:15pm CDT

211A+B (Level Two)

There's something strange in your infrastructure. Who you gonna call?
OpenClaw , the open source AI agent formerly known as Clawdbot, then Moltbot exploded past 150,000 GitHub stars in weeks. It connects LLMs to your messaging platforms, terminal, and file system, giving AI full autonomous control. But like a Ghostbusters ghost, it wreaks havoc: $20 in tokens burned overnight to check the time, a one-click RCE (CVE-2026-25253), 21,000 exposed instances, and 341 malicious skills in the marketplace.
I will straps on my proton pack to bust these ghosts with open source tools. First, the OpenClaw Observability Plugin :
- an OpenTelemetry-based plugin capturing full agent lifecycle traces: request → agent turn → tool calls, with per-tool timing, token breakdowns, and error tracking. Your PKE meter for rogue AI.
- Then, Tetragon , eBPF-powered kernel-level policies restricting file access, network connections, and process execution. The containment unit no prompt injection can escape. A live demo ties it all together: OpenClaw + observability plugin + Tetragon, with traces and security events flowing into one dashboard.
We came, we saw, we traced it.

Speakers

Henrik Rexed

Cloud Native advocate & CNCF Ambassador, Dynatrace

Henrik is a Cloud Native Advocate at Dynatrace and a CNCF Ambassador . Prior to Dynatrace, Henrik has worked more than 15 years, as Performance Engineer. Henrik Rexed Is Also one of the Organizer of the conferences named WOPR, KCD Austria and the owner of the Youtube Channel Isit... Read More →

Monday May 18, 2026 3:35pm - 4:15pm CDT
211A+B (Level Two)

Open AI & Data

Audience Experience Level Intermediate

3:35pm CDT

Taming MCP Server Sprawl: Securing and Scaling the Model Context Protocol in Production - Jeffrey Borek & Olivia Buzek, IBM

Monday May 18, 2026 3:35pm - 4:15pm CDT

200A (Level Two)

As AI agents transition from pilots to production systems, enterprises are rapidly adopting the open source Model Context Protocol (MCP) to connect models with tools, data, and services. But this flexibility introduces a new challenge: MCP server sprawl. Proliferating endpoints, inconsistent trust models, weak identity controls, and unclear governance can quickly create operational and security risk. This session explains what MCP is, why its adoption is accelerating, and where architectural pitfalls emerge at scale. Developers will learn key design principles for secure deployment, including authentication patterns, authorization boundaries, observability, lifecycle management, and policy enforcement. Attendees will leave with a practical mental model for building MCP integrations that remain composable, governable, and production-ready as ecosystems evolve.

Speakers

Jeffrey Borek

WW Program Director, Open Technologies, IBM

Working across IBM Research to build a scalable and consistent AI software supply chain security framework, while continuing to lead the consumption compliance Open Source Program Office (OSPO), including policy, execution and guidance. Working with IBM Government & Regulatory Affairs... Read More →

Olivia Buzek

Senior Staff Developer Advocate for AI, IBM

Olivia is a computational linguist turned AI engineer. Her career has focused on data, machine learning, and AI. She subscribes to neither AI hype nor AI doomerism, believing that human creativity and AI can coexist, and that builders of AI applications have a responsibility to their... Read More →

Monday May 18, 2026 3:35pm - 4:15pm CDT
200A (Level Two)

OSS Enabling & Management, Operations Management & OSPOs

Audience Experience Level Intermediate

3:35pm CDT

StageX: Rebuilding Trust Through Multi-Signed, Full-Source Bootstrapped, and Reproducible Builds - Danny Grove, Manifest Cyber & Lance Vick, Distrust

Monday May 18, 2026 3:35pm - 4:15pm CDT

200G (Level Two)

Most Linux distributions trust individual maintainers with complete package control, creating critical supply chain vulnerabilities. StageX rebuilds this trust model from scratch with a radically different approach: no single person or computer can compromise the system.
StageX requires fully bit-for-bit reproducible builds verified and signed by multiple independent parties before release. Built from 181 bytes of machine code, StageX bootstraps modern toolchains that can be used in container-native and static contexts.
This talk demonstrates StageX's approach to full-source bootstrapping, bit-for-bit reproducibility and multi-party verification; contrasts it with other reproducible build efforts like NixOS/Guix, and shows how its container-native design provides practical security guarantees. You'll learn how to implement these approaches in your own infrastructure to build software from toolchain to deployment.

Speakers

Lance Vick

Security Engineer, Distrust

Danny Grove

Lead Infrastructure Engineer, Manifest Cyber

Software and Infrastructure Engineer with 16 years of experience across the web stack. Co-Founder of Hashbang, a decentralized hackerspace. Owner at DR Grove Software LLC and Lead Infrastructure Engineer at Manifest Cyber. Cyborg. Specializes in containerization, building other peoples... Read More →

Monday May 18, 2026 3:35pm - 4:15pm CDT
200G (Level Two)

Packages + Images + Containers

Audience Experience Level Intermediate

3:35pm CDT

Beyond Static Devicetrees: Implementing Runtime Hardware Dynamism in Zephyr - Wai-Hong Tam, Google

Monday May 18, 2026 3:35pm - 4:15pm CDT

200D (Level Two)

Zephyr’s build-time configuration excels at efficiency, but challenges mass production. When a single product design needs to support dozens of hardware variations, e.g. swapping out sensors or chargers due to supply chain constraints, the standard build flow often leads to managing a unique binary for every combination. This creates a validation nightmare.

This talk presents an architectural framework used in the ChromeOS Embedded Controller that brings runtime adaptability to Zephyr, achieving Linux-like flexibility without the memory overhead of a live DTB parser.

We cover two specific patterns:
1. Dynamic Driver Selection: We treat the Devicetree as a pool of supported components. By reading a configuration bitfield from manufacturing data (EEPROM or protected flash) at boot, the firmware dynamically initializes only the correct drivers for that specific unit.

2. Safe Hardware Discovery: Zephyr compiles away hardware descriptions, leaving the host OS blind to connected peripherals. We introduce a pipeline that exports Devicetree definitions into a "Component Manifest". This enables safe OS-level verification, avoiding the risks of "blind probing" on I2C buses.

Speakers

Wai-Hong Tam

Staff Software Engineer, Google

Wai-Hong is a Staff Software Engineer at Google with over 20 years of embedded expertise. His career spans from RTOS and BootROM work at MediaTek to leading firmware architecture for ChromeOS. At Google, he has contributed to verified boot, U-Boot for the first ARM Chromebook, the... Read More →

Monday May 18, 2026 3:35pm - 4:15pm CDT
200D (Level Two)

Zephyr

Audience Experience Level Intermediate

3:35pm CDT

BoF: DRA for AI Workloads: Where Does the Spec Need To Go Next? - Yahav Biran, Amazon

Monday May 18, 2026 3:35pm - 4:20pm CDT

200F (Level Two)

Kubernetes Dynamic Resource Allocation is now being adopted by hardware vendors implementing drivers for accelerators and high-speed networking. But as real-world AI workloads hit the spec—disaggregated inference across multiple nodes, topology-aware co-location of compute and network devices, per-workload hardware configuration—gaps are emerging. This Birds of a Feather session invites platform engineers, infrastructure teams, and Kubernetes contributors to compare notes on where DRA works well and where the spec leaves teams filling in the blanks themselves. We will use the AWS Trainium Neuron DRA driver as a concrete reference point to ground the discussion, then open the floor: What attributes should be standardized across vendors? How should multi-device atomic allocation be handled? What does the community need to build so that DRA delivers on its promise across all accelerator hardware?

Speakers

Yahav Biran

Principal Architect, Amazon

Yahav Biran is a Principal Architect at AWS, focusing on large-scale AI workloads. He contributes to open-source projects and publishes in AWS blogs and academic journals, including the AWS compute and AI blogs and the Journal of Systems Engineering. He frequently delivers technical... Read More →

Monday May 18, 2026 3:35pm - 4:20pm CDT
200F (Level Two)

Cloud + Orchestration

Audience Experience Level Intermediate

4:30pm CDT

Complying With Regulatory SBoM Requirements Using the Yocto Project - Joshua Watt, Garmin

Monday May 18, 2026 4:30pm - 5:10pm CDT

208C+D (Level Two)

With regulatory deadlines regarding Software Bill of Materials (SBoMs) in place, and more on the horizon (such as the CRA), it is important to ensure that you can comply with the requirements that are stipulated. Fortunately, Yocto has a robust and comprehensive SBoM generation integrated into it, which can aid in ensuring compliance. In this talk, Joshua will provide information and tips about how to configure your Yocto builds for compliance with several of the different SBoM standards.

Speakers

Joshua Watt

Staff Software Engineer, Garmin

Joshua is a Staff Software Engineer for Garmin with 18 years experience producing consumer electronics. He has worked on the Yocto SPDX SBoM implementation, and is a member of the Yocto Project TSC as well as the OpenEmbedded TSC.

Monday May 18, 2026 4:30pm - 5:10pm CDT
208C+D (Level Two)

Embedded Linux Conference

Audience Experience Level Intermediate

4:30pm CDT

What Developers Should Know About Hardware Architecture - Dave Neary, Ampere Computing

Monday May 18, 2026 4:30pm - 5:10pm CDT

205C+D (Level Two)

The classic Java mantra, "write once, run anywhere," suggested that developers should be able to rely on the JVM to handle the intricacies of different hardware environments. For all modern high level languages, we expect compilers and language runtimes to “abstract away” the hardware for application developers. However, the hardware can still impact application performance. Developers and architects should know enough about the behavior of the underlying hardware to avoid pitfalls and take advantage of opportunities to maximize performance.

In this talk, you will learn about:

- How modern CPU pipelining and memory models can impact application performance
- How to think about data locality and memory access patterns when choosing algorithms for your applications
- Some Arm64 features you can leverage to improve performance

This session is ideal for software developers who want to understand how server architecture influences application performance, and how to make informed decisions about the underlying architecture when deploying applications to the cloud.

Speakers

Dave Neary

Director of Developer Relations, Ampere Computing

Dave Neary has been active in free and open source communities for more than 20 years. In that time, he has worked on projects relating to infrastructure management, cloud computing, and the telecommunications industry. He currently leads the Developer Relations team at Ampere Computing... Read More →

Monday May 18, 2026 4:30pm - 5:10pm CDT
205C+D (Level Two)

Linux

Audience Experience Level Intermediate

4:30pm CDT

Scaling LLM Inference With Tiered Caching: Extending LMCache With Amazon SageMaker HyperPod - Yihua Cheng, Tensormesh, Inc. & Ziwen Ning

Monday May 18, 2026 4:30pm - 5:10pm CDT

211A+B (Level Two)

LMCache supports tiered KV caching with CPU memory offloading, extending inference beyond GPU memory limits. But what happens when local CPU memory isn't enough? This session introduces the next tier: offloading KV cache to Amazon SageMaker HyperPod managed storage, expanding cache capacity for large-scale LLM inference.

We'll cover the technical design of the SageMaker HyperPod connector contribution to LMCache. Hot entries stay in GPU memory, warm entries spill to CPU memory, and cold entries persist to HyperPod's managed storage. This three-tier architecture lets organizations cache far more context than local resources allow, reducing redundant computation for repeated prompts and long-context scenarios.

The session demonstrates the integration in action, showing cache hit rates, latency across tiers, and how the connector handles transitions between local and remote storage. We'll discuss key engineering decisions, including async prefetching and failure handling.

Attendees will leave with practical knowledge of how managed cloud storage can extend open source caching frameworks for LLM inference infrastructure.

Speakers

Yihua Cheng

CTO, Tensormesh, Inc.

Yihua Cheng is co-founder and CTO of Tensormesh. He has a deep background in large language models, high-performance computing, and open-source development.
Yihua created LMCache and the vLLM production stack, open-source projects that have collectively earned over 9,000 GitHub... Read More →

Ziwen Ning

Open Source Contributor

Ziwen Ning is an open-source contributor to LMCache. He was previously a Senior Software Development Engineer at AWS, working on Amazon SageMaker HyperPod with a focus on building scalable ML infrastructure. Before that at Annapurna Labs, he enhanced the AI/ML experience through the... Read More →

Monday May 18, 2026 4:30pm - 5:10pm CDT
211A+B (Level Two)

Open AI & Data

Audience Experience Level Intermediate

4:30pm CDT

Image Composer Tool: Declarative Multi-Distro Linux Image Builds From Packages - Mats Agerstam & Alpesh Rodage, Intel Corporation

Monday May 18, 2026 4:30pm - 5:10pm CDT

200G (Level Two)

Building custom Linux images for edge deployments requires distribution-specific toolchains, manual dependency resolution, and bespoke scripting; resulting in fragile, hard-to-reproduce pipelines.

Image Composer Tool (ICT) is an open-source tool that composes bootable Linux images from pre-built packages using declarative YAML templates. It supports Azure Linux, Ubuntu, Wind River eLxr, and Edge Microvisor Toolkit through a single workflow, with dependency resolution across RPM and DEB ecosystems, GPG signature verification, and deterministic builds for CI/CD.

This session covers:

Package management abstraction across RPM and DEB via a unified interface

Reproducible, template-driven builds producing identical outputs from identical inputs

Supply chain security: GPG verification, TLS-secured fetches, minimal attack surface

Extensible provider architecture enabling contributors to add new distributions

Live demo: composing a bootable image from a YAML template in minutes

Attendees will learn how declarative image composition simplifies multi-distribution package management and produces reproducible, secure OS images

Speakers

Mats Agerstam

Senior Principal Engineer, Intel Corporation

Mats Agerstam is a Senior Principal Engineer at Intel, leading architecture for the Open Edge Platform, Edge Microvisor Toolkit, and OS Image Composer to simplify AI and edge‑native workload deployment. With deep experience in edge computing, device lifecycle management, and platform... Read More →

Alpesh Rodage

Cloud Software Architect, Intel Corporation

Alpesh Rodage is a Cloud Software Architect at Intel with 20+ years in platform engineering and distributed systems. He architects and leads development of the OS Image Composer, an open-source tool for declarative, multi-distribution Linux image builds. Previously, he designed multi-cluster... Read More →

Monday May 18, 2026 4:30pm - 5:10pm CDT
200G (Level Two)

Packages + Images + Containers

Audience Experience Level Intermediate

4:30pm CDT

Leveraging GPU-accelerated Stereo Visual Inertial Odometry in PX4 Using ROS2 - Andrew Brahim, Ascend Engineering

Monday May 18, 2026 4:30pm - 5:10pm CDT

200B (Level Two)

This quick tutorial walks through the camera calibration/configuration, uxrce dds service, Isaac ROS setup, and PX4 parameters required to fuse stereo VIO in EKF2. The platform is a quadcopter with an Ark Jetson computer.

Speakers

Andrew Brahim

Principle Engineer at Ascend Engineering, Ascend Engineering

With a background in Electrical Engineering, I became involved in the UAS industry as a hobby at first. There are always interesting and challenging problems to solve in this space, which inspires me to learn a little bit more about the technology in this space every day.

Monday May 18, 2026 4:30pm - 5:10pm CDT
200B (Level Two)

PX4 Dev Summit

Audience Experience Level Intermediate

4:35pm CDT

The Probabilistic Pipeline: From Green To Safe - Mihir Vora, Capital One

Monday May 18, 2026 4:35pm - 4:55pm CDT

200C (Level Two)

CI/CD has trained us to trust one signal: green means go. But modern systems don't fail in binary. A one-line UI tweak can trigger a 45-minute test marathon, while a risky change can go green and still take production down. The issue isn't "bad pipelines" - it's that pass/fail is no longer a reliable proxy for safe.

In this talk I introduce the Probabilistic Pipeline: shipping as risk management, not static gating. The pipeline produces a per-change risk/confidence score from signals you already have: diff blast radius, service criticality, incident hotspots, flaky tests, dependency/config deltas, and real-time system health (delivery events + telemetry). That score routes changes through adaptive lanes - Fast, Standard, Hardened - so low-risk work gets lightweight checks + automated canaries, while higher-risk work earns deeper validation, safer rollout, and tighter oversight.

You'll leave with a reference architecture, a concrete example and guardrails that keep trust: explainable scores, deterministic security/compliance hard floors, and a feedback loop that learns from outcomes. No ML background required - this is about practical delivery design.

Speakers

Mihir Vora

Senior Distinguished Engineer, Capital One

Monday May 18, 2026 4:35pm - 4:55pm CDT
200C (Level Two)

cdCon

Audience Experience Level Intermediate

5:15pm CDT

Lightning Talk: The Era of Agentic Continuous Delivery - Vibhav Bobade, Red Hat

Monday May 18, 2026 5:15pm - 5:25pm CDT

200C (Level Two)

How do we ensure that Agentic Delivery follows the same rigour as tools when only humans created software? With AI Agents, we are slowly being forced to look at software development and delivery that looks more like a statistical distribution than a carefully implemented solution. The software delivery lifecycle is now completely touched by AI, from writing code and testing to pushing to production and testing against production code.

In this talk, we will peel the layers of Continuous Delivery and see the new verticals in delivery AI is giving rise to and problems yet to be solved from a first principle basis, and with guidance on what questions we can ask to choose the right AI tools and keep up without exhausing outselves.

Speakers

Vibhav Bobade

Senior Software Engineer, Red Hat

I am an open-source developer who enjoys containers, audio, and running. I work at Red Hat as a Senior Software Engineer and help maintain Tekton Pipelines.

Monday May 18, 2026 5:15pm - 5:25pm CDT
200C (Level Two)

cdCon

Audience Experience Level Intermediate

5:25pm CDT

Monolithic To Cloud Native: Lessons From Migrating Heroku To EKS at Scale - Mateen Anjum, Phono Technologies Inc

Monday May 18, 2026 5:25pm - 6:05pm CDT

200F (Level Two)

When our platform served a SaaS company growing from
9M$ to $100M ARR, we faced a decision every scaling team encounters: stay on Heroku or migrate to Kubernetes. We chose migration. This talk shares the real lessons from moving 47 microservices to EKS while maintaining 99.9% uptime.

I will cover the migration patterns that worked, the ones that failed spectacularly, and the operational changes that made the difference between success and rollback. You will learn how we reduced API latency from 700ms to 70ms, why our first three migration attempts failed, and what "production ready" actually means when your customers include enterprise clients with strict SLAs.

This is not a vendor pitch or theoretical framework. It is a practitioner's account of what happens when you bet your platform on Kubernetes and have to deliver.

Attendees will leave with a realistic migration checklist, common failure patterns to avoid, and honest metrics on what to expect during and after migration.

Speakers

Mateen Anjum

Staff DevOps Engineer, Phono Technologies Inc

Mateen Ali Anjum is a Staff DevOps Engineer with 12 years of experience building infrastructure platforms. He has scaled systems, led platform migrations, and currently works in Canada. His work focuses on the intersection of reliability engineering and emerging AI tooling for infrastructure... Read More →

Monday May 18, 2026 5:25pm - 6:05pm CDT
200F (Level Two)

Cloud + Orchestration

Audience Experience Level Intermediate

5:25pm CDT

Panel Discussion: Securing the AI Supply Chain: Critical Infrastructure for Model Integrity and Trust - Christopher Robinson, OpenSSF; Jay White, Microsoft; Mihai Maruseac, OpenAI; Marcela Melara, Intel

Monday May 18, 2026 5:25pm - 6:05pm CDT

200E (Level Two)

As AI systems become deeply embedded in critical infrastructure and enterprise operations, ensuring the security, integrity, and provenance of machine learning models has become a fundamental challenge for the open source ecosystem.

This session will provide an overview of the OpenSSF AI/ML Security Working Group's focus on practical solutions that bring software supply chain security best practices to AI.

1. End-to-End Model Provenance: Detect unintended changes and ensure verifiable audit trails throughout the entire model lifecycle.

2. Model Signing: Provide verifiable claims about model integrity by establishing cryptographic signing patterns.

3. GPU-Based Model Integrity: Address the scalability of authenticating very large ML models by leveraging GPU acceleration in a vendor-agnostic API.

4. Frameworks for Securing AI Agent Communications: A comprehensive security framework to secure AI agent-tool orchestration against emerging threats.

5. Cyber Reasoning System (CRS): AI-for-Security systems to identify and submit patches for software vulnerabilities.

Panelists:
Marcela Melara, Intel
Mihai Maruseac, OpenAI
Jay White, Microsoft

Moderator:
Christopher Robinson, OpenSSF

Speakers

Christopher "CRob" Robinson

Chief Architect - OpenSSF, OpenSSF

Christopher Robinson (aka CRob) is the Chief Security Architect for the Open Source Security Foundation. With over 25 years of Enterprise-class engineering, architectural, operational and leadership experience, CRob has worked at several Fortune 500 companies with experience in the... Read More →

Jay White

Security Principal Program Manager, Microsoft Corporation

Jay has 20+ years of IT/information security experience dedicated to cyber risk, security, privacy, and compliance. He provides a combined tactical and strategic balance towards the implementation of security and compliance requirements that aligns to an organization’s broader business... Read More →

Mihai Maruseac

Member of Technical Staff, OpenAI

Building AGI with Privacy and Security as Member of Technical Staff at OpenAI.

Previously was a member of the Google Open Source Security Team (GOSST), working on Supply Chain Security for ML (released model-signing). Co-lead on a Secure AI Framework (SAIF) workstream from Google on AI supply chain. Chairing OpenSSF AI/ML working group and involved in CoSAI’s... Read More →

Marcela Melara

Research Scientist, Intel Corporation

Marcela Melara is a research scientist at Intel making distributed and cloud systems more trustworthy. Her current work focuses on developing solutions for high-integrity software and AI supply chains. She leads a number of internal, academic and open-source projects on supply chain... Read More →

Monday May 18, 2026 5:25pm - 6:05pm CDT
200E (Level Two)

Digital Trust

Audience Experience Level Intermediate

5:25pm CDT

Demystifying VirtIO-GPU: Building a Graphics Virtualization Bridge From Scratch - Yung-Tse Cheng, National Taiwan Normal University & Sheng-Wen (Colin) Cheng, The University of Texas at Austin

Monday May 18, 2026 5:25pm - 6:05pm CDT

205C+D (Level Two)

Additional Authors/Contributors: Jim Huang, Assistant Professor, National Cheng Kung University

VirtIO is the standard interface for device virtualization, enabling guest systems to access host resources and powering platforms such as QEMU and ACRN, which provide virtualized block, network, input, and graphics devices.

This talk takes an implementation-focused approach to virtio-gpu. We add virtio-gpu and virtio-input support to a minimalist RISC-V Linux emulator, building a graphics virtualization bridge from the guest framebuffer to host GPU acceleration. We examine the architectural decisions and trade-offs required to make the system function end to end.

Although VirtIO simplifies abstraction, virtio-gpu remains one of its most complex devices. Enabling 3D acceleration goes beyond the specification and requires coordination with Mesa 3D and virglrenderer, as well as compatibility with OpenGL and Vulkan. We highlight practical gaps between specification and implementation, including memory management, command submission, and synchronization.

Attendees will gain:
* A clear mental model of virtio-gpu architecture, including 2D and 3D paths
* Practical insights into integrating Mesa 3D and virglrenderer

Reference implementation: https://github.com/sysprog21/semu

Speakers

Yung-Tse Cheng

Undergraduate student, National Taiwan Normal University

Yung-Tse Cheng is an undergraduate student at National Taiwan Normal University (NTNU), Taiwan, focusing on system software and embedded systems.

He has recently contributed to the open-source RISC-V emulator semu, primarily working on a 2D-focused virtio-gpu stack and virtio-inpu... Read More →

Sheng-Wen Cheng

Graduate Student, The University of Texas at Austin

Sheng-Wen (Colin) Cheng is currently a graduate student at The University of Texas at Austin with a background in system software, robotics, and embedded systems.

He holds a master’s degree in Robotics and has conducted research on quadrotor flight control systems using nonlin... Read More →

Monday May 18, 2026 5:25pm - 6:05pm CDT
205C+D (Level Two)

Linux

Audience Experience Level Intermediate

5:25pm CDT

Beyond Vector Search: Building Knowledge Graphs for Autonomous Infrastructure - Torsten Boettjer, Rescile

Monday May 18, 2026 5:25pm - 6:05pm CDT

211A+B (Level Two)

Modern platform engineering has a 'context' problem. As infrastructure scales across Kubernetes, hybrid clouds, and internal developer platforms (IDPs) like Backstage, traditional RAG systems struggle to answer multi-hop queries like 'Which services depend on this failing database?' or 'What is the blast radius of this IAM change?'
In this session, we explore how GraphRAG—a combination of Knowledge Graphs and LLMs—solves the reasoning gap that vector-only search leaves behind. We will demonstrate how to index infrastructure as a graph of entities and relationships, allowing AI agents to perform complex root-cause analysis and automate documentation. Attendees will leave with a blueprint for building an open-source GraphRAG pipeline to turn platform data into actionable intelligence."

Speakers

Torsten Boettjer

Co-Founder, Rescile

Co-Founder at Rescile, 20 years experience in platform engineering, former CCIO at Avaloq, CTO at Cisco, Head of Innovation at Swisscom, Product Management at Oracle Cloud Infrastructure

Monday May 18, 2026 5:25pm - 6:05pm CDT
211A+B (Level Two)

Open AI & Data

Audience Experience Level Intermediate

5:25pm CDT

QGC: What You Don't Know - Andrew Wilkins, Ascend Engineering

Monday May 18, 2026 5:25pm - 6:05pm CDT

200B (Level Two)

This talk dives in to what you don't know about QGC. Hidden features, how to make changes, why things are the way they are.

We will go over: Text overlay on videos, Advanced Vs. Standard Mode, new joystick integrations, new bluetooth connections support, AND MORE!!!

Learn the intricacies of QGC as you never have before while also discovering brand new features!

Speakers

Andrew Wilkins

CEO - Ascend Engineering, Ascend Engineering

Andrew Wilkins is the CEO of Ascend Engineering. He does extensive contracting work with various PX4/QGC-related projects and has a strong sense of what these projects need from Dronecode. Ascend Engineering currently employs two PX4/QGC maintainers, giving Andrew direct insight into... Read More →

Monday May 18, 2026 5:25pm - 6:05pm CDT
200B (Level Two)

PX4 Dev Summit

Audience Experience Level Intermediate

5:30pm CDT

Lightning Talk: Simple Yet Scalable MLOps: Bridging the Gap Between Data Science and CI/CD - Sachin Garg, NavankurIT; Sameeksha Garg, Carnegie Mellon University

Monday May 18, 2026 5:30pm - 5:40pm CDT

200C (Level Two)

The transition of Machine Learning (ML) models from experimental notebooks to reliable production environments often reveals a significant disconnect between Data Scientists and Infrastructure/Operations teams. While traditional DevOps has mastered code delivery, the unique "state" of ML—comprising both code and massive datasets—requires a specialized evolution: MLOps. This session provides a practical roadmap for building a simple yet highly scalable CI/CD pipeline using a purely open-source stack.

We begin by addressing the critical challenge of Model Reproducibility. Standard version control systems like Git excel at managing algorithms but fail when handling the 500MB weights or multi-gigabyte training sets typical of modern ML. Our proposed architecture integrates DVC (Data Version Control) to version-control data alongside source code, ensuring that every deployment is fully traceable and repeatable.

Speakers

Sachin Garg

CTO, NavankurIT

Dr. Sachin Garg built India's early FOSS infrastructure: MNNIT's first internet server (1995) over 9.6 kbps VSAT, core BLUG member (1996-2002), IT.com '99 Linux Pavilion participant, and architect of Wipro's landmark FOSS.in 2006 sponsorship. At C-DAC, championed Linux for PARAM supercomputers... Read More →

Sameeksha Garg

Student, Carnegie Mellon University

Sameeksha Garg is a Computer Science student at Carnegie Mellon University (graduating May 2026), specializing in Machine Learning. With hands-on experience in open-source security at Visa, building ML monitoring systems using Grafana and Prometheus, and developing AI-driven pipelines... Read More →

Monday May 18, 2026 5:30pm - 5:40pm CDT
200C (Level Two)

cdCon

Audience Experience Level Intermediate

5:45pm CDT

Lightning Talk: Taming MCP Challenges at Scale: Move Fast and Build Right - Muktesh Mishra, Adobe

Monday May 18, 2026 5:45pm - 5:55pm CDT

200C (Level Two)

Tired of governance slowing you down while you’re racing to ship AI features? You’re not alone—every AI builder has felt that friction.

Enterprise AI builders struggle to move fast: governance feels like a roadblock, data access is inconsistent and risky, best practices and security controls are manually enforced (or ignored), and every team reinvents the wheel—leading to slow delivery, compliance gaps, quality issues, and mounting technical debt.

Join us for a hands-on session featuring code examples and demos to learn how we overcome these challenges at Adobe, enabling AI builders at scale without compromising quality and speed.

Through a series of code snippets and demos, we will show:
- Paved paths via reusable templates and reference architectures to accelerate onboarding and iterations.
- Automated governance gates covering evaluations, best practices, access controls, and security
- Interoperability and discoverability, via an automated well-formed AI registry
- Standardized data access patterns that ensure compliance, auditability, and efficiency

Join us for a fun session, and let's learn together.

Speakers

Muktesh Mishra

Lead Engineer, AI Foundations and Platforms, Adobe

Muktesh is Lead AI Builder at Adobe. Active contributor to 20+ open-source projects and enjoys solving problems at scale. Conference junkie who has spoken at MongoDB Local, JavaOne, API World, OSCON, DockerCon, Open Source Summit & more. Active in teaching and development across Apache... Read More →

Monday May 18, 2026 5:45pm - 5:55pm CDT
200C (Level Two)

cdCon

Audience Experience Level Intermediate

11:20am CDT

11:20am CDT

11:20am CDT

11:20am CDT

1:30pm CDT

1:30pm CDT

1:30pm CDT

1:30pm CDT

1:30pm CDT

1:45pm CDT

2:00pm CDT

2:25pm CDT

2:25pm CDT

2:25pm CDT

2:25pm CDT

3:35pm CDT

3:35pm CDT

3:35pm CDT

3:35pm CDT

3:35pm CDT

3:35pm CDT

3:35pm CDT

3:35pm CDT

4:30pm CDT

4:30pm CDT

4:30pm CDT

4:30pm CDT

4:30pm CDT

4:35pm CDT

5:15pm CDT

5:25pm CDT

5:25pm CDT

5:25pm CDT

5:25pm CDT

5:25pm CDT

5:30pm CDT

5:45pm CDT

Get help with the event