Open Source Summit + Embedded Linux Conference North America 2026: Full Schedule

May 18-20, 2026
Minneapolis, MN
View More Details & Registration
Note: The schedule is subject to change.

The Sched app allows you to build your schedule but is not a substitute for your event registration. You must be registered for Open Source Summit North America 2025 to participate in the sessions. If you have not registered but would like to join us, please go to the event registration page to purchase a registration.

This schedule is automatically displayed in Central DaylightTime (UTC -5). To see the schedule in your preferred timezone, please select from the drop-down menu to the right, above "Filter by Date."

IMPORTANT NOTE: Timing of sessions and room locations are subject to change.

arrow_back View All Dates

6:45am CDT

5K Fun Run

Tuesday May 19, 2026 6:45am - 8:00am CDT

Time: Meet at 6:45am; Activity from 7:00 – 8:00 am
Location: Meet at the Plaza outside of the Minneapolis Convention Center

Lace up your sneakers - it’s time for the Fun Run! Whether you’re walking, jogging, or chasing a personal best, we’ve got a pace group to match your stride. This all-levels activity is a great way to start your day, so don’t forget to bring your running gear. Join us for a morning of movement, energy, and great company!

Participation is complimentary, with space available on a first-come, first-served basis.

Participants must be registered for Open Source Summit & Embedded Linux Conference North America 2026, have their event badge, and are responsible for bringing their own running attire and water.

Tuesday May 19, 2026 6:45am - 8:00am CDT

Special Events / Exhibits / Breaks

7:30am CDT

Welcome Coffee

Tuesday May 19, 2026 7:30am - 9:00am CDT

Ballroom Foyer (Level One)

Tuesday May 19, 2026 7:30am - 9:00am CDT
Ballroom Foyer (Level One)

Special Events / Exhibits / Breaks

7:30am CDT

Zen Zone

Tuesday May 19, 2026 7:30am - 5:00pm CDT

204B (Level Two)

All attendees may feel free to use the Zen Zone as needed. This is a quiet space for sensory relaxation, meditation, and worship. It is not to be used for conversations or as a workspace.

Tuesday May 19, 2026 7:30am - 5:00pm CDT
204B (Level Two)

Special Events / Exhibits / Breaks

7:30am CDT

Coat & Bag Check

Tuesday May 19, 2026 7:30am - 6:45pm CDT

Ballroom Lobby (Level One)

Tuesday May 19, 2026 7:30am - 6:45pm CDT
Ballroom Lobby (Level One)

Special Events / Exhibits / Breaks

8:00am CDT

Registration & Badge Pick-Up

Tuesday May 19, 2026 8:00am - 5:00pm CDT

Ballroom Lobby (Level One)

Tuesday May 19, 2026 8:00am - 5:00pm CDT
Ballroom Lobby (Level One)

Special Events / Exhibits / Breaks

9:00am CDT

Keynote: Welcome Back

Tuesday May 19, 2026 9:00am - 9:05am CDT

101 A-J (Level One)

Tuesday May 19, 2026 9:00am - 9:05am CDT
101 A-J (Level One)

Keynote Sessions

9:05am CDT

Keynote Panel: From Repo to Rocketship: How Open Source Foundations Supercharge AI Ecosystems - Stephen Chin, Neo4j; Lin Sun, Solo.io; Jakub Kuderski, AMD; Deepyaman Datta, Open Source Maintainer

Tuesday May 19, 2026 9:05am - 9:35am CDT

101 A-J (Level One)

AI infrastructure is moving faster than any single company can sustainably steward: data formats, vector search, orchestration, inference, evaluation, and agent interoperability all need to evolve in the open to win broad adoption. This panel explores why neutral open source foundations matter for the next decade of AI, and how foundation-backed governance turns promising projects into durable ecosystems.

Topics include how open governance reduces fragmentation and vendor lock-in, why trademarks and clear contribution rules accelerate enterprise adoption, how graduated lifecycle models signal maturity, and how interoperability standards unlock composability across tools and platforms. Panelists will share practical lessons on scaling contributor communities, balancing commercial incentives with community trust, and using foundation structures to create long-term technical roadmaps that outlive any single hype cycle. The audience will leave with concrete patterns for launching, donating, or growing AI projects under a foundation, and for building ecosystems that are both innovative and production-ready.

Moderators

Stephen Chin

VP of Developer Relations at Neo4j, Open AI & Data Program Chair

Speakers

Lin Sun

Head of Open Source, Solo.io

Lin is the Head of Open Source at Solo.io, contributing full-time to the open-source community. She serves on the CNCF Technical Oversight Committee (TOC), is a CNCF Ambassador, and is a maintainer for Istio, kgateway, and kagent. An international speaker at tech conferences, Lin... Read More →

Jakub Kuderski

Principal AI Compiler Developer | IREE Project, AMD

Jakub is an open source maintainer and contributor to compiler projects including IREE, MLIR, and LLVM. He also contributes to open standards such as SPIR-V and Vulkan at the Khronos Group.

He currently works on GPU code generation at AMD, targeting both data center accelerators and desktop GPUs, and previously worked on mobile GPU compilers at Google Research, contributing to IREE and MLIR across both roles... Read More →

Deepyaman Datta

Open Source Maintainer

Deepyaman is a data practitioner turned software engineer focused on building open-source data tooling. He was a Senior Staff Software Engineer at Voltron Data on the Ibis team, and later worked on data orchestration and ecosystem integration at Dagster Labs. Prior to that, he was... Read More →

Tuesday May 19, 2026 9:05am - 9:35am CDT
101 A-J (Level One)

Keynote Sessions

9:35am CDT

Keynote: Belle Guttman, Senior Software Engineering Manager, AWS

Tuesday May 19, 2026 9:35am - 9:40am CDT

101 A-J (Level One)

Speakers

Belle Guttman

Senior Software Engineering Manager, AWS

Belle Guttman leads the Agentic AI Engineering teams at AWS responsible for the Strands Agents SDK, AgentCore Developer Experience, and agentic chat in Q Developer products. With a background in software engineering, she has spent her career solving complex technical problems with... Read More →

Tuesday May 19, 2026 9:35am - 9:40am CDT
101 A-J (Level One)

Keynote Sessions

9:45am CDT

Keynote: Where AI Meets the Physical World: The Robot MCP Ecosystem as an Open Bridge Between AI and Robotics - Rohit John Varghese, Director of Systems Engineering and Product, Contoro Robotics

Tuesday May 19, 2026 9:45am - 10:00am CDT

101 A-J (Level One)

Speakers

Rohit John Varghese

Director of Systems Engineering and Product, Contoro Robotics

Rohit John Varghese is the director of systems engineering and product at Contoro Robotics, a company developing AI-driven logistics robots for shipping container unloading. He has been part of the founding team of two successful startups that together have raised over $25 million... Read More →

Tuesday May 19, 2026 9:45am - 10:00am CDT
101 A-J (Level One)

Keynote Sessions

10:05am CDT

Keynote to be Announced

Tuesday May 19, 2026 10:05am - 10:15am CDT

101 A-J (Level One)

Tuesday May 19, 2026 10:05am - 10:15am CDT
101 A-J (Level One)

Keynote Sessions

10:30am CDT

Coffee Break

Tuesday May 19, 2026 10:30am - 11:00am CDT

Solutions Showcase, Ballroom A+B (Level One)

Tuesday May 19, 2026 10:30am - 11:00am CDT
Solutions Showcase, Ballroom A+B (Level One)

Special Events / Exhibits / Breaks

10:30am CDT

Solutions Showcase

Tuesday May 19, 2026 10:30am - 6:30pm CDT

Solutions Showcase, Ballroom A+B (Level One)

The Solutions Showcase is your hub to network, explore sponsor exhibits, and learn how these organizations are shaping the future of the ecosystem.

Tuesday May 19, 2026 10:30am - 6:30pm CDT
Solutions Showcase, Ballroom A+B (Level One)

Special Events / Exhibits / Breaks

10:45am CDT

Sponsor Activity - DA Spotlight

Tuesday May 19, 2026 10:45am - 10:55am CDT

Solutions Showcase, Ballroom A+B (Level One)

Meet Intersect's Developer Advocates! DA's support developers building on Cardano and Intersect's Open Source Committee. As they were unable to attend the event with us, they will share via satellite event coordination their continued contributions.Discover how AWS champions responsible AI through open source contributions and security investments. Learn about our work with open weight models, collaborative problem-solving, and the infrastructure making open source AI trustworthy. Connect with AWS experts, explore real-world applications, and visit the booth for fun swag and giveaways throughout the conference!

Sponsor: Cardano
Location: Solutions Showcase
Booth: G/S6

In order to facilitate networking and business relationships at the event, you may choose to visit a third party's booth or access sponsored content. You are never required to visit third party booths or to access sponsored content. When visiting a booth or participating in sponsored activities, the third party will receive some of your registration data. This data includes your first name, last name, title, company, address, email, standard demographics questions (i.e. job function, industry), consenting to receipt and use of such data by the third-party recipients, which will be subject to their own privacy policies.

Tuesday May 19, 2026 10:45am - 10:55am CDT
Solutions Showcase, Ballroom A+B (Level One)

Special Events / Exhibits / Breaks

11:00am CDT

Lightning Talk: AI Can Contribute. It Can't Lead - Lahari Chowtoori, AWS

Tuesday May 19, 2026 11:00am - 11:10am CDT

200J (Level Two)

AI is doing real work in open source. Answering questions, reviewing PRs, writing patches. Some communities ban it, others label it. Most will accept it because policing AI is exhausting and the tooling is useful.

Here's what bothers me. Everyone argues about allowing AI contributions. Nobody talks about what we lose when humans stop doing the work. AI can write code. But it can't show up to community calls for two years. It can't help someone push their first PR. It can't convince a burned-out maintainer to stay. Leadership isn't a pull request. It's a relationship.

We have a leadership problem. Projects lose maintainers faster than they grow new ones. AI makes it worse by paving over entry-level work that used to get people involved.

The policy landscape is messy. Apache requires disclosure. OpenTelemetry treats AI as a tool. Linux Kernel won't accept patches without a human behind them. These policies reveal how communities define contribution, accountability, and belonging.

My argument is simple. Stop fighting AI. Start investing in what it can't do. Mentoring. Building trust. Growing leaders. That's what's at risk.

Speakers

Lahari Chowtoori

Open Source TPM, AI/ML, AWS

Lahari Chowtoori is an AI enthusiast and Technical Program Manager at AWS, focusing on open source, Machine Learning, and Artificial Intelligence. With a background in Data Science and Machine Learning, she is passionate about democratizing AI knowledge and fostering community collaboration.She... Read More →

Tuesday May 19, 2026 11:00am - 11:10am CDT
200J (Level Two)

OSS Enabling & Management, Project Leadership

Audience Experience Level Any

11:00am CDT

Panel Discussion: Building an Enterprise Platform for Production-Ready AI Agents - Jothsna Praveena Pendyala, Infosys Ltd; Brett Smith, SAS; Steve Taylor, DeployHub; Sundeep Bobba, Southwest Airlines

Tuesday May 19, 2026 11:00am - 11:30am CDT

200C (Level Two)

Speakers

Sundeep Bobba

Tech Lead Cloud DevOps Engineer, Southwest Airlines

Sundeep Bobba is a Tech Lead Cloud DevOps Engineer at Southwest Airlines with 15+ years of experience building large-scale, cloud-native CI/CD and automation platforms. He leads enterprise DevOps modernization supporting millions of customers and billions in digital revenue. He is... Read More →

Brett Smith

Distinguished Software Developer, SAS

Distinguished Software Architect/Engineer/Developer with 25+ years of experience.
Specialties: Event Driven Automation, Continuous Integration/Delivery/Testing/Deployment, Supply Chain Security, AI Security
Expertise: Linux, packaging, and tool design.

Currently Engineering an... Read More →

Steve Taylor

CTO, DeployHub

Steve Taylor is a technology leader and innovator with deep expertise in service-based architecture, DevSecOps, open-source security, and secure software delivery. As CTO of DeployHub, he leads product strategy focused on build and release automation, vulnerability management, and... Read More →

Jothsna Praveena Pendyala

Senior Data Scientist, Infosys Ltd

Jothsna Pendyala is a Senior Data Scientist and AI Engineer focused on enterprise AI platforms, agentic AI systems, and production-ready AI applications. Her work centers on building secure, scalable, and reliable AI solutions for enterprise environments, with expertise in AI platform... Read More →

Tuesday May 19, 2026 11:00am - 11:30am CDT
200C (Level Two)

cdCon

11:00am CDT

From Guidance To Guardrails: Cost & Carbon Policy-as-Code With OPA in CI - Machiko Shinozuka & Kouki Hama, NTT, Inc

Tuesday May 19, 2026 11:00am - 11:40am CDT

200F (Level Two)

Several guidelines such as FinOps Framework and Green Software Patterns provide principles for cloud optimization, but they include both abstract ideas and practical details with multiple concerns like cost and sustainability. This makes human reviews inconsistent. In this talk, we show how such guidance can be evaluated consistently in CI using Open Policy Agent (OPA).

We present a two-layer policy design: evaluation logic stays small and readable in Rego, while policy rules such as thresholds and exceptions are defined in structured JSON. This separation makes policies easier to maintain by contributors without Rego expertise. CI checks consume an input schema derived from configuration or IaC artifacts and return review-ready decisions—allow, warn, or block—along with a rule identifier, rationale, and a suggested follow-up.

What you will learn:
・How to extract checkable criteria from abstract guidance
・How to design a stable input schema
・How to structure a rules catalog so that policy evaluation remains possible even when multiple concerns interact
・How to run a policy change process that does not depend on a small set of Rego experts

Speakers

Machiko Shinozuka

Research Engineer, NTT, Inc

Machiko Shinozuka is a researcher in Computer and Data Science Laboratories in NTT, Inc. She is engaged in the research and development of green software engineering. Her interest is calculating and reducing CO2 emissions in software, FinOps and cloud cost optimization. With a background... Read More →

Kouki Hama

Senior Research Engineer, NTT, Inc

Kouki Hama is a Senior Research Engineer in software engineering at NTT, Inc., Computer & Data Science Laboratories. His research focuses on improving the efficiency, reliability, and governance of CI/CD, with a focus on GreenOps, FinOps, reliability engineering, and software supply... Read More →

Tuesday May 19, 2026 11:00am - 11:40am CDT
200F (Level Two)

Cloud + Orchestration

Audience Experience Level Beginner

11:00am CDT

Sponsored Session: Cloud Native AI: From Conformance to Production - Jake Pineda, CNCF

Tuesday May 19, 2026 11:00am - 11:40am CDT

200I (Level Two)

Implementing a cloud-native AI stack often leads to operational and security issues. This session will provide attendees with an analysis of production-ready Cloud Native AI stacks, integrating community insights and the latest Cloud Native AI Conformance guidelines. We will showcase practical implementation methods through reference architectures and key projects, and define key metrics for benchmarking Cloud Native AI environments against established community standards.

In order to facilitate networking and business relationships at the event, you may choose to visit a third party's booth or access sponsored content. You are never required to visit third party booths or to access sponsored content. When visiting a booth or participating in sponsored activities, the third party will receive some of your registration data. This data includes your first name, last name, title, company, address, email, standard demographics questions (i.e. job function, industry), consenting to receipt and use of such data by the third-party recipients, which will be subject to their own privacy policies.

Speakers

Jake Pineda

Open Source Growth Strategist, Cloud Native Computing Foundation

Tuesday May 19, 2026 11:00am - 11:40am CDT
200I (Level Two)

Cloud + Orchestration

11:00am CDT

From PLC–SCADA To Digital Twins: Architecting Real-Time Industrial Systems for Scale and Resilience - Avadh Nagaralawala, Independent Consultant

Tuesday May 19, 2026 11:00am - 11:40am CDT

208C+D (Level Two)

Industrial control systems built on PLC and SCADA architectures power critical infrastructure worldwide, yet most remain siloed, reactive, and difficult to scale for modern operational demands. As industries adopt digital twins for prediction, optimization, and resilience, a key challenge emerges: how to integrate real-time control systems with digital twin architectures without compromising safety, determinism, or reliability.

This session presents a practical, architecture-driven approach to integrating PLC–SCADA systems with digital twins in large-scale industrial environments. Drawing from real-world automation modernization programs, the talk explores data synchronization patterns, control boundaries, latency considerations, and open-source tooling strategies that enable production-grade digital twins rather than visualization-only pilots.

Attendees will gain a systems-level understanding of how embedded Linux platforms, open communication protocols, and control system design principles can support scalable digital twins for industrial operations. The session emphasizes architecture, interoperability, and lifecycle design, not vendor-specific solutions.

Speakers

Avadh Nagaralawala

Independent Consultant

Avadh Nagaralawala is a Mining Automation & Control Engineering Consultant with over 12+ years of experience driving innovation in mining, electrification, and digital transformation. Avadh is an active member of professional associations including IEEE, SME, CIM, and PMI, and frequently... Read More →

Tuesday May 19, 2026 11:00am - 11:40am CDT
208C+D (Level Two)

Embedded Linux Conference

Audience Experience Level Intermediate

11:00am CDT

State of Embedded Linux - Walt Miner, The Linux Foundation

Tuesday May 19, 2026 11:00am - 11:40am CDT

208A+B (Level Two)

This talk offers a comprehensive look at what's changed in the embedded Linux world over the past year. Walt will walk through the latest kernel developments most relevant to embedded developers, survey key userspace projects shaping modern embedded designs, and cover the broader community, industry, and legal landscape — from the status of major processor architectures to initiatives at the Linux Foundation and beyond.

Whether you're tracking changes to subsystems you already rely on or looking for new tools and techniques to improve your workflow, this session will help you stay current in a fast-moving ecosystem. Come find out what's new, what's shifting, and what it means for your embedded Linux work.

Speakers

Walt Miner

AGL Community Manager, The Linux Foundation

Tuesday May 19, 2026 11:00am - 11:40am CDT
208A+B (Level Two)

Embedded Linux Conference

Audience Experience Level Any

11:00am CDT

Optimizing Power Consumption in Embedded Linux: Techniques and Tradeoffs - Kendall Willis, Texas Instruments

Tuesday May 19, 2026 11:00am - 11:40am CDT

205C+D (Level Two)

Modern embedded systems look to minimize power consumption without compromising the performance of the system. To address this challenge, Linux provides comprehensive frameworks for dynamic power management that adapt system performance in response to workload demands. This talk explores the pieces that form the foundation of Linux power optimization and demonstrates how to leverage these tools in real-world scenarios.
The key principles for reducing the power consumption of the embedded system include turning off inactive devices, reducing clock frequency, and lowering supply voltage. Linux provides frameworks such as Runtime PM to suspend inactive devices, CPUIdle for intelligent idle state management, DevFreq for memory and device frequency optimization, and CPUFreq for dynamic CPU frequency scaling. By leveraging these tools, systems can reduce power dissipation while still meeting the demands of the application use case, without sacrificing performance. Through a practical case study on a TI AM62L SoC running a display application, this talk explores how different power optimization techniques interact and sometimes conflict, requiring iterative tuning to find optimal operating points.

Attendees will gain actionable optimization strategies, awareness of common pitfalls when subsystems interact, and practical debugging approaches applicable to their own embedded Linux projects.

Speakers

Kendall Willis

Software Engineer, Texas Instruments

Kendall Willis is an Embedded Software Engineer working at Texas Instruments. She primarily focuses on power management in ARM SoCs by enabling various low power modes in the Linux kernel.

Tuesday May 19, 2026 11:00am - 11:40am CDT
205C+D (Level Two)

Linux

Audience Experience Level Intermediate

11:00am CDT

Connecting the Dots With Context Graphs - Stephen Chin, Neo4j

Tuesday May 19, 2026 11:00am - 11:40am CDT

211A+B (Level Two)

AI systems need more than intelligence; they need context that persists. Without it, even strong models can misinterpret information, lose decision rationale, or repeat the same mistakes. Context Graphs have emerged as a practical pattern for agentic AI: a living graph that captures not only what was retrieved or known, but how context led to actions through tool calls, constraints, policies, and outcomes, stitched across entities and time so precedent becomes searchable.

This talk explores context engineering as the discipline of designing that context layer, and shows how context graphs complement retrieval by enabling multi-hop, structured context assembly (building on GraphRAG-style hierarchical summaries) while improving explainability and evaluation. Attendees will leave with a practical understanding of how to build context pipelines that combine contextual retrieval with persistent memory and provenance, and why context graphs are becoming central to trustworthy, enterprise-ready AI systems.

Speakers

Stephen Chin

VP of Developer Relations at Neo4j, Open AI & Data Program Chair

Tuesday May 19, 2026 11:00am - 11:40am CDT
211A+B (Level Two)

Open AI & Data

Audience Experience Level Intermediate

11:00am CDT

What Running FreeBSD on a Modern Laptop Taught Me - Deb Goodkin, The FreeBSD Foundation

Tuesday May 19, 2026 11:00am - 11:40am CDT

200H (Level Two)

"FreeBSD is only for servers.” “FreeBSD is for hardcore engineers.” We have all heard the myths. In this talk, Deb shares what happened when she decided to run FreeBSD on a modern laptop. Learn more about her journey to getting this rock-solid operating system on her laptop, and how it is far more accessible than its reputation suggests.

Speakers

Deb Goodkin

Deb Goodkin, The FreeBSD Foundation

Deb is the Executive Director of the FreeBSD Foundation, joining as the first employee in 2005. Before venturing into the world of open source and operating systems, she spent two decades working as an embedded firmware engineer, technical marketer, and technical sales engineer in... Read More →

Tuesday May 19, 2026 11:00am - 11:40am CDT
200H (Level Two)

Open Source 101

Audience Experience Level Beginner

11:00am CDT

Driving Kubernetes’ Global Adoption and Contributions With Documentation - Rey Lejano, Red Hat

Tuesday May 19, 2026 11:00am - 11:40am CDT

200E (Level Two)

Kubernetes documentation is facing a veering wind in users. Since the start of 2026, there have been twice as many global users as there were in 2025. With 15 localizations of the Kubernetes docs and 11.59 million active users in 2025, and 3 yearly releases, maintaining Kubernetes documentation and growing contributors can be daunting. This session explores how the Kubernetes project developed a community, processes, and practices to grow contributors and aid worldwide adoption.

Speakers

Rey Lejano

Solutions Architect, CNCF Ambassador, Red Hat

Rey Lejano is a Solutions Architect at Red Hat and is the co-chair of Kubernetes SIG Docs. He contributes to Kubernetes SIG Security, Release, & Contributor Experience. He is a member of seven Kubernetes Release Teams including serving as the 1.23 Release Lead and 1.25 Emeritus Adviser... Read More →

Tuesday May 19, 2026 11:00am - 11:40am CDT
200E (Level Two)

OSS Enabling & Management, Technical Documentation

Audience Experience Level Beginner

11:00am CDT

Small Government, Big Problems: Utilizing OSS To Support Our Citizens - Bob Henderson, Cass County Government

Tuesday May 19, 2026 11:00am - 11:40am CDT

200A (Level Two)

Small and local governments face an outsized challenge: rising expectations from citizens paired with shrinking budgets, limited staff, and a complex technology landscape. Finding modern, secure, and sustainable solutions often feels impossible when proprietary systems are expensive, rigid, and dependent on vendors that may not fully understand public sector realities. Staffing constraints make it even harder—small teams are expected to maintain critical services, manage security, and deliver innovation.

This session explores how open source software can help governments break out of that cycle. We’ll examine how open source provides flexibility, transparency, and long-term sustainability, while reducing vendor lock-in and enabling collaboration across agencies. We’ll also address common concerns around support, security, and staffing, and discuss practical models for leveraging vendors and community expertise without sacrificing control.

Finally, we’ll tackle the fear, uncertainty, and doubt (FUD) that often surrounds open source in government, separating myth from reality and showing how open source can empower small governments to deliver big outcomes for their citizens.

Speakers

Bob Henderson

Director of Information Technology, Cass County Government

20+ years in Public Sector IT, from individual contributor to leadership. Advocate of the right tool for the right job, at the right time.

Tuesday May 19, 2026 11:00am - 11:40am CDT
200A (Level Two)

OSS Enabling & Management, Operations Management & OSPOs

Audience Experience Level Any

11:00am CDT

Trusted Publishing: Eliminating Credentials From Your Release Workflow - Mike Fiedler, Python Software

Tuesday May 19, 2026 11:00am - 11:40am CDT

200G (Level Two)

In February 2024, about 10% of PyPI uploads used Trusted Publishers. By October 2025, that number exceeded 25%, a massive shift toward eliminating long-lived credentials. For maintainers still using stored API tokens, this talk demonstrates why and how to modernize.

Trusted Publishing uses OpenID Connect (OIDC) to generate short-lived, automatically-scoped tokens from CI/CD environments. No passwords. No API tokens to rotate. No secrets stored in repositories.

This talk walks through setting up Trusted Publishers for GitHub Actions (as an example, but others are available), explains the security model in accessible terms, and shares case studies, including how Sigstore integration enabled forensic investigation of the 2024 Ultralytics compromise.

Attendees will learn the step-by-step setup process, common pitfalls and troubleshooting, and migration strategies for maintainers with many packages. The session also covers why token removal is critical when Trusted Publishing in place, and when restricted API tokens remain the appropriate fallback. Whether maintaining one package or a hundred, attendees will leave with everything needed to adopt credential-free publishing.

Speakers

Mike Fiedler

PyPI Safety & Security Engineer, Python Software Foundation

Mike’s been in the engineering game for 30+ years, leading teams at Datadog, MongoDB, LeafLink, Warby Parker, and Capital One. He’s a big believer in learning from every peer and helping others navigate tech’s complexities. An AWS Hero and Awesome Community Chef, Mike loves... Read More →

Tuesday May 19, 2026 11:00am - 11:40am CDT
200G (Level Two)

Packages + Images + Containers

Audience Experience Level Beginner

11:00am CDT

Sim‑to‑Flight: Why Starting With Simulation Is the Fastest Path To Successful Flight Testing - Anthony Comer, Oklahoma State University & Eric Hillsberg, MathWorks

Tuesday May 19, 2026 11:00am - 11:40am CDT

200D (Level Two)

Many flight‑control and autonomy programs still begin with hardware prototyping, only to discover late in development that controller tuning, transition behavior, and system coupling are difficult to resolve without a reliable model. This session presents a practical simulation‑to‑flight workflow based on recent university flight‑test research, demonstrating why starting with simulation is critical for reducing risk and accelerating development while helping teams avoid costly UAV crashes and hardware damage. Using a subscale eVTOL case study, we show how aerodynamic modeling, propulsion modeling, and six‑degree‑of‑freedom dynamics are integrated into a digital twin that directly informs control‑law design, hardware deployment, and flight testing. The workflow culminates in direct PX4 implementation and a comparison of simulation predictions against real flight‑test data across hover, transition, and forward flight, highlighting close agreement between model and reality. The talk emphasizes how a simulation‑first approach enables faster iteration, safer testing, and more predictable flight performance for the broader aerospace and UAS community.

Speakers

Eric Hillsberg

Product Marketing Manger - Aerospace, MathWorks

Eric Hillsberg is a Product Marketing Manager for Aerospace Products at MathWorks. He recently graduated from University of Michigan with a degree in Aerospace Engineering and a minor in Computer Science. During school, he interned with NASA Ames Research Center to investigate how... Read More →

Anthony Comer

Assistant Professor, Oklahoma State University

Dr. Anthony Comer is an Assistant Professor at Oklahoma State University and Director of the Simulation to Flight Applied Research Lab. His research focuses on configuration-independent flight control architectures for VTOL aircraft and he developed the patent-pending Trajectory Control... Read More →

Tuesday May 19, 2026 11:00am - 11:40am CDT
200D (Level Two)

PX4 Dev Summit

Audience Experience Level Any

11:35am CDT

Lightning Talk: It's Friday! - Alon Nisser, Zencity

Tuesday May 19, 2026 11:35am - 11:45am CDT

200C (Level Two)

It's Friday afternoon, and you've got plans for this evening. You've just finished the feature. you push to main and click deploy. OR DO YOU?
Let's talk about Friday deployments and what they can teach us.

Speakers

Alon Nisser

Principal engineer, Zencity

Software developer. currently in Zencity.io. Writing software as a hobby and as a profession. Strong opinions on things. Open source aficionado. Trying to make a difference.
Sometimes software makes we wonder if I'd be better off being a farmer

Tuesday May 19, 2026 11:35am - 11:45am CDT
200C (Level Two)

cdCon

Audience Experience Level Intermediate

11:50am CDT

Platform Engineering: Herding the Electric Sheep - Brett Smith, SAS

Tuesday May 19, 2026 11:50am - 12:15pm CDT

200C (Level Two)

A talk about platform engineering, DevOps, DevSecOps, sprawl, chaos, compliance, and security. Why engineer an Internal Developer Platform when I have DevOps? DevOps works fine when you are a 20 person start-up but it often doesn't scale to Enterprise level development efforts. When you have 3000 developers with different needs and you are responsible for EO compliance and security a modular self-service platform is a good choice to build. In this talk I cover the challenges we have faced in a 3000 developers enterprise and how we are working to address them. I also cover how we are working on automating, integration, and scaling the creation of our internal developer platform. Leveraging SBOMs, SLSA, and other tools to help build out a secure and compliant platform. Attendees will learn the benefits and challenges of Platform Engineering
Attendee Takeaways
Answers for the following questions:
- Do we need a Platform Engineering Team?
- Is an IDP the right solution for my situation?
- What does a large scale IDP look like?
- What does it take to support a large scale IDP?
- What does security and compliance look like in an IDP?

Speakers

Brett Smith

Distinguished Software Developer, SAS

Tuesday May 19, 2026 11:50am - 12:15pm CDT
200C (Level Two)

cdCon

Audience Experience Level Intermediate

11:55am CDT

Unified Database Provisioning and Management on Kubernetes - Kyle Avants, Percona

Tuesday May 19, 2026 11:55am - 12:35pm CDT

200F (Level Two)

Running production-grade databases on Kubernetes is becoming increasingly common, but managing their lifecycle remains fragmented and complex for SRE and DevOps teams. Critical operations—scaling, RBAC, monitoring, backup, and restore—currently require navigating distinct, database-specific APIs and tools. This complexity prevents teams from fully realizing the operational efficiency and uniformity that Kubernetes provides.

This talk introduces OpenEverest, the open-source platform designed to address this operational gap. OpenEverest provides a single, unified UI and CLI to manage SRE functions for popular open-source databases such as PostgreSQL and MySQL deployed on Kubernetes. It abstracts away database-specific differences, offering standardized control for scaling, integrated observability, granular RBAC, and reliable data protection.

Join us to learn how OpenEverest simplifies the path to production readiness, reduces operational toil, and is building a pioneering open-source database management layer.

Speakers

Kyle Avants

Senior Solutions Engineer, Percona

Tuesday May 19, 2026 11:55am - 12:35pm CDT
200F (Level Two)

Cloud + Orchestration

Audience Experience Level Intermediate

11:55am CDT

Easy Bring-up Your RISC-V SBC Using Yocto Project - RISC-V Architecture Layer - Khem Raj, Comcast

Tuesday May 19, 2026 11:55am - 12:35pm CDT

208A+B (Level Two)

There are several different RISC-V based single board computers out in market and coming in future. Yocto project, is a leading embedded linux framework, and RISCV is first tier architecture supported in project, core supports RISCV64 QEMU and runs all tests. This talk will discuss using meta-riscv layers to add the support for new RISCV SBCs. meta-riscv has best practices and pre-existing support for known SBCs which can be used as template to bring-up the new board quickly. The talk will cover the content of meta-riscv in detail and the project setups using Kas and the SBC specific documentation using markdown files, detailing the flashing and build instructions, sharing common details but clearly differentiating board specific intructions.
This talk will also cover the challanges and future roadmap for meta-riscv and RISCV architecture support in Yocto Project.

Speakers

Khem Raj

Fellow, Comcast

Khem Raj is a yocto project maintainer and long time OpenSource contributor to many projects e.g. LLVM, Glibc, Musl, OpenEmbedded etc., he has been helping several open source initiatives in industry. He is guiding the company's adoption of open source software, and becoming an active... Read More →

Tuesday May 19, 2026 11:55am - 12:35pm CDT
208A+B (Level Two)

Embedded Linux Conference

Audience Experience Level Intermediate

11:55am CDT

From Physics To EBPF: Quantifying Flash Wear in Embedded Systems - Blake Hildebrand, Nordic Semiconductor

Tuesday May 19, 2026 11:55am - 12:35pm CDT

208C+D (Level Two)

Flash memory is the literal foundation of an embedded system, yet it is a finite resource. Every log entry, database commit, and firmware update inches the device closer to its end of life. For developers managing fleets of devices, the question is not just if the flash will fail, but when and which process is the culprit.

This session dives deep into the lifecycle of a write, from a high level look at the physics behind flash memory, to how we can get an estimation of lifetime by tracking number of bytes written. We will start at the hardware level, explaining the physical degradation of NAND cells and why eMMC controllers use wear leveling to manage this reality. Next, we will bridge the gap between hardware specs and software reality using the Total Bytes Written (TBW) metric to estimate remaining life.

Moving into the Linux kernel, we will explore the built-in metrics found in procfs and sysfs to monitor disk I/O. Finally, we will level up our observability by using eBPF to build a per process "write shaming" tool. This allows us to pinpoint exactly which application or daemon is burning through our hardware lifespan.

Speakers

Blake Hildebrand

Software Engineer, Nordic Semiconductor

Blake has been using Linux since installing Ubuntu Breezy on his dad’s old office PC. Since then, he’s worked on everything from smartwatches to large-scale web services. As an Software Engineer at Memfault, he focuses on improving device reliability and performance. Previously... Read More →

Tuesday May 19, 2026 11:55am - 12:35pm CDT
208C+D (Level Two)

Embedded Linux Conference

Audience Experience Level Intermediate

11:55am CDT

SPDX and SBOM Work for the Linux Kernel - Tim Bird, Sony Electronics

Tuesday May 19, 2026 11:55am - 12:35pm CDT

205C+D (Level Two)

Due to increased interest in fine-grained analysis of kernel composition and security (due to the CRA and other recent cybersecurity legislation), there have been a number of recent projects to 1) generate SBOMS for the linux kernel, and 2) finish adding the remaining SPDX-License-Identifier lines to the kernel source tree. In this talk, Tim will describe the current status of both of these efforts. Good progress has been made to add missing SPDX id lines, but more work is needed to complete this project. Tim proposes a kselftest test to make sure there are no regressions in this area. The status of different kernel SBOM generation tools, and upstream status, will be described.

This work should be of interest to companies interested in complying with cybersecurity requirements, as well as those involved with license compliance efforts.

Speakers

Tim Bird

Principal Software Engineer, Sony Electronics

Tim Bird is a Principal Software Engineer for Sony Corporation, where he helps Sony use Linux and other open source software in their products. Tim is the organizer of the Linux Boot-Time Special Interest Group, a contributor to the Linux kernel, and is involved with numerous Linux... Read More →

Tuesday May 19, 2026 11:55am - 12:35pm CDT
205C+D (Level Two)

Linux

Audience Experience Level Intermediate

11:55am CDT

From Tools To Platforms: MCP Patterns for Building Open Agent Ecosystems - Guangya Liu, JPMC

Tuesday May 19, 2026 11:55am - 12:35pm CDT

211A+B (Level Two)

Model Context Protocol (MCP) is quickly becoming a foundational interface for agent–tool interaction, but most implementations today stop at simple, single-server tool exposure. This session explores practical MCP design patterns that move beyond “one server, one agent” toward scalable, interoperable, and ecosystem-friendly architectures.

Based on real-world experimentation and open-source implementations, we will walk through a set of MCP patterns, including:
1. Single MCP Server patterns for tool and data exposure
2. Multi-Server composition and routing patterns
3. MCP Host / Gateway patterns for aggregation and policy control
4. Plugin-style extension patterns that allow third-party MCP servers to integrate without code changes
5. Read vs. write MCP patterns for observability, automation, and feedback loops

The talk focuses on when and why to apply each pattern, common pitfalls, and architectural trade-offs. Attendees will leave with a mental model for designing MCP-based systems that scale from local experiments to ecosystem-level platforms, enabling agents, tools, and platforms to evolve independently while remaining interoperable.

Speakers

Guangya Liu

Executive Director, JPMC

Tuesday May 19, 2026 11:55am - 12:35pm CDT
211A+B (Level Two)

Open AI & Data

Audience Experience Level Any

11:55am CDT

Harnessing Git's Superpowers for Code Navigation and Debugging - Matheus Bernardino, Qualcomm

Tuesday May 19, 2026 11:55am - 12:35pm CDT

200H (Level Two)

Beyond version control, git is an incredibly powerful code exploration and debugging toolkit hiding in plain sight. In this talk, we'll look under the hood at how git stores, references, and tracks data, and then leverage those internals in practical, real-world workflows to navigate and debug code.

We'll walk through hands‑on examples using tools such as reflog, blame, log -S/-G, pathspecs, grep, and bisect to answer questions developers face every day: Where did this behavior come from? Why is this code like this? and When did this bug appear?

We'll also discuss best practices for maintaining clean, informative git history; because well-crafted commits make these tools dramatically more effective. Whether you're new to git's advanced commands or already comfortable with the plumbing layer, you'll leave with actionable techniques to understand codebases faster and get more value from the tool you already use every day.

Speakers

Matheus Bernardino

Senior Software Engineer, Qualcomm

Matheus is a FLOSS developer, currently working with QEMU at Qualcomm. Prior to that, he has also contributed to the Linux kernel, and more extensively at Git, where he contributed to parallel checkout, git grep performance, sparse-checkout and other features. He is mostly interested... Read More →

Tuesday May 19, 2026 11:55am - 12:35pm CDT
200H (Level Two)

Open Source 101

Audience Experience Level Beginner

11:55am CDT

Beyond SBOMs: Making License Data Actionable With ClearlyDefined - Jamie Magee, Microsoft

Tuesday May 19, 2026 11:55am - 12:35pm CDT

200A (Level Two)

SBOMs tell you what's in your software. They don't tell you what you're allowed to do with it. License and attribution data is often missing or ambiguous -- a LICENSE file says MIT, but source files have Apache-2.0 headers. SBOM or not, you still don't know what to put in your notice file.

ClearlyDefined, an Open Source Initiative project, fills in that missing data. It runs automated license scans, then lets the community curate the results -- fixing misidentified licenses, adding missing attributions, and resolving conflicts between what a package claims and what its source files say.

In this session, I'll cover:

- Why SBOMs fall short on licensing: what's typically missing and where the gaps are worst
- How ClearlyDefined's harvest-curate pipeline works, with a walkthrough of tracing a component from ambiguous scan to curated definition
- How curations get contributed back upstream and why it matters for projects themselves, not just consumers

This talk is for anyone who's tried to build a license compliance workflow and found that the data isn't there yet.

Speakers

Jamie Magee

Principal Software Engineer, Microsoft

Jamie Magee is a principal software engineer on Microsoft's supply chain security team. He focuses on dependency management and Software Bill of Materials (SBOM).

Tuesday May 19, 2026 11:55am - 12:35pm CDT
200A (Level Two)

OSS Enabling & Management, Operations Management & OSPOs

Audience Experience Level Beginner

11:55am CDT

How Apache Superset Reinvented (and Re-engineered) Its World of Documentation - Evan Rusackas, Preset, Inc

Tuesday May 19, 2026 11:55am - 12:35pm CDT

200E (Level Two)

Learn how Apache Superset, the top open-source project in Business Intelligence, re-tooled their entire world of user/admin/developer documentation.

Our new Extensions architecture gave us the chance to re-imagine how we WANT our docs to work. This isn't AI-generated docs... it's using AI to re-engineer how our docs build themselves.

Learn how we managed to:
• Federate scattered readmes/wikis/etc. under one roof
• Independently version areas for different release cycles and intents
• Automate screenshots and content to "keep up" with the codebase
• Bring API docs, React Story book, and more into a centralized interactive portal
• Leverage AI to maintain docs... for people AND for humans
• Syndicate content from third party sources to be the end-all-be-all of Superset documentation
• Adding AI tools (for free!) to provide chat-based support AND learn where our docs are falling short from the result
• Use the codebase itself to build and maintain long-tail aspects of the docs

We've learned a lot of hard lessons over the years, and we're happy to share the process, ideas, and tools we've used to take things to the next level.

Speakers

Evan Rusackas

Head of Community, Preset, Inc

Evan is a community lead and software engineer with Preset, Inc. and works closely with the Apache Superset community. Evan's interests lie in UI design, data visualization, and frontend engineering. He spends the bulk of his time growing and engaging with the Superset community... Read More →

Tuesday May 19, 2026 11:55am - 12:35pm CDT
200E (Level Two)

OSS Enabling & Management, Technical Documentation

Audience Experience Level Intermediate

11:55am CDT

The Non-Transferrable Playbook: Advocacy Models for Open Source - Danica Fine, Snowflake

Tuesday May 19, 2026 11:55am - 12:35pm CDT

200J (Level Two)

Traditional developer relations relies on metrics that favor product adoption, but successful open source developer relations demands a more nuanced approach. Your organizational role in and goals around open source projects dictate your strategy.

We'll first dissect where and how open source developer advocacy diverges from proprietary developer relations strategies. We’ll then dive into four distinct engagement models, metrics of successful advocacy in each, and why success in one cannot necessarily be transferred to another:
* The Adopter: Companies advocating for an open source technology used heavily internally.
* The Champion: Companies serving as a major contributor to a mature open source project and its ecosystem.
* The Business: Companies building a commercial offering around an existing open source technology.
* The Founder: Companies open sourcing a new project and building its community from zero.

Attendees will leave with a clear framework for diagnosing their organization’s role in the open source ecosystem and an understanding of the which metrics, communication channels, and contribution strategies will actually lead to sustainable community growth and impact.

Speakers

Danica Fine

Sr. Manager, Open Source Developer Relations, Snowflake

Danica began her career as a software engineer in financial services and pivoted to developer relations, where she focussed primarily on open source technologies under the Apache Software Foundation umbrella such as Apache Kafka and Apache Flink. She now leads the open source advocacy... Read More →

Tuesday May 19, 2026 11:55am - 12:35pm CDT
200J (Level Two)

OSS Enabling & Management, Project Leadership

Audience Experience Level Beginner

11:55am CDT

Package Testing Across Distributions and Architectures at Scale: A Molecule and QEMU Approach - Yash Panchal, Percona

Tuesday May 19, 2026 11:55am - 12:35pm CDT

200G (Level Two)

This session will demonstrate a scalable approach to testing Linux packages across multiple distributions and architectures using Molecule and QEMU/KVM.

Attendees will learn how to build automated testing pipelines that validate linux packages on diverse platforms including x86_64, ARM64, RHEL, Ubuntu, and Debian.

We'll cover practical implementation of Molecule test scenarios, integration with Jenkins CI/CD pipelines, efficient use of QEMU/KVM for multi-architecture testing, and image pre-baking strategies to significantly reduce test execution time.

The talk includes real-world examples from database and toolkit package testing at Percona, demonstration of creating optimized base images, comparisons with cloud instances, Docker and Firecracker alternatives, and best practices for maintaining test infrastructure.

Key takeaways: Setting up Molecule package testing frameworks, managing QEMU instances, implementing image pre-baking workflows, handling cross-architecture testing challenges, and achieving speed and cost savings in testing linux packages.

Speakers

Yash Panchal

SDET III, Percona

Yash Panchal is an SDET III at Percona, where he specializes in automating and testing database and toolkit packages across supported linux distributions and architectures.

A seasoned open-source speaker, Yash presented a session on package testing with Molecule and Jenkins at... Read More →

Tuesday May 19, 2026 11:55am - 12:35pm CDT
200G (Level Two)

Packages + Images + Containers

Audience Experience Level Intermediate

11:55am CDT

Sponsored Session: Driftless: An Open Source Agentic Reconciliation Framework Proven At Scale - Manfred Moser, Chainguard

Tuesday May 19, 2026 11:55am - 12:35pm CDT

200I (Level Two)

Our new software factory framework adopts the reconciliation pattern and includes numerous bots that use traditional and agentic AI eval approaches. And since we are open sourcing the framework, reliable use of your own agentic reconciliation automation at massive scale could be your future too.

At Chainguard we build and maintain over 2000 unique containers, hundreds of thousands of package versions, and hundreds of CVE patch backports. Our old event-driven architecture was complex and brittle. We drowned in event notifications, brittle queues, duplicate build failures, work item conflicts and losses, and other problems. We had to rethink our approach.

In this session Manfred, open source veteran and author, shares details about a new specification-driven system called “Driftless” that increases efficiency and reliability at scale. A work queue is fed by events and tackled by a large number of bots. They constantly reconcile the discovered state changes from code repositories, security feeds, and other sources to the desired state - up to date containers with zero known CVEs. Manfred talks about our hard-earned lessons and how you can make the bots work for you as well.

In order to facilitate networking and business relationships at the event, you may choose to visit a third party's booth or access sponsored content. You are never required to visit third party booths or to access sponsored content. When visiting a booth or participating in sponsored activities, the third party will receive some of your registration data. This data includes your first name, last name, title, company, address, email, standard demographics questions (i.e. job function, industry), consenting to receipt and use of such data by the third-party recipients, which will be subject to their own privacy policies.

Speakers

Manfred Moser

Sr Principal Dev Rel Engineer, Chainguard

Manfred Moser is a Sr Principal DevRel Engineer at Chainguard, bringing a profound focus on software supply chain security to the open source world. A dedicated community leader and published author, his technical expertise spans decades as a software engineer and advocate. He has... Read More →

Tuesday May 19, 2026 11:55am - 12:35pm CDT
200I (Level Two)

Packages + Images + Containers

Audience Experience Level Intermediate

11:55am CDT

Multi-robot Air-Ground Collaboration With PX4 and Opportunistic Communications - Fernando Cladera, University of Pennsylvania - Devester

Tuesday May 19, 2026 11:55am - 12:35pm CDT

200D (Level Two)

A team of aerial and ground robots operating in a coordinated way is the key to large-scale operations in kilometer-scale environments. Nonetheless, significant challenges, such as orchestration, intermittent communications, and command-and-control of the team, need to be solved.
This talk will explore an application where a team of ground robots performs a search mission, with an UAV acting as an eye in the sky and a data mule between the different ground robots. We will focus on the challenges for this task and how PX4 can be used in a heterogeneous team of aerial and ground robots. We will show examples of the system in large-scale urban and rural environments. Finally, we will mention how large foundational models can enable more complex tasks for a robot team.

Speakers

Fernando Cladera

PhD Student, University of Pennsylvania - Devester

Fernando is a PhD student at the University of Pennsylvania, working on robotics perception, autonomy, and field robotics. He focuses on incorporating novel perception sensors into flying vehicles, such as event cameras, and on the applications these sensors would enable. Additionally... Read More →

Tuesday May 19, 2026 11:55am - 12:35pm CDT
200D (Level Two)

PX4 Dev Summit

Audience Experience Level Intermediate

12:20pm CDT

Lightning Talk: Where Deployment Authority Lives: A Cloud Native Design Pitfall in GitOps - Kim Schaefer, Game Plan Tech

Tuesday May 19, 2026 12:20pm - 12:30pm CDT

200C (Level Two)

Many cloud-native GitOps systems quietly treat a Git merge as both a change proposal and a deployment authorization. While this works in low-risk environments, it collapses two very different responsibilities into a single decision. As systems grow more complex, that shortcut creates ambiguity around authorization, accountability, and audit trails that many environments simply cannot tolerate.

In this lightning talk, we’ll reframe that assumption as a cloud-native architectural concern, not just a tooling or security issue. Using GitOps as the example, we’ll look at how proposal, approval, and enforcement often become unintentionally coupled, and why that coupling makes it harder to reason about who is actually allowed to deploy.

The talk will walk through the architectural implications of letting Git act as the final authority, including where deployment decisions truly occur and how auditability and accountability can be lost when authority boundaries are unclear. We’ll then show how treating deployment authorization as a first-class architectural concept leads to clearer responsibility boundaries and more defensible cloud-native systems.

Speakers

Kim Schaefer

Senior DevOps Engineer, Game Plan Tech

Kim Schaefer is a Senior DevOps and Cloud Engineer specializing in Kubernetes, GitOps, and secure platform engineering. Kim designs and operates production Kubernetes platforms on Google Cloud, including approval-gated GitOps systems that balance automation with explicit deployment... Read More →

Tuesday May 19, 2026 12:20pm - 12:30pm CDT
200C (Level Two)

cdCon

Audience Experience Level Intermediate

12:35pm CDT

Better Together Lunch

Tuesday May 19, 2026 12:35pm - 2:10pm CDT

Seasons (Level Two)

Tuesday May 19, 2026 12:35pm - 2:10pm CDT
Seasons (Level Two)

Special Events / Exhibits / Breaks

12:35pm CDT

Lunch (Provided Onsite for All Attendees)

Tuesday May 19, 2026 12:35pm - 2:10pm CDT

Solutions Showcase, Ballroom A+B (Level One)

Tuesday May 19, 2026 12:35pm - 2:10pm CDT
Solutions Showcase, Ballroom A+B (Level One)

Special Events / Exhibits / Breaks

12:45pm CDT

Bring Your Lunch, We'll Bring Our Notebooks: Securing Software Workflows - Tabatha DiDomenico, G-Research Open Source; Kadi McKean, ReversingLabs; Stacey Potter, OpenSSF & Katherine Druckman, JetBrains

Tuesday May 19, 2026 12:45pm - 1:45pm CDT

200C (Level Two)

Somewhere along the way, the security ecosystem started asking you to add more steps, update more plugins, and generate more outputs without asking what that actually costs you.

We asked for feedback during a lunch time session at cdCon last year. The feedback was blunt, honest and exactly why we are back for this open-floor discussion hosted by the OpenSSF Developer Relations (DevRel) community. No slides, no demos, no pitches. This is a no-shame venting session with purpose; bring your lunch, your coffee, and your honest feedback. We want to hear from the people implementing and operating these tools. Share where security tools are missing the mark and what's standing between "this is a good idea" and "this is actually working for us."

This session leads directly into sessions with OpenSSF project maintainers, so the people who can act on your feedback will already be in the room.

Speakers

Katherine Druckman

Head of Community and Partnership Engagement, JetBrains

Katherine Druckman is a senior technologist, speaker, and longtime advocate for open ecosystems. She specializes in developer experience, combining software ecosystem strategy, content creation, and community building, grounded in a foundation of hands-on software engineering experience... Read More →

Tabatha D.

OSS Security Engineer, G-Research Open Source

Tabatha DiDomenico is part of the Open Source team at G-Research focusing on supply chain security, secure open source practices, and community and developer relations.

Tabatha is president of Security BSides Orlando, co-host of the GR-OSS Out podcast and holds an MS in Cybersecurity from the University of South Florida. She has spoken at conferences including Black Hat Tools Arsenal, SOSS Fusion, ShmooCon, and Grace Hopper Celebration... Read More →

Kadi McKean

OSS Community Manager, ReversingLabs

Kadi is passionate about the DevOps / DevSecOps community since her days of working with COBOL development and Mainframe solutions. At ReversingLabs she collaborates with developers and security researchers to help entities prioritize their open source risk, reduce technical debt... Read More →

Stacey Potter

Community Manager, OpenSSF

Stacey brings extensive experience in open source community building, marketing, and event coordination. With a background spanning projects like Minder, Flux and Flagger, OpenFeature, and Keptn, she has played a key role in fostering engagement and driving adoption across cloud-native... Read More →

Tuesday May 19, 2026 12:45pm - 1:45pm CDT
200C (Level Two)

cdCon

Audience Experience Level Any

2:10pm CDT

Security Things: How OpenSSF’s Technical Initiatives Keep You Safe From the Upside Down! - Stacey Potter, OpenSSF & Katherine Druckman, JetBrains

Tuesday May 19, 2026 2:10pm - 2:40pm CDT

200C (Level Two)

As a sister foundation to the Continuous Delivery Foundation (CDF) under the auspices of The Linux Foundation, the Open Source Security Foundation’s (OpenSSF) mission is to make it easier to sustainably secure the development, maintenance, release, and consumption of open source software (OSS). This includes fostering collaboration within and beyond the OpenSSF, establishing best practices, and developing innovative solutions.

In this hour long session, we’ll connect real problems to OpenSSF solutions, then invite OpenSSF Working Group Leads and Project Maintainers to demo their respective projects in shortlightning rounds that show you how they’ll make your DevOps, CI/CD, or Platform Engineering lives easier to secure!

Speakers

Stacey Potter

Community Manager, OpenSSF

Katherine Druckman

Head of Community and Partnership Engagement, JetBrains

Tuesday May 19, 2026 2:10pm - 2:40pm CDT
200C (Level Two)

cdCon

Audience Experience Level Beginner

2:10pm CDT

Off-Grid Cloud Native: Building Trustworthy Sponsor-to-School Delivery With Kubernetes - Vuyo Mhlotshane, Loakit

Tuesday May 19, 2026 2:10pm - 2:50pm CDT

200F (Level Two)

In many rural communities, the hardest part of funding education is not raising money. It is knowing with confidence that resources reached the right school and were used as intended.

In this session, I share a real-world, open-source reference architecture for a pay-on-proof delivery pipeline where sponsor funds are released only after delivery can be verified. The system is designed for low-bandwidth and intermittent connectivity environments and uses Kubernetes, event-driven workflows, cryptographic proofs, and auditable logs to close trust gaps between sponsors, vendors, and schools.

We will walk through key design decisions, how to think about offline-first systems, and where trust commonly breaks in real deployments, along with practical ways to address those gaps without heavy infrastructure.

Attendees will learn:

- How to model sponsor to vendor workflows using events and state
- Patterns for building offline-friendly, cloud native systems
- Practical digital trust controls including identity, auditability, and proof of delivery

This talk is for platform engineers, SREs, and open source practitioners building systems that must work in real-world conditions.

Speakers

Constance (Vuyo) Mhlotshane

Cloud Native Engineer, Loakit

Vuyo Mhlotshane is a Cloud Native Engineer and open source practitioner focused on building resilient, trustworthy systems. She works hands-on with Kubernetes, infrastructure as code, and cloud security, and is the founder of Loakit — an initiative exploring how open source technology... Read More →

Tuesday May 19, 2026 2:10pm - 2:50pm CDT
200F (Level Two)

Cloud + Orchestration

Audience Experience Level Intermediate

2:10pm CDT

From Malloc To Box: A Practical Guide To Rustification - Christina Quast, Independent

Tuesday May 19, 2026 2:10pm - 2:50pm CDT

208C+D (Level Two)

Moving from the manual memory management of C to the strict ownership model of Rust is more than a syntax swap; it is a fundamental shift in engineering philosophy. This talk provides a pragmatic roadmap for developers navigating this transition. We move beyond the academic "why" of memory safety to dive deep into the "how" of refactoring legacy systems.

The session explores the practicalities of Rustification, comparing the pitfalls of malloc and free—such as use-after-free and double-free vulnerabilities—with the compile-time guarantees provided by Rust’s Box, Arc, and Borrow Checker. Furthermore, we tackle the topics of how to translate manual pointer arithmetic into safe abstractions, practical strategies for using the Foreign Function Interface (FFI) to let Rust and C coexist during a gradual migration as well as a real-world example of "Rustifying" a C module, from initial profiling to stable deployment.

Speakers

Christina Quast

Embedded Systems Engineer, $NONE

After finishing her master's degree in Electrical Engineering at TU Berlin, Christina is currently working as an Embedded Systems Engineer at for various companies. In her spare time, she submits patches to the Linux Kernel or learns new programming languages.

Tuesday May 19, 2026 2:10pm - 2:50pm CDT
208C+D (Level Two)

Embedded Linux Conference

Audience Experience Level Intermediate

2:10pm CDT

Practical Insights Into Interactive Debugging of Linux MMC Block Device Drivers - Akhilesh Patil, Amazon

Tuesday May 19, 2026 2:10pm - 2:50pm CDT

208A+B (Level Two)

Transitioning from bare-metal firmware development to Linux kernel development presents unique challenges, particularly in debugging methodologies. Traditional approaches such as halting execution via JTAG alone may not straightforwardly work for embedded Linux.

In this presentation we talk about challenges I faced and techniques I came across to debug Linux MMC block device drivers interactively using tools such as T32/GDB debuggers on embedded systems. This talk briefly covers MMC driver and block layer interactions and key golden breakpoints to use for MMC bus driver debugging. I will also discuss tools and techniques to take full control of eMMC block drivers, generating block IO requests as needed, setting up triggers and probing signals on an oscilloscope for detailed waveform level debugging.

key topics: Embedded Linux setup for interactive debug (single CPU, KASLR, WDT, ramfs, RCU, softlocks), strategic SDHCI breakpoints, GPIO-triggered oscilloscope capture signals, handling filesystem mounts; leveraging mmc_test module for generating controlled transactions for debug.

Speakers

AKHILESH PATIL

Embedded Software Developer, Amazon

Akhilesh is an embedded software engineer at Amazon working with the devices Linux kernel team. He is working on various BSP packages including linux drivers, runtime firmware and bootloaders. He has a background of Electrical and Electronics Engineering and is passionate about embedded... Read More →

Tuesday May 19, 2026 2:10pm - 2:50pm CDT
208A+B (Level Two)

Embedded Linux Conference

Audience Experience Level Any

2:10pm CDT

Automating Linux Kernel Crash Analysis With LLMs - Chris Arges, Cloudflare

Tuesday May 19, 2026 2:10pm - 2:50pm CDT

205C+D (Level Two)

This talk explores using Large Language Models (LLMs) to automate Linux kernel crashdump analysis at scale. At Cloudflare, we operate Linux across hundreds of thousands of servers. At this scale, kernel crashes are inevitable.
Typical crash analysis requires deep kernel expertise and significant time investment, slowing down time to resolution.
I'll share our journey building an LLM-powered agent that performs initial crash analysis autonomously. First, I'll cover our infrastructure for collecting and managing crashdumps across our fleet. Then I'll explain crashdump analysis fundamentals: using the crash utility, interpreting stack traces, identifying common failure patterns, and correlating crashes with kernel subsystems.
This talk focuses on teaching an LLM agent to replicate expert analysis workflows. I'll show how we structured prompts and created skills. I'll show examples of the agent analyzing real crashes.

Speakers

Chris Arges

Senior Systems Software Engineer, Cloudflare

Currently a Senior Systems Software Engineer at Cloudflare. I like to build things. I have a master's degree in Computer Engineering and 18 years of experience in software development and leadership both writing code and leading teams.

My mission is to make the world better where I can. Through my work I want to make the Internet more secure and reliable for everyone. In my free time I enjoy coaching and inspiring a future generation to grow, innovate and create a better world... Read More →

Tuesday May 19, 2026 2:10pm - 2:50pm CDT
205C+D (Level Two)

Linux

Audience Experience Level Intermediate

2:10pm CDT

Beyond Static RAG: Building Self-Correcting Agentic Pipelines With Open Source Databases - Ben Grieser, MariaDB

Tuesday May 19, 2026 2:10pm - 2:50pm CDT

211A+B (Level Two)

As LLMs shift from chatbots to autonomous agents, the limits of "single-shot" RAG are surfacing. Static retrieval often introduces irrelevant context that misleads models. To solve this, developers are adopting Corrective (CRAG) and Adaptive RAG, requiring databases to act as active reasoning runtimes rather than simple stores.

This session explores building self-correcting AI agents using an open-source relational stack. We will demonstrate how to bridge the gap between semantic search and structured data using the Model Context Protocol (MCP) and native MariaDB vector indexing.

Technical topics include:

The Critic Loop: Implementing self-correcting architectures that validate retrieved documents before LLM synthesis.

Hybrid Querying: Combining vector indexing with relational SQL in single ACID transactions to reduce agentic loop latency.

Standardizing Communication: Using the MariaDB MCP Server for secure, tool-based access to live data.

Scaling State: Managing concurrent agent sessions without sacrificing data integrity.

Attendees will leave with a blueprint for building reliable, autonomous systems using open-source database patterns that move beyond basic vector search.

Speakers

Ben Grieser

Sr Solutions Engineer, MariaDB

As a technologist and database expert, Ben Grieser works at the intersection of open source innovation and product engineering. In his role at MariaDB, he regularly talks with team using open source technology to bring complex data products to life. Ben is passionate about making... Read More →

Tuesday May 19, 2026 2:10pm - 2:50pm CDT
211A+B (Level Two)

Open AI & Data

Audience Experience Level Intermediate

2:10pm CDT

Uncouth Users, Dopey Developers and Crazy Cryptographers OR Why It's Never the Architect's Fault - Mike Bursell, Confidential Computing Consortium & Christopher Robinson, OpenSSF

Tuesday May 19, 2026 2:10pm - 2:50pm CDT

200H (Level Two)

In this session, two jaded cybersecurity architects will present a taxonomy of personae who passively or actively get in the way of good security, explain why it's all definitely your fault and express frustration that the Golden Age of Cybersecurity[tm] is always eluding their grasp. With examples and humour/humor (if they can agree on a spelling), your hosts will encourage you to do better next time and point out all the obvious (to them) things you've been doing wrong all these years. And why open source would fix all of them. Almost.

Speakers

Mike Bursell

Executive Director, Confidential Computing Consortium

Mike Bursell is the Executive Director of the Confidential Computing Consortium. He is one of the co-founders of the Enarx project (https://enarx.dev), and was CEO and co-founder of Profian, a start-up based on Enarx. He currently holds advisory board roles with various start-ups... Read More →

Christopher "CRob" Robinson

Chief Architect - OpenSSF, OpenSSF

Christopher Robinson (aka CRob) is the Chief Security Architect for the Open Source Security Foundation. With over 25 years of Enterprise-class engineering, architectural, operational and leadership experience, CRob has worked at several Fortune 500 companies with experience in the... Read More →

Tuesday May 19, 2026 2:10pm - 2:50pm CDT
200H (Level Two)

Open Source 101

Audience Experience Level Any

2:10pm CDT

Architecting for Onboarding: Building a "Docs-as-Code" Pipeline for Open Source Sustainability - Sai Sravan Cherukuri, Independent Contributor

Tuesday May 19, 2026 2:10pm - 2:50pm CDT

200E (Level Two)

In open source, a project's survival depends on its contributor funnel. If developers can't build, test, or grasp your project in the first ten minutes, they'll leave. Documentation is the primary interface for that experience, but is often the most neglected part of the repository.
This session goes past the basic README to show how maintainers can set up a clear Documentation Development Life Cycle. We will explore the 'Docs-as-Code' idea, treating documentation like code by keeping it in Git, peer-reviewing it, and checking it with CI/CD pipelines.
Key takeaways include:
The Pipeline: Setting up automated linters (Vale, Markdownlint) to enforce style and technical accuracy.
The Process: Make sure every new feature includes updated documentation to prevent it from becoming outdated.
The Community: Learn ways to help non-coders contribute, and manage docs with people all over the world.
Join this session to learn actionable steps you can implement right away to make your open-source project more welcoming, robust, and future-proof. Start applying these strategies today and transform your documentation process.

Speakers

Sai Sravan Cherukuri

Open-Source Enthusiast and DevSecOps Architect, Independent Contributor

Engineering for Accessibility: The Human Element of Infrastructure
Sai Sravan is an architect of systems and a champion for the people who build them. As a dedicated open-source advocate, Sai bridges the gap between high-level technical development and community accessibility, ope... Read More →

Tuesday May 19, 2026 2:10pm - 2:50pm CDT
200E (Level Two)

OSS Enabling & Management, Technical Documentation

Audience Experience Level Intermediate

2:10pm CDT

Building Sustainable Open Source: The Harper Story - Ethan Arrowood, Harper

Tuesday May 19, 2026 2:10pm - 2:50pm CDT

200A (Level Two)

Open sourcing a core product is easy to celebrate, but hard to initiate and sustain. This is a practical story about economic viability and how Harper open sourced our core product while protecting business health, funding continued engineering, and creating the conditions for durable community growth.
Geared towards founders, CTOs, investors, and developer relations and engineering managers, I share Harper’s intimate story of transforming our nearly decade-old, closed source code base into an actively growing open source community. I share what we learned from customer growth patterns, where adoption stalled, and how we recognized the potential of open source. From there, I dive deep into our execution strategy; separating the open source core from the commercial operations customers valued.
You’ll learn how licensing choices and clear boundaries between shapes trust, and how we approached the organizational and technical realities of moving a long-lived product into the open. If you're building or funding open source and need a sustainable model supporting profitability and momentum, this session offers a concrete path grounded in lived experiences.

Speakers

Ethan Arrowood

Head of Open Source Engineering, Harper

Ethan Arrowood lives in Summit County, CO. He is the Head of Open Source Engineering at Harper, developing a distributed, real-time application platform. Additionally, he is a Node.js contributor that contributed to the development of Fastify, Undici, and Node.js' Fetch. He's also... Read More →

Tuesday May 19, 2026 2:10pm - 2:50pm CDT
200A (Level Two)

OSS Enabling & Management, Operations Management & OSPOs

Audience Experience Level Any

2:10pm CDT

Open Source Is Not the Same Anymore - Faeka Ansari, Akuity Inc. & Nasi Chaudhari, Yugabyte

Tuesday May 19, 2026 2:10pm - 2:50pm CDT

200J (Level Two)

Open source used to mean something simple: the code is open, the community builds it, and everyone benefits. That world is gone. Today, billion-dollar companies release model weights and call it "open source"

Projects launch with permissive licenses but lock their APIs behind paywalls. Foundations host projects where one vendor controls 95% of the commits. And a new generation of developers is entering open source through AI-generated pull requests they barely understand.

I've spent 7 consecutive Kubernetes release cycles on the release team, helped build and maintain Kargo - a OSS project for GitOps continuous delivery and worked as a CNCF Ambassador helping new contributors navigate this ecosystem

I've watched the definition of "open source" stretch, bend & sometimes break in real time.

This talk is about the real problems developers face today when they try to contribute to, depend on, or build careers around open source projects that don't play by the old rules. I'll share what I've learned about spotting "open-washing" evaluating project health beyond the GitHub star count, and building genuine community in an era where the incentives have fundamentally shifted.

Speakers

Nasi Chaudhari

Founder CloudChamp Soln. Senior Development Manager, Yugabyte

Nasiullha Chaudhari is a Docker Captain, HashiCorp Ambassador, and Developer Engagement Manager at YugabyteDB, with over 4+ years of experience in DevOps, cloud, and cloud-native technologies.He actively contributes to the open source and AI ecosystem through content, community engagement... Read More →

Faeka Ansari

Senior Software Engineer, Akuity Inc.

Faeka is Software Engineer at Akuity, international speaker and a core maintainer of Kargo, an open-source K8s-native project. She is a Kubernetes Release team member and was an LFX mentee in the 2023 mentorship under Istio. She leads several community initiatives across CNCF, Google... Read More →

Tuesday May 19, 2026 2:10pm - 2:50pm CDT
200J (Level Two)

OSS Enabling & Management, Project Leadership

Audience Experience Level Beginner

2:10pm CDT

Package Managers Metadata and Cross Ecosystem Projects in the Era of SBOMs - Damián Vicino, Datadog

Tuesday May 19, 2026 2:10pm - 2:50pm CDT

200G (Level Two)

Package managers do more than resolve dependencies—they shape how software and its metadata are distributed across the ecosystem. While they simplify development, they also introduce large, fast-moving transitive dependency trees that are rarely inspected in depth.
Despite evolving independently, most package managers share a common model: distributing artifacts alongside metadata. Yet metadata formats, completeness, and quality vary widely across ecosystems, creating challenges for security analysis, compliance, and supply chain risk management—especially in today’s hybrid, multi-language environments.
This talk examines how package metadata is increasingly used beyond builds, powering vulnerability management, license compliance, and Software Bill of Materials (SBOM) generation through standards such as SPDX and CycloneDX.
Based on the results from the first year of work from the CHAOSS Package Metadata Working Group—an analysis of more than 40 package managers—we’ll share emerging best practices, gaps we’ve identified, and recommendations for both new and existing ecosystems to improve metadata quality, interoperability, and transparency.

Speakers

Damián Vicino

Senior Open Source Specialist, Datadog

Damian Vicino is a Senior Open Source Specialist at Datadog’s OSPO and an Adjunct Research Professor at Carleton University. He began contributing to open source in the early 2000s, leading a local BSD user group and collaborating with a team on five BSDday Argentina events. He... Read More →

Tuesday May 19, 2026 2:10pm - 2:50pm CDT
200G (Level Two)

Packages + Images + Containers

Audience Experience Level Any

2:10pm CDT

Unified Autonomy Stack - Nikhil Khedekar & Kostas Alexis, Norwegian University of Science and Technology

Tuesday May 19, 2026 2:10pm - 2:50pm CDT

200D (Level Two)

This session introduces the open-source Unified Autonomy Stack (https://github.com/ntnu-arl/unified_autonomy_stack), a containerized, system-level solution enabling robust autonomy across diverse aerial and ground robot morphologies. The architecture centers on three modules -multi-modal perception, multi-stage planning, and multi-layered safety mechanisms- that together deliver end-to-end mission autonomy. Resulting behaviors include safe navigation into unknown regions, exploration of complex environments, and efficient inspection planning. The stack has been validated on multiple multirotor platforms and legged robots operating in GNSS-denied and perceptually degraded environments, demonstrating resilient performance in demanding conditions. To facilitate ease of adoption and extension, we additionally release a reference hardware design that integrates a full multi-modal sensing suite, time-synchronization electronics, and high-performance compute capable of running the entire ROS-based stack while leaving headroom for further development. Strategically, we aim to expand the Unified Autonomy Stack to cover most robot configurations across air, land, and sea.

Speakers

Nikhil Khedekar

Postdoctoral Researcher, Autonomous Robots Lab, Norwegian University of Science Technology (NTNU)

Nikhil Khedekar is a postdoctoral researcher in the Autonomous Robots Lab at the Norwegian University of Science and Technology (NTNU) leading the team’s perception research. Previously, he also led the development of LiDAR based estimation in ScoutDI AS and participated in the... Read More →

Kostas Alexis

Professor, Norwegian University of Science and Technology

Prof. Dr. Kostas Alexis is Professor of Robotics at NTNU, head of the Autonomous Robot Lab, and Director of the Norwegian Centre for Embodied AI. His research advances resilient robotic autonomy (intelligence & morphology) for high-risk, uncertain environments, spanning control, sensor... Read More →

Tuesday May 19, 2026 2:10pm - 2:50pm CDT
200D (Level Two)

PX4 Dev Summit

Audience Experience Level Any

2:45pm CDT

Lightning Talk: Offensive and Defensive Strategies for Addressing Open-Source Vulnerabilities - Tracy Ragan, DeployHub, Inc.

Tuesday May 19, 2026 2:45pm - 2:55pm CDT

200C (Level Two)

Open-source software is foundational to modern application development, but it has also become one of the fastest-moving and hardest attack surfaces to defend. For years, organizations have relied on “shift-left” security to catch vulnerabilities early in the lifecycle. While necessary, this approach alone is no longer sufficient. New vulnerabilities are disclosed daily, often long after software is deployed, leaving IT teams struggling to understand what is truly at risk in production and how quickly they must respond.

In this session, Tracy reframes software supply chain security around the realities of live systems. She explains why teams must move beyond offensive, prevention-only strategies and refocus on rapid detection, prioritization, and response for newly reported vulnerabilities attacking live systems. Tracy also addresses how the pursuit of a zero-vulnerability posture has driven alert fatigue and burnout among developers, security teams, and CIOs.

Attendees will learn how to manage vulnerability alert noise, shorten response times, and focus remediation, protecting open-source-driven systems without slowing delivery or exhausting the teams responsible for them.

Speakers

Tracy Ragan

CEO, DeployHub

Tracy is a recognized expert in software supply chain security and DevSecOps, specializing in managing complex, decoupled architectures. She is the CEO of DeployHub, a scalable post-deployment vulnerability detection platform that empowers software to 'self-heal' by automatically... Read More →

Tuesday May 19, 2026 2:45pm - 2:55pm CDT
200C (Level Two)

cdCon

Audience Experience Level Intermediate

3:00pm CDT

GitOps Gone Wild: Hardening Delivery Pipelines for the AI Era - Julien Semaan, Kubex & Corey McGalliard, Akamai

Tuesday May 19, 2026 3:00pm - 3:20pm CDT

200C (Level Two)

GitOps promises safety and automation, but it will faithfully ship your mistakes at scale. With AI-assisted coding and emerging autonomous agents in the loop, those mistakes now move faster than humans can fully reason about their impact.

This talk dissects real-world GitOps failures where tiny configuration changes triggered outages, overly trusted pipelines amplified risk, and AI-generated patches were merged without understanding their consequences. None of these incidents were tooling failures. They were safety failures.

We’ll show how teams put guardrails back in place by enforcing policy before merge, using progressive rollouts to contain blast radius, applying Crossplane constraints to keep infrastructure changes reversible, and adding automated verification gates that catch problems before they reach production.

Speakers

Corey McGalliard

Engineering Manager, Akamai Cloud

My team and I power and protect life online by building an internal, opinionated Kubernetes platform that meets Akamai's change-safety, security, and compliance expectations while delivering an excellent developer experience. I'm interested in distributed computing and platform engineering... Read More →

Julien Semaan

Head of k8s Engineering @Kubex | CNCF TAG DevEx Tech Lead, Kubex

Julien is the Head of Kubernetes Engineering at Kubex and a Tech Lead with the CNCF TAG for Developer Experience. With deep roots in open source and cloud-native systems, he has been working with Kubernetes since 2017 and has led multiple product transitions to cloud-native archi... Read More →

Tuesday May 19, 2026 3:00pm - 3:20pm CDT
200C (Level Two)

cdCon

Audience Experience Level Any

3:05pm CDT

Lightning Talk: Reliability at the Edge: Fail-Safe Multi Cluster Orchestration With Kubestellar - Munachimso (Muna) Nwaiwu, Cornell University

Tuesday May 19, 2026 3:05pm - 3:15pm CDT

200F (Level Two)

Managing a single Kubernetes cluster is a solved problem. However, extending Kubernetes to the edge introduces a fundamental systems crisis. In remote environments, network partitions are guaranteed. When orchestrators demand real-time synchronization, routine network drops lead to configuration drift and control-plane breakdown.

This session analyzes how KubeStellar (a CNCF Sandbox project) attempts to solve this reliability crisis. Evaluated from a systems and network perspective, we dissect how KubeStellar abandons synchronous replication for an asynchronous, hub-and-spoke model. By decoupling its Workload Description Space (WDS) from the transport layer, it leverages eventual consistency to treat disconnected edge nodes as expected, not a fatal error.

To ground this theory in reality, we explore our ongoing research at Cornell University’s Smart Farms. In remote agriculture, long-term partitions are daily realities. We will outline our progress using KubeStellar to manage geographically dispersed clusters, presenting an architectural roadmap for how eventual consistency can ensure local workloads survive extended disconnects and deterministically reconcile upon reconnection.

Speakers

Muna Nwaiwu

Researcher, Cornell University

Munachimso Victor Nwaiwu is a PhD student at Cornell University researching distributed systems and edge orchestration, building upon a highly accomplished career as a Network Automation Engineer. Before his academic research, he made significant contributions to next-generation network... Read More →

Tuesday May 19, 2026 3:05pm - 3:15pm CDT
200F (Level Two)

Cloud + Orchestration

Audience Experience Level Intermediate

3:05pm CDT

Microseconds Matter : Benchmarking Thread Synchronization - Gautham Ponnu, The MathWorks

Tuesday May 19, 2026 3:05pm - 3:45pm CDT

208A+B (Level Two)

This talk aims to analyze the performance of most common Linux synchronization primitives under PREEMPT_RT, comparing their behavior across a range of workloads. We’ll explore how each primitive scales with thread count, handles contention, and impacts determinism. Expect graphs, latency histograms, and a few surprises. If you’re building real-time systems or tuning performance, this session will help you make smarter, faster, and safer decisions.

Speakers

Gautham Ponnu

Principal Software Engineer & Manager of Engineering, The MathWorks

Gautham Ponnu is a Principal Software Engineer for Real-Time Systems at MathWorks, where he leads development of real-time simulation and hardware-in-the-loop testing tools. With over a decade of experience in embedded and real-time systems, Gautham specializes in real-time synchronization... Read More →

Tuesday May 19, 2026 3:05pm - 3:45pm CDT
208A+B (Level Two)

Embedded Linux Conference

Audience Experience Level Intermediate

3:05pm CDT

Secure Boot for Embedded Linux: Explained in Simple Words - Roy Jamil, Ac6

Tuesday May 19, 2026 3:05pm - 3:45pm CDT

208C+D (Level Two)

Secure Boot is often described using cryptography-heavy terminology, vendor-specific flows, and complex diagrams that make it intimidating for embedded developers.
This talk explains Secure Boot for embedded Linux systems from first principles, using simple language and clear mental models.

We start by answering why Secure Boot exists, then walk step by step through the boot process. Concepts like Root of Trust and signature verification are explained without assuming prior security or cryptography background.

The session focuses on what actually happens at boot time, not on vendor marketing or abstract theory. Real-world examples from common embedded Linux systems are used to illustrate how Secure Boot is implemented and where it can fail if misunderstood.

By the end of the talk, attendees will be able to explain Secure Boot in their own words, understand its guarantees and limitations, and reason about Secure Boot designs in real embedded products.

Speakers

Roy Jamil

Embedded Systems Trainer, Ac6

Roy Jamil, with a PhD in the field of Asymmetric Multiprocessing (AMP) and real-time embedded systems, has over six years of experience as a Training Engineer at Ac6. He trains hundreds of engineers annually. His experience includes programming, Linux, drivers, Yocto, and various... Read More →

Tuesday May 19, 2026 3:05pm - 3:45pm CDT
208C+D (Level Two)

Embedded Linux Conference

Audience Experience Level Beginner

3:05pm CDT

Fork, Explore, Commit: Linux Primitives for AI Agents Exploration - Cong Wang, Multikernel Technologies & Yusheng Zheng, eunomia-bpf

Tuesday May 19, 2026 3:05pm - 3:45pm CDT

205C+D (Level Two)

AI agents don’t execute a single path, they explore many. They try different code changes, commands, or configurations in parallel, then keep the one that works. Today, running this safely on Linux requires fragile combinations of temp directories, git tricks, containers, or VM snapshots.

This talk introduces branch contexts, a new Linux execution model built for AI agents. A branch context gives each exploration path an isolated, copy-on-write filesystem and coordinated process group, with a simple lifecycle: fork, explore, commit or abort. The first successful branch commits atomically; all others are automatically invalidated.

We present two Linux implementations: BranchFS, a FUSE-based branching filesystem with O(1) branch creation and atomic commit without root privileges, and branch(), a proposed Linux syscall that composes filesystem branching, namespaces, and process lifecycle management into a single atomic operation.

We’ll explain why existing Linux mechanisms fall short for agent workloads and how fork/explore/commit semantics fit naturally into the future of Linux process and filesystem design.

Speakers

Cong Wang

Founder and CEO, Multikernel Technologies

Cong Wang is a professional Linux kernel developer mainly focuses on Linux networking and eBPF, he is also a Linux kernel maintainer for the networking traffic control subsystem. He has contributed over 1000 patches to the Linux kernel project.

Yusheng Zheng

OSS developer, eunomia-bpf

Yusheng Zheng is an OSS maintainer and researcher focused on systems understanding and extensions. As a co-founder of the eunomia-bpf community and a PhD student, Yusheng integrates eBPF and AI to enhance the Linux kernel and userspace applications. Yusheng frequently presents these... Read More →

Tuesday May 19, 2026 3:05pm - 3:45pm CDT
205C+D (Level Two)

Linux

Audience Experience Level Intermediate

3:05pm CDT

Identity Management for AI Agents - Abdel Fane, OpenA2A

Tuesday May 19, 2026 3:05pm - 3:45pm CDT

211A+B (Level Two)

Every enterprise has identity management for humans—SSO, MFA, RBAC, audit logs. But AI agents? They run with API keys, no verified identity, no behavioral tracking, no audit trail.

This talk bridges the gap between traditional IAM and the emerging world of autonomous AI agents:

What we learned from human IAM:

- Why identity must be cryptographic, not just credentials

- How least-privilege access control prevents lateral movement

- Why audit trails matter for compliance and incident response

Applying it to AI agents:

- Agent identity: Ed25519 keypairs vs API keys

- Capability-based access: what tools can this agent call?

- Behavioral trust scoring: detecting compromised agents

- MCP server attestation: verifying the tools agents connect to

We'll examine real attack scenarios—agent impersonation, tool injection, privilege escalation—and show how identity-first security prevents them.

Live demo using AIM (Agent Identity Management), an Apache-2.0 open-source platform. All patterns are framework-agnostic and applicable to LangChain, CrewAI, AutoGen, or raw MCP implementations.

Attendees leave with actionable security patterns for their AI agent deployments.

Speakers

Abdel Fane

CEO & Founder, OpenA2A

Abdel is a cybersecurity architect with 17+ years of experience securing enterprise environments across healthcare, finance, and government sectors. He has led security initiatives at Grail, Booz Allen Hamilton, Protiviti, and Allstate, specializing in cloud security & DevSecOps.
... Read More →

Tuesday May 19, 2026 3:05pm - 3:45pm CDT
211A+B (Level Two)

Open AI & Data

Audience Experience Level Intermediate

3:05pm CDT

The Code Is the Contract: How Linux's Architecture Sheds Light on GPL Compliance - Sabir Ibrahim, Dev Legal

Tuesday May 19, 2026 3:05pm - 3:45pm CDT

200H (Level Two)

This session demystifies the GPL by exploring the "architecture of intent"—the deliberate design choices made by kernel maintainers that define the legal boundaries between open source code licensed under the GPL and closed source code that may interface with the Linux kernel while maintaining its own licensing. As a lawyer with a deep interest in open source software and expertise in OSS licensing and compliance, I will bridge the gap between code and copyright. My goal is to provide developers with a practical framework for navigating GPL compliance as it pertains to Linux.

This talk is designed specifically for a technical audience. It is not a dry legal lecture. Instead, it is a practical, developer-focused guide that uses code, architecture, and real-world examples to illuminate complex legal concepts. We will walk through three common scenarios where proprietary software interfaces with the Linux kernel, analyzing each from both a technical and legal perspective.

Attendees will leave with the ability to identify high-risk integration patterns and make more informed development decisions.

Speakers

Sabir Ibrahim

Managing Attorney, Dev Legal

Sabir is an attorney and OSS enthusiast. He has advised clients ranging from startups to Fortune 50 companies on issues relating to OSS. He is a former associate at the law firm of Greenberg Traurig, a former corporate counsel at Amazon, and a former senior counsel at Roku.

Sabir has his own law practice, Dev Legal, and is co-founder of Chinstrap Community. Chinstrap Community is a free resource center for entrepreneurs, investors, and others interested in OSS entrepreneurship... Read More →

Tuesday May 19, 2026 3:05pm - 3:45pm CDT
200H (Level Two)

Open Source 101

Audience Experience Level Intermediate

3:05pm CDT

Hidden in Plain Sight: Discovering the Academic Open Source Landscape - Juanita Gomez, University of California, Santa Cruz

Tuesday May 19, 2026 3:05pm - 3:45pm CDT

200A (Level Two)

Academic Open Source Program Offices (OSPOs) are emerging across universities to support open source, but how can they identify contributors and know what support is needed?

The University of California launched its OSPO network in 2024, connecting six campuses (UC Santa Cruz, Berkeley, Davis, Los Angeles, Santa Barbara, and San Diego) to promote open source research, sustainability, and best practices. A major challenge is not only finding projects but understanding how they operate and engage contributors.

To address this, the UC OSPO Network is developing the Open Source Repository Browser (ORB), an interactive platform that maps activity, visualizes community health signals, tracks contributor patterns, and surfaces repository metadata. ORB enables OSPOs to guide targeted support, inform policy, and strengthen open source contributions across campuses.

The browser now visualizes data from 30+ universities, providing a multi institution view of project health, contributor patterns, and adoption of community standards. This talk will cover ORB’s design and implementation and share insights from multiple universities to inform OSPO strategies and engagement.

Speakers

Juanita Gomez

PhD Student, University of California, Santa Cruz

Juanita Gomez is a Ph.D. candidate in Computer Science at UC Santa Cruz, where her research focuses on improving the security of scientific open source software in collaboration with the Open Source Program Office (OSPO) at UCSC. She is a passionate programmer, mathematician, and... Read More →

Tuesday May 19, 2026 3:05pm - 3:45pm CDT
200A (Level Two)

OSS Enabling & Management, Operations Management & OSPOs

Audience Experience Level Any

3:05pm CDT

It's Not Rocket Science, It's a Flywheel: Engineering OS Communities With DevEx - Jeremy Meiss, WWT

Tuesday May 19, 2026 3:05pm - 3:45pm CDT

200J (Level Two)

It's no secret that building and sustaining thriving open source communities requires moving beyond sporadic contributions and fostering an ecosystem of engaged members. That process is not simple, and requires a lot of time and effort, which is not often something a maintainer has, which more often than not leads to maintainer burnout or project stagnation.

In this talk, Jeremy will connect the principal of a "flywheel" that we see in everyday life with the principles of Developer Experience, and discuss what a "DevEx Flywheel" should look like. He will explore how things like feedback loops, "time to joy", onboarding, and documentation all contribute to an experience that can enhance contributions, which in turn improves project health, value, and more.

This session will explore what the DevEx Flywheel looks like, and provide actionable strategies for:
- Creating seamless onboarding experiences and amazing documentation
- Implementing tooling and automating workflows by reducing friction
- Fostering welcoming communication and effective feedback loops

Stop hoping for community growth; start engineering it through Developer Experience.

Speakers

Jeremy Meiss

Technical Solution Architect, AI Native, WWT

Jeremy is an international speaker and is a Technical Solution Architect, AI Native, at WWT, previously leading Developer Advocacy at OneStream Software, CircleCI, Solace, and Auth0. Jeremy is active in the DevRel and DevOps communities, a co-creator of DevOpsPartyGames.com, and organizer... Read More →

Tuesday May 19, 2026 3:05pm - 3:45pm CDT
200J (Level Two)

OSS Enabling & Management, Project Leadership

Audience Experience Level Intermediate

3:05pm CDT

Tiny Repos, Big Impact: Level Up Through Open-Source Teaching - Katie Kodes, Independent

Tuesday May 19, 2026 3:05pm - 3:45pm CDT

200E (Level Two)

When you approach your public code repositories with teaching as the primary goal -- designing them specifically to help others learn -- you transform simple code sharing or tech blogging into open-source teaching.

Discover how documenting your technical learning journey through small, focused open-source projects can accelerate your learning, establish your expertise, and create value for both the open-source community and enterprise development teams.

Examples of my adventures in open-source teaching include:

* A 32-line working web application, and its 41-line fork that, in 9 lines, adds automated unit tests.
* A fully-CI/CD-tested OpenTofu module in less than 100 lines of code.

In this session, you'll learn practical strategies for right-sizing demo repos, choosing the right platforms for sharing, and capturing the unique value of your "beginner's mind" to help others learn.

Speakers

Katie Kodes

DevOps Architect

Katie is a DevOps architect who brings clarity to complex technical challenges across the entire stack. With experience ranging from infrastructure to front-end development, she helps teams build reliable, observable systems that deliver real business value. A passionate educator... Read More →

Tuesday May 19, 2026 3:05pm - 3:45pm CDT
200E (Level Two)

OSS Enabling & Management, Technical Documentation

Audience Experience Level Any

3:05pm CDT

What Are You Willing To Digest? Multi Arch Container Image Security and Best Practice - Evans Yeboah Jr., VideoAmp

Tuesday May 19, 2026 3:05pm - 3:45pm CDT

200G (Level Two)

Deploying apps in containers is easier than ever, but securing the image these containers come from is a dynamic security problem that on its surface has no single best answer. So when it comes to what risk you may face and what risk you are willing to accept, one of the questions that may come up is if snowflake-y multi architecture risks are something you are willing to digest?

With multi arch images, based on the system it is deployed to, its vulnerabilities profile may look different than any of the other supported systems. So in this talk I will be demonstrating a security tool agnostic way to handle identifying and remediating these threats. I will go through how anyone (at any level of security experience) can automate container security across pipelines without slowing down development. Attendees will walk away with a new understanding of the importance of minimizing exposure to these risks, as well as a clearer understanding of the layered setup of multi arch container images (index manifest, platform manifest, and image manifest). And without a doubt, walk away with container image security and not unmanaged risk, something they are willing to digest.

Speakers

Evans Yeboah Jr.

Senior Security Engineer, VideoAmp

Cyber security and AI security enthusiasts who likes to build stuff but also make sure it's secure. Engineer by day and baker by night, honing both crafts by failing forward every day.

Tuesday May 19, 2026 3:05pm - 3:45pm CDT
200G (Level Two)

Packages + Images + Containers

Audience Experience Level Beginner

3:05pm CDT

Talking To Drones: Natural Language Control of PX4 Using a Phone, MCP, and ChatGPT Realtime API - Godfrey Nolan, RIIS LLC

Tuesday May 19, 2026 3:05pm - 3:45pm CDT

200D (Level Two)

PX4-based drones are powerful, but interacting with them typically requires specialized ground control software and trained operators. This talk presents a new interaction model: controlling and querying a PX4 drone using natural language from a standard mobile phone.

The system combines a Model Context Protocol (MCP)–style interface (inspired by ROS 2 MCP implementations) to expose PX4 capabilities as structured, machine-readable commands, with OpenAI’s real-time ChatGPT API to interpret user intent. A phone call or voice interaction—handled via Twilio—becomes the primary user interface, allowing operators to issue commands such as “take off to 10 meters,” “orbit that location,” or “what’s your battery state?” and receive immediate spoken feedback.

The talk will cover:

* How PX4 commands, telemetry, and state are exposed through an MCP-like abstraction
* Real-time bidirectional communication between phone, AI model, and drone using Twilio and RealTime API
* Safety considerations, command validation, and constraints when using AI-mediated control
* Practical use cases, fly missions, object detection all using hands free control
* Lessons learned, what worked and didn't work

Speakers

Godfrey Nolan

President, RIIS LLC

Godfrey Nolan is founder and president of RIIS LLC a mobile development firm in the Detroit Metro area. He is also author of Agile Swift (Apress), Agile Android (Apress), Bulletproof Android (Pearson), Android Best Practices (Apress), Decompiling Java (Apress) and Decompiling Android... Read More →

Tuesday May 19, 2026 3:05pm - 3:45pm CDT
200D (Level Two)

PX4 Dev Summit

Audience Experience Level Intermediate

3:25pm CDT

Lightning Talk: Built Clean. Receipts Attached - Adolfo García Veytia, Carabiner Systems & Alex Zenla, Edera

Tuesday May 19, 2026 3:25pm - 3:35pm CDT

200C (Level Two)

Security frameworks such as SLSA require software builds to run in isolated environments to guarantee they are “free of unintended external influence”. In practice, this means full control of the runtime environment and every dependency entering a build, ensuring no malware slips into released software
But how can you verify isolation after the fact? How do you know a container image or binary was compiled in a truly hermetic environment, free from tampering processes or hidden tooling? Can you confidently prove your release used only the dependencies declared in your SBOM?
In this talk, Marina and Puerco will demonstrate practical techniques to verify build isolation and runtime characteristics. Want cryptographic proof of hermetic builds? We’ll show it. Need confidence in software components and complete SBOM coverage? Covered. Trace provenance to the exact VM that executed the build? Absolutely.
Using Cocoon, an open source build packager running inside Edera Protect isolated zones, we will verify attested machine identity via SPIFFE SVIDs, environment features, and SBOM completeness, all enforced with reusable policy code powered by technologies like in-toto, SLSA and Sigstore.

Speakers

Alex Zenla

CTO, Edera

Alex is a Founder & CTO at Edera, building technology for securing containers using hypervisors in Rust. She has contributed to many open source projects including Chromium, Chromium OS, Dart, and Ubuntu, some as early as 11 years old. Alex started in the corporate world at the age... Read More →

Adolfo Garcia Veytia

Founding Engineer, Carabiner Systems

Adolfo García Veytia (@puerco) is one of the Kubernetes SIG Release Technical Leads and actively works on the Release Engineering team. He specializes in improving the software that drives the automation behind the Kubernetes release process. He is also the creator of the OpenVEX... Read More →

Tuesday May 19, 2026 3:25pm - 3:35pm CDT
200C (Level Two)

cdCon

Audience Experience Level Intermediate

3:25pm CDT

Lightning Talk: Taking a U-Turn for Caches: Moving Back From Remote To Local - Aditya Mohan, Amazon

Tuesday May 19, 2026 3:25pm - 3:35pm CDT

200F (Level Two)

With the growth of CPU compute and larger memory heaps, many cloud-native workloads that traditionally relied on remote caches like Redis and Memcached can now benefit from in-process caching using open source libraries.

In this session, we focus on Java-based cloud-native services and show how local caches, such as Caffeine, can colocate cache with application logic, reducing network overhead, simplifying consistency management, and improving latency. Drawing on large-scale production experience, we’ll explore cache invalidation, freshness guarantees, near-cache patterns, and scalability trade-offs, along with practical lessons for handling staleness, TTLs, and other caching challenges while reducing operational complexity and cost.

Finally, we’ll discuss how emerging open source tools like Databricks’ Dicer apply these caching and orchestration principles at scale for real-time services, representing the next frontier. Attendees will learn methods to design low-latency, high-throughput, maintainable, and cost-efficient caching solutions for cloud-native architectures using open source tools.

Speakers

Aditya Mohan

Amazon Senior Machine Learning Engineer at Amazon Advertising Sponsored Products, Amazon

Aditya Mohan is a Senior Machine Learning Engineer at Amazon Advertising with 11+ years of experience and tech lead for agentic advertiser campaigns. He specializes in large-scale ML and semantic search, using LLMs and LangGraph to optimize campaigns and ensure observability, accountability... Read More →

Tuesday May 19, 2026 3:25pm - 3:35pm CDT
200F (Level Two)

Cloud + Orchestration

Audience Experience Level Intermediate

3:35pm CDT

Lightning Talk: Where Does Your Policy Actually Live? - Dadisi Sanyika, Sol Duara, Inc.

Tuesday May 19, 2026 3:35pm - 3:45pm CDT

200C (Level Two)

Your organization has a policy requiring all artifacts to pass security scanning before deployment. Simple enough. But you use three CI systems, so Team A implements it in Jenkins with a Groovy shared library, Team B uses a GitHub Actions reusable workflow, and Team C builds it into GitLab CI includes.

Same intent. Three implementations. Three syntaxes. Three maintenance burdens.

Now an auditor asks: "Prove these are equivalent."

This lightning talk examines what happens when policy lives inside tools versus above them. We'll look at an architectural pattern in which tools emit events upward and receive decisions downward via CDEvents, while policy logic lives in a single, auditable location. The tools keep doing tool things. Nothing changes, but everything works.

You'll leave with one question worth asking in your next architecture review: "Where does our policy actually live?" The answer has implications for maintenance burden, audit readiness, and the extent to which consistent governance can scale.

Speakers

Dadisi Sanyika

CEO, Sol Duara, Inc.

I am the Governing Board Chair for the Continuous Delivery Foundation (Linux sub-foundation) and the CEO of Sol Duara, Inc. Previously, at Apple, I led a team of engineers dedicated to improving the Continuous Deployment experience for teams and the community. Our contributions are... Read More →

Tuesday May 19, 2026 3:35pm - 3:45pm CDT
200C (Level Two)

cdCon

Audience Experience Level Beginner

3:35pm CDT

Lightning Talk: Confidential Virtual Machines in KubeVirt With Hardware-Backed Trusted Environments - Basavaraju G & Rishika Kedia, IBM

Tuesday May 19, 2026 3:35pm - 3:45pm CDT

200F (Level Two)

Multi cloud deployments and shared infrastructure enhance data privacy and security issues, with containerized workloads becoming mainstream in Kubernetes, there is a need to host containers securely in addition to virtual machines (VMs) to safeguard hardware-level workloads.
KubeVirt is a cloud native virtualization platform that comes with Confidential Virtual Machines for the most sensitive use cases. They take advantage of Trusted Execution Environments such as AMD SEV, Intel TDX, and IBM Secure Execution to provide data-in-motion encryption for their workloads and defend against subverted host admins as well as against system attacks.
In this session, we will cover KubeVirt methodology for Confidential VMs, including the design of the architecture, challenges of implementation, and deployments. We will examine how the VMs protect sensitive workloads using memory encryption, workload isolation while being placed within Kubernetes orchestration and automation.

Speakers

Rishika Kedia

STSM, Chief Product Owner- OpenShift, BM India Private Ltd

Rishika Kedia is the Product Owner for OpenShift and an Architect for Red Hat OCP on IBM Z at India Systems and Development Labs. With 18+ years of experience, she has led efforts to enable OpenShift and open-source technologies on IBM Z and LinuxONE systems. Rishika has designed... Read More →

Basavaraju G

Architect, IBM

Basava Raju.G is a Currently working at IBM, specializing in IBM Kubernetes Service and Openshift Container Platform. Basava has authored 3 IEEE publications, holds 2 Patents in domain of machine learning and Containers domain. Currently, Basavaraju is working on IBM Labs as the Product... Read More →

Tuesday May 19, 2026 3:35pm - 3:45pm CDT
200F (Level Two)

Cloud + Orchestration

Audience Experience Level Intermediate

3:45pm CDT

Ask the Expert Sessions

Tuesday May 19, 2026 3:45pm - 4:20pm CDT

TBA

Ask the Expert Session: Sit down with open source experts to gain knowledge 1:1 and ask all your pressing questions!

No sign-up necessary! More information coming soon!

Tuesday May 19, 2026 3:45pm - 4:20pm CDT
TBA

Ask the Experts

3:45pm CDT

Coffee Break

Tuesday May 19, 2026 3:45pm - 4:20pm CDT

Solutions Showcase, Ballroom A+B (Level One)

Tuesday May 19, 2026 3:45pm - 4:20pm CDT
Solutions Showcase, Ballroom A+B (Level One)

Special Events / Exhibits / Breaks

3:50pm CDT

Sponsor Activity - Run AI Coding Agents on Your Infrastructure Live Demo and Giveaways

Tuesday May 19, 2026 3:50pm - 4:05pm CDT

Solutions Showcase, Ballroom A+B (Level One)

See how Coder Agents runs AI coding agents inside your infrastructure with no data leaving your perimeter. Watch agents build test and modify code in isolated environments. Learn how to scale AI with governance observability and model flexibility. Stop by for demos swag and technical discussions.

Sponsor: Coder
Location: Solutions Showcase

In order to facilitate networking and business relationships at the event, you may choose to visit a third party's booth or access sponsored content. You are never required to visit third party booths or to access sponsored content. When visiting a booth or participating in sponsored activities, the third party will receive some of your registration data. This data includes your first name, last name, title, company, address, email, standard demographics questions (i.e. job function, industry), consenting to receipt and use of such data by the third-party recipients, which will be subject to their own privacy policies.

Tuesday May 19, 2026 3:50pm - 4:05pm CDT
Solutions Showcase, Ballroom A+B (Level One)

Special Events / Exhibits / Breaks

4:20pm CDT

eBPF and Open Source Code Ensure the Security of Your Clusters CI/CD Pipeline. - Hudson Coutinho, Linker Bank

Tuesday May 19, 2026 4:20pm - 4:40pm CDT

200C (Level Two)

In this talk, I'll show how what happens DURING the build and deployment can be fatal.
Using eBPF, we created an Open Source app that monitors the kernel in real time to detect access to secrets, suspicious commands, and data exfiltration at the exact moment they occur.
In my consulting work, I've seen real-world scenarios where compromised runners handed over database secrets and cloud keys without anyone noticing.
The pipeline is a huge blind spot in current security.

Speakers

Hudson Coutinho

Hudson Coutinho, Devs On The Road

Bachelor's degree in Information Systems, postgraduate degree in artificial intelligence and cybersecurity.
12 years of experience accelerating the delivery, scalability, and resilience of software for national and international companies, leading high-performance multidisciplina... Read More →

Tuesday May 19, 2026 4:20pm - 4:40pm CDT
200C (Level Two)

cdCon

Audience Experience Level Any

4:20pm CDT

Hardening QEMU With Self-Correcting Fuzzing Pipelines - Navid Emamdoost, Google

Tuesday May 19, 2026 4:20pm - 5:00pm CDT

200F (Level Two)

This session explores a dual-phase strategy for hardening the QEMU Virtual Machine Monitor (VMM) through advanced fuzzing and AI-driven automation. We begin by detailing a manual hardening effort that expanded QEMU’s testing surface from 18 to 60 active targets, increasing device line coverage by more than 30%. While effective, manual target creation is a resource-intensive process that struggles to scale across the hundreds of virtualized devices supported by QEMU.

To address these scaling challenges, we introduce an AI-driven agentic pipeline designed to automate the generation and validation of fuzzing targets. This system leverages Large Language Models (LLMs) to analyze device source code and memory regions, generating candidate C++ targets for the QEMU fuzzing engine.

We will discuss the implementation of a self-correcting feedback loop where the agent captures compilation and runtime errors to iteratively refine its output until a stable target is produced. Attendees will see how this approach aims to reach >80% device line coverage by automating the remaining hardware targets that currently lack dedicated fuzzing.

Speakers

Navid Emamdoost

Software Engineer, Google

Navid Emamdoost is a Software Engineer at Google focused on infrastructure security. He holds a PhD from the University of Minnesota, where his research uncovered over 200 Linux kernel bugs and 40 CVEs. His career includes maintaining OSS-Fuzz for open source projects and hardening... Read More →

Tuesday May 19, 2026 4:20pm - 5:00pm CDT
200F (Level Two)

Cloud + Orchestration

Audience Experience Level Intermediate

4:20pm CDT

Optimize Linux Kernel To Fit Microcontrollers With 1 MB RAM - Jim Huang & Chisheng Chen, National Cheng Kung University

Tuesday May 19, 2026 4:20pm - 5:00pm CDT

208C+D (Level Two)

Running the Linux kernel on microcontrollers with severely constrained RAM has long been viewed as impractical. Conventional embedded Linux builds still assume tens of megabytes of memory, excluding a wide class of resource-limited hardware such as Arm Cortex-M and certain Cortex-R devices. This talk presents recent work on adapting and optimizing the Linux kernel to operate within a 1 MB RAM budget.

We examine the challenges of reducing Linux’s memory footprint for microcontroller-class systems and the techniques that enable Linux to run in sub-megabyte environments. Topics include:
* Memory profiling of core kernel subsystems
* Removing or deferring optional features to reduce RAM usage
* Streamlining kernel image layout and data structures
* Adjusting build configurations and boot flow for extreme constraints
* Runtime trade-offs between functionality and footprint

The session demonstrates how mainline Linux can be reshaped to fit far smaller footprints than traditionally assumed. This approach expands the reach of embedded Linux and provides practical strategies for optimizing memory usage on highly constrained platforms.

Speakers

Jim Huang

Assistant Professor, National Cheng Kung University

Drawing from his contributions to the Android Open Source Project (AOSP), Jim specializes in real-time performance tuning and optimization of Linux-based automations. Additionally, he is a co-founder of the LXDE project, a lightweight desktop environment widely utilized in embedded... Read More →

Chisheng Chen

Student, National Cheng Kung University

Chisheng Chen, a.k.a rota1001, is an embedded system developer transitioned from a CTF player. These days, he wrote firmwares on some microcontrollers and did some DOOM and Linux ports. He is currently pursuing the B.S. degree in Computer Science in National Cheng Kung University... Read More →

Tuesday May 19, 2026 4:20pm - 5:00pm CDT
208C+D (Level Two)

Embedded Linux Conference

Audience Experience Level Intermediate

4:20pm CDT

Why Demand Is Growing for Linux as a Real Time OS in Embedded IEC 61508/ISO 26262-compliant Systems - Dylan Dawson, Elektrobit

Tuesday May 19, 2026 4:20pm - 5:00pm CDT

208A+B (Level Two)

As automotive E/E architectures evolve toward centralized high-performance computing (HPC) real-time operating systems (RTOS) need better visibility into system timing behavior. Additionally software defined vehicle (SDV) trends where open, flexible, non-proprietary software stacks are the goal. In this landscape, legacy concepts like dedicated microcontrollers in-service to HPC safety are being challenged. ADAS workloads are balancing HPC compute power with strict time constraint requirements in real-time behavior. Combining mixed-critical workloads on a single HPC platform is a viable solution for OEMs and Tier 1s building perception, control, and safety-relevant HPC domain controller functions. However, the struggle to ensure real-time performance and deterministic timing is an ongoing challenge.
This presentation will demonstrate how Linux can provide measurable, stable, and predictable real-time performance, enabling ADAS teams to run time-critical functions on a modern automotive-grade Linux stack. The audience will gain confidence in a concept which accelerates development for SDV without proprietary RTOS islands, and charters a path to ASIL B/SIL 3 certification

Speakers

Dylan Dawson

Director of Cross-portfolio Growth & Strategic Alliances - North America, Elektrobit

Dylan Dawson is a North American Director at Elektrobit. His focus is strategic partnerships and product evangelism across in automotive. His experience spans securing design wins with OEMs, expanding market reach for emerging software products, and building strategic alliances across... Read More →

Tuesday May 19, 2026 4:20pm - 5:00pm CDT
208A+B (Level Two)

Embedded Linux Conference

Audience Experience Level Intermediate

4:20pm CDT

The Hidden Cost of Sleep: How Scheduler Wakeup Latency Impacts High-Throughput AI Inference - Shubhang Kaushik, Ampere Computing

Tuesday May 19, 2026 4:20pm - 5:00pm CDT

205C+D (Level Two)

As a Linux Kernel Developer at Ampere Computing, I focus on optimizing the scheduler for high-density ARM64 systems. My work culminates in a patch merged for the Linux 7.0 release that refines avg_idle tracking a critical metric the scheduler uses to decide how long to search for an idle CPU before giving up. In my session "The Hidden Cost of Sleep", I will break down the try_to_wake_up() path to show how even minor inaccuracies in idle-time accounting lead to poor CPU selection and increased cache misses. I’ll explain how my Linux 7.0 optimizations [commit
36ae1c45b2cede] specifically reduce the 'search cost' during wakeups, directly improving the responsiveness of AI inference workloads. By sharing raw performance data and trace analysis, I’ll demonstrate why getting the wakeup path right is the only way to achieve the deterministic performance needed for autonomous AI agents and scalable trust infrastructure.

Speakers

Shubhang Kaushik

Software Engineer, Ampere Computing

Linux Kernel Developer

Tuesday May 19, 2026 4:20pm - 5:00pm CDT
205C+D (Level Two)

Linux

Audience Experience Level Advanced

4:20pm CDT

Headroom: A Context Optimization Layer for LLM Applications - Tejas Chopra, Netflix, Inc.

Tuesday May 19, 2026 4:20pm - 5:00pm CDT

211A+B (Level Two)

LLM tokens are expensive. With context windows expanding to 200K+ tokens, a single API call can cost several dollars & in production systems handling thousands of requests, these costs compound quickly.
Most optimization efforts focus on model selection or prompt engineering, but the context itself often contains massive redundancy.

Headroom is an open-source Python library (https://github.com/chopratejas/headroom) that sits between your application and your LLM provider, transparently optimizing context before it reaches the model.
The core insight is simple: LLM contexts—especially in agentic workflows—are filled with repetitive tool outputs, verbose JSON arrays, and boilerplate that consumes tokens without adding proportional value

Headroom introduces novel concepts such as reversible compression, cache aligners, compression routers, and even persistent memory

Real-world results:
- 50-90% token reduction on typical agentic workloads
- Drop-in integrations for LangChain, OpenAI, Anthropic, and any OpenAI-compatible provider
- Zero code changes required when using the proxy server

Speakers

Tejas Chopra

Sr. Engineer, Netflix, Inc.

Tejas Chopra is a senior ML and AI infrastructure Engineer at Netflix, where he builds large-scale systems for production AI and data platforms. He is the creator of Headroom, an open-source context optimization engine for LLMs, and a frequent speaker at global conferences on ML systems... Read More →

Tuesday May 19, 2026 4:20pm - 5:00pm CDT
211A+B (Level Two)

Open AI & Data

Audience Experience Level Advanced

4:20pm CDT

A Fun Overview of the Argo Ecosystem - Aaron Teague, UVNV

Tuesday May 19, 2026 4:20pm - 5:00pm CDT

200H (Level Two)

Many hear the word "Argo" and immediately think "GitOps" with the ability to sync what's in a git repo with what's in a live Kubernetes environment. However, "Argo CD" is just one of several tools within the Argo ecosystem.

These other tools include:
- Rollouts - Move web traffic from an old to a new version of adeployment
- Workflows - Perform work in multiple steps, or as a DAG
- Events - Perform a variety of triggers based on a variety of potential events

These tools have a lot of use and can automate otherwise mundane tasks and lessen the risks associated with change.

Each will get given an overview of how they work and how they can be useful in isolation. Then we will combine them to solve different tasks. Examples will range from practical to silly, keeping healthy parts "educational" and "entertaining".

Speakers

Aaron Teague

Site Reliability Engineer

Aaron Teague is a Site Reliability Engineer with a passion for Kubernetes and the ecosystem that often comes along with it. He enjoys taking otherwise complex topics and breaking them down into easier to understand pieces that are not just informative, but memorable.

Tuesday May 19, 2026 4:20pm - 5:00pm CDT
200H (Level Two)

Open Source 101

Audience Experience Level Beginner

4:20pm CDT

Being an OSS Maintainer in the Land of LLMs - Tiffany Jernigan, Grafana Labs

Tuesday May 19, 2026 4:20pm - 5:00pm CDT

200J (Level Two)

As a maintainer of both Grafana Tempo and CNCF Jaeger, and a dev advocate, we've seen a large increase in LLM-supported contributions. Pull requests, issues, discussions, and design proposals have been flooding into these projects at a rate never before seen. The level of effort to submit a reasonable-looking PR has dropped to nearly 0. The level of effort required to review a reasonable-looking PR has also been reduced with LLM assistance, but not nearly to the same degree.

Within Jaeger and Tempo, we've begun discussing ways to approach these PRs. We want to encourage contributions to OSS projects, but need invested humans on the other side of the PRs in to merge them. Generally, we celebrate the lowering of both language and technical barriers for participation, but as gatekeepers of critical OSS projects, it's our responsibility to only merge stable, well-considered code.

Join to commiserate, discuss, or simply listen to some war stories about what it's like to be an OSS maintainer in the land of LLMs. We'll also survey responses we and others have taken across the OSS community. This submission was entirely human-generated and reviewed. We don't know if that matters :).

Speakers

Tiffany Jernigan

Senior Developer Advocate, Grafana Labs

Tiffany is senior developer advocate at Grafana Labs and a CNCF Ambassador. She also formerly worked as a software developer and developer advocate at VMware, Amazon, Docker, and Intel. Prior to that, she graduated from Georgia Tech with a degree in electrical engineering. In her... Read More →

Tuesday May 19, 2026 4:20pm - 5:00pm CDT
200J (Level Two)

OSS Enabling & Management, Project Leadership

Audience Experience Level Any

4:20pm CDT

BOF: Funding Open Source Sustainably - Georg Link, CHAOSS & Terence McCutcheon, Intersect MBO

Tuesday May 19, 2026 4:20pm - 5:00pm CDT

200E (Level Two)

This birds of a feather (BOF) session is for two audiences to get together. OSS funders & members of OSS projects who are seeking funding. The goal of the BOF is to share experiences from both perspectives. To be clear, this is not a match-making session or a funding giveaway, but an exchange of experiences. The BOF facilitators will seed the discussion with insights from interviews of both audiences, also our personal experiences from implementing the funding programs of the “Paid Open Source Model” (POSM).

We’ll discuss the changing landscape of open source funding. Long-time funding programs, like the Mozilla Open Source Support (MOSS) awards closed doors. However, new funding programs are designed to align with open source values are offering new opportunities, whether it is funding from blockchain treasuries like POSM or government programs like the German Sovereign Tech Fund.

The outcome of the BOF is two fold. One, maintainers and OSS project members who are seeking funding, can better understand how to access funding. Two, OSS funders can hear directly from projects to better understand what process improvements could help with funding more effectively and efficiently.

Speakers

Georg Link

Open Source Strategist, CHAOSS

Georg’s mission is to make open source more professional by using community metrics and analytics. Georg cofounded the CHAOSS Project to advance analytics and metrics for open source project health. Georg is an active contributor to several projects and has often presents on open... Read More →

Terence McCutcheon

Open Source Program Manager, Intersect MBO

Tex is an up and coming Open Source Program Manager leading various efforts such as community-maintainer pilots, a Developer Advocate program, and increased transparency across multiple channels with a large Community. He excels at finding unconventional solutions to common problems... Read More →

Tuesday May 19, 2026 4:20pm - 5:00pm CDT
200E (Level Two)

OSS Enabling & Management, Project Leadership

Audience Experience Level Any

4:20pm CDT

NixOS for Deterministic Distributed-System Benchmarking - B. Cameron Gain, ReveCom

Tuesday May 19, 2026 4:20pm - 5:00pm CDT

200G (Level Two)

Reproducibility remains one of the largest challenges in benchmarking distributed systems, especially when hardware, kernel-level parameters and dependency versions vary between tests. This talk presents a NixOS-based approach for constructing deterministic, portable benchmark environments for large-scale data infrastructure. We show how Nix’s declarative system configuration, content-addressed builds and reproducible packaging model allow engineers to isolate performance variables.

We look at how Nix offers a much more reproducible environment when producing different applications for testing. While Docker containers isolate user-space dependencies, they remain tied to the host kernel's version and configuration.

Using Apache Cassandra as the primary case study, the talk demonstrates how NixOS can define and reproduce complete cluster environments. Attendees will learn practical patterns for packaging workloads, pinning dependencies, and generating ephemeral benchmark nodes.

The session concludes with a live demo of how we can initiate benchmark tests on Nix and then kill the entire infrastructure in just a few seconds.

Speakers

B. Cameron Gain

Analyst, ReveCom

B. Cameron Gain is co-founder and publisher of ReveCom Media.

Tuesday May 19, 2026 4:20pm - 5:00pm CDT
200G (Level Two)

Packages + Images + Containers

Audience Experience Level Intermediate

4:20pm CDT

Enhancing PX4's EKF2 Replay Module for Deterministic Integration Testing - Brian Fairservice & Kerry Snyder, KEF Robotics

Tuesday May 19, 2026 4:20pm - 5:00pm CDT

200D (Level Two)

PX4's EKF2 replay module allows developers to tune estimator performance by re-running the EKF on prerecorded logs. This is useful for EKF2 development or for testing the impact of different parameters on performance. KEF robotics has patched the replay module so that replay progress can be controlled by an external program, enabling deterministic *integration* testing. We are using this patched replay module to test the integration of PX4 with an external vision navigation system.

We will cover:
- Using the replay module to assess performance of different EKF2 parameters.
- Development and testing considerations for a visual navigation system that integrates with PX4.
- Modifying the replay module so that it can be deterministically 'stepped' in sync with an external program
- Results from integration testing with the modified replay module

The audience will get a better understanding of the replay system, technical details on modifying the replay system for integration testing, and the benefits of integration testing with regard to visual navigation development with PX4. We will also share the patch we made to the replay system.

Speakers

Brian Fairservice

Software Engineer, KEF Robotics

Brian Fairservice is currently a Software Engineer at KEF Robotics

Kerry Snyder

Co-founder, CTO, KEF Robotics

Co-founder and CTO of KEF Robotics

Tuesday May 19, 2026 4:20pm - 5:00pm CDT
200D (Level Two)

PX4 Dev Summit

Audience Experience Level Any

4:45pm CDT

Awards and Closing Ceremony - Mark Waite, Independent

Tuesday May 19, 2026 4:45pm - 4:55pm CDT

200C (Level Two)

Speakers

Mark Waite

Independent Consultant, Self-employed

Tuesday May 19, 2026 4:45pm - 4:55pm CDT
200C (Level Two)

cdCon

5:00pm CDT

LFX Mentorship Showcase

Tuesday May 19, 2026 5:00pm - 6:30pm CDT

Solutions Showcase, Ballroom A+B (Level One)

The LFX Mentorship Showcase is an opportunity for graduating mentees of the LFX Mentorship program to showcase the work they completed during their session term. This year, the showcase will be held as a dynamic poster session and demo event taking place during the Tux Trek. This interactive experience offers a unique opportunity to meet newly graduated mentees, explore their open source contributions, and engage in meaningful discussions about their work.

Whether you’re looking to recruit new talent, network with emerging developers, or learn about the latest innovations from LF mentorship projects, this showcase is the perfect place to connect. Stop by, support the next generation of open source contributors, and discover how mentorship is shaping the future of technology! The Linux Foundation’s Mentorship Program helps developers – many of whom are first-time open source contributors – gain the skills and experience necessary to contribute effectively to open source communities.

Tuesday May 19, 2026 5:00pm - 6:30pm CDT
Solutions Showcase, Ballroom A+B (Level One)

Special Events / Exhibits / Breaks

5:00pm CDT

Tux Trek

Tuesday May 19, 2026 5:00pm - 6:30pm CDT

Solutions Showcase, Ballroom A+B (Level One)

When Day 2 wraps, join us at Tux Trek to unwind with drinks and appetizers alongside fellow attendees. Visit the Solutions Showcase to connect with sponsors, explore new technologies, and keep the conversations going in a lively, collaborative atmosphere.

Tuesday May 19, 2026 5:00pm - 6:30pm CDT
Solutions Showcase, Ballroom A+B (Level One)

Special Events / Exhibits / Breaks

5:30pm CDT

Sponsor Activity - Meet CNCF’s Jonathan Bryce: Exploring the Cloud Native AI Landscape

Tuesday May 19, 2026 5:30pm - 5:40pm CDT

Solutions Showcase, Ballroom A+B (Level One)

Join Executive Director Jonathan Bryce at the CNCF booth to discuss the Cloud Native AI Landscape, discover key trends, and learn what’s next. Ask questions, gain insights, and connect directly with CNCF leadership on how AI is shaping the cloud native ecosystem.

Sponsor: Cloud Native Computing Foundation
Location: Solutions Showcase

In order to facilitate networking and business relationships at the event, you may choose to visit a third party's booth or access sponsored content. You are never required to visit third party booths or to access sponsored content. When visiting a booth or participating in sponsored activities, the third party will receive some of your registration data. This data includes your first name, last name, title, company, address, email, standard demographics questions (i.e. job function, industry), consenting to receipt and use of such data by the third-party recipients, which will be subject to their own privacy policies.

Tuesday May 19, 2026 5:30pm - 5:40pm CDT
Solutions Showcase, Ballroom A+B (Level One)

Special Events / Exhibits / Breaks