Open Source Summit + Embedded Linux Conference North America 2026: Full Schedule

May 18-20, 2026
Minneapolis, MN
View More Details & Registration
Note: The schedule is subject to change.

The Sched app allows you to build your schedule but is not a substitute for your event registration. You must be registered for Open Source Summit North America 2025 to participate in the sessions. If you have not registered but would like to join us, please go to the event registration page to purchase a registration.

This schedule is automatically displayed in Central DaylightTime (UTC -5). To see the schedule in your preferred timezone, please select from the drop-down menu to the right, above "Filter by Date."

IMPORTANT NOTE: Timing of sessions and room locations are subject to change.

9:00am CDT

Keynote: Welcome + Opening Remarks - Jim Zemlin, CEO, The Linux Foundation

Monday May 18, 2026 9:00am - 9:40am CDT

101 A-J (Level One)

Speakers

Jim Zemlin

CEO, The Linux Foundation

Jim Zemlin’s career spans three of the largest technology trends to rise over the last decade: mobile computing, cloud computing, and open source software. Today, as executive director of The Linux Foundation, he uses this experience to accelerate innovation in technology through... Read More →

Oliver George

Vice President, Strategic Partnerships, GoDaddy

Oliver George is Vice President of Strategic Partnerships at GoDaddy, where he leads global partnership and growth initiatives focused on the future of digital identity, commerce, and internet infrastructure. With more than 20 years of experience across technology, ecommerce, and... Read More →

Jim Zemlin Keynote pdf

Monday May 18, 2026 9:00am - 9:40am CDT
101 A-J (Level One)

Keynote Sessions

Slides Attached Yes

11:20am CDT

QoD-Centric NaaS Strategy: Policy-Orchestrated Multi-Access Service - Daniel Kibler, EIS Visual & Niem Dang, NHD Consulting LLC

Monday May 18, 2026 11:20am - 12:00pm CDT

200F (Level Two)

Delivering predictable, high‑quality network services in dense, multi‑access edge environments remains a central challenge for operators pursuing a Network‑as‑a‑Service (NaaS) strategy, where programmable APIs expose network capabilities as on‑demand services. Quality‑on‑Demand (QoD) APIs act as the intent interface in this model, enabling applications to request session‑level performance characteristics. QoD requires sophisticated new network control‑plane orchestration to address heterogeneous enforcement, multi‑access behavior, and session continuity issues across Wi‑Fi, private 5G, and public 5G domains.

QoD refers specifically to the CAMARA Project’s implementation, which provides standardized APIs for dynamic multi‑access orchestration, session‑level QoS enforcement, and integration with 3GPP control‑plane functions, including PCF, SMF, NEF, and NWDAF together with UE‑side ATSSS for traffic steering, switching, and splitting.

In this session, we will overview the strategic importance of QoD APIs, the global scale of the emerging NaaS domain, and detail Open Source technologies that are foundational to the industry.

Speakers

Daniel Kibler

Senior Systems Engineer and Founder, EIS Visual

Principal-level engineer and founder of EIS Visual, Daniel designs and operates large-scale distributed platforms across communications, 5G, edge networks, and high-performance compute. He bridges architecture, execution, and operations to deliver measurable business impact. A former... Read More →

Niem Dang

Founder & Principal Consultant, NHD Consulting LLC

Industry-recognized technology and thought leader with 20+ years of ground-breaking patents and accomplishments in the cable industry. Passion for delivering challenging projects through mastery of planning, strategy, technology enablement, and innovation.

QoD Centric NaaS Strategy LF OSS NA Niem Dang and Daniel Kibler Final pdf

Monday May 18, 2026 11:20am - 12:00pm CDT
200F (Level Two)

Cloud + Orchestration

Audience Experience Level Advanced
Slides Attached Yes

11:20am CDT

Building Trust in the AI Era: Agent-to-Agent Communication With DIDs and VCs - Alexander Shcherbakov, DSR Corporation

Monday May 18, 2026 11:20am - 12:00pm CDT

200E (Level Two)

As AI moves from isolated chatbots to autonomous agent ecosystems, the "identity problem" becomes a critical security bottleneck. How does an agent verify the legitimacy of a requestor before executing a sensitive task? Traditional API keys are insufficient for dynamic, decentralized agent interactions.
This session explores a cutting-edge extension to the Linux Foundation A2A protocol that leverages Decentralized Identifiers (DIDs) and Verifiable Credentials (VCs) to establish high-assurance trust and bridges the gap between Decentralized Identity standards and AI, creating a secure backbone for the next generation of agent interoperability.
We will dive into the technical design of integrating OpenID for Verifiable Presentations (OID4VP) into agent communication flows. Attendees will learn how this proposed extension moves beyond static credentials to enable granular, verifiable Authentication (AuthN) and Authorization (AuthZ) for autonomous tasks. Beyond the protocol basics, we will analyze different patterns for VC presentation—comparing interactive vs. automated flows—and evaluate diverse wallet options, ranging from cloud-based agent wallets to secure edge implementations.

Speakers

Alexander Shcherbakov

Head of Decentralized Trust Department, DSR Corporation

Ph.D. in Mathematics. Master of Applied Mathematics and Computer Science.
More than 10 years of experience in Blockchain, DLT, Decentralized Identity and SSI.
Significant contribution to open source. Maintainer and contributor of popular open-source projects.
Extensive experience sp... Read More →

A2A OID4VP OSS 2026 v1 pdf

Monday May 18, 2026 11:20am - 12:00pm CDT
200E (Level Two)

Digital Trust

Audience Experience Level Intermediate
Slides Attached Yes

11:20am CDT

From Closed To Collaborative: Lessons From Qualcomm’s Open Development Experience - Rashmi Chitrakar, Qualcomm Technologies, Inc.

Monday May 18, 2026 11:20am - 12:00pm CDT

208C+D (Level Two)

For more than 15 years, Qualcomm’s been actively involved in a range of Open Source ecosystems. Until recently, some parts of our development were handled behind closed doors, with contributions coming later and upstream enablement sometimes being limited. We tried various projects and partnerships to push things upstream sooner, but it wasn’t until lately that we truly made a complete shift.

Over the past 18 months, we’ve totally revisited our approach—moving an entire Linux product development ecosystem, with hundreds of contributors, from a private downstream setup to a full-blown Open Development model. This wasn’t just a surface change: it meant overhauling how our engineers work, syncing up our internal systems with open practices, and fundamentally changing the way our developers connect and collaborate.

In this session, we’ll share what made this transition work for us—including how we managed to weave our internal systems into Open Source workflows, encouraged developers to embrace new ways of thinking, and built scalable processes that can handle all sorts of Linux ecosystems and distributions.

Speakers

Rashmi Chitrakar

Sr Director, Engineering, Qualcomm Technologies, Inc

Rashmi Chitrakar is Sr Director of Engineering for Qualcomm's Open Source Program Office. She leads an Engineering team that develops tools for Qualcomm's Open Source Compliance and Contributions efforts. On a day-to-day basis, Rashmi juggles fostering an Engineering community that... Read More →

Closed Collaborative LinuxFoundation OSSNA2026 pdf

Monday May 18, 2026 11:20am - 12:00pm CDT
208C+D (Level Two)

Embedded Linux Conference

Audience Experience Level Intermediate
Slides Attached Yes

11:20am CDT

From Plaintext To Protected: Syslog Over TLS 1.3 in BusyBox for Embedded Routers - Tarun Kundu, Ericsson Software Technology, USA

Monday May 18, 2026 11:20am - 12:00pm CDT

208A+B (Level Two)

BusyBox is a go-to userspace stack for embedded routers, but BusyBox syslogd remote logging is often deployed without transport security—sending logs in plaintext across networks. In enterprise deployments, there exists a security and compliance gap when encrypted log transport, such as RFC 5425-style secure syslog, is expected.

This talk shares a production-driven approach: after evaluating syslog-ng/rsyslog and weighing their integration cost against embedded constraints, we added TLS 1.3 directly to BusyBox syslogd using OpenSSL APIs, reusing crypto already on the device. We’ll demo end-to-end secure logging (router → syslog server), including optional server certificate pinning to reduce MITM risk, and validate the improvement with a packet capture.

We’ll then cover embedded-specific engineering details: preserving UDP logging behavior for backwards compatibility, gating TLS behind a build-time feature flag, testing success/failure paths (handshake and pinning errors), and overnight memory monitoring of syslogd. We’ll close with upstream interest in syslog over TLS and next-step considerations.

Speakers

Tarun Kundu

Embedded Systems Engineer, Ericsson Software Technology, USA

Tarun Kundu is an Embedded Systems Engineer at Ericsson Software Technology with 21+ years of experience delivering embedded networking and cloud software. An avid learner and AI enthusiast, previously worked at Cisco, AWS, and Altran.

OSSNA Syslog over TLS in BusyBox pdf

Monday May 18, 2026 11:20am - 12:00pm CDT
208A+B (Level Two)

Embedded Linux Conference

Audience Experience Level Any
Slides Attached Yes

11:20am CDT

Demystifying VirtIO-GPU: Building a Graphics Virtualization Bridge From Scratch - Yung-Tse Cheng, National Taiwan Normal University & Sheng-Wen (Colin) Cheng, The University of Texas at Austin

Monday May 18, 2026 11:20am - 12:00pm CDT

205C+D (Level Two)

Additional Authors/Contributors: Jim Huang, Assistant Professor, National Cheng Kung University

VirtIO is the standard interface for device virtualization, enabling guest systems to access host resources and powering platforms such as QEMU and ACRN, which provide virtualized block, network, input, and graphics devices.

This talk takes an implementation-focused approach to virtio-gpu. We add virtio-gpu and virtio-input support to a minimalist RISC-V Linux emulator, building a graphics virtualization bridge from the guest framebuffer to host GPU acceleration. We examine the architectural decisions and trade-offs required to make the system function end to end.

Although VirtIO simplifies abstraction, virtio-gpu remains one of its most complex devices. Enabling 3D acceleration goes beyond the specification and requires coordination with Mesa 3D and virglrenderer, as well as compatibility with OpenGL and Vulkan. We highlight practical gaps between specification and implementation, including memory management, command submission, and synchronization.

Attendees will gain:
* A clear mental model of virtio-gpu architecture, including 2D and 3D paths
* Practical insights into integrating Mesa 3D and virglrenderer

Reference implementation: https://github.com/sysprog21/semu

Speakers

Yung-Tse Cheng

Undergraduate student, National Taiwan Normal University

Yung-Tse Cheng is an undergraduate student at National Taiwan Normal University (NTNU), Taiwan, focusing on system software and embedded systems.

He has recently contributed to the open-source RISC-V emulator semu, primarily working on a 2D-focused virtio-gpu stack and virtio-inpu... Read More →

Sheng-Wen Cheng

Graduate Student, The University of Texas at Austin

Sheng-Wen (Colin) Cheng is currently a graduate student at The University of Texas at Austin with a background in system software, robotics, and embedded systems.

He holds a master’s degree in Robotics and has conducted research on quadrotor flight control systems using nonlin... Read More →

Demystifying VirtIO GPU Building a Graphics Virtualization Bridge From Scratch pdf

Monday May 18, 2026 11:20am - 12:00pm CDT
205C+D (Level Two)

Linux

Audience Experience Level Intermediate
Slides Attached Yes

11:20am CDT

MOT: A Tool To Fight Open-washing in AI - Arnaud Le Hors, IBM

Monday May 18, 2026 11:20am - 12:00pm CDT

211A+B (Level Two)

Many models referred to as "open source" are distributed under restrictive licenses and fail to include the necessary information to actually qualify as open source. Just because a model is on HuggingFace does not mean it is open source.

Several attempts have been made to provide a definition of what "open source AI" ought to be but we now have a tool that can help: the Model Openness Tool (MOT).

The MOT was developed by the Generative AI Commons as an implementation of the Model Openness Framework (MOF) to provide model producers and consumers with a practical way to assess how open a model really is. This session will introduce attendees to the MOT and include a demo showing how it can be used along with Hugging Face and GitHub to provide greater understanding of which models are really open.

Speakers

Arnaud Le Hors

Senior Technical Staff Member, IBM

Arnaud Le Hors is Senior Technical Staff Member of Open Technologies at IBM. He has been working on standards and open source for over 30 years. Arnaud was editor of several key web specifications including HTML and DOM and was a pioneer of open source with the release of libXpm in... Read More →

MOT OSS Summit Minneapolis 2026 pdf

Monday May 18, 2026 11:20am - 12:00pm CDT
211A+B (Level Two)

Open AI & Data

Audience Experience Level Beginner
Slides Attached Yes

11:20am CDT

Kubernetes 2026: The New Operating System for AI & Apps - Mukesh Aurangabadkar, Spectrum & Udit Misra, Salesforce

Monday May 18, 2026 11:20am - 12:00pm CDT

200H (Level Two)

In 2026, Kubernetes is the engine behind every modern app and AI model you use. This beginner-friendly session breaks down "K8s" into simple concepts, showing you how it automatically runs, scales, and repairs your software so you don’t have to. We’ll explore the 2026 essentials—from how it manages AI workloads to its role in saving companies millions in cloud costs. Whether you're a developer or just curious, you'll leave knowing exactly why Kubernetes is the most important skill to have in the cloud-native era.

Speakers

Mukesh Aurangabadkar

Principal Engineer, Spectrum

Mukesh Aurangabadkar is a Principal Engineer specializing in infrastructure automation, platform modernization, and large-scale systems deployment. He has led initiatives that have transformed vendor-dependent, manual operational processes into scalable, automation-driven frameworks... Read More →

Udit Misra

Senior Member of Technical Staff, Salesforce

Udit Misra is an IEEE Senior Member and software engineer specializing in infrastructure, platform engineering, and cloud-native systems, with almost 6 years of experience at major technology organizations. His work focuses on Kubernetes, eBPF-based network observability, and AI agents... Read More →

k8s oss 2026 final 2 pptx

Monday May 18, 2026 11:20am - 12:00pm CDT
200H (Level Two)

Open Source 101

Audience Experience Level Beginner
Slides Attached Yes

11:20am CDT

Panel Discussion: OSPOs at Scale: Doing More With Less in 2026 - Ashley Wolf, GitHub; Karolyn Maynard, Comcast; Natali Vlatko, Cisco; Paulette Avolio, Ford; Rashida Toliver, Violane LLC

Monday May 18, 2026 11:20am - 12:00pm CDT

200A (Level Two)

Open Source Program Offices are maturing. What started as license compliance and governance functions have evolved into strategic enablers of security, AI adoption, developer productivity, and ecosystem engagement. At the same time, budgets are tighter and expectations are higher.

In this moderated panel, OSPO leaders from Ford, GEICO, Comcast, Cisco and GitHub will discuss how modern OSPOs are scaling impact. We’ll explore practical approaches to automation, policy design, internal enablement, and cross-functional alignment. We’ll share how OSPOs are using metrics to demonstrate value, navigating AI-era contribution models, and leveraging communities like the TODO Group to accelerate learning.

Attendees will leave with concrete examples of how enterprise OSPOs are evolving beyond compliance, how to prioritize when resources are constrained, and how to build influence across engineering, security, and leadership teams.

Whether you're starting an OSPO or leading a mature one, this session offers candid lessons from practitioners operating at scale.

Speakers

Ashley Wolf

Director, Open Source, GitHub

Ashley Wolf is the Director of Open Source Programs at GitHub. She runs initiatives and programs to empower developers to be successful with open source. She is also passionate about helping companies participate in the open source community. Prior to joining GitHub, Ashley led the... Read More →

Karolyn Maynard

Leader of the Comcast Open Source Program Office and The Comcast Dojo, Comcast

I build systems, I build people. I build trust. I build momentum,

I lead two teams at Comcast focused on engineering enablement and transformation: the Comcast Open Source Program Office, which empowers safe and scalable open source participation, and the Comcast Dojo (NPS: 76), which accelerates developer practices through immersive, outcome-driv... Read More →

Natali Vlatko

Director of Open Source Software Engineering, Cisco

Natali Vlatko (she/her) is a Director of Open Source Software Engineering at Cisco, specializing in open software, policy, and governance. She is a SIG Docs Co-Chair for Kubernetes and a member of the TODO Group Steering Committee. She plays on the fun computer in her spare time... Read More →

Paulette Avolio

Open Source Program Office Manager, Ford

I help connect people, policies and products to elevate open source community, compliance and contributions.

Rashida Toliver

Co-Founder & Security Strategist, Violane LLC

Rashida Toliver is a Security Engineer II at GEICO and Co-Founder of Violane Tech LLC. She builds data-driven vulnerability management systems, leads open-source contribution governance, and mentors emerging engineers. Through Violane Tech, she delivers data management, visualization... Read More →

OSS NA26 Slide pptx

Monday May 18, 2026 11:20am - 12:00pm CDT
200A (Level Two)

OSS Enabling & Management

Audience Experience Level Beginner
Slides Attached Yes

11:20am CDT

Proactive Governance To Build Sustainable OSS Projects - Dawn Foster, Independent

Monday May 18, 2026 11:20am - 12:00pm CDT

200J (Level Two)

We all want our open source projects to be sustainable, healthy, and successful. Good governance has a much larger impact on sustainability, health, and project success than many people realize. Being proactive about governance before something escalates into a crisis can help avoid misunderstandings and make your projects more sustainable and successful.

A lightweight governance model created at the beginning of a project can provide basic guidance about roles, expectations, and decision-making processes. As the project grows and matures, governance can be expanded over time to become more robust as the project evolves. However, good governance is about more than just defining roles and decision-making processes. It can be part of the process of building a sustainable leadership pipeline and can help to create an intentional culture that encourages participation and contributions from others.

This talk will provide details about the importance of governance, how to define project governance, using governance as a pathway to leadership, creating an intentional culture, and making project ownership (e.g., individual, organization, foundation) decisions.

Speakers

Dawn Foster

Open Source Strategy Consultant, Self-Employed

Dr. Dawn Foster is an OSS strategy consultant. She is also on the board of CHAOSS and OpenUK, and was previously a co-chair of the CNCF Contributor Strategy Technical Advisory Group. She has 20+ years of experience at companies like VMware and Intel with expertise in community, strategy... Read More →

Open Source Governance OSSNA 2026 pdf

Monday May 18, 2026 11:20am - 12:00pm CDT
200J (Level Two)

OSS Enabling & Management, Project Leadership

Audience Experience Level Any
Slides Attached Yes

1:30pm CDT

OpenBao: Horizontally Scaling Secrets Management - Alexander Scheel, ControlPlane

Monday May 18, 2026 1:30pm - 2:10pm CDT

200F (Level Two)

OpenBao is an OpenSSF project and a fork of HashiCorp Vault. It is an open-source secrets manager with support for static and dynamic secrets including identities and certificates.

The OpenBao community recently landed support for horizontal scalability, formerly a Vault Enterprise exclusive feature, in partnership between multiple organizations in the community.

This session will outline the design and development process of the feature, showcase how horizontal scalability improves performance on Kubernetes, and highlight future improvements the community is considering to offer write scalability.

Speakers

Alex Scheel

Head of OpenBao Development, ControlPlane

Alex Scheel is the Head of OpenBao Development at ControlPlane and a member of the OpenBao Technical Steering Committee. He has built a career on open source contributions, previously working at GitLab with OpenBao, at Keyfactor on Bouncy Castle, at HashiCorp on Vault, and at Canonical... Read More →

AScheel OSSNA2026 Horizontally Scaling OpenBao pdf

Monday May 18, 2026 1:30pm - 2:10pm CDT
200F (Level Two)

Cloud + Orchestration

Audience Experience Level Intermediate
Slides Attached Yes

1:30pm CDT

Debug Everything: Building a Debuginfod Backbone for Embedded Linux at Scale - Colin Pinnell McAllister & Joshua Pevehouse, Garmin

Monday May 18, 2026 1:30pm - 2:10pm CDT

208C+D (Level Two)

Embedded Linux debugging has always required difficult trade-offs. Flash storage constraints on target devices force teams to strip debug symbols from most binaries, leaving developers unable to debug critical applications without finding symbols elsewhere.

This presentation examines our transition from limited, on-target debug symbols to comprehensive debuggability across all binaries and build types. The key insight: while flash is expensive on embedded targets, centralized storage is cost-effective and scalable.

We adopted elfutils debuginfod to build enterprise-scale debug infrastructure integrated with our CI/CD pipeline. This has allowed us to host debug artifacts for every binary produced by continuous integration, enabling engineers to debug any component from any build, using standard tools like GDB, without manual symbol management.

This talk covers our journey towards using debuginfod, the architectural decisions we made that allowed debuginfod to scale, integration strategies with the Yocto build system, and the impact on engineering productivity. Attendees will gain practical insights for implementing similar solutions in their organizations.

Speakers

Joshua Pevehouse

Senior Software Engineer, Garmin

Colin McAllister

Senior Software Engineer, Garmin

Colin McAllister is a software engineer at Garmin, where he focuses on advancing the security, core infrastructure, and development tooling that power Garmin Marine’s diverse range of Embedded Linux products. His passion for embedded Linux began in 2017 while working on a telematics... Read More →

EC NA26 Debuginfod 2 pdf

Monday May 18, 2026 1:30pm - 2:10pm CDT
208C+D (Level Two)

Embedded Linux Conference

Audience Experience Level Any
Slides Attached Yes

1:30pm CDT

Do You Need GCC To Build Embedded Linux ? - Khem Raj, Comcast

Monday May 18, 2026 1:30pm - 2:10pm CDT

208A+B (Level Two)

GCC is default toolchain for Linux based systems, ever since the Linux Distributions were being put together from early days of Linux. However, there have been important developements in compiler technologies and LLVM project has come along. The LLVM infrastructure has been used to build various different compilers for different languages, Clang is the C/C++ static compiler and rust also uses LLVM. There is LLD ( LLVM Linker ) LLDB, ( LLVM Debugger ). binutils like objcopy, objdump, strip etc. are also added. C/C++ compiler runtime in compiler-rt/libc++ has matured as well. The compiler has been used to build Linux Kernel already, However, it can be used to build full Embedded Linux Systems using infrastructure like Yocto project. This talk will showcase that a Linux system can be built completely using LLVM toolchain, replacing the compiler, compiler-runtime, binutils with LLVM built tools. In addition it will also discuss the modern tooling provided with LLVM and Clang and static analyser ( clang-scan ), clang-tidy, clanf-format etc. show-casing additional tooling that can be used by developers e.g. sanitizers.

Speakers

Khem Raj

Fellow, Comcast

Khem Raj is a yocto project maintainer and long time OpenSource contributor to many projects e.g. LLVM, Glibc, Musl, OpenEmbedded etc., he has been helping several open source initiatives in industry. He is guiding the company's adoption of open source software, and becoming an active... Read More →

OSS NA26 Khem Clang pdf

Monday May 18, 2026 1:30pm - 2:10pm CDT
208A+B (Level Two)

Embedded Linux Conference

Audience Experience Level Intermediate
Slides Attached Yes

1:30pm CDT

When Your Budget Laptop Needs a Custom Kernel: A Linux Troubleshooting Adventure - Andrei Pokhilko, Komodor

Monday May 18, 2026 1:30pm - 2:10pm CDT

205C+D (Level Two)

This talk chronicles my journey of troubleshooting a Linux kernel issue on a budget Intel GeminiLake-based Chinese mini-laptop. What began as a simple hardware purchase escalated into a two-month deep dive into the i915 GPU driver when the display mysteriously went blank during initialization.

I'll walk through the systematic troubleshooting approach: isolating the issue to the i915 driver, identifying the kernel configuration options triggering the problem, and developing a practical patch that bypasses problematic GPIO pin activation sequences. Along the way, I'll share surprising discoveries about hardware compatibility, kernel development complexity, and the limitations of AI tools when facing real-world Linux challenges.

This presentation is designed for Linux enthusiasts and IT professionals curious about kernel troubleshooting. Attendees will leave with practical knowledge about GPU driver internals, confidence that such issues are solvable without specialized expertise, and inspiration to tackle their own hardware compatibility challenges.

Speakers

Andrei Pokhilko

CTO Office Dev, Komodor

Andrei is an Innovation Researcher in the CTO Office at Komodor with 20+ years of engineering experience spanning, open source leadership at CA Technologies, performance testing at Yandex, and founding Loadosophia.org. He's the creator of multiple successful open source projects including... Read More →

Linux Kernel Talk v2 pdf

Monday May 18, 2026 1:30pm - 2:10pm CDT
205C+D (Level Two)

Linux

Audience Experience Level Beginner
Slides Attached Yes

1:30pm CDT

Crawl, Walk, Run With Your MCP Servers - Lin Sun, solo.io

Monday May 18, 2026 1:30pm - 2:10pm CDT

211A+B (Level Two)

You have built your first MCP server and tested it with the MCP inspector, but it only uses stdio or streamable HTTP without HTTPS. Do you rewrite your server to add authentication and authorization, or is there a smarter way? What if you have multiple MCP servers? Can you unify them under a single virtual server without touching any of the originals? How do you deploy all of this to Kubernetes securely and reliably?

In this demo-driven session, Lin takes you from building a simple MCP server and securing it the hard way. Then she offloads authentication, authorization, and tool multiplexing to an MCP gateway. She will show how to deploy a virtual MCP server in Kubernetes and program an AI agent to call its tools, making complex setups feel effortless. By the end, you will have practical techniques to run, secure, and scale your MCP servers with confidence.

Speakers

Lin Sun

Head of Open Source, Solo.io

Lin is the Head of Open Source at Solo.io, contributing full-time to the open-source community. She serves on the CNCF Technical Oversight Committee (TOC), is a CNCF Ambassador, and is a maintainer for Istio, kgateway, and kagent. An international speaker at tech conferences, Lin... Read More →

Slides Crawl Walk Run With Your MCP Servers pdf

Monday May 18, 2026 1:30pm - 2:10pm CDT
211A+B (Level Two)

Open AI & Data

Audience Experience Level Beginner
Slides Attached Yes

1:30pm CDT

Next Steps in Multi-agent Systems - Deborah Dahl, Conversational Technologies

Monday May 18, 2026 1:30pm - 2:10pm CDT

200B (Level Two)

Special-purpose agentic systems can access proprietary enterprise information or private user information, such as financial, health, or employment data, that isn’t available to large public LLMs. But, by their nature, specialized agents are limited to specialized knowledge. However, more complex applications can be composed of several collaborating agents, each with a specific expertise.
Manual integration of information from several agents by users is possible, but time-consuming and clumsy, and the agents wouldn’t benefit from each other’s knowledge. A better approach would be for agents to converse directly with each other. A standard messaging protocol would enable independent agents to converse and collaborate on tasks.
This presentation will outline two protocols that enable multi-agent systems to collaborate. The first is the Linux Foundation’s Agent-to-Agent protocol, and the second is the Linux Foundation AI & Data Open Voice Interoperability Initiative’s Open Floor Protocol. We will describe each protocol and explain how they complement one another with demonstrations of collaborating agents.

Speakers

Deborah Dahl

Principal, Conversational Technologies

Deborah Dahl works on innovative, practical and scalable conversational systems that push the boundary between theory and applications. She is the Principal of Conversational Technologies, which assists its clients in creating state of the art solutions using speech and natural language... Read More →

ossna26OFP pdf

Monday May 18, 2026 1:30pm - 2:10pm CDT
200B (Level Two)

Open AI & Data

Audience Experience Level Any
Slides Attached Yes

1:30pm CDT

Sponsored Session: When Your AI Agent Has Keys to Production: Governance Patterns for Autonomous Development - Nicky Pike, Coder

Monday May 18, 2026 1:30pm - 2:10pm CDT

200I (Level Two)

Your AI agents can read your code, call external APIs, and hold credentials to production. Your security controls assume they're either a human or a deterministic app. They're neither.

I'll walk through the patterns enterprise teams are actually using to deploy coding agents without getting burned: workspace isolation, network egress controls, model gateways, and credentials that die when the workspace dies.
Real incidents. Real deployments. No hand-waving about what might work someday.

**In order to facilitate networking and business relationships at the event, you may choose to visit a third party’s booth or access sponsored content. You are never required to visit third party booths or to access sponsored content. When visiting a booth or participating in sponsored activities, the third party will receive some of your registration data. This data includes your first name, last name, title, company, address, email, standard demographics questions (i.e. job function, industry), and details about the sponsored content or resources you interacted with. If you choose to interact with a booth or access sponsored content, you are explicitly consenting to receipt and use of such data by the third-party recipients, which will be subject to their own privacy policies.**

Speakers

Nicky Pike

Field CTO, Coder

Nicky Pike is the Americas Field CTO at Coder after spending 20+ years making developers' lives easier at some of tech's biggest names. From launching Xbox Live to rebuilding how CVS Health develops software, he's helped shape developer productivity and team experiences at Microsoft... Read More →

oss summit ai keys production upload pdf

Monday May 18, 2026 1:30pm - 2:10pm CDT
200I (Level Two)

Open AI & Data

Slides Attached Yes

1:30pm CDT

Being a Maintainer in the Age of LLM Mania - Kevin Hannon, Red Hat

Monday May 18, 2026 1:30pm - 2:10pm CDT

200H (Level Two)

AI is all around us. In this talk, I will discuss ways maintainers can also leverage AI to combat AI slop, improve maintainer experience and avoid burnout. I will mention my experience on using AI to aide in development of Kubernetes features, maintaining testing environments and providing a good experience for users of AI assistants.

AI, for better or worse, is here to stay and maintainers should embrace the tools to aide development. In this talk, I will highlight using AI pull request review tools, creating AGENTS.md to streamline dev experience of using tools, leveraging the tools to do those cleanups you know are needed but nobody wants to do and mention ways your project can better support AI tooling.

Speakers

Kevin Hannon

Senior Software Engineer, Red Hat

Kevin Hannon is focused on improving AI/ML experience on Kubernetes. He started his career as a computational scientist and has always been interested in large scale batch jobs. He is motivated to improve Kubernetes in this area to benefit various use cases that are underserved by... Read More →

Maintainer in age of LLM pdf

Monday May 18, 2026 1:30pm - 2:10pm CDT
200H (Level Two)

Open Source 101

Audience Experience Level Beginner
Slides Attached Yes

1:30pm CDT

EOL, Relicensing, Forks: A Cautionary Tale of CVEs - Bridget Kromhout & Lachlan Evenson, Microsoft

Monday May 18, 2026 1:30pm - 2:10pm CDT

200J (Level Two)

Project X goes EOL at the end of this sentence; good luck with the CVEs. Project Y has a new license meaning you can’t use it anymore; what do you mean, your team built something important on it? Project Z works great but you built a new feature in your fork, and now you can’t take the upstream patches. Half of your open source environments may have a dependency on some now-defunct project, and now everyone’s scrambling for solutions.

Join experienced open source maintainers to discuss what warning signs can help prevent abrupt retirement or relicensing from taking your end users by surprise. We’ll outline the ways you can get visibility into your software supply chain and become active in the upstreams that matter most for your needs, ensuring that you’re in control of your own destiny no matter what storm of alphabet soup comes your way.

Speakers

Bridget Kromhout

Principal Product Manager, Microsoft

Bridget Kromhout is a Principal Product Manager at Microsoft Azure, focusing on the open source cloud native ecosystem.

Lachlan Evenson

Principal Product Manager - Azure Cloud Native Ecosystem, Microsoft

Lachlan is a Principal Product Manager on the Azure Cloud Native Ecosystem team. Lachlan has served in many different roles in the cloud native community including cloud native ambassador, Kubernetes steering committee and release lead, and has deep operational knowledge of many cloud... Read More →

A Cautionary Tale of CVEs pdf

Monday May 18, 2026 1:30pm - 2:10pm CDT
200J (Level Two)

OSS Enabling & Management, Project Leadership

Audience Experience Level Intermediate
Slides Attached Yes

1:30pm CDT

Strategic Approach To Demonstrating the Value of OSS Efforts - Dawn Foster, Independent

Monday May 18, 2026 1:30pm - 2:10pm CDT

200A (Level Two)

We’ve probably all had company leadership question the value of our OSS efforts. It can be difficult to frame the value in ways that resonate with leadership and clearly articulate the organizational benefits gained through continued OSS contributions. Taking a strategic approach that connects the OSS work with the broader goals and objectives of the organization can demonstrate the value of this work so that the organization can continue to allocate resources to the OSPO or other OSS teams.

Using examples from my decades of experience in OSS, this talk will provide details about how to demonstrate value by focusing on how your OSS work helps the organization achieve their strategies and goals. Every organization has unique needs and goals based on what they are trying to achieve, so there is no “one size fits all” way of demonstrating value, but aligning your OSS strategy with your organization’s goals and focusing on the most strategic projects can help show the value of your efforts. This talk will help you reason about how OSS efforts allow your organization to achieve its goals along with framing and communicating that value in ways that resonate with your leadership team.

Speakers

Dawn Foster

Open Source Strategy Consultant, Self-Employed

Demonstrating Value OSSNA 2026 pdf

Monday May 18, 2026 1:30pm - 2:10pm CDT
200A (Level Two)

OSS Enabling & Management, Operations Management & OSPOs

Audience Experience Level Intermediate
Slides Attached Yes

1:30pm CDT

Turning the Ignition on Safety: Zephyr RTOS in Automotive Compliance - Saravanan Sekar, Linumiz

Monday May 18, 2026 1:30pm - 2:10pm CDT

200D (Level Two)

Embedded Automotive RTOS (Real-Time Operating Systems) must meet stringent requirements for safety, reliability, and security, primarily governed by the ISO 26262 standard, which details ASIL (Automotive Safety Integrity Level) requirements.

This talk covers the Zephyr RTOS complies with key functional needs, including minimal latency, high determinism, efficient memory management, and robust multitasking capabilities to handle critical tasks. Currently, the project is actively moving toward greater alignment with the needs of the automotive industry, with specific plans outlined.

Speakers

Saravanan Sekar

Software Engineer, Linumiz

Saravanan graduated in Electrical Engineering and working as Software Engineer at Linumiz. Over the past 13 years his focus is primarily on Embedded Linux, RTOS in DVB, IoT and Automotive domain. His work involves to provide Mainline Linux Kernel and related projects to run on customer... Read More →

Zephyr RTOS in Automotive Compliance pdf

Monday May 18, 2026 1:30pm - 2:10pm CDT
200D (Level Two)

Zephyr

Audience Experience Level Beginner
Slides Attached Yes

1:45pm CDT

OpenSSH + FIDO Workshop - Dennis Hills & Alan Alvarez, Yubico

Monday May 18, 2026 1:45pm - 3:05pm CDT

200E (Level Two)

OpenSSH has built-in support for FIDO security keys since version 8.2 (released in 2020). This means you can protect your SSH private keys using security keys, similar to how this can be done with OpenPGP smart cards and cryptographic tokens that support PKCS#11.

Although such devices all allow you to protect your private keys using cryptographic hardware, the benefits on using FIDO include:

- FIDO is easier to use, especially for beginners
- security keys can be used on the web as well to store passkeys
- no need for vendor-specific software (like PKCS#11 modules)
- security keys are inexpensive
- FIDO features device attestation, which lets you cryptographically prove you are using a specific security key make and model.

In this talk, we will give a short introduction to FIDO security keys, and provide several demos of the use of security keys with OpenSSH, such as signing arbitrary data, authenticating to remote systems, and using key attestation.

The talk consists of a number of demos that participants can follow along on their system. Participants can bring their own security key (any vendor will do). If they do not own a security key one will be provided to them.

IMPORTANT NOTES
In this hands-on workshop, you will use FIDO security keys with OpenSSH for authentication, signing and attestation. To maximize our time together, please have the following set up before the session:

Prerequisites: Participants should bring a laptop and a FIDO2 security key (we'll have some available at the session). Please have the following installed:OpenSSH 8.2+ (8.9+ preferred). Check with ssh -V Git 2.34+. Check with git --version Python 3.10+. Check with python3 -V Docker Desktop: https://www.docker.com/products/docker-desktop/ libfido2: https://developers.yubico.com/libfido2/ A GitHub account

To save time during the workshop, please also run:docker pull ubuntu:latest git clone https://github.com/YubicoLabs/fido-openssh-workshop.git

macOS users: the built-in OpenSSH may not support FIDO security keys. Install via Homebrew: brew install openssh libfido2

Speakers

Dennis Hills

Sr. Solutions Architect, Yubico

Dennis Hills is a Sr. Solutions Architect for Yubico and a University of Washington graduate in Computing Software & Systems.

He has two decades of web service experience ranging from client support and networking to software open source development across various platforms and la... Read More →

Alan Alvarez

Developer Advocate, Yubico

Alan Alvarez is a Developer Advocate at Yubico, specializing in WebAuthn, passkeys, and phishing-resistant authentication. Previously, he worked as a software engineer across multiple industries, building and maintaining cloud-based services and DevOps workflows. Alan’s work sits... Read More →

OpenSSH + FIDO workshop 2026 Final pdf

Monday May 18, 2026 1:45pm - 3:05pm CDT
200E (Level Two)

Digital Trust

Audience Experience Level Beginner
Slides Attached Yes

2:15pm CDT

Lightning Talk: CI/CD Cybersecurity Guide - Open Source Tools to Improve DevOps Security - Kate Scarcella, Independent

Monday May 18, 2026 2:15pm - 2:25pm CDT

200C (Level Two)

Speakers

Kate Scarcella

Cybersecurity Architect, Independent

Kate Scarcella is a seasoned cybersecurity leader with over two decades of experience driving innovation and building cyber resilience. At IBM, she served on the Security Board of Advisors, where she guided Fortune 50 enterprises on strengthening their cybersecurity postures.

Kat... Read More →

Who let the AI Dogs Out? pdf

Monday May 18, 2026 2:15pm - 2:25pm CDT
200C (Level Two)

cdCon

Slides Attached Yes

2:25pm CDT

Lightning Talk: Alcoholless: Lightweight Security Sandbox for Homebrew, AI Agents, Etc. - Akihiro Suda, NTT

Monday May 18, 2026 2:25pm - 2:35pm CDT

200G (Level Two)

This presentation introduces "Alcoholless" Homebrew, which protects macOS hosts from potential malicious Homebrew packages by running Homebrew with a separate user account. A command running with this tool is only allowed to read and write its current directory.

While Alcoholless puts focus on Homebrew, it is also applicable to other package managers such as `pip install`, `npm install`, and `go install`. Aside from package management, it is even useful for running AI coding agents that may potentially execute harmful commands.

Alcoholless is also an attempt to reexamine the necessity of Linux-style containers that emerged in this century. It just utilizes 1990s' commands (`su`, `sudo`, `rsync`) and the macOS equivalent of `useradd` to implement container-like environments, without extending the XNU kernel to support Linux-style container syscalls.

Repository: https://github.com/AkihiroSuda/alcless

Speakers

Akihiro Suda

Distinguished Software Engineer, NTT

Akihiro Suda is a software engineer at NTT Corporation. He has been a maintainer of Moby (dockerd), BuildKit, containerd, runc, etc. He is also a founder of nerdctl and Lima (CNCF project).

20260518 [OSSNA] Alcoholless Lightweight security sandbox for Homebrew, AI agents, etc. pdf

Monday May 18, 2026 2:25pm - 2:35pm CDT
200G (Level Two)

Packages + Images + Containers

Audience Experience Level Beginner
Slides Attached Yes

2:25pm CDT

Troubleshooting Like a Senior on Day 1: ReAct Agents With Real-Time Cluster Evidence - Bohyun Choi, UCLIX; Woobin Hwang, NEOWIZ Partners; TaeJi Kim, Bungaejangter Inc

Monday May 18, 2026 2:25pm - 3:05pm CDT

200F (Level Two)

If a production incident hits on your first day, can you debug it? Or if you are a senior engineer, do you find it impossible to download your years of debugging intuition into a new hire’s head?
Kubernetes troubleshooting often depends on undocumented decision paths: where to look first, which signals to trust, and how to turn a sea of logs into a testable hypothesis.

In this talk, we introduce KUBE-RCA, an open-source incident assistant that plugs into your preferred external LLM and provides real-time cluster evidence (metrics, logs, events) as structured context. Using a ReAct loop, the agent proposes hypotheses, runs an allowlisted set of read-only commands/queries, ties each claim back to evidence, and publishes a concise RCA draft directly to your team channel.

We’ll share the design decisions behind our guardrailed execution loop and how we encode SRE intuition into prompts and checks. You’ll walk away with an understanding of how to make incident response more systematic. So engineers of any tenure can resolve issues faster, with less senior interruption.

Speakers

Bohyun Choi

NVIDIA SW Engineer, UCLIX

Bohyun Choi builds Kubernetes platforms for GPU/AI workloads and NVIDIA orchestration. She architects and operates scalable GPU clusters on Kubernetes and focuses on production reliability and incident response.

She holds four CNCF Kubernetes certifications and is developing kube-rca, an open-source, guardrailed LLM-assisted tool that produces evidence-backed incident triage and RCA drafts from live cluster signals... Read More →

Woobin Hwang

DevOps Engineer, NEOWIZ Partners

DevOps for Web3 (Blockchain Validator Node Operator | DeFi Infra Operator)

"Engineering mission-critical validator node in zero-trust environments. Designing and operating 24/7 high-availability infrastructure for global DeFi protocols within the Web3 ecosystem."

TaeJi Kim

DevSecOps Engineer, Bungaejangter Inc.

DevSecOps Engineer at Bungaejangter Inc. and team lead of KUBE-RCA, an open-source Kubernetes incident assistant that pairs ReAct-based LLM agents with real-time cluster evidence for automated root cause analysis. Leads the project's architecture and guardrailed execution design to... Read More →

OSS NA26 KubeRCA pdf

Monday May 18, 2026 2:25pm - 3:05pm CDT
200F (Level Two)

Cloud + Orchestration

Audience Experience Level Intermediate
Slides Attached Yes

2:25pm CDT

Building Virtual Drivers With RPMsg: Key Design Principles, Challenges & Trade-offs - Beleswar Prasad Padhi, Texas Instruments

Monday May 18, 2026 2:25pm - 3:05pm CDT

208A+B (Level Two)

Modern heterogeneous SoCs often integrate multiple remote processors (rprocs) that control peripherals for safety purposes, alongside a general-purpose processor running a HLOS like Linux. In automotive systems, these peripherals still need to be shared with Linux for complex use cases like Ethernet traffic sharing, coordinating multiple display pipelines. The Remote Processor Messaging (RPMsg) framework in Linux enables this model by providing an efficient IPC mechanism, allowing devices owned by rprocs to be exposed to Linux as standard devices through virtual kernel drivers built on top of RPMsg. With the growing adoption of this approach, interfaces like rpmsg-gpio, rpmsg-i2c, rpmsg-net are becoming increasingly common.

Using the upstreamed rpmsg-tty driver as an example, this talk presents:
1. The key design principles for building virtual drivers with RPMsg, covering topics like channel & endpoint management(static vs dynamic), synchronization.
2. A comparative study of RPMsg-based solutions with its VirtIO alternative, highlighting trade-offs in latency, resources and use case suitability.
3. Challenges, upstreaming lessons, common pitfalls and scope for future improvement.

Speakers

Beleswar Prasad Padhi

Senior Software Engineer at Texas Instruments, Texas Instruments

Beleswar is a Senior Software Engineer at Texas Instruments, actively working on Upstream Linux Kernel and U-Boot. His work mainly focuses on Remoteproc, RPMsg, Mailbox, Virtio subsystems, as well as boot-time optimizations. He was listed among the top contributors for Linux 6.18... Read More →

OSS NA VIRTUAL DRIVERS WITH RPMSG pptx

Monday May 18, 2026 2:25pm - 3:05pm CDT
208A+B (Level Two)

Embedded Linux Conference

Audience Experience Level Any
Slides Attached Yes

2:25pm CDT

Lessons Learned in Embedded Linux Streaming - Tokunbo Quaye, Intelligent Product Solutions

Monday May 18, 2026 2:25pm - 3:05pm CDT

208C+D (Level Two)

In this session, I’ll share practical lessons learned while architecting, building, and supporting a production media system running on custom hardware using open source systems :

Yocto for a customized OS;
GStreamer for media pipelines;
PulseAudio for audio routing;
BlueZ for Bluetooth integration;

This session is relevant because while projects like Yocto, GStreamer, PulseAudio, and BlueZ are powerful individually, integrating them into a production-ready system on custom hardware exposes complexities rarely covered in documentation. Sharing hard-earned lessons helps the ecosystem build more reliable open systems.

Main Points:
- System Overview : Hardware Constraints
- Yocto Custom OS Tradeoffs : Layer Strategy, Packet Selections, Reproducible Builds, Field Updates and Support
- Gstreamer : Pipeline design patterns, Handling dynamic audio devices
- PulseAudio & Bluez Integration
- Field Support and Long Term Maintenance : Logging Strategy; Remote Diagnostics, Managing Updates

Attendees will walk away with concrete integration patterns, design considerations for long-term maintainability, and insights that help when building real-world media systems on embedded Linux.

Speakers

Tokunbo Quaye

Principal Software Engineer, Intelligent Product Solutions

I am a seasoned Software Architect and Engineer with over 20 years of experience in all phases of software development and team technical leadership. My passion lies in designing and delivering high performance, robust, maintainable and scalable software applications that drive business... Read More →

EmbeddedLinuxMediaTalk pdf

Monday May 18, 2026 2:25pm - 3:05pm CDT
208C+D (Level Two)

Embedded Linux Conference

Audience Experience Level Any
Slides Attached Yes

2:25pm CDT

Booting Up: A Fresh Look at the Modern Init - Antra Purohit & Hemant Bharadwaj, Microsoft

Monday May 18, 2026 2:25pm - 3:05pm CDT

205C+D (Level Two)

For many, systemd is the mysterious engine under the hood of nearly every modern Linux distribution. We use it daily—restarting services and checking logs—but how much do we actually know about how it manages our systems? If your relationship with systemctl begins and ends with copy-pasting commands from Stack Overflow, it’s time to look deeper.

This session is a practical, beginner-friendly deep dive into the most widely adopted (and debated) init system in the open-source world. We will move beyond the "init" label to explore systemd as a comprehensive suite of management tools.

Key takeaways include:

The Unit Hierarchy: Understanding .service, .timer, and .mount files.

The Boot Process: How "Targets" replace traditional runlevels.

Hands-on Management: Mastering systemctl for lifecycle management and journalctl for lightning-fast debugging.

DIY Services: A step-by-step guide to writing your first unit file from scratch.

Whether you are a developer looking to containerize applications or a new sysadmin navigating the CLI, this talk will provide the foundational knowledge needed to stop fearing the daemon and start commanding it.

Speakers

Antra Purohit

Software Engineer, Microsoft

Antra Purohit is a software engineer working on Linux‑based cloud and embedded platforms. She works on Yocto‑based systems and cloud infrastructure, translating open‑source technologies into reliable, production‑ready solutions.

Hemant Bharadwaj

Senior Site Reliability Engineer at Microsoft, Microsoft

Hemant Bharadwaj is a Senior Site Reliability Engineer working on large-scale Linux infrastructure. He focuses on observability, incident response, debugging, and automation across distributed systems. His work centers on turning operational pain points into repeatable, open, and... Read More →

oss na 2026 antra systemd pdf

Monday May 18, 2026 2:25pm - 3:05pm CDT
205C+D (Level Two)

Linux

Audience Experience Level Beginner
Slides Attached Yes

2:25pm CDT

Automating MCP Server Testing: Engineering Reliability for Agentic Systems - Neethu Elizabeth Simon, Arm

Monday May 18, 2026 2:25pm - 3:05pm CDT

200B (Level Two)

AI agents don’t fail like traditional software. They don’t just throw exceptions, they drift. They misinterpret tools, invoke the wrong functions or behave differently across environments. When deploying Arm’s Open Source custom MCP server to power AI assistants for architecture development, migration, and optimization, we faced a critical question: how do we test a system built for nondeterministic interaction? In this talk, I’ll share how we moved from manual validation to a repeatable, CI-enforced testing strategy using Pytest and Testcontainers. We spin up real MCP server in Docker during tests, validating tool discovery, invocation, and protocol compliance end-to-end.
This isn’t about mocking LLM output. It’s about testing the contract between agents and tools. The key insight: treat your MCP server like production infrastructure, not experimental glue code. Because “it worked on my machine” is not a deployment strategy.
Session takeaways:
• A demo of Arm’s Open Source MCP server(github.com/arm/mcp)
• Why unit tests are insufficient for agent-facing systems
• How we run MCP server inside containerized test environments
• How GitHub Actions automate CI integration testing

Speakers

Neethu Elizabeth Simon

Staff Solution Architect, Arm Ltd

Neethu Elizabeth Simon, Staff Solution Architect, Arm (previously at Intel Corporation), with vast industrial experience(10+ ys) in building AI/ML/IoT-based solutions across retail, industrial & healthcare domains for external customers and open-source developer communities. She is... Read More →

NES OSS NA26 pdf

Monday May 18, 2026 2:25pm - 3:05pm CDT
200B (Level Two)

Open AI & Data

Audience Experience Level Intermediate
Slides Attached Yes

2:25pm CDT

The $300 Enterprise Lab: Democratizing Infrastructure Skills With Raspberry Pis & AI Agents - Derek Bowdle, RTX & Cameron Khorsandi, SAP

Monday May 18, 2026 2:25pm - 3:05pm CDT

200H (Level Two)

Learning to architect robust cloud infrastructure often comes with high barriers: expensive monthly cloud bills and a lack of access to senior mentorship. How can we train the next generation of SREs and Platform Engineers without financial gatekeeping? This session explores a novel pedagogical approach: combining the physicality of a Raspberry Pi "Micro-Data Center" with the instructional power of AI coding assistants.

We will demonstrate how to use low-cost edge hardware to make abstract concepts (clustering, database sharding, and network security) physically tangible. We will then show how to utilize LLM-based chatbots to act as real-time "Senior Architects," guiding learners through complex configuration and troubleshooting tasks that usually require years of experience to master.

Attendees will leave with:

- A blueprint for building a low-cost, enterprise-grade learning lab.

- Strategies for using AI agents to accelerate learning in Kubernetes, networking, and security.

- A method to simulate "Catastrophic Failure" (e.g., pulling a plug) to learn resilience safely.

Speakers

Cameron Khorsandi

Business Development Expert, SAP

Cameron Khorsandi is a Business Development expert at the Office of the CTO at SAP. He specializes in working with Fortune 500 executives to bridge the gap between advanced AI and Machine Learning technologies and real-world business applications. A technologist at heart, Cameron... Read More →

Derek Bowdle

Senior Machine Learning Engineer, RTX

: Derek Bowdle is a Senior Machine Learning Engineer at RTX and a former math educator. He combines deep technical expertise in Kubernetes and AI with a passion for accessible learning. At RTX, he architects digital threads and predictive models; off the clock, he pushes the limits... Read More →

300 enterprise lab.pptx pdf

Monday May 18, 2026 2:25pm - 3:05pm CDT
200H (Level Two)

Open Source 101

Audience Experience Level Any
Slides Attached Yes

2:25pm CDT

From Pre‑Silicon To Production: Firmware Development on Zephyr - Dev Bhaveshbhai Joshi, Qualcomm Technologies Inc.

Monday May 18, 2026 2:25pm - 3:05pm CDT

200D (Level Two)

When our production power‑management IC (PMIC) firmware moved to Zephyr, it opened the door for us to streamline our development and validation workflow. Our production firmware used a proprietary RTOS, which required maintaining a separate codebase for pre-silicon validation. By standardizing on Zephyr, an RTOS supported across hundreds of MCUs, we were able to use single application codebase across the entire development flow.

In this talk, I’ll describe how we built a Zephyr‑based pre-silicon PMIC testing platform, enabling the same application to run on both the production as well as pre‑silicon hardware running on a completely different SoC (Raspberry Pi Pico) and a custom evaluation kit. I will briefly outline the software architecture: the application running on Zephyr with board configuration defined through device tree and Kconfig. I will also cover the hardware architecture that connects the Pico to the PMIC evaluation kit, and the Twister‑based Hardware-in-loop tests we incorporated for validation.

I’ll close by highlighting how Zephyr’s broad hardware support and tooling helped simplify our workflow and reduce duplicate effort across multiple platforms.

Speakers

Dev Joshi

Embedded Software Engineer, Qualcomm Technologies Inc.

With a Master of Science in EE from the University of California, Riverside, I contribute to Qualcomm as an Embedded Software Engineer specializing in PMIC software and USB Type-C/PD development. My work focuses on crafting robust Battery Management software for mobile and compute... Read More →

from presilicon to production ossna 2026 presentation pdf

Monday May 18, 2026 2:25pm - 3:05pm CDT
200D (Level Two)

Zephyr

Audience Experience Level Any
Slides Attached Yes

2:30pm CDT

Keynote: AI in CI/CD Without the Hype: Practical Patterns for Platform Engineers - Jennifer Mulford, Okta

Monday May 18, 2026 2:30pm - 3:00pm CDT

200C (Level Two)

AI is being discussed as the next evolution of CI/CD, but much of that conversation skips over the realities faced by platform and infrastructure teams responsible for reliability, security, and trust. In practice, introducing AI into pipelines requires restraint, clear boundaries, and a strong understanding of where AI use helps and where it creates risk.
This talk focuses on practical, open-source approaches to using AI in CI/CD pipelines today. We’ll explore patterns where AI acts as a copilot: summarizing pull requests, generating test suggestions, helping engineers interpret CI failures, and enriching security signals while keeping humans firmly in control of decisions.
The session will also cover security concerns, prompt injection risks, secrets exposure, and the importance of treating AI output as untrusted input. We’ll discuss guardrails that help teams experiment safely, such as read-only workflows, explicit review steps, and self-hosted or open-source tooling that avoids sending proprietary code to third-party services.
Attendees will leave with a clear mental model for evaluating AI use cases in their own pipelines and an understanding of the tradeoffs involved.

Speakers

Jennifer Mulford

Senior Platform Security Engineer, Okta

Jennifer Mulford is a Senior Platform Security Engineer with 8+ years in DevOps and security, holding certifications including CISSP, CKA, Security+, CEH, and AWS certifications. She focuses on practical, real-world security engineering and automation.

cdCon Keynote AI in CI CD pptx

Monday May 18, 2026 2:30pm - 3:00pm CDT
200C (Level Two)

cdCon

Audience Experience Level Any
Slides Attached Yes

2:55pm CDT

Lightning Talk: Artifacts That Explain Themselves: Build Metadata in Practice - Socheat Sou & Prajakta Kashalkar-Joshi, IBM

Monday May 18, 2026 2:55pm - 3:05pm CDT

200G (Level Two)

It's common practice to include the Git commit hash in a container image label to serve as a reference, but are you using container labels (and artifact metadata) to their full potential? By embedding metadata into your artifacts you expand your GitOps capabilities. Implement a simple build-cache-like mechanism when building your artifacts, generate robust changelogs across your multi-repo product, or provide better transparency to your security team for their audits and reports. It's even possible to perform Git Bisect-like problem determination between built images. While this talk will explore real-world examples using container images as portable sources of truth, these concepts can be applied anywhere it's possible to add additional metadata to built artifacts.

Speakers

Socheat Sou

Senior Software Engineer, IBM

Socheat Sou is an experienced software engineer with nearly 25 years across test, development, and DevOps, with the last 18 at IBM. He has led the design and implementation of CI/CD pipelines and release processes at scale across global teams. He's often the person brought in when... Read More →

Prajakta Kashalkar-Joshi

Senior technical Staff Member, IBM

Prajakta is a DevSecOps Architect at IBM with 20+ years of experience. A DevOps practitioner since 2010, she leads secure CI/CD pipeline development and mentors aspiring DevSecOps professionals. Passionate about advancing women in tech, she supports various inclusion initiatives... Read More →

Artifacts Metadata OSS NA26 pptx

Monday May 18, 2026 2:55pm - 3:05pm CDT
200G (Level Two)

Packages + Images + Containers

Audience Experience Level Any
Slides Attached Yes

3:35pm CDT

Engineering Quality in a Fast-Moving Open Source Project: WPE WebKit - Mario Sanchez-Prada, Igalia

Monday May 18, 2026 3:35pm - 4:15pm CDT

208C+D (Level Two)

Building an embedded product on top of a large Open Source codebase like WPE WebKit is only the first step. The real challenge is keeping its quality stable as thousands of lines evolve and hundreds of changes land every week across multiple platforms.

In such an environment, errors and regressions are inevitable. What matters is detecting them quickly, understanding their impact, and reacting before they propagate further. This talk focuses on the engineering work that makes this possible, an effort that is essential yet often invisible.

Using WPE WebKit as a case study, we will explore how quality becomes a continuous engineering effort rather than a final validation phase and how CI and QA infrastructure, testing strategies, and processes (e.g. stabilization windows) sustain upstream development while supporting downstream deployments. We will show how these feedback loops reinforce each other and why aligning upstream and downstream processes is critical to keep quality stable over time.

This talk targets engineers, maintainers, and technical leaders working on large Open Source projects, as well as teams building products on top of them who need to sustain quality at scale.

Speakers

Mario Sanchez-Prada

Software Engineer and WebKit Team coordinator at Igalia, Igalia

Software engineer and partner at Igalia with 18+ years of experience working on the development of Linux-based Operating Systems, the GNOME platform, Web engines (i.e. WebKit, Blink) and Web browsers (Epiphany, Chromium).

Past experience includes work on the Maemo project, Litl... Read More →

20260518 EngineeringQualityInWPEWebKit pdf

Monday May 18, 2026 3:35pm - 4:15pm CDT
208C+D (Level Two)

Embedded Linux Conference

Audience Experience Level Any
Slides Attached Yes

3:35pm CDT

Status of Linux Boot-time Work - Tim Bird, Sony Electronics

Monday May 18, 2026 3:35pm - 4:15pm CDT

208A+B (Level Two)

In this talk, Tim will describe the status of work to reduce boot-time for Linux systems. This include work by the Boot-Time Special Interest Group (SIG), as well as others in the Linux ecosystem. We will cover patches that have gone upstream to the Linux kernel and to systemd in the past year, their potential boot-time savings, and how to use them in your own projects. Patches in progress will also be discussed. Tim will summarize recent boot-time talks from other events (particularly Linux Plumbers Conference), highlighting some of the techniques that were described. Finally, Tim will present his own work to build a boot-time wizard program, to help developers find boot-time bottlenecks and areas where boot speed can be improved.

Speakers

Tim Bird

Principal Software Engineer, Sony Electronics

Tim Bird is a Principal Software Engineer for Sony Corporation, where he helps Sony use Linux and other open source software in their products. Tim is the organizer of the Linux Boot-Time Special Interest Group, a contributor to the Linux kernel, and is involved with numerous Linux... Read More →

Boot Time Status Bird ELC 2026 v2 pdf

Monday May 18, 2026 3:35pm - 4:15pm CDT
208A+B (Level Two)

Embedded Linux Conference

Audience Experience Level Intermediate
Slides Attached Yes

3:35pm CDT

KernelScript: Unifying EBPF, Userspace, and Kernel Extensions in One Language - Cong Wang, Multikernel Technologies

Monday May 18, 2026 3:35pm - 4:15pm CDT

205C+D (Level Two)

eBPF has made Linux highly extensible, but production eBPF systems remain fragmented and complex. Developers must write raw C for eBPF, separate userspace loaders, manage BTF compatibility, handle tail calls, dynptr APIs, and sometimes build kernel modules for kfunc support, all across different build systems.

KernelScript is a domain-specific open-source programming language that unifies eBPF, userspace, and kernel extension development in a single, type-safe source file. It introduces multi-target compilation, automatic tail-call orchestration, transparent map and dynptr handling, lifecycle-safe program loading/attaching, and built-in kfunc support that generates kernel module scaffolding automatically.

This talk presents the language design, verifier-aware type system, and compiler architecture behind KernelScript, along with real examples combining XDP, TC, probes, userspace coordination, and custom kernel functions.

KernelScript explores a broader question: what should the next generation of Linux extensibility tooling look like?

Speakers

Cong Wang

Founder and CEO, Multikernel Technologies

Cong Wang is a professional Linux kernel developer mainly focuses on Linux networking and eBPF, he is also a Linux kernel maintainer for the networking traffic control subsystem. He has contributed over 1000 patches to the Linux kernel project.

kernelscript oss pdf

Monday May 18, 2026 3:35pm - 4:15pm CDT
205C+D (Level Two)

Linux

Audience Experience Level Intermediate
Slides Attached Yes

3:35pm CDT

Kubernetes Cluster Creation Landscape - The Easy and the Hard Ways - Wendy Ha, SEEK

Monday May 18, 2026 3:35pm - 4:15pm CDT

200H (Level Two)

As a Kubernetes user, have you ever wondered how clusters from different vendors and distributions remain consistent? Whether running in the cloud or on-premises, workloads behave the same way without modification, and applications can move between platforms without being rewritten. This consistency is made possible by the Certified Kubernetes Conformance Program run by CNCF, which ensures distributions meet upstream Kubernetes standards.

However, conformance validates runtime behavior, not how clusters are created. Cluster provisioning approaches varies widely across providers, leading to configuration drift, inconsistent upgrades, and operational complexity at scale.

To address these challenges, the Kubernetes Special Interest Group Cluster Lifecycle introduced Cluster API, bringing declarative APIs to cluster provisioning and lifecycle management.

In this beginner-friendly session, I will walk you through the full landscape for Kubernetes cluster creation, and share insights from a contributor’s perspective on why Cluster API exists, the problems it solves, and how community-driven effort helps make cluster creation more consistent and sustainable.

Speakers

Wendy Ha

Software Engineer, CNCF Ambassador, Independent

Wendy is a CNCF Ambassador and a proud advocator for Women in the Cloud Native community. She is also an open source contributor and has contributed to various aspects of Kubernetes, including SIG Release (serving on the Release Team since v1.31), SIG Cluster Lifecycle and SIG Etcd... Read More →

Kubernetes Cluster Creation Landscape WendyHa pdf

Monday May 18, 2026 3:35pm - 4:15pm CDT
200H (Level Two)

Open Source 101

Audience Experience Level Beginner
Slides Attached Yes

3:35pm CDT

Sponsored Session: Open-sourced Blockchain Solutions: Cardano’s Infrastructure-First Approach - Marco Russo, Cardano Foundation

Monday May 18, 2026 3:35pm - 4:15pm CDT

200I (Level Two)

Open source has become key to blockchain development, especially for public, permissionless blockchains such as Cardano. This session will share insights into the Cardano Foundation’s "Infrastructure-First" strategy. We will discuss how to sustain a diverse suite of open-source solutions designed for institutional and community use. Key case studies include:

A financial reporting and accounting system that creates immutable, easy to audit records
A scalable solution for verifiable proof of origin and product integrity
An identity and access management platform focusing on fraud prevention and digital sovereignty
A secure yet transparent voting infrastructure for decentralized governance.

**In order to facilitate networking and business relationships at the event, you may choose to visit a third party’s booth or access sponsored content. You are never required to visit third party booths or to access sponsored content. When visiting a booth or participating in sponsored activities, the third party will receive some of your registration data. This data includes your first name, last name, title, company, address, email, standard demographics questions (i.e. job function, industry), and details about the sponsored content or resources you interacted with. If you choose to interact with a booth or access sponsored content, you are explicitly consenting to receipt and use of such data by the third-party recipients, which will be subject to their own privacy policies.**

Speakers

Marco Russo

Backend Development Lead, Cardano Foundation

Marco Russo is a Backend Development Lead at the Cardano Foundation, where he oversees the development of high-assurance, open-source infrastructure. Russo focuses on bridging the gap between traditional enterprise needs and decentralized protocols. His work centers on building secure... Read More →

osselcna2026 marco v3 pdf

Monday May 18, 2026 3:35pm - 4:15pm CDT
200I (Level Two)

OSS Enabling & Management, Blockchain and Distributed Ledger Technologies

Slides Attached Yes

3:35pm CDT

Taming MCP Server Sprawl: Securing and Scaling the Model Context Protocol in Production - Jeffrey Borek & Olivia Buzek, IBM

Monday May 18, 2026 3:35pm - 4:15pm CDT

200A (Level Two)

As AI agents transition from pilots to production systems, enterprises are rapidly adopting the open source Model Context Protocol (MCP) to connect models with tools, data, and services. But this flexibility introduces a new challenge: MCP server sprawl. Proliferating endpoints, inconsistent trust models, weak identity controls, and unclear governance can quickly create operational and security risk. This session explains what MCP is, why its adoption is accelerating, and where architectural pitfalls emerge at scale. Developers will learn key design principles for secure deployment, including authentication patterns, authorization boundaries, observability, lifecycle management, and policy enforcement. Attendees will leave with a practical mental model for building MCP integrations that remain composable, governable, and production-ready as ecosystems evolve.

Speakers

Jeffrey Borek

WW Program Director, Open Technologies, IBM

Working across IBM Research to build a scalable and consistent AI software supply chain security framework, while continuing to lead the consumption compliance Open Source Program Office (OSPO), including policy, execution and guidance. Working with IBM Government & Regulatory Affairs... Read More →

Olivia Buzek

Senior Staff Developer Advocate for AI, IBM

Olivia is a computational linguist turned AI engineer. Her career has focused on data, machine learning, and AI. She subscribes to neither AI hype nor AI doomerism, believing that human creativity and AI can coexist, and that builders of AI applications have a responsibility to their... Read More →

OSSNAIBMSession 18May2026vFinal pdf

Monday May 18, 2026 3:35pm - 4:15pm CDT
200A (Level Two)

OSS Enabling & Management, Operations Management & OSPOs

Audience Experience Level Intermediate
Slides Attached Yes

3:35pm CDT

StageX: Rebuilding Trust Through Multi-Signed, Full-Source Bootstrapped, and Reproducible Builds - Danny Grove, Manifest Cyber & Lance Vick, Distrust

Monday May 18, 2026 3:35pm - 4:15pm CDT

200G (Level Two)

Most Linux distributions trust individual maintainers with complete package control, creating critical supply chain vulnerabilities. StageX rebuilds this trust model from scratch with a radically different approach: no single person or computer can compromise the system.
StageX requires fully bit-for-bit reproducible builds verified and signed by multiple independent parties before release. Built from 181 bytes of machine code, StageX bootstraps modern toolchains that can be used in container-native and static contexts.
This talk demonstrates StageX's approach to full-source bootstrapping, bit-for-bit reproducibility and multi-party verification; contrasts it with other reproducible build efforts like NixOS/Guix, and shows how its container-native design provides practical security guarantees. You'll learn how to implement these approaches in your own infrastructure to build software from toolchain to deployment.

Speakers

Lance Vick

Security Engineer, Distrust

Danny Grove

Lead Infrastructure Engineer, Manifest Cyber

Software and Infrastructure Engineer with 16 years of experience across the web stack. Co-Founder of Hashbang, a decentralized hackerspace. Owner at DR Grove Software LLC and Lead Infrastructure Engineer at Manifest Cyber. Cyborg. Specializes in containerization, building other peoples... Read More →

oss na 2026 pdf

Monday May 18, 2026 3:35pm - 4:15pm CDT
200G (Level Two)

Packages + Images + Containers

Audience Experience Level Intermediate
Slides Attached Yes

3:35pm CDT

DroneCode Community Update - Ramon Roche, DroneCode Foundation & Lorenz Meier, Creator of PX4 & Auterion

Monday May 18, 2026 3:35pm - 4:15pm CDT

200B (Level Two)

Speakers

Lorenz Meier

Creator of PX4 & Founder and CEO, Auterion

Dr. Lorenz Meier is Founder and CEO of Auterion and the founder of a number of important open source projects for the drone industry that include PX4, MAVLink, QGroundControl and is the creator of the Pixhawk autopilot. He is a veteran of the drone industry since 2008 with more than... Read More →

Ramon Roche

General Manager, The Linux Foundation

Ramón Roche is General Manager of the Dronecode Foundation, an open-source project under the Linux Foundation supporting drone and robotics development. He leads a global ecosystem behind technologies like PX4 and Pixhawk, and has over a decade of experience in open source. Ramón... Read More →

Dronecode Community Update OSS NA 2026 pdf

Monday May 18, 2026 3:35pm - 4:15pm CDT
200B (Level Two)

PX4 Dev Summit

Audience Experience Level Any
Slides Attached Yes

3:35pm CDT

Beyond Static Devicetrees: Implementing Runtime Hardware Dynamism in Zephyr - Wai-Hong Tam & Jason Yuan, Google

Monday May 18, 2026 3:35pm - 4:15pm CDT

200D (Level Two)

Zephyr’s build-time configuration excels at efficiency, but challenges mass production. When a single product design needs to support dozens of hardware variations, e.g. swapping out sensors or chargers due to supply chain constraints, the standard build flow often leads to managing a unique binary for every combination. This creates a validation nightmare.

This talk presents an architectural framework used in the ChromeOS Embedded Controller that brings runtime adaptability to Zephyr, achieving Linux-like flexibility without the memory overhead of a live DTB parser.

We cover two specific patterns:
1. Dynamic Driver Selection: We treat the Devicetree as a pool of supported components. By reading a configuration bitfield from manufacturing data (EEPROM or protected flash) at boot, the firmware dynamically initializes only the correct drivers for that specific unit.

2. Safe Hardware Discovery: Zephyr compiles away hardware descriptions, leaving the host OS blind to connected peripherals. We introduce a pipeline that exports Devicetree definitions into a "Component Manifest". This enables safe OS-level verification, avoiding the risks of "blind probing" on I2C buses.

Speakers

Jason Yuan

Software Engineer, Google

Jason has been working on the ChromeOS firmware team at Google for 4 years. He focuses on building interesting new Chromebook functionalities on top of Zephyr, as well as the automated testing of Chromebook firmware.

Wai-Hong Tam

Staff Software Engineer, Google

Wai-Hong is a Staff Software Engineer at Google with over 20 years of embedded expertise. His career spans from RTOS and BootROM work at MediaTek to leading firmware architecture for ChromeOS. At Google, he has contributed to verified boot, U-Boot for the first ARM Chromebook, the... Read More →

Beyond Static Devicetrees Implementing Runtime Hardware Dynamism in Zephyr (05170908) pdf

Monday May 18, 2026 3:35pm - 4:15pm CDT
200D (Level Two)

Zephyr

Audience Experience Level Intermediate
Slides Attached Yes

4:30pm CDT

Why Is It Always DNS?: Rethinking & Engineering Node-Level DNS Resolution in Kubernetes - Shaheen Sayyed & Ankur Singh, Red Hat

Monday May 18, 2026 4:30pm - 5:10pm CDT

200F (Level Two)

Is it DNS or is it network? & why is answer always DNS? In K8s, most clusters quietly rely on /etc/resolv.conf on every node for all non-service name resolution. At scale, this dependency becomes a liability, reducing caching & observability while causing fragile forwarding, higher latency, upstream resolver overload, and host-level divergence in multi-cloud environments

This talk will explain how K8s actually consumes node DNS today & then present two solutions: CoreDNS for large, complex clusters; dnsmasq for medium scale that bring deterministic caching, controlled forwarding, traffic steering, and real visibility—turning DNS from black box into an engineered system component

Attendees will gain a framework to choose DNS implementation strategies by understanding trade-offs based on cluster scale, workload type and platform maturity. We’ll compare CoreDNS & dnsmasq, surface real failure modes, & show how different designs affect latency, reliability, & blast radius.

Speakers

Shaheen Sayyed

Site Reliability Engineer, Red Hat

Coding Enthusiast with a keen interest in Building Scalable Cloud Applications

Ankur Singh

Senior Site Reliability Engineer, Red Hat

A diverse Software Engineer with experience as DevOps Engineer, Platform Engineer & Site Reliability Engineer.

dns on kubernetes pdf

Monday May 18, 2026 4:30pm - 5:10pm CDT
200F (Level Two)

Cloud + Orchestration

Audience Experience Level Beginner
Slides Attached Yes

4:30pm CDT

The Architecture of Accountability: Transparency in Software - Hayden Blauzvern, Google

Monday May 18, 2026 4:30pm - 5:10pm CDT

200E (Level Two)

In the context of secure systems, "transparency" is often a loaded term. We will propose a precise definition: the guarantee of discoverability and auditability. Transparency is the difference between a system that merely claims to be secure and a system that provides proof of its security claims.

This session offers a high-level primer on the principles of cryptographic transparency. We will discuss how to design transparent applications and explore the tooling available to create tamper-evident systems. We will examine how this pattern has already been used, from Certificate Transparency providing auditability for web PKI, Binary Transparency securing software delivery, and Key Transparency hardening messaging applications. We will demonstrate how transparency can be applied for emerging frontiers as well, such as AI model provenance and news authenticity.

Finally, we will discuss the ongoing specifications work to standardize transparency primitives and highlight opportunities to participate. Attendees will leave with a clear mental model for transparency by design, ready to build systems where accountability is a default feature, not an afterthought.

Speakers

Hayden Blauzvern

Technical Lead Manager, Google

Hayden Blauzvern is a technical lead manager on Google’s Open Source Security Team, focused on making open-source software more secure through code signing and applied transparency. Hayden is a maintainer and the community chair on the Sigstore project.

OSS NA 2026 The Architecture of Accountability Transparency in Software pdf

Monday May 18, 2026 4:30pm - 5:10pm CDT
200E (Level Two)

Digital Trust

Audience Experience Level Any
Slides Attached Yes

4:30pm CDT

Bootph: A Swiss Army Knife for Boot-Time Optimization - Gokul Praveen & Beleswar Prasad Padhi, Texas Instruments

Monday May 18, 2026 4:30pm - 5:10pm CDT

208A+B (Level Two)

With more stringent regulations for automotive usecases, every millisecond of boot time is critical. Safety features like rear-view camera and surround view must start working quickly to meet regulations. A typical solution is to have custom boot loaders as they are often faster than U-Boot and the memory footprint of U-Boot has been increasing as device trees grow larger. However, U-Boot provides significant advantages: rich driver model, broad hardware and strong community support.

This raises an important question: how can U-Boot be made a more attractive alternative to custom RTOS bootloaders w.r.t boot time and memory footprint? The answer lies in "bootph" (boot phase) tags, which enable selective node tagging to solve the above-mentioned problems.

This session aims to cover the following:
1. Overview of U-Boot boot phases(SPL, VPL, TPL & U-Boot proper).
2. Deep dive into bootph tags: usage, meaning, and how they affect each boot phase.
3. Common pitfalls: accidentally removing SPL-required nodes, over-tagging shared peripherals, and overusing bootph-all tag.
4. A live case study demonstrating how U-Boot matched the boot time of a custom RTOS bootloader on the TI J7200 SoC.

Speakers

Beleswar Prasad Padhi

Senior Software Engineer at Texas Instruments, Texas Instruments

Gokul Praveen

Embedded Software Applications Engineer, Texas Instruments, India

I am a Software Applications Engineer with 2 years of experience at Texas Instruments(TI). My work mainly focuses on boot time optimizations, board bring ups with Linux, U-Boot, and handling platform-specific drivers, including those for eMMC, SD, UART, USB, and Timer peripherals... Read More →

OSS NA BOOTPH pptx

Monday May 18, 2026 4:30pm - 5:10pm CDT
208A+B (Level Two)

Embedded Linux Conference

Audience Experience Level Any
Slides Attached Yes

4:30pm CDT

Complying With Regulatory SBOM Requirements Using the Yocto Project - Joshua Watt, Garmin

Monday May 18, 2026 4:30pm - 5:10pm CDT

208C+D (Level Two)

With regulatory deadlines regarding Software Bill of Materials (SBoMs) in place, and more on the horizon (such as the CRA), it is important to ensure that you can comply with the requirements that are stipulated. Fortunately, Yocto has a robust and comprehensive SBoM generation integrated into it, which can aid in ensuring compliance. In this talk, Joshua will provide information and tips about how to configure your Yocto builds for compliance with several of the different SBoM standards.

Speakers

Joshua Watt

Staff Software Engineer, Garmin

Joshua is a Staff Software Engineer for Garmin with 18 years experience producing consumer electronics. He has worked on the Yocto SPDX SBoM implementation, and is a member of the Yocto Project TSC as well as the OpenEmbedded TSC.

OSS NA Complying with CRA SBoM Requirements using the Yocto Project pdf

Monday May 18, 2026 4:30pm - 5:10pm CDT
208C+D (Level Two)

Embedded Linux Conference

Audience Experience Level Intermediate
Slides Attached Yes

4:30pm CDT

Scaling LLM Inference With Tiered Caching: Extending LMCache With Amazon SageMaker HyperPod - Yihua Cheng, Tensormesh, Inc. & Ziwen Ning

Monday May 18, 2026 4:30pm - 5:10pm CDT

211A+B (Level Two)

LMCache supports tiered KV caching with CPU memory offloading, extending inference beyond GPU memory limits. But what happens when local CPU memory isn't enough? This session introduces the next tier: offloading KV cache to Amazon SageMaker HyperPod managed storage, expanding cache capacity for large-scale LLM inference.

We'll cover the technical design of the SageMaker HyperPod connector contribution to LMCache. Hot entries stay in GPU memory, warm entries spill to CPU memory, and cold entries persist to HyperPod's managed storage. This three-tier architecture lets organizations cache far more context than local resources allow, reducing redundant computation for repeated prompts and long-context scenarios.

The session demonstrates the integration in action, showing cache hit rates, latency across tiers, and how the connector handles transitions between local and remote storage. We'll discuss key engineering decisions, including async prefetching and failure handling.

Attendees will leave with practical knowledge of how managed cloud storage can extend open source caching frameworks for LLM inference infrastructure.

Speakers

Yihua Cheng

CTO, Tensormesh, Inc.

Yihua Cheng is co-founder and CTO of Tensormesh. He has a deep background in large language models, high-performance computing, and open-source development.
Yihua created LMCache and the vLLM production stack, open-source projects that have collectively earned over 9,000 GitHub... Read More →

Ziwen Ning

Open Source Contributor

Ziwen Ning is an open-source contributor to LMCache. He was previously a Senior Software Development Engineer at AWS, working on Amazon SageMaker HyperPod with a focus on building scalable ML infrastructure. Before that at Annapurna Labs, he enhanced the AI/ML experience through the... Read More →

OSS NA26 LMCache pptx

Monday May 18, 2026 4:30pm - 5:10pm CDT
211A+B (Level Two)

Open AI & Data

Audience Experience Level Intermediate
Slides Attached Yes

4:30pm CDT

Quantum Computing for AI Engineers: Foundations, Limits, and Future Possibilities - Alireza Rahmani, Red Hat

Monday May 18, 2026 4:30pm - 5:10pm CDT

200H (Level Two)

Quantum computing is often described as the next frontier of computation, but for most engineers, it remains abstract and disconnected from practical systems such as AI and distributed infrastructure.

This session introduces the fundamentals of quantum computing in clear, accessible terms. We will explain core concepts such as qubits, superposition, and entanglement without heavy mathematics, and compare them to classical computing models used in today’s AI workloads.

We will then explore realistic intersections between quantum computing and AI, including optimization problems, simulation, and potential long-term impacts on edge and cloud architectures. The session will also briefly review open source quantum development toolkits and how engineers can begin experimenting today.

Attendees will leave with a grounded understanding of what quantum computing can and cannot do, and how it may influence the future of AI systems.

Speakers

Alireza Rahmani

Senior Cloud Architect, Red Hat

Alireza Rahmani is a Red Hat Cloud Architect, academic professor, and Doctoral Engineer candidate at Penn State University specializing in AI/ML and cloud-native systems. A Golden Kubestronaut within the CNCF ecosystem, he bridges research and real-world deployment, focusing on security... Read More →

Quantum Computing for AI Engineers pdf

Monday May 18, 2026 4:30pm - 5:10pm CDT
200H (Level Two)

Open Source 101

Audience Experience Level Beginner
Slides Attached Yes

4:30pm CDT

Lazy Rivers and Open Source Security: Learn About the OpenSSF With Angelah and Stacey - Angelah Liu & Stacey Potter, Linux Foundation

Monday May 18, 2026 4:30pm - 5:10pm CDT

200A (Level Two)

Some people claim that open source and cybersecurity are two things that don't mix. Come join this informative session to learn how the truth is very much the opposite!

Established in 2020, the OpenSSF is the security subject matter experts for the Linux Foundation. While some might claim that security is a Dark Art, hop onto our lazy river as we show you about all the amazing initiatives our community has to offer open source developers and downstream OSS consumers! Don't forget your towel and some sunscreen, and be careful if you sit in the splash-zone... you MAY get wet! HONK!

Speakers

Angelah Liu

Associate Manager, Marketing and Communications, Linux Foundation

Angelah serves as the Associate Communications & Marketing Manager at the Linux Foundation, where she supports open source projects' cross-functional marketing initiatives for high-impact open source ecosystems. She drives the marketing efforts for multiple key LF projects, including... Read More →

Stacey Potter

Community Manager, OpenSSF

OSS NA 2026 OpenSSF Lazy Rivers pdf

Monday May 18, 2026 4:30pm - 5:10pm CDT
200A (Level Two)

OSS Enabling & Management, Operations Management & OSPOs

Audience Experience Level Beginner
Slides Attached Yes

4:30pm CDT

Image Composer Tool: Declarative Multi-Distro Linux Image Builds From Packages - Mats Agerstam & Alpesh Rodage, Intel Corporation

Monday May 18, 2026 4:30pm - 5:10pm CDT

200G (Level Two)

Building custom Linux images for edge deployments requires distribution-specific toolchains, manual dependency resolution, and bespoke scripting; resulting in fragile, hard-to-reproduce pipelines.

Image Composer Tool (ICT) is an open-source tool that composes bootable Linux images from pre-built packages using declarative YAML templates. It supports Azure Linux, Ubuntu, Wind River eLxr, and Edge Microvisor Toolkit through a single workflow, with dependency resolution across RPM and DEB ecosystems, GPG signature verification, and deterministic builds for CI/CD.

This session covers:

Package management abstraction across RPM and DEB via a unified interface

Reproducible, template-driven builds producing identical outputs from identical inputs

Supply chain security: GPG verification, TLS-secured fetches, minimal attack surface

Extensible provider architecture enabling contributors to add new distributions

Live demo: composing a bootable image from a YAML template in minutes

Attendees will learn how declarative image composition simplifies multi-distribution package management and produces reproducible, secure OS images

Speakers

Mats Agerstam

Senior Principal Engineer, Intel Corporation

Mats Agerstam is a Senior Principal Engineer at Intel, leading architecture for the Open Edge Platform, Edge Microvisor Toolkit, and OS Image Composer to simplify AI and edge‑native workload deployment. With deep experience in edge computing, device lifecycle management, and platform... Read More →

Alpesh Rodage

Cloud Software Architect, Intel Corporation

Alpesh Rodage is a Cloud Software Architect at Intel with 20+ years in platform engineering and distributed systems. He architects and leads development of the OS Image Composer, an open-source tool for declarative, multi-distribution Linux image builds. Previously, he designed multi-cluster... Read More →

ICT Open Source Summit NW 2026 Final version pptx

Monday May 18, 2026 4:30pm - 5:10pm CDT
200G (Level Two)

Packages + Images + Containers

Audience Experience Level Intermediate
Slides Attached Yes

4:30pm CDT

Leveraging GPU-accelerated Stereo Visual Inertial Odometry in PX4 Using ROS2 - Andrew Brahim, Ascend Engineering

Monday May 18, 2026 4:30pm - 5:10pm CDT

200B (Level Two)

This quick tutorial walks through the camera calibration/configuration, uxrce dds service, Isaac ROS setup, and PX4 parameters required to fuse stereo VIO in EKF2. The platform is a quadcopter with an Ark Jetson computer.

Speakers

Andrew Brahim

Principle Engineer at Ascend Engineering, Ascend Engineering

With a background in Electrical Engineering, I became involved in the UAS industry as a hobby at first. There are always interesting and challenging problems to solve in this space, which inspires me to learn a little bit more about the technology in this space every day.

px4 nvidia vio pdf

Monday May 18, 2026 4:30pm - 5:10pm CDT
200B (Level Two)

PX4 Dev Summit

Audience Experience Level Intermediate
Slides Attached Yes

4:30pm CDT

Fuzzing Zephyr Apps - Struggles of Dynamic Analysis on Embedded Applications - Jayashree Srinivasan, Analog Devices

Monday May 18, 2026 4:30pm - 5:10pm CDT

200D (Level Two)

Fuzzing, a type of dynamic analysis, is a testing method to find security flaws in software during execution. It involves providing randomized inputs to the application and observing for crashes.

Embedded applications present unique fuzzing challenges. Unlike general-purpose software, they run continuously in real-time without terminating, making it hard to use traditional fuzzing approaches. They receive inputs through specialized peripherals or direct memory/register accesses that require accurate modeling. Fuzzers must generate inputs satisfying highly constrained validation checks while maintaining application state, and crash detection is complicated by the lack of clear program termination.

Existing solutions use hardware, emulation, or rehosted systems with modeled peripherals, employing full source code level, binary-only or API-level fuzzing. Zephyr's current libFuzzer integration targets unit-level API fuzzing but misses system-wide bugs. We aim to integrate AFL++, a popular fuzzing engine, to create a generalized fuzzing strategy across Zephyr's supported platforms. Though still in development, we're exploring the optimal approach to achieve this integration.

Speakers

Jayashree Srinivasan

Senior Engineer, Research Science Engineering, Analog Devices

I am an Embedded Security enthusiast, currently working as a Senior Engineer in the Product Security team at Analog Devices. My work involves building security solutions for our products with Trusted Execution Environments and open source SW including Trusted Firmware-M, Zephyr and... Read More →

Fuzzing Zephyr Apps pdf

Monday May 18, 2026 4:30pm - 5:10pm CDT
200D (Level Two)

Zephyr

Audience Experience Level Any
Slides Attached Yes

5:00pm CDT

Lightning Talk: Why Don't AI Technologies and CI/CD Pipelines Get Along? - Ryo Sugahara, NTT DATA GROUP Corporation

Monday May 18, 2026 5:00pm - 5:10pm CDT

200C (Level Two)

AI technologies are fundamentally transforming the landscape of IT system development. While they are increasingly applied across a wide range of development tasks, their potential remains largely untapped within CI/CD pipelines.

I have personally experimented with applying AI technologies to CI/CD pipelines in an effort to build more effective and intelligent workflows. However, these attempts did not lead to the expected results. This experience raises an important question: why is the integration of AI technologies into CI/CD pipelines so challenging?

In this session, I will explore the practical and conceptual barriers encountered when applying AI technologies to CI/CD pipelines, and examine the underlying reasons behind their apparent lack of compatibility, drawing on firsthand experience. This exploration is still a work in progress. Rather than presenting a success story, this session aims to frame the problem clearly and honestly.

Also, by raising key questions and sharing lessons learned from failed attempts, this session seeks to encourage broader discussion and invite more practitioners to engage with this challenge and collaboratively explore possible paths forward.

Speakers

Ryo Sugahara

Evangelist, NTT DATA GROUP Corporation

I joined NTT Data in 2005. Currently, I'm dedicated to driving modernization through the integration of CI/CD and infrastructure automation, transforming traditional projects.

[cdCon2026] Why don't AI technologies and CICD pipelines get along pdf

Monday May 18, 2026 5:00pm - 5:10pm CDT
200C (Level Two)

cdCon

Audience Experience Level Any
Slides Attached Yes

5:15pm CDT

Lightning Talk: Developer Experience is More Than Just Productivity Metrics - Jeremy Meiss, WWT

Monday May 18, 2026 5:15pm - 5:25pm CDT

200C (Level Two)

With everything changing in tech at a frenetic pace, the emphasis on developer productivity has overshadowed the true essence of developer experience (DevEx). While frameworks like SPACE, getDX, and DORA metrics provide valuable insights, they often miss the mark on capturing developers' real, day-to-day experiences using tools and services, instead focusing strictly on the bottom line for the company. Meanwhile, developers and practitioners are job-hopping more than ever.

This talk will explore the origins and evolution of "developer experience," dissect popular frameworks, and advocate for a more balanced approach that values the practitioner's perspective. At the end we will set a path towards integrating top-down metrics with bottom-up feedback, ensuring an approach to developer experience that fosters innovation and satisfaction.

Speakers

Jeremy Meiss

Technical Solution Architect, AI Native, WWT

Jeremy is an international speaker and is a Technical Solution Architect, AI Native, at WWT, previously leading Developer Advocacy at OneStream Software, CircleCI, Solace, and Auth0. Jeremy is active in the DevRel and DevOps communities, a co-creator of DevOpsPartyGames.com, and organizer... Read More →

DevEx more than DevProd metrics cdCon2026 pdf

Monday May 18, 2026 5:15pm - 5:25pm CDT
200C (Level Two)

cdCon

Slides Attached Yes

5:25pm CDT

Monolithic To Cloud Native: Lessons From Migrating Heroku To EKS at Scale - Mateen Anjum, Phono Technologies Inc

Monday May 18, 2026 5:25pm - 6:05pm CDT

200F (Level Two)

When our platform served a SaaS company growing from
9M$ to $100M ARR, we faced a decision every scaling team encounters: stay on Heroku or migrate to Kubernetes. We chose migration. This talk shares the real lessons from moving 47 microservices to EKS while maintaining 99.9% uptime.

I will cover the migration patterns that worked, the ones that failed spectacularly, and the operational changes that made the difference between success and rollback. You will learn how we reduced API latency from 700ms to 70ms, why our first three migration attempts failed, and what "production ready" actually means when your customers include enterprise clients with strict SLAs.

This is not a vendor pitch or theoretical framework. It is a practitioner's account of what happens when you bet your platform on Kubernetes and have to deliver.

Attendees will leave with a realistic migration checklist, common failure patterns to avoid, and honest metrics on what to expect during and after migration.

Speakers

Mateen Anjum

Staff DevOps Engineer, Phono Technologies Inc

Mateen Ali Anjum is a Staff DevOps Engineer with 12 years of experience building infrastructure platforms. He has scaled systems, led platform migrations, and currently works in Canada. His work focuses on the intersection of reliability engineering and emerging AI tooling for infrastructure... Read More →

Anjum Monolithic to Cloud Native pdf

Monday May 18, 2026 5:25pm - 6:05pm CDT
200F (Level Two)

Cloud + Orchestration

Audience Experience Level Intermediate
Slides Attached Yes

5:25pm CDT

Leveraging U-Boot Binman With Hardware Security Modules (HSM) for Secure Boot - Riya Aysola & Judith Mendez, Texas Instruments

Monday May 18, 2026 5:25pm - 6:05pm CDT

208A+B (Level Two)

Secure boot is becoming essential for more embedded Linux systems, yet secure firmware signing at scale remains challenging. Traditional approaches often rely on manual, locally managed scripts and cryptographic keys, leading to increased security risks from development to production environments. This presentation demonstrates a practical approach to secure boot image creation using U-Boot's Binman tool integrated with Hardware Security Modules (HSMs) for cryptographic signing. We examine how Binman assembles multi-stage boot images and delegates signing to HSMs, protecting private keys while enabling automated builds. We will also explore how Binman's signing workflow can be adapted to support various HSM deployment models. Attendees will understand how image signing with Binman establishes a secure boot chain of trust, why HSM-backed signing is critical for production systems, and how open-source tools can be combined with security best practices to create more robust and scalable firmware signing workflows. The goal is to help the broader open-source ecosystem adopt more standardized and secure practices for firmware image creation and signing suitable for production deployment

Speakers

Riya Aysola

Systems Engineer, Texas Instruments

Riya Aysola is a Systems Engineer in Texas Instruments' Embedded Processing group, focused on embedded security and cybersecurity. She holds a bachelor's degree in computer science from the University of Houston.

Judith Mendez

Embedded Linux Developer, Texas Instruments

Judith Mendez is an embedded Linux developer at Texas Instruments with nearly 4 years of experience on Sitara K3 SoCs and legacy AM335/AM437 platforms. She handles driver development and maintenance for IPs like MMC, PWM, M_CAN, and watchdog, helping deliver quality Linux SDKs and... Read More →

Leveraging Binman with HSM for SecureBoot pdf

Monday May 18, 2026 5:25pm - 6:05pm CDT
208A+B (Level Two)

Embedded Linux Conference

Audience Experience Level Beginner
Slides Attached Yes

5:25pm CDT

Verification Toward Applying SLSA in Automotive IVI Software Development - Yuta Kiyoumi & Takashi Ninjouji, Honda Motor Co., Ltd.

Monday May 18, 2026 5:25pm - 6:05pm CDT

208C+D (Level Two)

In automotive software development—such as IVI (In-Vehicle Infotainment) software—many layers of the supply chain are involved, including automotive OEMs and Tier‑1 suppliers. Automotive OEMs, in particular, are required to manage a complex and multi‑layered software supply chain under strict safety and regulatory constraints.

To evaluate supply chain security efforts within software development, we have been conducting a feasibility study on applying SLSA, a supply chain security framework being developed by the OpenSSF.

In this session, we will share insights gained through our validation of SLSA adoption and discuss approaches to supply chain security in large-scale software development projects such as AAOS.

Speakers

Yuta KIYOUMI

Security Architect for IVI software development, HONDA MOTOR CO.,LTD.

Yuta Kiyoumi is the Security Architect for IVI software development at Honda Motor Co., Ltd. He also serves as a member of the Honda OSPO promoting secure OSS adoption, and participates as a member of the OpenSSF.

Takashi Ninjouji

Chief Engineer, Honda Motor Co., Ltd.

Takashi Ninjouji is a Chief Engineer at Honda Motor Co., Ltd., with a focus on Software-Defined Vehicles (SDV). He is a manager of the Open Source Program Office (OSPO). His interests also include AI-assisted engineering automation.

Applying SLSA by Kiyoumi Ninjouji OSS NA26 pdf

Monday May 18, 2026 5:25pm - 6:05pm CDT
208C+D (Level Two)

Embedded Linux Conference

Audience Experience Level Beginner
Slides Attached Yes

5:25pm CDT

Beyond Vector Search: Building Knowledge Graphs for Autonomous Infrastructure - Torsten Boettjer, Rescile

Monday May 18, 2026 5:25pm - 6:05pm CDT

211A+B (Level Two)

Modern platform engineering has a 'context' problem. As infrastructure scales across Kubernetes, hybrid clouds, and internal developer platforms (IDPs) like Backstage, traditional RAG systems struggle to answer multi-hop queries like 'Which services depend on this failing database?' or 'What is the blast radius of this IAM change?'
In this session, we explore how GraphRAG—a combination of Knowledge Graphs and LLMs—solves the reasoning gap that vector-only search leaves behind. We will demonstrate how to index infrastructure as a graph of entities and relationships, allowing AI agents to perform complex root-cause analysis and automate documentation. Attendees will leave with a blueprint for building an open-source GraphRAG pipeline to turn platform data into actionable intelligence."

Speakers

Torsten Boettjer

Co-Founder, Rescile

Co-Founder at Rescile, 20 years experience in platform engineering, former CCIO at Avaloq, CTO at Cisco, Head of Innovation at Swisscom, Product Management at Oracle Cloud Infrastructure

Rescile Beyond Vector Search pdf

Monday May 18, 2026 5:25pm - 6:05pm CDT
211A+B (Level Two)

Open AI & Data

Audience Experience Level Intermediate
Slides Attached Yes

5:25pm CDT

From Compliance To Code: The Cyber Resilience Act, SBOMs, DevTeams and YOU! - Marcus Ross, Hamburg Port Authority AöR & Peter Dickten, dcs-fuerth Germany

Monday May 18, 2026 5:25pm - 6:05pm CDT

200A (Level Two)

The EU Cyber Resilience Act (CRA) is reshaping how manufacturers and developers must secure their products—but what does it mean for your Developer platforms, DevOps pipelines, and DevTeams? In this session, we’ll share a real-world implementation for SBOMs (Technical Guideline TR-03183 from the Federal Office of Information Security). We demonstrate how to technically address CRA mandates without drowning in compliance overhead.

You will leave with
- Understand the CRA’s impact on your Developers and Management even outside the EU (and why ignoring it isn’t an option).
- See a production-ready workflow for SBOMs, vulnerability management, and compliance automation with OpenSource-Tools (DependencyTrack, CentralCyclone, GitOps).
- Actionable insights on integrating CRA requirements with SBOM handling into your CI/CD pipelines.
- A clear "why this matters" for your org., and lessons from the trenches of securing critical infrastructure with Kubernetes.
- Get a checklist for team adoption - because compliance is a cultural challenge, not just a technical one.

Speakers

Peter Dickten

Peter Dickten, dcs-fuerth Germany

Marcus Ross

CCoE Lead / Kubestronaut, Hamburg Port Authority

The Hamburg Port Authority (HPA) has been operating future-oriented port management from a single source since 2005 and is active wherever efficiency, safety, and cost-effectiveness are required in the Port of Hamburg. Marcus works as a DevOps Plattform Engineer in a team responsible... Read More →

oss 2026 cra slides pdf

Monday May 18, 2026 5:25pm - 6:05pm CDT
200A (Level Two)

OSS Enabling & Management, Operations Management & OSPOs

Audience Experience Level Beginner
Slides Attached Yes

5:25pm CDT

Verified Debian Packaging at Scale - Frederick Lawler, Cloudflare

Monday May 18, 2026 5:25pm - 6:05pm CDT

200G (Level Two)

Cloudflare’s global network relies on Debian Linux machines across 330+ cities. To enhance production security we wanted to ensure that our servers can only run authorized software. For this we leverage Linux Kernel's IMA-Measurement to validate binary signatures before execution. Our system encompasses first-party software, Docker containers, and open-source Debian packages.

This talk illustrates how we successfully injected digital signatures into every Debian package installed on our fleet. This involved deep dives into the Linux Kernel, modifying dpkg, and building a mirroring system that could sign upstream repositories. Learn about our journey enhancing software integrity on a massive scale. This session is ideal for those interested in Linux security, package management, and Internet-scale system administration.

Speakers

Frederick Lawler

Systems Engineer, Cloudflare

Fred is a backend web developer turned kernel developer. He previously focused on the PCIe subsystem since 2018 as a hobbyist. Now he works for Cloudflare on the Linux team with a focus on securing systems and production reliability.

2026 OSS NA Slides pdf

Monday May 18, 2026 5:25pm - 6:05pm CDT
200G (Level Two)

Packages + Images + Containers

Audience Experience Level Advanced
Slides Attached Yes

5:25pm CDT

QGC: What You Don't Know - Andrew Wilkins, Ascend Engineering

Monday May 18, 2026 5:25pm - 6:05pm CDT

200B (Level Two)

This talk dives in to what you don't know about QGC. Hidden features, how to make changes, why things are the way they are.

We will go over: Text overlay on videos, Advanced Vs. Standard Mode, new joystick integrations, new bluetooth connections support, AND MORE!!!

Learn the intricacies of QGC as you never have before while also discovering brand new features!

Speakers

Andrew Wilkins

CEO - Ascend Engineering, Ascend Engineering

Andrew Wilkins is the CEO of Ascend Engineering. He does extensive contracting work with various PX4/QGC-related projects and has a strong sense of what these projects need from Dronecode. Ascend Engineering currently employs two PX4/QGC maintainers, giving Andrew direct insight into... Read More →

QGC What you don't know pdf

Monday May 18, 2026 5:25pm - 6:05pm CDT
200B (Level Two)

PX4 Dev Summit

Audience Experience Level Intermediate
Slides Attached Yes

5:30pm CDT

Lightning Talk: Simple Yet Scalable MLOps: Bridging the Gap Between Data Science and CI/CD - Sachin Garg, NavankurIT; Sameeksha Garg, Carnegie Mellon University

Monday May 18, 2026 5:30pm - 5:40pm CDT

200C (Level Two)

The transition of Machine Learning (ML) models from experimental notebooks to reliable production environments often reveals a significant disconnect between Data Scientists and Infrastructure/Operations teams. While traditional DevOps has mastered code delivery, the unique "state" of ML—comprising both code and massive datasets—requires a specialized evolution: MLOps. This session provides a practical roadmap for building a simple yet highly scalable CI/CD pipeline using a purely open-source stack.

We begin by addressing the critical challenge of Model Reproducibility. Standard version control systems like Git excel at managing algorithms but fail when handling the 500MB weights or multi-gigabyte training sets typical of modern ML. Our proposed architecture integrates DVC (Data Version Control) to version-control data alongside source code, ensuring that every deployment is fully traceable and repeatable.

Speakers

Sachin Garg

CTO, NavankurIT

Dr. Sachin Garg built India's early FOSS infrastructure: MNNIT's first internet server (1995) over 9.6 kbps VSAT, core BLUG member (1996-2002), IT.com '99 Linux Pavilion participant, and architect of Wipro's landmark FOSS.in 2006 sponsorship. At C-DAC, championed Linux for PARAM supercomputers... Read More →

Sameeksha Garg

Student, Carnegie Mellon University

Sameeksha Garg is a Computer Science student at Carnegie Mellon University (graduating May 2026), specializing in Machine Learning. With hands-on experience in open-source security at Visa, building ML monitoring systems using Grafana and Prometheus, and developing AI-driven pipelines... Read More →

Garg Garg Jat SimpleYetScalableMLOps cdCon2026 pdf

Monday May 18, 2026 5:30pm - 5:40pm CDT
200C (Level Two)

cdCon

Audience Experience Level Intermediate
Slides Attached Yes

11:00am CDT

From Guidance To Guardrails: Cost & Carbon Policy-as-Code With OPA in CI - Machiko Shinozuka & Kouki Hama, NTT, Inc

Tuesday May 19, 2026 11:00am - 11:40am CDT

200F (Level Two)

Several guidelines such as FinOps Framework and Green Software Patterns provide principles for cloud optimization, but they include both abstract ideas and practical details with multiple concerns like cost and sustainability. This makes human reviews inconsistent. In this talk, we show how such guidance can be evaluated consistently in CI using Open Policy Agent (OPA).

We present a two-layer policy design: evaluation logic stays small and readable in Rego, while policy rules such as thresholds and exceptions are defined in structured JSON. This separation makes policies easier to maintain by contributors without Rego expertise. CI checks consume an input schema derived from configuration or IaC artifacts and return review-ready decisions—allow, warn, or block—along with a rule identifier, rationale, and a suggested follow-up.

What you will learn:
・How to extract checkable criteria from abstract guidance
・How to design a stable input schema
・How to structure a rules catalog so that policy evaluation remains possible even when multiple concerns interact
・How to run a policy change process that does not depend on a small set of Rego experts

Speakers

Machiko Shinozuka

Research Engineer, NTT, Inc

Machiko Shinozuka is a researcher in Computer and Data Science Laboratories in NTT, Inc. She is engaged in the research and development of green software engineering. Her interest is calculating and reducing CO2 emissions in software, FinOps and cloud cost optimization. With a background... Read More →

Kouki Hama

Senior Research Engineer, NTT, Inc

Kouki Hama is a Senior Research Engineer in software engineering at NTT, Inc., Computer & Data Science Laboratories. His research focuses on improving the efficiency, reliability, and governance of CI/CD, with a focus on GreenOps, FinOps, reliability engineering, and software supply... Read More →

OSSNA cost carbon PaC r pdf

Tuesday May 19, 2026 11:00am - 11:40am CDT
200F (Level Two)

Cloud + Orchestration

Audience Experience Level Beginner
Slides Attached Yes

11:00am CDT

Sponsored Session: Cloud Native AI: From Conformance to Production - Jake Pineda, CNCF

Tuesday May 19, 2026 11:00am - 11:40am CDT

200I (Level Two)

Implementing a cloud-native AI stack often leads to operational and security issues. This session will provide attendees with an analysis of production-ready Cloud Native AI stacks, integrating community insights and the latest Cloud Native AI Conformance guidelines. We will showcase practical implementation methods through reference architectures and key projects, and define key metrics for benchmarking Cloud Native AI environments against established community standards.

**In order to facilitate networking and business relationships at the event, you may choose to visit a third party’s booth or access sponsored content. You are never required to visit third party booths or to access sponsored content. When visiting a booth or participating in sponsored activities, the third party will receive some of your registration data. This data includes your first name, last name, title, company, address, email, standard demographics questions (i.e. job function, industry), and details about the sponsored content or resources you interacted with. If you choose to interact with a booth or access sponsored content, you are explicitly consenting to receipt and use of such data by the third-party recipients, which will be subject to their own privacy policies.**

Speakers

Jake Pineda

Open Source Growth Strategist, Cloud Native Computing Foundation

OSS NA 2026 CNAI (1) pdf

Tuesday May 19, 2026 11:00am - 11:40am CDT
200I (Level Two)

Cloud + Orchestration

Slides Attached Yes

11:00am CDT

State of Embedded Linux - Walt Miner, The Linux Foundation

Tuesday May 19, 2026 11:00am - 11:40am CDT

208A+B (Level Two)

This talk offers a comprehensive look at what's changed in the embedded Linux world over the past year. Walt will walk through the latest kernel developments most relevant to embedded developers, survey key userspace projects shaping modern embedded designs, and cover the broader community, industry, and legal landscape — from the status of major processor architectures to initiatives at the Linux Foundation and beyond.

Whether you're tracking changes to subsystems you already rely on or looking for new tools and techniques to improve your workflow, this session will help you stay current in a fast-moving ecosystem. Come find out what's new, what's shifting, and what it means for your embedded Linux work.

Speakers

Walt Miner

AGL Community Manager, The Linux Foundation

State of Embedded Linux ELC NA Miner pdf

Tuesday May 19, 2026 11:00am - 11:40am CDT
208A+B (Level Two)

Embedded Linux Conference

Audience Experience Level Any
Slides Attached Yes

11:00am CDT

Optimizing Power Consumption in Embedded Linux: Techniques and Tradeoffs - Kendall Willis, Texas Instruments

Tuesday May 19, 2026 11:00am - 11:40am CDT

205C+D (Level Two)

Modern embedded systems look to minimize power consumption without compromising the performance of the system. To address this challenge, Linux provides comprehensive frameworks for dynamic power management that adapt system performance in response to workload demands. This talk explores the pieces that form the foundation of Linux power optimization and demonstrates how to leverage these tools in real-world scenarios.
The key principles for reducing the power consumption of the embedded system include turning off inactive devices, reducing clock frequency, and lowering supply voltage. Linux provides frameworks such as Runtime PM to suspend inactive devices, CPUIdle for intelligent idle state management, DevFreq for memory and device frequency optimization, and CPUFreq for dynamic CPU frequency scaling. By leveraging these tools, systems can reduce power dissipation while still meeting the demands of the application use case, without sacrificing performance. Through a practical case study on a TI AM62L SoC running a display application, this talk explores how different power optimization techniques interact and sometimes conflict, requiring iterative tuning to find optimal operating points.

Attendees will gain actionable optimization strategies, awareness of common pitfalls when subsystems interact, and practical debugging approaches applicable to their own embedded Linux projects.

Speakers

Kendall Willis

Software Engineer, Texas Instruments

Kendall Willis is an Embedded Software Engineer working at Texas Instruments. She primarily focuses on power management in ARM SoCs by enabling various low power modes in the Linux kernel.

EOSS power optimizations final pdf

Tuesday May 19, 2026 11:00am - 11:40am CDT
205C+D (Level Two)

Linux

Audience Experience Level Intermediate
Slides Attached Yes

11:00am CDT

Connecting the Dots With Context Graphs - Stephen Chin, Neo4j

Tuesday May 19, 2026 11:00am - 11:40am CDT

211A+B (Level Two)

AI systems need more than intelligence; they need context that persists. Without it, even strong models can misinterpret information, lose decision rationale, or repeat the same mistakes. Context Graphs have emerged as a practical pattern for agentic AI: a living graph that captures not only what was retrieved or known, but how context led to actions through tool calls, constraints, policies, and outcomes, stitched across entities and time so precedent becomes searchable.

This talk explores context engineering as the discipline of designing that context layer, and shows how context graphs complement retrieval by enabling multi-hop, structured context assembly (building on GraphRAG-style hierarchical summaries) while improving explainability and evaluation. Attendees will leave with a practical understanding of how to build context pipelines that combine contextual retrieval with persistent memory and provenance, and why context graphs are becoming central to trustworthy, enterprise-ready AI systems.

Speakers

Stephen Chin

VP of Developer Relations, Neo4j

Stephen Chin is VP of Developer Relations at Neo4j and author of numerous titles including the upcoming GraphRAG: The Definitive Guide for O'Reilly. He has given keynotes and main stage talks at numerous conferences around the world including AI Engineer Summit, AI DevSummit, Devoxx... Read More →

Connecting the Dots with Context Graphs (OSS NA) pdf

Tuesday May 19, 2026 11:00am - 11:40am CDT
211A+B (Level Two)

Open AI & Data

Audience Experience Level Intermediate
Slides Attached Yes

11:00am CDT

What Running FreeBSD on a Modern Laptop Taught Me - Deb Goodkin, The FreeBSD Foundation

Tuesday May 19, 2026 11:00am - 11:40am CDT

200H (Level Two)

"FreeBSD is only for servers.” “FreeBSD is for hardcore engineers.” We have all heard the myths. In this talk, Deb shares what happened when she decided to run FreeBSD on a modern laptop. Learn more about her journey to getting this rock-solid operating system on her laptop, and how it is far more accessible than its reputation suggests.

Speakers

Deb Goodkin

Deb Goodkin, The FreeBSD Foundation

Deb is the Executive Director of the FreeBSD Foundation, joining as the first employee in 2005. Before venturing into the world of open source and operating systems, she spent two decades working as an embedded firmware engineer, technical marketer, and technical sales engineer in... Read More →

2026 What Running FreeBSD on a Modern Laptop Taught Me.pptx pdf

Tuesday May 19, 2026 11:00am - 11:40am CDT
200H (Level Two)

Open Source 101

Audience Experience Level Beginner
Slides Attached Yes

11:00am CDT

Driving Kubernetes’ Global Adoption and Contributions With Documentation - Rey Lejano, Red Hat

Tuesday May 19, 2026 11:00am - 11:40am CDT

200E (Level Two)

Kubernetes documentation is facing a veering wind in users. Since the start of 2026, there have been twice as many global users as there were in 2025. With 15 localizations of the Kubernetes docs and 11.59 million active users in 2025, and 3 yearly releases, maintaining Kubernetes documentation and growing contributors can be daunting. This session explores how the Kubernetes project developed a community, processes, and practices to grow contributors and aid worldwide adoption.

Speakers

Rey Lejano

Solutions Architect, CNCF Ambassador, Red Hat

Rey Lejano is a Solutions Architect at Red Hat and is the co-chair of Kubernetes SIG Docs. He contributes to Kubernetes SIG Security, Release, & Contributor Experience. He is a member of seven Kubernetes Release Teams including serving as the 1.23 Release Lead and 1.25 Emeritus Adviser... Read More →

driving k8s global adoption with docs pdf

Tuesday May 19, 2026 11:00am - 11:40am CDT
200E (Level Two)

OSS Enabling & Management, Technical Documentation

Audience Experience Level Beginner
Slides Attached Yes

11:00am CDT

Small Government, Big Problems: Utilizing OSS To Support Our Citizens - Bob Henderson, Cass County Government

Tuesday May 19, 2026 11:00am - 11:40am CDT

200A (Level Two)

Small and local governments face an outsized challenge: rising expectations from citizens paired with shrinking budgets, limited staff, and a complex technology landscape. Finding modern, secure, and sustainable solutions often feels impossible when proprietary systems are expensive, rigid, and dependent on vendors that may not fully understand public sector realities. Staffing constraints make it even harder—small teams are expected to maintain critical services, manage security, and deliver innovation.

This session explores how open source software can help governments break out of that cycle. We’ll examine how open source provides flexibility, transparency, and long-term sustainability, while reducing vendor lock-in and enabling collaboration across agencies. We’ll also address common concerns around support, security, and staffing, and discuss practical models for leveraging vendors and community expertise without sacrificing control.

Finally, we’ll tackle the fear, uncertainty, and doubt (FUD) that often surrounds open source in government, separating myth from reality and showing how open source can empower small governments to deliver big outcomes for their citizens.

Speakers

Bob Henderson

Director of Information Technology, Cass County Government

20+ years in Public Sector IT, from individual contributor to leadership. Advocate of the right tool for the right job, at the right time.

OSSNA BJH Slides pptx

OSSNA BJH Slides pdf

Tuesday May 19, 2026 11:00am - 11:40am CDT
200A (Level Two)

OSS Enabling & Management, Operations Management & OSPOs

Audience Experience Level Any
Slides Attached Yes

11:00am CDT

Sim‑to‑Flight: Why Starting With Simulation Is the Fastest Path To Successful Flight Testing - Anthony Comer, Oklahoma State University & Eric Hillsberg, MathWorks

Tuesday May 19, 2026 11:00am - 11:40am CDT

200D (Level Two)

Many flight‑control and autonomy programs still begin with hardware prototyping, only to discover late in development that controller tuning, transition behavior, and system coupling are difficult to resolve without a reliable model. This session presents a practical simulation‑to‑flight workflow based on recent university flight‑test research, demonstrating why starting with simulation is critical for reducing risk and accelerating development while helping teams avoid costly UAV crashes and hardware damage. Using a subscale eVTOL case study, we show how aerodynamic modeling, propulsion modeling, and six‑degree‑of‑freedom dynamics are integrated into a digital twin that directly informs control‑law design, hardware deployment, and flight testing. The workflow culminates in direct PX4 implementation and a comparison of simulation predictions against real flight‑test data across hover, transition, and forward flight, highlighting close agreement between model and reality. The talk emphasizes how a simulation‑first approach enables faster iteration, safer testing, and more predictable flight performance for the broader aerospace and UAS community.

Speakers

Eric Hillsberg

Product Marketing Manger - Aerospace, MathWorks

Eric Hillsberg is a Product Marketing Manager for Aerospace Products at MathWorks. He recently graduated from University of Michigan with a degree in Aerospace Engineering and a minor in Computer Science. During school, he interned with NASA Ames Research Center to investigate how... Read More →

Anthony Comer

Assistant Professor, Oklahoma State University

Dr. Anthony Comer is an Assistant Professor at Oklahoma State University and Director of the Simulation to Flight Applied Research Lab. His research focuses on configuration-independent flight control architectures for VTOL aircraft and he developed the patent-pending Trajectory Control... Read More →

OSU + MathWorks PX4 Developer Summit 2026 pdf

Tuesday May 19, 2026 11:00am - 11:40am CDT
200D (Level Two)

PX4 Dev Summit

Audience Experience Level Any
Slides Attached Yes

11:35am CDT

Lightning Talk: It's Friday! - Alon Nisser, Zencity

Tuesday May 19, 2026 11:35am - 11:45am CDT

200C (Level Two)

It's Friday afternoon, and you've got plans for this evening. You've just finished the feature. you push to main and click deploy. OR DO YOU?

Let's talk about Friday deployments and what they can teach us.

Speakers

Alon Nisser

Principal engineer, Zencity

Software developer. currently in Zencity.io. Writing software as a hobby and as a profession. Strong opinions on things. Open source aficionado. Trying to make a difference.
Sometimes software makes we wonder if I'd be better off being a farmer

It's Friday Open source North America 2026 (1) pdf

Tuesday May 19, 2026 11:35am - 11:45am CDT
200C (Level Two)

cdCon

Audience Experience Level Intermediate
Slides Attached Yes

11:50am CDT

Platform Engineering: Herding the Electric Sheep - Brett Smith, SAS

Tuesday May 19, 2026 11:50am - 12:15pm CDT

200C (Level Two)

A talk about platform engineering, DevOps, DevSecOps, sprawl, chaos, compliance, and security. Why engineer an Internal Developer Platform when I have DevOps? DevOps works fine when you are a 20 person start-up but it often doesn't scale to Enterprise level development efforts. When you have 3000 developers with different needs and you are responsible for EO compliance and security a modular self-service platform is a good choice to build. In this talk I cover the challenges we have faced in a 3000 developers enterprise and how we are working to address them. I also cover how we are working on automating, integration, and scaling the creation of our internal developer platform. Leveraging SBOMs, SLSA, and other tools to help build out a secure and compliant platform. Attendees will learn the benefits and challenges of Platform Engineering
Attendee Takeaways
Answers for the following questions:
- Do we need a Platform Engineering Team?
- Is an IDP the right solution for my situation?
- What does a large scale IDP look like?
- What does it take to support a large scale IDP?
- What does security and compliance look like in an IDP?

Speakers

Brett Smith

Distinguished Software Developer, SAS

Distinguished Software Architect/Engineer/Developer with 25+ years of experience.
Specialties: Event Driven Automation, Continuous Integration/Delivery/Testing/Deployment, Supply Chain Security, AI Security
Expertise: Linux, packaging, and tool design.

Currently Engineering an... Read More →

OpenSourceSummit2026 PlatformEngineering pdf

Tuesday May 19, 2026 11:50am - 12:15pm CDT
200C (Level Two)

cdCon

Audience Experience Level Intermediate
Slides Attached Yes

11:55am CDT

Easy Bring-up Your RISC-V SBC Using Yocto Project - RISC-V Architecture Layer - Khem Raj, Comcast

Tuesday May 19, 2026 11:55am - 12:35pm CDT

208A+B (Level Two)

There are several different RISC-V based single board computers out in market and coming in future. Yocto project, is a leading embedded linux framework, and RISCV is first tier architecture supported in project, core supports RISCV64 QEMU and runs all tests. This talk will discuss using meta-riscv layers to add the support for new RISCV SBCs. meta-riscv has best practices and pre-existing support for known SBCs which can be used as template to bring-up the new board quickly. The talk will cover the content of meta-riscv in detail and the project setups using Kas and the SBC specific documentation using markdown files, detailing the flashing and build instructions, sharing common details but clearly differentiating board specific intructions.
This talk will also cover the challanges and future roadmap for meta-riscv and RISCV architecture support in Yocto Project.

Speakers

Khem Raj

Fellow, Comcast

OSS NA26 Khem RISC V pdf

Tuesday May 19, 2026 11:55am - 12:35pm CDT
208A+B (Level Two)

Embedded Linux Conference

Audience Experience Level Intermediate
Slides Attached Yes

11:55am CDT

From Physics To EBPF: Quantifying Flash Wear in Embedded Systems - Blake Hildebrand, Nordic Semiconductor

Tuesday May 19, 2026 11:55am - 12:35pm CDT

208C+D (Level Two)

Flash memory is the literal foundation of an embedded system, yet it is a finite resource. Every log entry, database commit, and firmware update inches the device closer to its end of life. For developers managing fleets of devices, the question is not just if the flash will fail, but when and which process is the culprit.

This session dives deep into the lifecycle of a write, from a high level look at the physics behind flash memory, to how we can get an estimation of lifetime by tracking number of bytes written. We will start at the hardware level, explaining the physical degradation of NAND cells and why eMMC controllers use wear leveling to manage this reality. Next, we will bridge the gap between hardware specs and software reality using the Total Bytes Written (TBW) metric to estimate remaining life.

Moving into the Linux kernel, we will explore the built-in metrics found in procfs and sysfs to monitor disk I/O. Finally, we will level up our observability by using eBPF to build a per process "write shaming" tool. This allows us to pinpoint exactly which application or daemon is burning through our hardware lifespan.

Speakers

Blake Hildebrand

Software Engineer, Nordic Semiconductor

Blake has been using Linux since installing Ubuntu Breezy on his dad’s old office PC. Since then, he’s worked on everything from smartwatches to large-scale web services. As an Software Engineer at Memfault, he focuses on improving device reliability and performance. Previously... Read More →

embedded flash wear pdf

Tuesday May 19, 2026 11:55am - 12:35pm CDT
208C+D (Level Two)

Embedded Linux Conference

Audience Experience Level Intermediate
Slides Attached Yes

11:55am CDT

SPDX and SBOM Work for the Linux Kernel - Tim Bird, Sony Electronics

Tuesday May 19, 2026 11:55am - 12:35pm CDT

205C+D (Level Two)

Due to increased interest in fine-grained analysis of kernel composition and security (due to the CRA and other recent cybersecurity legislation), there have been a number of recent projects to 1) generate SBOMS for the linux kernel, and 2) finish adding the remaining SPDX-License-Identifier lines to the kernel source tree. In this talk, Tim will describe the current status of both of these efforts. Good progress has been made to add missing SPDX id lines, but more work is needed to complete this project. Tim proposes a kselftest test to make sure there are no regressions in this area. The status of different kernel SBOM generation tools, and upstream status, will be described.

This work should be of interest to companies interested in complying with cybersecurity requirements, as well as those involved with license compliance efforts.

Speakers

Tim Bird

Principal Software Engineer, Sony Electronics

Kernel SPDX SBOM Bird OSSNA26 v2 pdf

Tuesday May 19, 2026 11:55am - 12:35pm CDT
205C+D (Level Two)

Linux

Audience Experience Level Intermediate
Slides Attached Yes

11:55am CDT

From Tools To Platforms: MCP Patterns for Building Open Agent Ecosystems - Guangya Liu, JPMC

Tuesday May 19, 2026 11:55am - 12:35pm CDT

211A+B (Level Two)

Model Context Protocol (MCP) is quickly becoming a foundational interface for agent–tool interaction, but most implementations today stop at simple, single-server tool exposure. This session explores practical MCP design patterns that move beyond “one server, one agent” toward scalable, interoperable, and ecosystem-friendly architectures.

Based on real-world experimentation and open-source implementations, we will walk through a set of MCP patterns, including:
1. Single MCP Server patterns for tool and data exposure
2. Multi-Server composition and routing patterns
3. MCP Host / Gateway patterns for aggregation and policy control
4. Plugin-style extension patterns that allow third-party MCP servers to integrate without code changes
5. Read vs. write MCP patterns for observability, automation, and feedback loops

The talk focuses on when and why to apply each pattern, common pitfalls, and architectural trade-offs. Attendees will leave with a mental model for designing MCP-based systems that scale from local experiments to ecosystem-level platforms, enabling agents, tools, and platforms to evolve independently while remaining interoperable.

Speakers

Guangya Liu

Executive Director, JPMorgan Chase

Guangya Liu is an Executive Director at JPMorgan Chase, focusing on AI observability, GPU optimization, and AI inference systems. He is also a seasoned open-source contributor and llm-d SIG observability lead, currently focused on projects such as llm-d, Kueue, and LlamaStack (OG... Read More →

From Tools to Platforms pdf

Tuesday May 19, 2026 11:55am - 12:35pm CDT
211A+B (Level Two)

Open AI & Data

Audience Experience Level Any
Slides Attached Yes

11:55am CDT

Harnessing Git's Superpowers for Code Navigation and Debugging - Matheus Bernardino, Qualcomm

Tuesday May 19, 2026 11:55am - 12:35pm CDT

200H (Level Two)

Beyond version control, git is an incredibly powerful code exploration and debugging toolkit hiding in plain sight. In this talk, we'll look under the hood at how git stores, references, and tracks data, and then leverage those internals in practical, real-world workflows to navigate and debug code.

We'll walk through hands‑on examples using tools such as reflog, blame, log -S/-G, pathspecs, grep, and bisect to answer questions developers face every day: Where did this behavior come from? Why is this code like this? and When did this bug appear?

We'll also discuss best practices for maintaining clean, informative git history; because well-crafted commits make these tools dramatically more effective. Whether you're new to git's advanced commands or already comfortable with the plumbing layer, you'll leave with actionable techniques to understand codebases faster and get more value from the tool you already use every day.

Speakers

Matheus Bernardino

Senior Software Engineer, Qualcomm

Matheus is a FLOSS developer, currently working with QEMU at Qualcomm. Prior to that, he has also contributed to the Linux kernel, and more extensively at Git, where he contributed to parallel checkout, git grep performance, sparse-checkout and other features. He is mostly interested... Read More →

OSSNA 2026 harnessing git's superpowers 1 pdf

Tuesday May 19, 2026 11:55am - 12:35pm CDT
200H (Level Two)

Open Source 101

Audience Experience Level Beginner
Slides Attached Yes

11:55am CDT

Beyond SBOMs: Making License Data Actionable With ClearlyDefined - Jamie Magee, Microsoft

Tuesday May 19, 2026 11:55am - 12:35pm CDT

200A (Level Two)

SBOMs tell you what's in your software. They don't tell you what you're allowed to do with it. License and attribution data is often missing or ambiguous -- a LICENSE file says MIT, but source files have Apache-2.0 headers. SBOM or not, you still don't know what to put in your notice file.

ClearlyDefined, an Open Source Initiative project, fills in that missing data. It runs automated license scans, then lets the community curate the results -- fixing misidentified licenses, adding missing attributions, and resolving conflicts between what a package claims and what its source files say.

In this session, I'll cover:

- Why SBOMs fall short on licensing: what's typically missing and where the gaps are worst
- How ClearlyDefined's harvest-curate pipeline works, with a walkthrough of tracing a component from ambiguous scan to curated definition
- How curations get contributed back upstream and why it matters for projects themselves, not just consumers

This talk is for anyone who's tried to build a license compliance workflow and found that the data isn't there yet.

Speakers

Jamie Magee

Principal Software Engineer, Microsoft

Jamie Magee is a principal software engineer on Microsoft's supply chain security team. He focuses on dependency management and Software Bill of Materials (SBOM).

slides pdf

Tuesday May 19, 2026 11:55am - 12:35pm CDT
200A (Level Two)

OSS Enabling & Management, Operations Management & OSPOs

Audience Experience Level Beginner
Slides Attached Yes

11:55am CDT

Package Testing Across Distributions and Architectures at Scale: A Molecule and QEMU Approach - Yash Panchal, Percona

Tuesday May 19, 2026 11:55am - 12:35pm CDT

200G (Level Two)

This session will demonstrate a scalable approach to testing Linux packages across multiple distributions and architectures using Molecule and QEMU/KVM.

Attendees will learn how to build automated testing pipelines that validate linux packages on diverse platforms including x86_64, ARM64, RHEL, Ubuntu, and Debian.

We'll cover practical implementation of Molecule test scenarios, integration with Jenkins CI/CD pipelines, efficient use of QEMU/KVM for multi-architecture testing, and image pre-baking strategies to significantly reduce test execution time.

The talk includes real-world examples from database and toolkit package testing at Percona, demonstration of creating optimized base images, comparisons with cloud instances, Docker and Firecracker alternatives, and best practices for maintaining test infrastructure.

Key takeaways: Setting up Molecule package testing frameworks, managing QEMU instances, implementing image pre-baking workflows, handling cross-architecture testing challenges, and achieving speed and cost savings in testing linux packages.

Speakers

Yash Panchal

SDET III, Percona

Yash Panchal is an SDET III at Percona, where he specializes in automating and testing database and toolkit packages across supported linux distributions and architectures.

A seasoned open-source speaker, Yash presented a session on package testing with Molecule and Jenkins at... Read More →

package testing at scale qemu kvm approach.key zip

Tuesday May 19, 2026 11:55am - 12:35pm CDT
200G (Level Two)

Packages + Images + Containers

Audience Experience Level Intermediate
Slides Attached Yes

11:55am CDT

Sponsored Session: Driftless: An Open Source Agentic Reconciliation Framework Proven At Scale - Manfred Moser, Chainguard

Tuesday May 19, 2026 11:55am - 12:35pm CDT

200I (Level Two)

Our new software factory framework adopts the reconciliation pattern and includes numerous bots that use traditional and agentic AI eval approaches. And since we are open sourcing the framework, reliable use of your own agentic reconciliation automation at massive scale could be your future too.

At Chainguard we build and maintain over 2000 unique containers, hundreds of thousands of package versions, and hundreds of CVE patch backports. Our old event-driven architecture was complex and brittle. We drowned in event notifications, brittle queues, duplicate build failures, work item conflicts and losses, and other problems. We had to rethink our approach.

In this session Manfred, open source veteran and author, shares details about a new specification-driven system called “Driftless” that increases efficiency and reliability at scale. A work queue is fed by events and tackled by a large number of bots. They constantly reconcile the discovered state changes from code repositories, security feeds, and other sources to the desired state - up to date containers with zero known CVEs. Manfred talks about our hard-earned lessons and how you can make the bots work for you as well.

**In order to facilitate networking and business relationships at the event, you may choose to visit a third party’s booth or access sponsored content. You are never required to visit third party booths or to access sponsored content. When visiting a booth or participating in sponsored activities, the third party will receive some of your registration data. This data includes your first name, last name, title, company, address, email, standard demographics questions (i.e. job function, industry), and details about the sponsored content or resources you interacted with. If you choose to interact with a booth or access sponsored content, you are explicitly consenting to receipt and use of such data by the third-party recipients, which will be subject to their own privacy policies.**

Speakers

Manfred Moser

Sr Principal Dev Rel Engineer, Chainguard

Manfred Moser is a Sr Principal DevRel Engineer at Chainguard, bringing a profound focus on software supply chain security to the open source world. A dedicated community leader and published author, his technical expertise spans decades as a software engineer and advocate. He has... Read More →

202605 open source summit na driftlessaf pdf

Tuesday May 19, 2026 11:55am - 12:35pm CDT
200I (Level Two)

Packages + Images + Containers

Audience Experience Level Intermediate
Slides Attached Yes

12:20pm CDT

Lightning Talk: Where Deployment Authority Lives: A Cloud Native Design Pitfall in GitOps - Kim Schaefer, Game Plan Tech

Tuesday May 19, 2026 12:20pm - 12:30pm CDT

200C (Level Two)

Many cloud-native GitOps systems quietly treat a Git merge as both a change proposal and a deployment authorization. While this works in low-risk environments, it collapses two very different responsibilities into a single decision. As systems grow more complex, that shortcut creates ambiguity around authorization, accountability, and audit trails that many environments simply cannot tolerate.

In this lightning talk, we’ll reframe that assumption as a cloud-native architectural concern, not just a tooling or security issue. Using GitOps as the example, we’ll look at how proposal, approval, and enforcement often become unintentionally coupled, and why that coupling makes it harder to reason about who is actually allowed to deploy.

The talk will walk through the architectural implications of letting Git act as the final authority, including where deployment decisions truly occur and how auditability and accountability can be lost when authority boundaries are unclear. We’ll then show how treating deployment authorization as a first-class architectural concept leads to clearer responsibility boundaries and more defensible cloud-native systems.

Speakers

Kim Schaefer

Senior DevOps Engineer, Game Plan Tech

Kim Schaefer is a Senior DevOps and Cloud Engineer specializing in Kubernetes, GitOps, and secure platform engineering. Kim designs and operates production Kubernetes platforms on Google Cloud, including approval-gated GitOps systems that balance automation with explicit deployment... Read More →

Where Deployment Authority Lives Google Slides pdf

Tuesday May 19, 2026 12:20pm - 12:30pm CDT
200C (Level Two)

cdCon

Audience Experience Level Intermediate
Slides Attached Yes

12:45pm CDT

Bring Your Lunch, We'll Bring Our Notebooks: Securing Software Workflows - Tabatha DiDomenico, G-Research Open Source; Kadi McKean, ReversingLabs; Stacey Potter, OpenSSF & Katherine Druckman, JetBrains

Tuesday May 19, 2026 12:45pm - 1:45pm CDT

200C (Level Two)

Somewhere along the way, the security ecosystem started asking you to add more steps, update more plugins, and generate more outputs without asking what that actually costs you.

We asked for feedback during a lunch time session at cdCon last year. The feedback was blunt, honest and exactly why we are back for this open-floor discussion hosted by the OpenSSF Developer Relations (DevRel) community. No slides, no demos, no pitches. This is a no-shame venting session with purpose; bring your lunch, your coffee, and your honest feedback. We want to hear from the people implementing and operating these tools. Share where security tools are missing the mark and what's standing between "this is a good idea" and "this is actually working for us."

This session leads directly into sessions with OpenSSF project maintainers, so the people who can act on your feedback will already be in the room.

Speakers

Katherine Druckman

Head of Community and Partnership Engagement, JetBrains

Katherine Druckman is a senior technologist, speaker, and longtime advocate for open ecosystems. She specializes in developer experience, combining software ecosystem strategy, content creation, and community building, grounded in a foundation of hands-on software engineering experience... Read More →

Tabatha D.

OSS Security Engineer, G-Research Open Source

Tabatha DiDomenico is part of the Open Source team at G-Research focusing on supply chain security, secure open source practices, and community and developer relations.

Tabatha is president of Security BSides Orlando, co-host of the GR-OSS Out podcast and holds an MS in Cybersecurity from the University of South Florida. She has spoken at conferences including Black Hat Tools Arsenal, SOSS Fusion, ShmooCon, and Grace Hopper Celebration... Read More →

Kadi McKean

OSS Community Manager, ReversingLabs

Kadi is passionate about the DevOps / DevSecOps community since her days of working with COBOL development and Mainframe solutions. At ReversingLabs she collaborates with developers and security researchers to help entities prioritize their open source risk, reduce technical debt... Read More →

Stacey Potter

Community Manager, OpenSSF

OSS NA cdCon 2026 OpenSSF Lunch Feedback Session Slides pdf

Tuesday May 19, 2026 12:45pm - 1:45pm CDT
200C (Level Two)

cdCon

Audience Experience Level Any
Slides Attached Yes

1:15pm CDT

LF Education Learning Lounge: Don’t Cross Wires - Cross-Skill: Aligning Teams Around Smart Learning Paths

Tuesday May 19, 2026 1:15pm - 1:25pm CDT

Solutions Showcase, Ballroom A+B (Level One)

10-Minute Tip Talk

Location: LF Education Learning Lounge at the Solutions Showcase

**In order to facilitate networking and business relationships at the event, you may choose to visit a third party’s booth or access sponsored content. You are never required to visit third party booths or to access sponsored content. When visiting a booth or participating in sponsored activities, the third party will receive some of your registration data. This data includes your first name, last name, title, company, address, email, standard demographics questions (i.e. job function, industry), and details about the sponsored content or resources you interacted with. If you choose to interact with a booth or access sponsored content, you are explicitly consenting to receipt and use of such data by the third-party recipients, which will be subject to their own privacy policies.**

Speakers

Mary Campbell

Senior Manager, Education Solutions, Linux Foundation Education

Randi Armour

Account Executive, Educational Solutions, Linux Foundation Education

OSSNA26 Maps VenueMap 1 pdf

OSSNA26 Maps ExpoHall 1 pdf

Tuesday May 19, 2026 1:15pm - 1:25pm CDT
Solutions Showcase, Ballroom A+B (Level One)

Special Events / Exhibits / Breaks

Slides Attached Yes

2:10pm CDT

Security Things: How OpenSSF’s Technical Initiatives Keep You Safe From the Upside Down! - Stacey Potter, OpenSSF & Katherine Druckman, JetBrains

Tuesday May 19, 2026 2:10pm - 2:40pm CDT

200C (Level Two)

As a sister foundation to the Continuous Delivery Foundation (CDF) under the auspices of The Linux Foundation, the Open Source Security Foundation’s (OpenSSF) mission is to make it easier to sustainably secure the development, maintenance, release, and consumption of open source software (OSS). This includes fostering collaboration within and beyond the OpenSSF, establishing best practices, and developing innovative solutions.

In this hour long session, we’ll connect real problems to OpenSSF solutions, then invite OpenSSF Working Group Leads and Project Maintainers to demo their respective projects in shortlightning rounds that show you how they’ll make your DevOps, CI/CD, or Platform Engineering lives easier to secure!

Speakers

Stacey Potter

Community Manager, OpenSSF

Katherine Druckman

Head of Community and Partnership Engagement, JetBrains

OSS NA cdCon 2026 OpenSSF Security Things Project Presentations Slides pdf

Tuesday May 19, 2026 2:10pm - 2:40pm CDT
200C (Level Two)

cdCon

Audience Experience Level Beginner
Slides Attached Yes

2:10pm CDT

From Malloc To Box: A Practical Guide To Rustification - Christina Quast, Independent

Tuesday May 19, 2026 2:10pm - 2:50pm CDT

208C+D (Level Two)

Moving from the manual memory management of C to the strict ownership model of Rust is more than a syntax swap; it is a fundamental shift in engineering philosophy. This talk provides a pragmatic roadmap for developers navigating this transition. We move beyond the academic "why" of memory safety to dive deep into the "how" of refactoring legacy systems. The session explores the practicalities of Rustification, comparing the pitfalls of malloc and free, such as use-after-free and double-free vulnerabilities, with the compile-time guarantees provided by Rust’s Box, Arc, Borrow Checker and the Drop checker. Furthermore, we tackle how to translate manual pointer arithmetic into safe abstractions, practical strategies for using the Foreign Function Interface (FFI) to let Rust and C coexist during a gradual migration, and a real-world walk through of the "Rustification" of a C kernel module.

Target audience: Embedded Linux and kernel engineers with a foundational understanding of C driver concepts (like pointers and module structures). No prior Rust experience is required; the talk focuses on the practical type-system and architectural strategies used to safely bridge the two languages.

Speakers

Christina Quast

Embedded Systems Engineer, $NONE

After finishing her master's degree in Electrical Engineering at TU Berlin, Christina is currently working as an Embedded Systems Engineer at for various companies. In her spare time, she submits patches to the Linux Kernel or learns new programming languages.

OSS NA26 From malloc to Box pdf

Tuesday May 19, 2026 2:10pm - 2:50pm CDT
208C+D (Level Two)

Embedded Linux Conference

Audience Experience Level Intermediate
Slides Attached Yes

2:10pm CDT

Practical Insights Into Interactive Debugging of Linux MMC Block Device Drivers - Akhilesh Patil, Amazon

Tuesday May 19, 2026 2:10pm - 2:50pm CDT

208A+B (Level Two)

Transitioning from bare-metal firmware development to Linux kernel development presents unique challenges, particularly in debugging methodologies. Traditional approaches such as halting execution via JTAG alone may not straightforwardly work for embedded Linux.

In this presentation we talk about challenges I faced and techniques I came across to debug Linux MMC block device drivers interactively using tools such as T32/GDB debuggers on embedded systems. This talk briefly covers MMC driver and block layer interactions and key golden breakpoints to use for MMC bus driver debugging. I will also discuss tools and techniques to take full control of eMMC block drivers, generating block IO requests as needed, setting up triggers and probing signals on an oscilloscope for detailed waveform level debugging.

key topics: Embedded Linux setup for interactive debug (single CPU, KASLR, WDT, ramfs, RCU, softlocks), strategic SDHCI breakpoints, GPIO-triggered oscilloscope capture signals, handling filesystem mounts; leveraging mmc_test module for generating controlled transactions for debug.

Speakers

AKHILESH PATIL

Embedded Software Developer, Amazon

Akhilesh is an embedded software engineer at Amazon working with the devices Linux kernel team. He is working on various BSP packages including linux drivers, runtime firmware and bootloaders. He has a background of Electrical and Electronics Engineering and is passionate about embedded... Read More →

ELC mmc akhilesh NA pdf

Tuesday May 19, 2026 2:10pm - 2:50pm CDT
208A+B (Level Two)

Embedded Linux Conference

Audience Experience Level Any
Slides Attached Yes

2:10pm CDT

Automating Linux Kernel Crash Analysis With LLMs - Chris Arges, Cloudflare

Tuesday May 19, 2026 2:10pm - 2:50pm CDT

205C+D (Level Two)

This talk explores using Large Language Models (LLMs) to automate Linux kernel crashdump analysis at scale. At Cloudflare, we operate Linux across hundreds of thousands of servers. At this scale, kernel crashes are inevitable.
Typical crash analysis requires deep kernel expertise and significant time investment, slowing down time to resolution.
I'll share our journey building an LLM-powered agent that performs initial crash analysis autonomously. First, I'll cover our infrastructure for collecting and managing crashdumps across our fleet. Then I'll explain crashdump analysis fundamentals: using the crash utility, interpreting stack traces, identifying common failure patterns, and correlating crashes with kernel subsystems.
This talk focuses on teaching an LLM agent to replicate expert analysis workflows. I'll show how we structured prompts and created skills. I'll show examples of the agent analyzing real crashes.

Speakers

Chris Arges

Senior Systems Software Engineer, Cloudflare

Currently a Senior Systems Software Engineer at Cloudflare. I like to build things. I have a master's degree in Computer Engineering and 18 years of experience in software development and leadership both writing code and leading teams.

My mission is to make the world better where I can. Through my work I want to make the Internet more secure and reliable for everyone. In my free time I enjoy coaching and inspiring a future generation to grow, innovate and create a better world... Read More →

automating linux kernel analysis pdf

Tuesday May 19, 2026 2:10pm - 2:50pm CDT
205C+D (Level Two)

Linux

Audience Experience Level Intermediate
Slides Attached Yes

2:10pm CDT

Headroom: A Context Optimization Layer for LLM Applications - Tejas Chopra, Netflix, Inc.

Tuesday May 19, 2026 2:10pm - 2:50pm CDT

211A+B (Level Two)

LLM tokens are expensive. With context windows expanding to 200K+ tokens, a single API call can cost several dollars & in production systems handling thousands of requests, these costs compound quickly.
Most optimization efforts focus on model selection or prompt engineering, but the context itself often contains massive redundancy.

Headroom is an open-source Python library (https://github.com/chopratejas/headroom) that sits between your application and your LLM provider, transparently optimizing context before it reaches the model.
The core insight is simple: LLM contexts—especially in agentic workflows—are filled with repetitive tool outputs, verbose JSON arrays, and boilerplate that consumes tokens without adding proportional value

Headroom introduces novel concepts such as reversible compression, cache aligners, compression routers, and even persistent memory

Real-world results:
- 50-90% token reduction on typical agentic workloads
- Drop-in integrations for LangChain, OpenAI, Anthropic, and any OpenAI-compatible provider
- Zero code changes required when using the proxy server

Speakers

Tejas Chopra

Sr. Engineer, Netflix, Inc.

Tejas Chopra is a senior ML and AI infrastructure Engineer at Netflix, where he builds large-scale systems for production AI and data platforms. He is the creator of Headroom, an open-source context optimization engine for LLMs, and a frequent speaker at global conferences on ML systems... Read More →

Headroom — Open Source Summit NA 2026 pdf

Tuesday May 19, 2026 2:10pm - 2:50pm CDT
211A+B (Level Two)

Open AI & Data

Audience Experience Level Advanced
Slides Attached Yes

2:10pm CDT

Uncouth Users, Dopey Developers and Crazy Cryptographers OR Why It's Never the Architect's Fault - Mike Bursell, Confidential Computing Consortium & Christopher Robinson, OpenSSF

Tuesday May 19, 2026 2:10pm - 2:50pm CDT

200H (Level Two)

In this session, two jaded cybersecurity architects will present a taxonomy of personae who passively or actively get in the way of good security, explain why it's all definitely your fault and express frustration that the Golden Age of Cybersecurity[tm] is always eluding their grasp. With examples and humour/humor (if they can agree on a spelling), your hosts will encourage you to do better next time and point out all the obvious (to them) things you've been doing wrong all these years. And why open source would fix all of them. Almost.

Speakers

Mike Bursell

Executive Director, Confidential Computing Consortium

Mike Bursell is the Executive Director of the Confidential Computing Consortium. He is one of the co-founders of the Enarx project (https://enarx.dev), and was CEO and co-founder of Profian, a start-up based on Enarx. He currently holds advisory board roles with various start-ups... Read More →

Christopher "CRob" Robinson

Chief Architect - OpenSSF, OpenSSF

Christopher Robinson (aka CRob) is the Chief Security Architect for the Open Source Security Foundation. With over 25 years of Enterprise-class engineering, architectural, operational and leadership experience, CRob has worked at several Fortune 500 companies with experience in the... Read More →

Uncouth Users OSS NA26 pdf

Tuesday May 19, 2026 2:10pm - 2:50pm CDT
200H (Level Two)

Open Source 101

Audience Experience Level Any
Slides Attached Yes

2:10pm CDT

Architecting for Onboarding: Building a "Docs-as-Code" Pipeline for Open Source Sustainability - Sai Sravan Cherukuri, Independent Contributor

Tuesday May 19, 2026 2:10pm - 2:50pm CDT

200E (Level Two)

In open source, a project's survival depends on its contributor funnel. If developers can't build, test, or grasp your project in the first ten minutes, they'll leave. Documentation is the primary interface for that experience, but is often the most neglected part of the repository.
This session goes past the basic README to show how maintainers can set up a clear Documentation Development Life Cycle. We will explore the 'Docs-as-Code' idea, treating documentation like code by keeping it in Git, peer-reviewing it, and checking it with CI/CD pipelines.
Key takeaways include:
The Pipeline: Setting up automated linters (Vale, Markdownlint) to enforce style and technical accuracy.
The Process: Make sure every new feature includes updated documentation to prevent it from becoming outdated.
The Community: Learn ways to help non-coders contribute, and manage docs with people all over the world.
Join this session to learn actionable steps you can implement right away to make your open-source project more welcoming, robust, and future-proof. Start applying these strategies today and transform your documentation process.

Speakers

Sai Sravan Cherukuri

Open-Source Enthusiast and DevSecOps Architect, Independent Contributor

Engineering for Accessibility: The Human Element of Infrastructure
Sai Sravan is an architect of systems and a champion for the people who build them. As a dedicated open-source advocate, Sai bridges the gap between high-level technical development and community accessibility, ope... Read More →

Invisible Mentor Presentation Final pptx

Tuesday May 19, 2026 2:10pm - 2:50pm CDT
200E (Level Two)

OSS Enabling & Management, Technical Documentation

Audience Experience Level Intermediate
Slides Attached Yes

2:10pm CDT

Package Managers Metadata and Cross Ecosystem Projects in the Era of SBOMs - Damián Vicino, Datadog

Tuesday May 19, 2026 2:10pm - 2:50pm CDT

200G (Level Two)

Package managers do more than resolve dependencies—they shape how software and its metadata are distributed across the ecosystem. While they simplify development, they also introduce large, fast-moving transitive dependency trees that are rarely inspected in depth.
Despite evolving independently, most package managers share a common model: distributing artifacts alongside metadata. Yet metadata formats, completeness, and quality vary widely across ecosystems, creating challenges for security analysis, compliance, and supply chain risk management—especially in today’s hybrid, multi-language environments.
This talk examines how package metadata is increasingly used beyond builds, powering vulnerability management, license compliance, and Software Bill of Materials (SBOM) generation through standards such as SPDX and CycloneDX.
Based on the results from the first year of work from the CHAOSS Package Metadata Working Group—an analysis of more than 40 package managers—we’ll share emerging best practices, gaps we’ve identified, and recommendations for both new and existing ecosystems to improve metadata quality, interoperability, and transparency.

Speakers

Damián Vicino

Senior Open Source Specialist, Datadog

Damian Vicino is a Senior Open Source Specialist at Datadog’s OSPO and an Adjunct Research Professor at Carleton University. He began contributing to open source in the early 2000s, leading a local BSD user group and collaborating with a team on five BSDday Argentina events. He... Read More →

OSSNA26 PACKAGE MANAGERS METADATA AND CROSS ECOSYSTEM PROJECTS IN THE ERA OF SBOMS pdf

Tuesday May 19, 2026 2:10pm - 2:50pm CDT
200G (Level Two)

Packages + Images + Containers

Audience Experience Level Any
Slides Attached Yes

2:10pm CDT

Unified Autonomy Stack - Nikhil Khedekar & Kostas Alexis, Norwegian University of Science and Technology

Tuesday May 19, 2026 2:10pm - 2:50pm CDT

200D (Level Two)

This session introduces the open-source Unified Autonomy Stack (https://github.com/ntnu-arl/unified_autonomy_stack), a containerized, system-level solution enabling robust autonomy across diverse aerial and ground robot morphologies. The architecture centers on three modules -multi-modal perception, multi-stage planning, and multi-layered safety mechanisms- that together deliver end-to-end mission autonomy. Resulting behaviors include safe navigation into unknown regions, exploration of complex environments, and efficient inspection planning. The stack has been validated on multiple multirotor platforms and legged robots operating in GNSS-denied and perceptually degraded environments, demonstrating resilient performance in demanding conditions. To facilitate ease of adoption and extension, we additionally release a reference hardware design that integrates a full multi-modal sensing suite, time-synchronization electronics, and high-performance compute capable of running the entire ROS-based stack while leaving headroom for further development. Strategically, we aim to expand the Unified Autonomy Stack to cover most robot configurations across air, land, and sea.

Speakers

Nikhil Khedekar

Postdoctoral Researcher, Autonomous Robots Lab, Norwegian University of Science Technology (NTNU)

Nikhil Khedekar is a postdoctoral researcher in the Autonomous Robots Lab at the Norwegian University of Science and Technology (NTNU) leading the team’s perception research. Previously, he also led the development of LiDAR based estimation in ScoutDI AS and participated in the... Read More →

Kostas Alexis

Professor, Norwegian University of Science and Technology

Prof. Dr. Kostas Alexis is Professor of Robotics at NTNU, head of the Autonomous Robot Lab, and Director of the Norwegian Centre for Embodied AI. His research advances resilient robotic autonomy (intelligence & morphology) for high-risk, uncertain environments, spanning control, sensor... Read More →

Unified Autonomy Stack pdf export pdf

Tuesday May 19, 2026 2:10pm - 2:50pm CDT
200D (Level Two)

PX4 Dev Summit

Audience Experience Level Any
Slides Attached Yes

3:00pm CDT

GitOps Gone Wild: Hardening Delivery Pipelines for the AI Era - Julien Semaan, Kubex & Corey McGalliard, Akamai

Tuesday May 19, 2026 3:00pm - 3:20pm CDT

200C (Level Two)

GitOps promises safety and automation, but it will faithfully ship your mistakes at scale. With AI-assisted coding and emerging autonomous agents in the loop, those mistakes now move faster than humans can fully reason about their impact.

This talk dissects real-world GitOps failures where tiny configuration changes triggered outages, overly trusted pipelines amplified risk, and AI-generated patches were merged without understanding their consequences. None of these incidents were tooling failures. They were safety failures.

We’ll show how teams put guardrails back in place by enforcing policy before merge, using progressive rollouts to contain blast radius, applying Crossplane constraints to keep infrastructure changes reversible, and adding automated verification gates that catch problems before they reach production.

Speakers

Corey McGalliard

Engineering Manager, Akamai Cloud

My team and I power and protect life online by building an internal, opinionated Kubernetes platform that meets Akamai's change-safety, security, and compliance expectations while delivering an excellent developer experience. I'm interested in distributed computing and platform engineering... Read More →

Julien Semaan

Head of k8s Engineering @Kubex | CNCF TAG DevEx Tech Lead, Kubex

Julien is the Head of Kubernetes Engineering at Kubex and a Tech Lead with the CNCF TAG for Developer Experience. With deep roots in open source and cloud-native systems, he has been working with Kubernetes since 2017 and has led multiple product transitions to cloud-native archi... Read More →

GitOps Gone Wild Hardening Delivery Pipelines for the AI era pdf

Tuesday May 19, 2026 3:00pm - 3:20pm CDT
200C (Level Two)

cdCon

Audience Experience Level Any
Slides Attached Yes

3:05pm CDT

Microseconds Matter: Benchmarking Thread Synchronization - Gautham Ponnu, The MathWorks

Tuesday May 19, 2026 3:05pm - 3:45pm CDT

208A+B (Level Two)

This talk aims to analyze the performance of most common Linux synchronization primitives under PREEMPT_RT, comparing their behavior across a range of workloads. We’ll explore how each primitive scales with thread count, handles contention, and impacts determinism. Expect graphs, latency histograms, and a few surprises. If you’re building real-time systems or tuning performance, this session will help you make smarter, faster, and safer decisions.

Speakers

Gautham Ponnu

Principal Software Engineer & Manager of Engineering, The MathWorks

Gautham Ponnu is a Principal Software Engineer for Real-Time Systems at MathWorks, where he leads development of real-time simulation and hardware-in-the-loop testing tools. With over a decade of experience in embedded and real-time systems, Gautham specializes in real-time synchronization... Read More →

Microseconds Matter: Gautham Ponnu pdf

Tuesday May 19, 2026 3:05pm - 3:45pm CDT
208A+B (Level Two)

Embedded Linux Conference

Audience Experience Level Intermediate
Slides Attached Yes

3:05pm CDT

Secure Boot for Embedded Linux: Explained in Simple Words - Roy Jamil, Ac6

Tuesday May 19, 2026 3:05pm - 3:45pm CDT

208C+D (Level Two)

Secure Boot is often described using cryptography-heavy terminology, vendor-specific flows, and complex diagrams that make it intimidating for embedded developers.
This talk explains Secure Boot for embedded Linux systems from first principles, using simple language and clear mental models.

We start by answering why Secure Boot exists, then walk step by step through the boot process. Concepts like Root of Trust and signature verification are explained without assuming prior security or cryptography background.

The session focuses on what actually happens at boot time, not on vendor marketing or abstract theory. Real-world examples from common embedded Linux systems are used to illustrate how Secure Boot is implemented and where it can fail if misunderstood.

By the end of the talk, attendees will be able to explain Secure Boot in their own words, understand its guarantees and limitations, and reason about Secure Boot designs in real embedded products.

Speakers

Roy Jamil

Embedded Systems Trainer, Ac6

Roy Jamil, with a PhD in the field of Asymmetric Multiprocessing (AMP) and real-time embedded systems, has over six years of experience as a Training Engineer at Ac6. He trains hundreds of engineers annually. His experience includes programming, Linux, drivers, Yocto, and various... Read More →

Secure Boot for Embedded Linux Explained in Simple Words Roy Jamil AC6 pdf

Tuesday May 19, 2026 3:05pm - 3:45pm CDT
208C+D (Level Two)

Embedded Linux Conference

Audience Experience Level Beginner
Slides Attached Yes

3:05pm CDT

Fork, Explore, Commit: Linux Primitives for AI Agents Exploration - Cong Wang, Multikernel Technologies & Yusheng Zheng, eunomia-bpf

Tuesday May 19, 2026 3:05pm - 3:45pm CDT

205C+D (Level Two)

AI agents don’t execute a single path, they explore many. They try different code changes, commands, or configurations in parallel, then keep the one that works. Today, running this safely on Linux requires fragile combinations of temp directories, git tricks, containers, or VM snapshots.

This talk introduces branch contexts, a new Linux execution model built for AI agents. A branch context gives each exploration path an isolated, copy-on-write filesystem and coordinated process group, with a simple lifecycle: fork, explore, commit or abort. The first successful branch commits atomically; all others are automatically invalidated.

We present two Linux implementations: BranchFS, a FUSE-based branching filesystem with O(1) branch creation and atomic commit without root privileges, and branch(), a proposed Linux syscall that composes filesystem branching, namespaces, and process lifecycle management into a single atomic operation.

We’ll explain why existing Linux mechanisms fall short for agent workloads and how fork/explore/commit semantics fit naturally into the future of Linux process and filesystem design.

Speakers

Cong Wang

Founder and CEO, Multikernel Technologies

Yusheng Zheng

OSS developer, eunomia-bpf

Yusheng Zheng is an OSS maintainer and researcher focused on systems understanding and extensions. As a co-founder of the eunomia-bpf community and a PhD student, Yusheng integrates eBPF and AI to enhance the Linux kernel and userspace applications. Yusheng frequently presents these... Read More →

branchcontext slides pdf

Tuesday May 19, 2026 3:05pm - 3:45pm CDT
205C+D (Level Two)

Linux

Audience Experience Level Intermediate
Slides Attached Yes

3:05pm CDT

The Code Is the Contract: How Linux's Architecture Sheds Light on GPL Compliance - Sabir Ibrahim, Dev Legal

Tuesday May 19, 2026 3:05pm - 3:45pm CDT

200H (Level Two)

This session demystifies the GPL by exploring the "architecture of intent"—the deliberate design choices made by kernel maintainers that define the legal boundaries between open source code licensed under the GPL and closed source code that may interface with the Linux kernel while maintaining its own licensing. As a lawyer with a deep interest in open source software and expertise in OSS licensing and compliance, I will bridge the gap between code and copyright. My goal is to provide developers with a practical framework for navigating GPL compliance as it pertains to Linux.

This talk is designed specifically for a technical audience. It is not a dry legal lecture. Instead, it is a practical, developer-focused guide that uses code, architecture, and real-world examples to illuminate complex legal concepts. We will walk through three common scenarios where proprietary software interfaces with the Linux kernel, analyzing each from both a technical and legal perspective.

Attendees will leave with the ability to identify high-risk integration patterns and make more informed development decisions.

Speakers

Sabir Ibrahim

Managing Attorney, Dev Legal

Sabir is an attorney and OSS enthusiast. He has advised clients ranging from startups to Fortune 50 companies on issues relating to OSS. He is a former associate at the law firm of Greenberg Traurig, a former corporate counsel at Amazon, and a former senior counsel at Roku.

Sabir has his own law practice, Dev Legal, and is co-founder of Chinstrap Community. Chinstrap Community is a free resource center for entrepreneurs, investors, and others interested in OSS entrepreneurship... Read More →

LF Talk The Code Itself is the Contract... Or is it pdf

Tuesday May 19, 2026 3:05pm - 3:45pm CDT
200H (Level Two)

Open Source 101

Audience Experience Level Intermediate
Slides Attached Yes

3:05pm CDT

Tiny Repos, Big Impact: Level Up Through Open-Source Teaching - Katie Kodes, Independent

Tuesday May 19, 2026 3:05pm - 3:45pm CDT

200E (Level Two)

When you approach your public code repositories with teaching as the primary goal -- designing them specifically to help others learn -- you transform simple code sharing or tech blogging into open-source teaching.

Discover how documenting your technical learning journey through small, focused open-source projects can accelerate your learning, establish your expertise, and create value for both the open-source community and enterprise development teams.

Examples of my adventures in open-source teaching include:

* A 32-line working web application, and its 41-line fork that, in 9 lines, adds automated unit tests.
* A fully-CI/CD-tested OpenTofu module in less than 100 lines of code.

In this session, you'll learn practical strategies for right-sizing demo repos, choosing the right platforms for sharing, and capturing the unique value of your "beginner's mind" to help others learn.

Speakers

Katie Kodes

DevOps Architect

Katie is a DevOps architect who brings clarity to complex technical challenges across the entire stack. With experience ranging from infrastructure to front-end development, she helps teams build reliable, observable systems that deliver real business value. A passionate educator... Read More →

Katie Kodes Open Source Summit 2026 Slides pdf

Tuesday May 19, 2026 3:05pm - 3:45pm CDT
200E (Level Two)

OSS Enabling & Management, Technical Documentation

Audience Experience Level Any
Slides Attached Yes

3:05pm CDT

What Are You Willing To Digest? Multi Arch Container Image Security and Best Practice - Evans Yeboah Jr., VideoAmp

Tuesday May 19, 2026 3:05pm - 3:45pm CDT

200G (Level Two)

Deploying apps in containers is easier than ever, but securing the image these containers come from is a dynamic security problem that on its surface has no single best answer. So when it comes to what risk you may face and what risk you are willing to accept, one of the questions that may come up is if snowflake-y multi architecture risks are something you are willing to digest?

With multi arch images, based on the system it is deployed to, its vulnerabilities profile may look different than any of the other supported systems. So in this talk I will be demonstrating a security tool agnostic way to handle identifying and remediating these threats. I will go through how anyone (at any level of security experience) can automate container security across pipelines without slowing down development. Attendees will walk away with a new understanding of the importance of minimizing exposure to these risks, as well as a clearer understanding of the layered setup of multi arch container images (index manifest, platform manifest, and image manifest). And without a doubt, walk away with container image security and not unmanaged risk, something they are willing to digest.

Speakers

Evans Yeboah Jr.

Senior Security Engineer, VideoAmp

Cyber security and AI security enthusiasts who likes to build stuff but also make sure it's secure. Engineer by day and baker by night, honing both crafts by failing forward every day.

Open Source Summit 2026 What Are You Willing to Digest pdf

Tuesday May 19, 2026 3:05pm - 3:45pm CDT
200G (Level Two)

Packages + Images + Containers

Audience Experience Level Beginner
Slides Attached Yes

3:05pm CDT

Talking To Drones: Natural Language Control of PX4 Using a Phone, MCP, and ChatGPT Realtime API - Godfrey Nolan, RIIS LLC

Tuesday May 19, 2026 3:05pm - 3:45pm CDT

200D (Level Two)

PX4-based drones are powerful, but interacting with them typically requires specialized ground control software and trained operators. This talk presents a new interaction model: controlling and querying a PX4 drone using natural language from a standard mobile phone.

The system combines a Model Context Protocol (MCP)–style interface (inspired by ROS 2 MCP implementations) to expose PX4 capabilities as structured, machine-readable commands, with OpenAI’s real-time ChatGPT API to interpret user intent. A phone call or voice interaction—handled via Twilio—becomes the primary user interface, allowing operators to issue commands such as “take off to 10 meters,” “orbit that location,” or “what’s your battery state?” and receive immediate spoken feedback.

The talk will cover:

* How PX4 commands, telemetry, and state are exposed through an MCP-like abstraction
* Real-time bidirectional communication between phone, AI model, and drone using Twilio and RealTime API
* Safety considerations, command validation, and constraints when using AI-mediated control
* Practical use cases, fly missions, object detection all using hands free control
* Lessons learned, what worked and didn't work

Speakers

Godfrey Nolan

President, RIIS LLC

Godfrey Nolan is founder and president of RIIS LLC a mobile development firm in the Detroit Metro area. He is also author of Agile Swift (Apress), Agile Android (Apress), Bulletproof Android (Pearson), Android Best Practices (Apress), Decompiling Java (Apress) and Decompiling Android... Read More →

Fly Drone with a Phone Call pdf

Tuesday May 19, 2026 3:05pm - 3:45pm CDT
200D (Level Two)

PX4 Dev Summit

Audience Experience Level Intermediate
Slides Attached Yes

3:25pm CDT

Lightning Talk: Taking a U-Turn for Caches: Moving Back From Remote To Local - Aditya Mohan, Amazon

Tuesday May 19, 2026 3:25pm - 3:35pm CDT

200F (Level Two)

With the growth of CPU compute and larger memory heaps, many cloud-native workloads that traditionally relied on remote caches like Redis and Memcached can now benefit from in-process caching using open source libraries.

In this session, we focus on Java-based cloud-native services and show how local caches, such as Caffeine, can colocate cache with application logic, reducing network overhead, simplifying consistency management, and improving latency. Drawing on large-scale production experience, we’ll explore cache invalidation, freshness guarantees, near-cache patterns, and scalability trade-offs, along with practical lessons for handling staleness, TTLs, and other caching challenges while reducing operational complexity and cost.

Finally, we’ll discuss how emerging open source tools like Databricks’ Dicer apply these caching and orchestration principles at scale for real-time services, representing the next frontier. Attendees will learn methods to design low-latency, high-throughput, maintainable, and cost-efficient caching solutions for cloud-native architectures using open source tools.

Speakers

Aditya Mohan

Senior Machine Learning Engineer, Amazon

Aditya Mohan is a Senior Machine Learning Engineer at Amazon Advertising with 11+ years of experience and tech lead for agentic advertiser campaigns. He specializes in large-scale ML and semantic search, using LLMs and LangGraph to optimize campaigns and ensure observability, accountability... Read More →

Tuesday May 19, 2026 3:25pm - 3:35pm CDT
200F (Level Two)

Cloud + Orchestration

Audience Experience Level Intermediate
Slides Attached Yes

4:20pm CDT

Hardening QEMU With Self-Correcting Fuzzing Pipelines - Navid Emamdoost, Google

Tuesday May 19, 2026 4:20pm - 5:00pm CDT

200F (Level Two)

This session explores a dual-phase strategy for hardening the QEMU Virtual Machine Monitor (VMM) through advanced fuzzing and AI-driven automation. We begin by detailing a manual hardening effort that expanded QEMU’s testing surface from 18 to 60 active targets, increasing device line coverage by more than 30%. While effective, manual target creation is a resource-intensive process that struggles to scale across the hundreds of virtualized devices supported by QEMU.

To address these scaling challenges, we introduce an AI-driven agentic pipeline designed to automate the generation and validation of fuzzing targets. This system leverages Large Language Models (LLMs) to analyze device source code and memory regions, generating candidate C++ targets for the QEMU fuzzing engine.

We will discuss the implementation of a self-correcting feedback loop where the agent captures compilation and runtime errors to iteratively refine its output until a stable target is produced. Attendees will see how this approach aims to reach >80% device line coverage by automating the remaining hardware targets that currently lack dedicated fuzzing.

Speakers

Navid Emamdoost

Software Engineer, Google

Navid Emamdoost is a Software Engineer at Google focused on infrastructure security. He holds a PhD from the University of Minnesota, where his research uncovered over 200 Linux kernel bugs and 40 CVEs. His career includes maintaining OSS-Fuzz for open source projects and hardening... Read More →

OSS NA 2026 pdf

Tuesday May 19, 2026 4:20pm - 5:00pm CDT
200F (Level Two)

Cloud + Orchestration

Audience Experience Level Intermediate
Slides Attached Yes

4:20pm CDT

Optimize Linux Kernel To Fit Microcontrollers With 1 MB RAM - Jim Huang & Chisheng Chen, National Cheng Kung University

Tuesday May 19, 2026 4:20pm - 5:00pm CDT

208C+D (Level Two)

Running the Linux kernel on microcontrollers with severely constrained RAM has long been viewed as impractical. Conventional embedded Linux builds still assume tens of megabytes of memory, excluding a wide class of resource-limited hardware such as Arm Cortex-M and certain Cortex-R devices. This talk presents recent work on adapting and optimizing the Linux kernel to operate within a 1 MB RAM budget.

We examine the challenges of reducing Linux’s memory footprint for microcontroller-class systems and the techniques that enable Linux to run in sub-megabyte environments. Topics include:
* Memory profiling of core kernel subsystems
* Removing or deferring optional features to reduce RAM usage
* Streamlining kernel image layout and data structures
* Adjusting build configurations and boot flow for extreme constraints
* Runtime trade-offs between functionality and footprint

The session demonstrates how mainline Linux can be reshaped to fit far smaller footprints than traditionally assumed. This approach expands the reach of embedded Linux and provides practical strategies for optimizing memory usage on highly constrained platforms.

Speakers

Jim Huang

Assistant Professor, National Cheng Kung University

Drawing from his contributions to the Android Open Source Project (AOSP), Jim specializes in real-time performance tuning and optimization of Linux-based automations. Additionally, he is a co-founder of the LXDE project, a lightweight desktop environment widely utilized in embedded... Read More →

Chisheng Chen

Student, National Cheng Kung University

Chisheng Chen, a.k.a rota1001, is an embedded system developer transitioned from a CTF player. These days, he wrote firmwares on some microcontrollers and did some DOOM and Linux ports. He is currently pursuing the B.S. degree in Computer Science in National Cheng Kung University... Read More →

linux on 1MB mcu pdf

Tuesday May 19, 2026 4:20pm - 5:00pm CDT
208C+D (Level Two)

Embedded Linux Conference

Audience Experience Level Intermediate
Slides Attached Yes

4:20pm CDT

The Hidden Cost of Sleep: How Scheduler Wakeup Latency Impacts High-Throughput AI Inference - Shubhang Kaushik, Ampere Computing

Tuesday May 19, 2026 4:20pm - 5:00pm CDT

205C+D (Level Two)

As a Linux Kernel Developer at Ampere Computing, I focus on optimizing the scheduler for high-density ARM64 systems. My work culminates in a patch merged for the Linux 7.0 release that refines avg_idle tracking a critical metric the scheduler uses to decide how long to search for an idle CPU before giving up. In my session "The Hidden Cost of Sleep", I will break down the try_to_wake_up() path to show how even minor inaccuracies in idle-time accounting lead to poor CPU selection and increased cache misses. I’ll explain how my Linux 7.0 optimizations [commit
36ae1c45b2cede] specifically reduce the 'search cost' during wakeups, directly improving the responsiveness of AI inference workloads. By sharing raw performance data and trace analysis, I’ll demonstrate why getting the wakeup path right is the only way to achieve the deterministic performance needed for autonomous AI agents and scalable trust infrastructure.

Speakers

Shubhang Kaushik

Software Engineer, Ampere Computing

Linux Kernel Developer

LF OSSNA Linux Scheduler Presentation pdf

Tuesday May 19, 2026 4:20pm - 5:00pm CDT
205C+D (Level Two)

Linux

Audience Experience Level Advanced
Slides Attached Yes

4:20pm CDT

A Fun Overview of the Argo Ecosystem - Aaron Teague, UVNV

Tuesday May 19, 2026 4:20pm - 5:00pm CDT

200H (Level Two)

Many hear the word "Argo" and immediately think "GitOps" with the ability to sync what's in a git repo with what's in a live Kubernetes environment. However, "Argo CD" is just one of several tools within the Argo ecosystem.

These other tools include:
- Rollouts - Move web traffic from an old to a new version of adeployment
- Workflows - Perform work in multiple steps, or as a DAG
- Events - Perform a variety of triggers based on a variety of potential events

These tools have a lot of use and can automate otherwise mundane tasks and lessen the risks associated with change.

Each will get given an overview of how they work and how they can be useful in isolation. Then we will combine them to solve different tasks. Examples will range from practical to silly, keeping healthy parts "educational" and "entertaining".

Speakers

Aaron Teague

Site Reliability Engineer

Aaron Teague is a Site Reliability Engineer with a passion for Kubernetes and the ecosystem that often comes along with it. He enjoys taking otherwise complex topics and breaking them down into easier to understand pieces that are not just informative, but memorable.

argo ecosystem overview pdf

Tuesday May 19, 2026 4:20pm - 5:00pm CDT
200H (Level Two)

Open Source 101

Audience Experience Level Beginner
Slides Attached Yes

4:20pm CDT

Enhancing PX4's EKF2 Replay Module for Deterministic Integration Testing - Brian Fairservice & Kerry Snyder, KEF Robotics

Tuesday May 19, 2026 4:20pm - 5:00pm CDT

200D (Level Two)

PX4's EKF2 replay module allows developers to tune estimator performance by re-running the EKF on prerecorded logs. This is useful for EKF2 development or for testing the impact of different parameters on performance. KEF robotics has patched the replay module so that replay progress can be controlled by an external program, enabling deterministic *integration* testing. We are using this patched replay module to test the integration of PX4 with an external vision navigation system.

We will cover:
- Using the replay module to assess performance of different EKF2 parameters.
- Development and testing considerations for a visual navigation system that integrates with PX4.
- Modifying the replay module so that it can be deterministically 'stepped' in sync with an external program
- Results from integration testing with the modified replay module

The audience will get a better understanding of the replay system, technical details on modifying the replay system for integration testing, and the benefits of integration testing with regard to visual navigation development with PX4. We will also share the patch we made to the replay system.

Speakers

Brian Fairservice

Software Engineer, KEF Robotics

Brian Fairservice is currently a Software Engineer at KEF Robotics

Kerry Snyder

Co-founder, CTO, KEF Robotics

Co-founder and CTO of KEF Robotics

PX4 Replay Presentation pdf

Tuesday May 19, 2026 4:20pm - 5:00pm CDT
200D (Level Two)

PX4 Dev Summit

Audience Experience Level Any
Slides Attached Yes

11:00am CDT

Running Open Source Cloud Infrastructure for Public Health at Scale: Lessons From Ghana - Derek Asamoah-Amoyaw, AngloGold Ashanti Malaria Control (AGAMal)

Wednesday May 20, 2026 11:00am - 11:40am CDT

200F (Level Two)

Public health systems increasingly rely on open source cloud infrastructure to deliver critical services, yet many are built and operated under tight budget, connectivity, and skills constraints.

This talk shares real-world lessons from designing, deploying, and operating Linux-based, open source cloud infrastructure supporting malaria control and public health programs in Ghana. It covers practical decisions around hybrid cloud architecture, containerization, data reliability, security tradeoffs, and operational resilience in environments with intermittent connectivity and limited resources.

Rather than theory, this session focuses on what actually worked, what failed, and how open source tools enabled sustainable systems for nonprofits and public sector teams. Attendees will gain actionable insights into building resilient, scalable cloud platforms using open source technologies—especially when operating outside ideal conditions.

This session is intended for practitioners building or maintaining cloud infrastructure who want honest, field-tested guidance from real deployments.

Speakers

Derek Asamoah-Amoyaw

Senior IT Infrastructure Officer, AngloGold Ashanti Malaria Control (AGAMal)

Derek Asamoah-Amoyaw is a Senior IT Infrastructure Officer with experience designing and operating cloud and open source systems for public health and nonprofit organizations in Ghana. His work focuses on building resilient, secure, and scalable infrastructure in resource-constrained... Read More →

AGAMal OSS NA 2026 final pdf

Wednesday May 20, 2026 11:00am - 11:40am CDT
200F (Level Two)

Cloud + Orchestration

Audience Experience Level Intermediate
Slides Attached Yes

11:00am CDT

How AGL SoDeV Accelerates the Future of Mobility Through Open-Source Collaboration - Yuichi Kusakabe, Honda Motor Co., Ltd.

Wednesday May 20, 2026 11:00am - 11:40am CDT

208A+B (Level Two)

Automotive Grade Linux (AGL) is advancing Software Defined Vehicle (SoDeV) as a foundation for open, scalable, and collaborative automotive innovation. As vehicles become increasingly software-centric, accelerating collaboration between AGL SoDeV initiatives and the broader open-source automotive community is critical to shaping the future of mobility.
This session highlights how AGL SoDeV acts as a collaboration hub that connects industry-driven development with open-source community contributions. Building on a previously presented demo, we introduce updated workflows and tooling that reduce collaboration friction, improve governance transparency, and enable faster feedback loops between SoDeV activities and OSS communities.
Through an updated live demonstration, we show how governance automation and clear contribution flows can function as enablers rather than barriers. The talk focuses on practical lessons learned from evolving AGL SoDeV collaboration models, explaining what has changed, why it matters, and how these improvements help communities and organizations innovate together more effectively.

Speakers

Yuichi Kusakabe

Chief Architect, Honda Motor Co., Ltd.

Yuichi Kusakabe is the Chief Architect at Honda Motor Co., Ltd. , AGL(Automotive Grade Linux) member and COVESA(Connected Vehicle Systems Alliance) member since 2011 with over twenty years of Automotive and Open Source Software Experience.
Prior to joining Honda Motor he worked... Read More →

HowAGLSoDeVAcceleratesTheFutureOfMobilityThroughOpen SourceCollaboration pdf

Wednesday May 20, 2026 11:00am - 11:40am CDT
208A+B (Level Two)

Embedded Linux Conference

Audience Experience Level Intermediate
Slides Attached Yes

11:00am CDT

OpenEmbedded / Yocto BoF - Colin McAllister, Garmin & Chuck Wolber, The Boeing Company

Wednesday May 20, 2026 11:00am - 11:40am CDT

208C+D (Level Two)

The OpenEmbedded/Yocto Project is a powerful open-source collaboration that provides a framework for creating custom embedded Linux distributions. It has become a key tool for developers building highly tailored, minimal, and efficient Linux systems across a wide range of devices, from IoT to automotive, robotics, and beyond.

Join us for this Birds of a Feather (BoF) session where OE/Yocto users, developers, and maintainers can gather to share their experiences, challenges, and best practices. Whether you’re a seasoned user or just starting to explore its capabilities, this session will provide an opportunity for lively discussion, collaboration, and networking.

Speakers

Chuck Wolber

Associate Technical Fellow, The Boeing Company

Chuck Wolber is a Boeing Associate Technical Fellow primarily focused on Platform and Operating System engineering for airborne avionics. He has developed multiple DO-178C Level D certified Linux operating systems currently in service on Boeing production aircraft. Chuck has been... Read More →

Colin McAllister

Senior Software Engineer, Garmin

ELC NA26 OEYP BoF pdf

Wednesday May 20, 2026 11:00am - 11:40am CDT
208C+D (Level Two)

Embedded Linux Conference

Slides Attached Yes

11:00am CDT

Defending the Branch: PAC, BTI & GCS on Linux - Bill Roberts, Arm Ltd

Wednesday May 20, 2026 11:00am - 11:40am CDT

205C+D (Level Two)

As computing systems evolve, memory-safety exploits such as return-oriented programming (ROP) and jump-oriented programming (JOP) remain a serious threat. These attacks manipulate control flow within valid address space, reusing existing code “gadgets” to achieve the attackers desired results. Arm AArch64 provides architectural defenses against these attacks through Pointer Authentication Codes (PAC), Guarded Control Stack (GCS), and Branch Target Identification (BTI).

This talk explains how these technologies work and, more importantly, what Linux developers, distributions, packagers, and toolchains must do to deploy them correctly. We cover the AArch64 Linux ABI implications, including requirements for hand-written assembly, use of BTI and PAC instructions, and PAC key management. We dive into real-world toolchain and language impacts, including changes to C code generation, C++ exception unwinding, DWARF metadata updates, and use of Arm's hint space instructions. Attendees will also learn common pitfalls, debugging challenges, and deployment trade-offs observed in practice.

By the end of this session, participants will understand how to deploy PAC, GCS, and BTI across Linux.

Speakers

Bill Roberts

Principal Software Engineer, ARM Ltd

Bill is a software engineer with an eclectic background in various mobile development platforms, operating systems and security technologies. He is the author of "Exploring SE for Android" and is a maintainer of the tpm2-software stack. Bill is currently working on Fedora Linux.

pac bti gcs public may 2026 pdf

Wednesday May 20, 2026 11:00am - 11:40am CDT
205C+D (Level Two)

Linux

Audience Experience Level Any
Slides Attached Yes

11:00am CDT

KV-Cache Centric Inference: Building an Open Source LLM Serving Platform Around State - Martin Hickey, IBM Research

Wednesday May 20, 2026 11:00am - 11:40am CDT

211A+B (Level Two)

We optimize LLM inference around compute—faster kernels, better batching, smarter parallelism. But in production, the real bottleneck is state. The KV‑cache holds precomputed attention data that turns a multi‑second prefill into a sub‑second cache hit. Lose it to eviction, isolate it on one node, or route away from it, and you pay the full compute cost again for work you already did.

llm-d is an open-source distributed inference platform, co-founded by Google, IBM Research, Red Hat, NVIDIA, and CoreWeave, that treats the KV‑cache as the core of the system rather than a byproduct. That enables tiered memory management—offloading KV blocks from GPU to CPU to shared storage—cross‑replica reuse so cached state computed anywhere is usable everywhere, and cache‑aware scheduling that routes requests to the replica most likely to hold their prefix.

This session walks through how llm-d and vLLM implement each layer of this stack, how they combine into a production system, and what the open‑source community can build on top. We’ll share benchmarks, Kubernetes deployment patterns, and practical guidance for operators running LLM workloads at scale.

Speakers

Martin Hickey

Senior Technical Staff Member, IBM Research

Martin Hickey is a STSM at IBM Research, focused on Open Source, Cloud Native Computing, and AI. Martin has notable contributions to open source projects like vLLM, LMCache, Kubernetes, Helm, OpenTelemetry and OpenStack. Martin is a core maintainer for LMCache and an emeritus core... Read More →

OSS NA26 KV Cache pdf

Wednesday May 20, 2026 11:00am - 11:40am CDT
211A+B (Level Two)

Open AI & Data

Audience Experience Level Any
Slides Attached Yes

11:00am CDT

Building an OSPO From the Ground Up: Enterprise Policy To Contribution and Compliance - Kevin Fruchey & Jeff Skarb, Lenovo

Wednesday May 20, 2026 11:00am - 11:40am CDT

200A (Level Two)

Open Source Program Offices (OSPOs) are becoming essential for organizations of all sizes, yet many struggle with where to start and how to scale effectively. In this session, we will share a practical framework for building an OSPO based on real enterprise experience.

The talk begins with establishing an enterprise open source policy that aligns engineering, legal, and security stakeholders while enabling innovation. From there, it breaks down the two core OSPO pillars: contribution and compliance. Within compliance, the session dives deeper into managing distributed versus non-distributed software and explains why treating these use cases differently reduces friction and improves outcomes.

Attendees will gain a clear, adaptable model for designing an OSPO that works for large enterprises and can scale down for smaller organizations. The session focuses on real-world lessons learned, common pitfalls, and actionable guidance that teams can apply immediately.

Speakers

Kevin Fruchey

Open Source Program Office, Lead, General Motors

Kevin Fruchey has spent 12 years at General Motors, where he leads the company’s Open Source Program Office and focuses on building practical, scalable open source governance. He comes from a family that has owned and operated a movie theater for over 35 years, sparking a lifelong... Read More →

Jeff Skarb

Open Source Program Office, Lead, General Motors

Jeff is an OSPO Lead at General Motors with a background in hardware engineering and open-source governance. He brings a practical, systems-focused approach to building scalable compliance programs and bridging technical, legal, and organizational priorities across varying engineering... Read More →

OSPO Presentation Final pptx

Wednesday May 20, 2026 11:00am - 11:40am CDT
200A (Level Two)

OSS Enabling & Management, Operations Management & OSPOs

Audience Experience Level Beginner
Slides Attached Yes

11:00am CDT

Keep It Clean: Practical Strategies for Reducing Build-System and Host Tech Debt - Joe Schneider, Dojo Five

Wednesday May 20, 2026 11:00am - 11:40am CDT

200G (Level Two)

Long-running embedded projects inevitably accumulate build-system and host-platform debt. Team turnover, drifting documentation, and “crunch mode” shortcuts compound over time until onboarding a new engineer takes weeks and even experienced developers struggle to make safe changes. These problems are especially acute in Linux-based and cross-platform environments, where host variability and undocumented assumptions undermine reproducibility.

This session distills lessons learned from modernizing embedded firmware build environments across Linux hosts and CI systems. Attendees will learn practical techniques for eliminating “it works on my machine” failures, accelerating incremental and clean builds, and making build behavior explicit and reproducible using open-source tooling. Topics include scripting and automation patterns, modern command runners, and structuring build systems to be CI-friendly and maintainable.

Joe Schneider, embedded systems veteran and CEO of Dojo Five, will share concrete practices that reduce onboarding time, improve build reliability, and restore developer productivity by systematically attacking build-system and host-level technical debt.

Speakers

Joe Schneider

CEO, Dojo Five

Keep it Clean OSS NA26 pptx

Wednesday May 20, 2026 11:00am - 11:40am CDT
200G (Level Two)

Packages + Images + Containers

Audience Experience Level Intermediate
Slides Attached Yes

11:00am CDT

Software Supply Chain Management With the Yocto Project - Joshua Watt, Garmin

Wednesday May 20, 2026 11:00am - 11:40am CDT

200C (Level Two)

Managing software supply chains is an important part of safety critical software. In this talk, Joshua will describe the technologies, methods and lessons learned that the embedded software space uses to manage software supply chains using the Yocto project.

Speakers

Joshua Watt

Staff Software Engineer, Garmin

Software Supply Chain Management with the Yocto Project pdf

Wednesday May 20, 2026 11:00am - 11:40am CDT
200C (Level Two)

Safety-critical Software

Audience Experience Level Intermediate
Slides Attached Yes

11:55am CDT

Lightning Talk: Untangling Secure Key Provisioning in U-Boot: Scalable EFuse Programming in Production - Harsha Vardhan Veerappan Murugesan & Kavitha Malarvizhi, Texas Instruments

Wednesday May 20, 2026 11:55am - 12:10pm CDT

208C+D (Level Two)

Note: Open to presenting as Lightning Talk

Secure provisioning is a foundational step in productizing embedded Linux systems, especially when enabling secure boot and establishing silicon identity through eFuses or one-time programmable (OTP) memory. Yet many teams still rely on manual fuse programming flows that are error-prone and difficult to scale particularly when dealing with complex, vendor-specific fuse maps. This talk explores how modern U-Boot capabilities streamline secure device provisioning in real manufacturing workflows. It introduces an upstream enhancement to U-Boot’s fuse subsystem that supports bulk, structured eFuse programming. This approach makes fuse provisioning more automation-friendly, and suitable for production use. Attendees will gain practical insights on integrating U-Boot-based provisioning into factory flows.
Agenda:
1. Challenges in Traditional eFuse Programming on Embedded Systems
2. U-Boot’s Existing Fuse Subsystem and Its Limitations in Production Flows
3. Design and Upstream Integration of the 'fuse writebuff' command
4. Structured, Automated Provisioning using Memory Buffers
5. Practical Provisioning and Production Workflow Considerations

Speakers

Harsha Vardhan Veerappan Murugesan

Embedded Software Engineer, Texas Instruments India

Harsha Vardhan is a security-focused embedded software engineer at Texas Instruments, working on secure boot enablement and secure key provisioning for production platforms. He is an upstream contributor to U-Boot and authored the buffer-based eFuse programming enhancement in U-boot... Read More →

Kavitha Malarvizhi

Software Engineering Manager and Security Architect, Texas Instruments

With over 17 years of experience in embedded systems and firmware development, Kavitha specialize in designing and securing boot ROMs and firmware for microcontrollers and processors. Currently, she serves as a Software Engineering Manager for Security firmware at Texas Instruments... Read More →

Untangling Secure Key Provisioning in U Boot OSS NA pptx

Wednesday May 20, 2026 11:55am - 12:10pm CDT
208C+D (Level Two)

Embedded Linux Conference

Audience Experience Level Any
Slides Attached Yes

11:55am CDT

From Apps To Infrastructure: A Cloud Native First Approach - Julien Semaan, Kubex & Corey McGalliard, Akamai

Wednesday May 20, 2026 11:55am - 12:35pm CDT

200F (Level Two)

Traditional infrastructure GitOps workflows, commonly built on tools like Terraform or OpenTofu, often struggle with state management, limited reconciliation, and delayed drift detection. Because these systems operate outside the Kubernetes control plane, infrastructure changes follow different lifecycle and failure semantics than applications, making it difficult to reason about system-wide correctness and safety.

We’ll present a unified approach for managing both applications and infrastructure through the Kubernetes control plane. This approach brings together GitOps controllers and Crossplane to extend the Kubernetes API to infrastructure via an ecosystem of community-supported providers spanning major clouds, alternative clouds, and on-prem. The result is a vendor-neutral foundation where applications and infrastructure follow the same review, lifecycle, and reconciliation model.

Speakers

Corey McGalliard

Engineering Manager, Akamai Cloud

Julien Semaan

Head of k8s Engineering @Kubex | CNCF TAG DevEx Tech Lead, Kubex

From Apps to Infrastructure pdf

Wednesday May 20, 2026 11:55am - 12:35pm CDT
200F (Level Two)

Cloud + Orchestration

Audience Experience Level Any
Slides Attached Yes

11:55am CDT

Open Source Starts Here: Lessons Learned From Building Linux Clubs for Students - Stu Keroff, Lake Middle School

Wednesday May 20, 2026 11:55am - 12:35pm CDT

205C+D (Level Two)

Where are the Open Source techs of tomorrow right now? They're in class!

In this session, Stu Keroff shares real-world lessons from launching and leading school-based Linux clubs that introduce students to open source through hands-on exploration, community building, and authentic technical problem-solving.

Drawing on firsthand experience, this talk covers:

1. How to start a Linux club from scratch in a school environment.
2. Structuring meetings to balance curiosity, chaos, and meaningful learning.
3. Working with school administrators and navigating policy constraints.
4. Keeping students engaged across skill levels.
5. Connecting students to the broader open source ecosystem
6. Using Open Source to help your community.

Attendees will leave with a practical framework for starting similar programs in their own communities—whether as educators, parents, open source maintainers, or industry professionals looking to strengthen the next generation of contributors.

Meet the techs of tomorrow where they are right now: in school.

Speakers

Stu Keroff

Teacher, Lake Middle School

Stu Keroff is a teacher and FOSS advocate who founded the world’s first school Linux club, the Community School of Excellence Asian Penguins, and later the Aspen Academy Penguin Corps and Lake Middle School Penguin Corps, helping students learn Linux, refurbish hardware, and give... Read More →

Open Source Starts Here OSSNA 2026 Stu Keroff pdf

Wednesday May 20, 2026 11:55am - 12:35pm CDT
205C+D (Level Two)

Linux

Audience Experience Level Any
Slides Attached Yes

11:55am CDT

Zero Trust AI Agents: Securing MCP in Private Kubernetes Networks - Mithil Patel, Equinix

Wednesday May 20, 2026 11:55am - 12:35pm CDT

200I (Level Two)

The transition from passive RAG to autonomous agentic workflows forces a dangerous trade-off: to be useful, agents need access; to be safe, they need restrictions. Giving a non-deterministic LLM distinct permissions to your Kubernetes cluster is a security nightmare, yet agentic tool execution demands real-world access to be effective.

This session introduces a battle-tested architecture for Zero Trust Agents. We will demonstrate how to secure Model Context Protocol (MCP) servers within private networks, replacing risky static credentials with a dynamic control plane that enforces strict safety guardrails.

Attendees will learn:

Identity for Autonomy: How to integrate OpenBao (OpenSSF) to issue Just-In-Time (JIT) credentials, ensuring agents only hold permissions during active tool use.

Bounding Agency: Implementing "Read/Write Separation" at the protocol level, preventing stochastic errors or misinterpretations from causing deterministic outages.

Secure Orchestration: A blueprint for deploying MCP servers as secure bridges between AI reasoning and internal infrastructure.

Stop building toys. Learn how to deploy autonomous systems that your security team will actually approve.

Speakers

Mithil Patel

Principal Engineer, SRE, Equinix

Principal Engineer at Equinix driving DevOps/SRE strategy for Interconnection organization managing global infrastructure serving Fortune 500 companies. 11+ years building resilient distributed systems and Kubernetes platforms at scale. Deep expertise in cloud-native architectures... Read More →

Zero Trust AI OSS NA26 Mithil pdf

Wednesday May 20, 2026 11:55am - 12:35pm CDT
200I (Level Two)

Open AI & Data

Audience Experience Level Any
Slides Attached Yes

11:55am CDT

Serverless for Open-Source Maintainers: Automating the Boring, Scaling the Impact - Hemant Bharadwaj & Antra Purohit, Microsoft

Wednesday May 20, 2026 11:55am - 12:35pm CDT

200H (Level Two)

Open source projects often struggle not with code, but with scale: issue triage, pull request validation, release automation, and community operations all consume maintainer time. Serverless, when built on open standards, offers a powerful way to automate these workflows without adding operational overhead.
This talk explores how open source maintainers can use event‑driven, serverless patterns to automate project workflows such as issue labeling, CI triggers, release orchestration, and contributor notifications. Using open technologies like CloudEvents, CDEvents, OpenTelemetry, and container‑based functions on Kubernetes, we show how to build portable, vendor‑neutral serverless automation that works across environments.
Attendees will learn practical design patterns, common pitfalls, and real‑world examples of using serverless automation to improve project reliability, contributor experience, and maintainer sustainability without locking into any single platform.

Speakers

Hemant Bharadwaj

Senior Site Reliability Engineer at Microsoft, Microsoft

Antra Purohit

Software Engineer, Microsoft

Serverless OSS NA26 Hemant Template pdf

Wednesday May 20, 2026 11:55am - 12:35pm CDT
200H (Level Two)

Open Source 101

Audience Experience Level Beginner
Slides Attached Yes

11:55am CDT

Day 2 Neurodiversity: Moving Beyond Fundamentals With Merge Forward - Ryan Etten, RHCA, Red Hat & Diana Todea, VictoriaMetrics

Wednesday May 20, 2026 11:55am - 12:35pm CDT

200J (Level Two)

Open source has made progress in recognizing neurodiversity, but most conversations remain at the level of awareness and good intentions. What happens on Day 2, after we agree that inclusion matters?

We will examine what is still missing in the open source neurodiversity conversation, critique the narrative of neurotalent, and evaluate whether framing neurodivergent contributors as inherently gifted helps inclusion or creates new pressures. We need to ask: are we reinventing existing initiatives, or does the real gap lie in how our contribution models, communication norms, and governance structures are designed?

Our goal is to tackle structural questions rather than proposing a new label or movement. How can open source communities reduce cognitive friction, clarify expectations, and design processes that support a wider range of thinking styles? What concrete steps move us beyond fundamentals and into sustainable practice? Join Merge Forward to help move open source from a culture of good intentions to one of engineered accessibility.

Speakers

Ryan Etten

Senior Architect & Team Lead, Red Hat

Ryan Etten builds cloud-native systems and rebuilds the communities that run them. A Senior Architect and Team Lead at Red Hat, Red Hat Certified OpenShift Architect, global speaker, and certification exam developer, he leads secure cloud-native digital transformations across the... Read More →

Diana Todea

Developer Experience Engineer, VictoriaMetrics

Diana is a Developer Experience Engineer at VictoriaMetrics. She has worked as a Senior Site Reliability Engineer focused on Observability. She is an active member of the OpenTelemetry CNCF open source project, co-organizer of Cloud Native Days Romania, co-lead of neurodiversity working... Read More →

OSSummitNA26 Day2ND REtten DTodea pdf

Wednesday May 20, 2026 11:55am - 12:35pm CDT
200J (Level Two)

OSS Enabling & Management, Project Leadership

Audience Experience Level Intermediate
Slides Attached Yes

11:55am CDT

Retconning Accessibility Standards With ARIA-AT - Chris Cuellar, Bocoup

Wednesday May 20, 2026 11:55am - 12:35pm CDT

200E (Level Two)

Many accessibility applications and automated tests rely solely on an abstract representation of the user interface (the so-called "accessibility tree") as their source of truth. By ignoring the process that screen readers take to translate this abstraction into spoken text, developers often build false confidence in accessibility implementations and miss critical user experience issues.

This talk explores how Bocoup's technical innovations (capturing real screen reader output across platforms and operating systems) has enabled essential discussions among screen reader vendors, standards editors, and application developers at the W3C's ARIA-AT Community Group. We'll examine the incentive structures which pit market differentiation against consistency and even correctness. We'll demonstrate how the ARIA-AT project addresses this problem head-on with a test-driven approach to consensus and the ultimate goal of standardization.

Speakers

Chris Cuellar

Engineer & Worker-Owner, Bocoup

Chris is a worker-owner at Bocoup and has nearly 15 years of experience building and creating on the web platform. Chris is also an artist, educator and community organizer and is based in unceded territory of the Tongva people and their neighbors (Los Angeles, California). In the... Read More →

Chris Cuellar | Bocoup | Retconning A11y Standards | OSS 2026 pdf

Wednesday May 20, 2026 11:55am - 12:35pm CDT
200E (Level Two)

OSS Enabling & Management, Standards & Specifications

Audience Experience Level Intermediate
Slides Attached Yes

11:55am CDT

OCI Images: Not Just for Containers Anymore - Austin Abro, Defense Unicorns

Wednesday May 20, 2026 11:55am - 12:35pm CDT

200G (Level Two)

Docker popularized the container; OCI standardized the artifact. That shift, from a specific format to a global specification, is what allowed us to expand beyond just 'running apps.' Now, whether it's Cosign for security, OpenTofu for infrastructure, or Zarf for air-gapped distribution, the ecosystem is leveraging a common foundation to solve complex supply chain problems. Additionally, Kubernetes’ recent work on OCI read-only volumes signifies a paradigm shift: we are now using images as a pure data transfer mechanism rather than just a runtime environment. Yet the elegant design that enables the OCI images is mostly hidden from users.

In this session, we'll create our own custom OCI artifact from scratch. Along the way, we'll learn the benefits of the OCI specification: the efficiency of its storage model, its simple cross-platform experience, and its secure-by-default design. Developers will walk away with a starting point for packaging their own custom artifacts, while practitioners will gain a deeper understanding of the OCI artifacts powering their workflows.

Speakers

Austin Abro

Software Engineer, Defense Unicorns

Austin Abro is a full-time maintainer of Zarf at Defense Unicorns, a tool built to enable declarative creation & distribution of software into air-gapped/constrained environments. Previously, he worked at Fiat Chrysler as a full stack Java developer before being promoted to technical... Read More →

OCI Images not just for containers anymore pdf

Wednesday May 20, 2026 11:55am - 12:35pm CDT
200G (Level Two)

Packages + Images + Containers

Audience Experience Level Intermediate
Slides Attached Yes

11:55am CDT

The Final Phase of Xen Safety: Solving Coverage and Residual Gaps - Stefano Stabellini, AMD

Wednesday May 20, 2026 11:55am - 12:35pm CDT

200C (Level Two)

AMD, in collaboration with the Xen community, continues to advance efforts to make the Xen hypervisor safety-certifiable to ISO 26262 ASIL D and IEC 61508 SIL 3. The project has progressed from Safety Concept Approval toward the final certification phase.

This presentation will share practical lessons learned, including how we structure requirements and architecture specification documents to make them easier to review for Open Source experts. It will describe the tools and processes we use to maintain end-to-end traceability and explain how we leverage GitLab to automate requirements-based testing and verification pipelines.

We will also address the remaining challenges on the path to completion, including code coverage and FMEA. In particular, we will explain why achieving comprehensive code coverage is uniquely challenging for a widely used Open Source project such as Xen and outline the strategies we are applying to meet 100% code coverage targets.

Finally, we will describe our approach to FMEA (Failure Mode and Effects Analysis) and how it evolved to better align with existing upstream Xen failure-handling practices.

Speakers

Stefano Stabellini

Fellow, AMD

Stefano Stabellini is a Fellow at AMD, where he leads system software architecture and the virtualization team. Previously, he developed a virtualization-based security solution for containers and authored several security articles. Stefano has been involved in Xen development since... Read More →

Xen Critical Summit 2026 v4 pdf

Wednesday May 20, 2026 11:55am - 12:35pm CDT
200C (Level Two)

Safety-critical Software

Audience Experience Level Intermediate
Slides Attached Yes

2:10pm CDT

Building a Shared, Persistent Virtual Filesystem for WebAssembly - Ayako Hayasaka, LY Corporation

Wednesday May 20, 2026 2:10pm - 2:50pm CDT

200I (Level Two)

Server-side WebAssembly applications need filesystem access, but current options are limited. Host filesystem access breaks portability and sandboxing. wasi-vfs is read-only and targets Preview 1. wasi-virt supports Preview 2 but remains read-only and single-application only.
We present a virtual filesystem built on WASI Preview 2 and the Component Model that supports read/write, multi-app sharing, dynamic attachment via RPC, and optional S3 persistence. The stack uses open-source tooling from the Bytecode Alliance: wasmtime, wac, and wit-bindgen.
The talk walks through our architecture: an inode-based in-memory filesystem exposed through custom adapters implementing wasi:filesystem, composed at build time with wac plug. We then separate the filesystem into a standalone server, add RPC for runtime attachment without recompilation, and layer S3 persistence for durability. Each stage is demonstrated live.
We close with lessons learned and tradeoffs between build-time composition and runtime RPC. No deep Wasm expertise is assumed. This talk is for developers building Wasm platforms, those exploring the Component Model, and anyone curious about filesystem virtualization in WebAssembly.

Speakers

Ayako Hayasaka

Software Engineer, LY Corporation

Primarily responsible for providing company-wide technical support in the area of web backend development.

ossna wasm virtual filesystem pdf

Wednesday May 20, 2026 2:10pm - 2:50pm CDT
200I (Level Two)

Cloud + Orchestration

Audience Experience Level Intermediate
Slides Attached Yes

2:10pm CDT

Construct a Lean and Fast RISC-V System Emulator Capable of Running Linux - Jim Huang, National Cheng Kung University

Wednesday May 20, 2026 2:10pm - 2:50pm CDT

208C+D (Level Two)

While mature solutions such as QEMU provide broad architectural coverage, they are optimized for generality rather than minimal footprint, rapid bring-up, or architectural experimentation. To examine system-level design trade-offs, gain fine-grained control over memory and execution behavior, and enable lightweight Linux-based sandboxing and verification, we built a RISC-V system emulator from scratch.

rv32emu [1] supports RV32IMACF with Zifencei and Zicsr, along with CLINT, MMIO, and a complete Sv32 three-level page table. Through VirtIO integration, it efficiently maps Linux guest services to host resources. A tiered JIT compilation framework accelerates Linux workloads while reducing memory consumption compared to QEMU.

This talk presents the architectural decisions behind building a compact yet Linux-capable RISC-V system emulator, highlighting trade-offs in ISA support, memory management, JIT design, and device virtualization, and sharing practical techniques with a lean footprint without sacrificing performance or correctness.

[1] https://github.com/sysprog21/rv32emu

Speakers

Jim Huang

Assistant Professor, National Cheng Kung University

riscv system emulation pdf

Wednesday May 20, 2026 2:10pm - 2:50pm CDT
208C+D (Level Two)

Embedded Linux Conference

Audience Experience Level Intermediate
Slides Attached Yes

2:10pm CDT

Using Embedded Linux for Autonomous Robot Control - Chloe Zhu, The Admissions Authority

Wednesday May 20, 2026 2:10pm - 2:50pm CDT

208A+B (Level Two)

The NAO robotics platform has been around for some time, originally developed by Aldebaran and SoftBank, and now by Maxtronics. Its OpenNAO operating system is based on the Gentoo embedded Linux OS, and uses the NAOqi API for autonomous robot control. We also used the OpenCV computer vision library as part of our open source software stack to program our NAO humanoid robot.

In this talk, I will present our work to engineer an autonomous behavior system that fuses real-time vision detection with motion planning and closed-loop control. We implemented a perception-to-action pipeline using NAOqi, OpenCV, and camera and motion calibration to detect targets, estimate relative pose, and drive head movement, walking, and task actions through a finite-state controller. We designed the system for robust target search, alignment, and approach under real hardware constraints. I will present a summary of our work, our results from participation in a robot golf tournament, and some thoughts on using open source to develop next-generation robotics platforms.

Speakers

Chloe Zhu

Chief Technology Officer, The Admissions Authority

Hi everyone! My name is Chloé (Fangjun) Zhu. Currently, I am working on developing AI algorithms for unmanned aerial vehicle/drones, and for educational consultancy. I am also working on automation for industrial process control.

Prior to these, I worked as an Electrical Engineer... Read More →

EL conf pptx

Wednesday May 20, 2026 2:10pm - 2:50pm CDT
208A+B (Level Two)

Embedded Linux Conference

Audience Experience Level Any
Slides Attached Yes

2:10pm CDT

Introduction To the Linux Boot Process - Angelina Vu & Karissa Sanchez, Microsoft

Wednesday May 20, 2026 2:10pm - 2:50pm CDT

200H (Level Two)

From the moment you press the power button to the instant the login prompt appears, a complex sequence of events happens behind the scenes to get your Linux system up and running. This talk aims to demystify the Linux boot process through a deep dive into each stage.
Starting from the role of system firmware, we compare legacy BIOS with modern UEFI and see why there has been a shift to UEFI. From there, we move on to the bootloader stage, discussing its function in loading the kernel and passing control over to it. Using GRUB as an example, we show how to view and customize bootloader configurations. Next, we explore the kernel initialization stage, including the role of initrd/initramfs, how the real root filesystem is mounted, and how the kernel initializes essential system components and launches the first userspace process. From there, control transitions to the init system. We examine SysVinit and its more modern alternative, systemd, and their roles in bringing the rest of the system online.
Finally, we cover practical debugging techniques, such as viewing boot logs, analyzing boot performance, optimizing boot up time, and improving security with features like Secure Boot.

Speakers

Angelina Vu

Software engineer, Microsoft

Angelina is a software engineer working on Microsoft’s Linux Emerging Technologies team.

Karissa Sanchez

Software Engineer, Microsoft

Karissa is a software engineer at Microsoft working on Linux Emerging Technologies. She recently graduated from MIT with a master’s degree in computer science. Her interests include Linux systems security and natural language processing.

OSS Boot Talk (1) pdf

Wednesday May 20, 2026 2:10pm - 2:50pm CDT
200H (Level Two)

Open Source 101

Audience Experience Level Beginner
Slides Attached Yes

2:10pm CDT

What's the Deal With Human Rights and Technical Standards? - Daniel Appelquist, Samsung

Wednesday May 20, 2026 2:10pm - 2:50pm CDT

200E (Level Two)

The UN Office of the High Commissioner for Human Rights released a report late last year : "Making technical standards
work for humanity: New pathways for incorporating international human rights into standards development for digital technologies." Amongst other things, this report referenced the W3C Ethical Web Principles, Privacy Principles, and Code of Conduct as key examples of structural changes in the technical standards community in support of human rights. This talk will seek explore the relationship between technical standards and human rights, and focus on what we're doing in W3C to further the goal of supporting human rights.

Speakers

Dan Appelquist

Open Source Strategist, Samsung

Human Rights and Standards OSS NA 2026 pdf

Wednesday May 20, 2026 2:10pm - 2:50pm CDT
200E (Level Two)

OSS Enabling & Management, Standards & Specifications

Audience Experience Level Intermediate
Slides Attached Yes

2:10pm CDT

Is Maven Safe for Production? - Adam Kaplan, Red Hat & Manfred Moser, Chainguard

Wednesday May 20, 2026 2:10pm - 2:50pm CDT

200G (Level Two)

Apache Maven’s central role in the Java ecosystem is undeniable, however its flexible plugin framework creates significant hurdles for adopting modern secure software practices. Securing the Java software supply chain to meet CRA and other regulatory requirements can feel like a daunting, if not impossible task.

This session will dive deep into the technical complexities of producing secured Maven builds through the practical experiences of two open source redistributors. You will learn strategies for producing SLSA artifacts for Maven builds, approaches for signing Java artifacts with Sigstore Cosign, and barriers to producing complete and accurate Software Bills of Materials (SBOMs) with Maven. We will also explore newer developments in the Maven ecosystem for cataloging dependencies and establishing trust in the Maven build process. This talk will conclude with a discussion of current gaps in Maven that could be addressed with the upcoming release of Maven 4.

Speakers

Adam Kaplan

Senior Principal Software Engineer, Red Hat

Adam Kaplan (he/him/his) is a software engineer at Red Hat, a maintainer of the Shipwright and Tekton projects, and former CD Foundation Governing Board member. He currently leads efforts to simplify hybrid cloud application development and secure Red Hat's software supply chain... Read More →

Manfred Moser

Sr Principal Dev Rel Engineer, Chainguard

Is Maven Safe for Production final pdf

Wednesday May 20, 2026 2:10pm - 2:50pm CDT
200G (Level Two)

Packages + Images + Containers

Audience Experience Level Intermediate
Slides Attached Yes

2:10pm CDT

From Pull Request To Patient Safety: How Tidepool Built an Open-Source Quality Management System - Tapani Otala, Tidepool

Wednesday May 20, 2026 2:10pm - 2:50pm CDT

200C (Level Two)

When software can directly affect whether someone lives or dies, "move fast and break things" isn't an option. But does that mean safety-critical software can't be open source? Tidepool's experience building Tidepool Loop - an FDA-cleared, open-source automated insulin delivery (AID) system for people with Type 1 diabetes - proves it can.

This talk explores how Tidepool developed an open-source quality management system (QMS) that achieves full requirements traceability and testability while preserving the collaborative, transparent ethos of open-source development. We'll walk through the real-world challenges of mapping regulatory requirements to code contributions, maintaining traceability across a distributed contributor base, and building test infrastructure that satisfies both FDA expectations and open-source community standards.

Attendees will leave with a practical framework for applying requirements traceability and verification practices to open-source projects operating in regulated or safety-critical domains from medical devices to automotive systems to critical infrastructure.

Speakers

Tapani Otala

VP, Engineering & Information Security Officer, Tidepool

Tapani has delivered innovative consumer electronics and cloud services over a 30+ year career. Before joining Tidepool in 2018, he was Sr. Director of Engineering at Samsung Research America, building cloud services for SmartTV and mobile apps. Prior to Samsung, he grew and led global... Read More →

From Pull Request to Patient Safety Otala pdf

Wednesday May 20, 2026 2:10pm - 2:50pm CDT
200C (Level Two)

Safety-critical Software

Audience Experience Level Any
Slides Attached Yes

3:05pm CDT

Cache Me If You Can: Decentralize Your Distributed Caches With Hollow - Viswanathan Ranganathan, Independent

Wednesday May 20, 2026 3:05pm - 3:45pm CDT

200I (Level Two)

Distributed caches are often used for scenarios that don't actually require them. For massive datasets (100's of GB's or more), distributed caches make sense—the data simply won't fit in a single node's memory. However, distributed caches tend to be overkill when working with smaller data sets (100s of MBs to 10s of GBs) that do fit in memory. Additionally, using traditional In-Memory caching libraries creates additional operational challenges, such as cache stampedes during TTL expiration, memory spikes during reloads, and long cold-start times that directly affect deployment velocity.

This talk proposes an alternate, unconventional view: What if we could decentralize our cache while centralizing its preparation? We'll discuss how dataset distribution using Hollow (an open-source project by Netflix) enables applications to serve data from local memory with microsecond access latency while staying perfectly synchronized via delta-based updates.

We'll cover:
- Design trade-offs that make this pattern ideal for GB-scale, read-heavy workloads.
- Delta-based updates that optimize cache reloads/refreshes.
- Zero-downtime updates applied in milliseconds without memory spikes.

Speakers

Viswanathan (Vish) Ranganathan

Independent Software Practitioner

Viswanathan Ranganathan is a Senior Engineer at Netflix, where he's part of the Delivery Engineering team that powers every service deployment across the platform. His current focus is on building deployment safety and confidence features for Netflix's infrastructure. Previously... Read More →

slides export pdf

Wednesday May 20, 2026 3:05pm - 3:45pm CDT
200I (Level Two)

Cloud + Orchestration

Audience Experience Level Intermediate
Slides Attached Yes

3:05pm CDT

The Service Mesh: Solving Microservice Chaos (And When You Actually Need One) - Mofesola Babalola, Extreme Networks & Hannah Olukoye, DKB Code Factory

Wednesday May 20, 2026 3:05pm - 3:45pm CDT

200F (Level Two)

Microservices promised speed and independence, but for many SREs and developers, they delivered network complexity. Suddenly, we're all part-time network engineers. We have to code retry logic, timeouts, and circuit breakers into every service. We struggle to get uniform "golden signal" metrics. And how do we enforce that all 50 of our polyglot services are communicating securely over mTLS?

This is the "microservice tax," and it's holding us back.

Enter the service mesh. You've heard the buzzwords, Istio, Linkerd, but what is a mesh, and what problems does it actually solve? Is it just hype, or is it the key to taming a complex distributed system?

We'll cover the three pillars of a mesh:

Reliability: Automatic retries, timeouts, and circuit breakers.

Observability: Uniform metrics, logging, and tracing for every call.

Security: Automatic mTLS (encryption) and fine-grained authorization policies.

Speakers

Mofesola Babalola

Staff Site Reliability Engineer, Tempo.io

Mofesola Babalola is a Site Reliability Engineering leader, managing large-scale observability and service mesh systems powering millions users. With deep experience in Kubernetes, Istio, ArgoCD, and AWS, he specializes in building resilient platforms and automating infrastructure... Read More →

Hannah Olukoye

Engineering Manager, DKB Code Factory

Hannah is an Engineering Manager who translates complex software engineering concepts into people-centric strategies. Leveraging her background as a software engineer and Google Developer Expert for Android, she now focuses on building platforms that reduce developer cognitive load... Read More →

The Service Mesh Solving Microservice Chaos OSSNA pdf

Wednesday May 20, 2026 3:05pm - 3:45pm CDT
200F (Level Two)

Cloud + Orchestration

Audience Experience Level Beginner
Slides Attached Yes

3:05pm CDT

When 10,000 Screens Go Dark: Engineering Resilient Linux Drivers for Manufacturing Reality - Ram Mohan Rao Chukka, JFrog & Subhajit Ghosh, Tweaklogic

Wednesday May 20, 2026 3:05pm - 3:45pm CDT

208A+B (Level Two)

Ten thousand LCD panels passed Incoming Quality Control. Firmware injection began. Production stopped.
During the development of our next-generation Automated Fare Collection (AFC) machines, we qualified multiple LCD vendors, designed a custom MIPI DSI touchscreen panel, developed display and peripheral drivers, and prepared for mass production. Everything worked—until firmware flashing began. Devices that previously functioned flawlessly suddenly booted to dead displays. The same firmware image now failed across the line.
The root cause wasn’t firmware. It wasn’t hardware failure. It was a silent vendor-side change: the LCD panel driver IC had been swapped for a different silicon revision—without changing the panel model.
The Linux DRM panel framework assumes static hardware described in the Device Tree. Manufacturing does not. MIPI DSI panel drivers are based on LCD model types not Display IC model types.
This talk presents a real-world production failure and the redesign that followed: replacing static panel definitions with runtime detection of display controller ICs via MIPI DCS, dynamic initialization sequencing, and a more resilient driver architecture.

Speakers

Ram Mohan Rao Chukka

Senior Software Engineer, JFrog

Ram is a Senior Software Engineer at JFrog R&D . Previously worked for startup companies like CallidusCloud (SAP Company), Konylabs. Loves Automation, Linux, openSource

Subhajit Ghosh

Founder, Tweaklogic

Embedded Linux professional and electronics hobbyist with experience in Linux driver development, kernel programming, system software and Edge AI.
Linux kernel contributor in device driver space.
Enjoy working with hardware and technology space.

May 20 2026 When 10000 Screens Go Dark Subhajit Ghosh OSS pdf

Wednesday May 20, 2026 3:05pm - 3:45pm CDT
208A+B (Level Two)

Embedded Linux Conference

Audience Experience Level Intermediate
Slides Attached Yes

3:05pm CDT

How GitHub Secures Open Source - Bas Alberts, GitHub

Wednesday May 20, 2026 3:05pm - 3:45pm CDT

200H (Level Two)

Uncover valuable insights into how GitHub secures the open-source software we all depend on, with real-world examples from the GitHub Security Lab, which uncovered 1,000+ vulnerabilities and was credited with 700+ CVEs over four years. Securing open-source software is critical because it underpins much of today’s digital infrastructure, and vulnerabilities in widely used components can create significant risks across entire software ecosystems.

This session will provide the latest updates on how GitHub enhances various elements of the Secure Software Development Life Cycle (SSDLC), leveraging the driving forces of Artificial Intelligence (AI), Developer Experience (DevEx), and community collaboration to secure open source. We will explore best practices in software security, including code scanning, secrets hygiene, dependency management, automation, and enhancing security awareness through gamification. The audience will gain a deep understanding of industry-leading initiatives and lessons learned from our experience in today's rapidly changing landscape.

Speakers

Bas Alberts

GitHub

GitHub Securing OSS slides pdf

Wednesday May 20, 2026 3:05pm - 3:45pm CDT
200H (Level Two)

Open Source 101

Audience Experience Level Beginner
Slides Attached Yes

3:05pm CDT

From Active To Archive: Shepherding Repositories Through Their Sunset - Natalia Luzuriaga, Dinne Kopelevich, Remy DeCausemaker & Sachin Panayil, CMS.gov; Dawn Foster, Independent

Wednesday May 20, 2026 3:05pm - 3:45pm CDT

200A (Level Two)

In the world of Open Source there are plenty of talks, resources, and guides about where to begin, and how to grow your project. But what happens at the end? How do you know when It Is Time? And how do you say goodbye with compassion and dignity?

In this talk, members of the CHAOSS.community and the Open Source Program Office at the Digital Service at CMS.gov will be sharing their latest practitioner’s guide on archival. This talk will be highlighting use cases from the private and public sector, and demonstrating how to use repository metrics, maturity models, and archival checklists for succession planning, stewardship, and sunsetting of Open Source projects.

Projects are not valuable solely based upon the utility of their results or outputs, they reflect the record of our progress. Archives provide transparency, accountability, and attribution. Archives build trust, reduce duplicate work, and reduce risk. The work saved in our archived repositories allows historians and practitioners to more accurately and completely understand the story of open source.

Speakers

Remy DeCausemaker

Open Source Lead, Digital Service at Centers for Medicare & Medicaid Services, CMS.gov

Remy DeCausemaker is the Open Source Lead for the Digital Service at the Centers for Medicare & Medicaid Services (CMS.) Remy helps developers, designers, and other contributors work with dedicated civil servants to create open accessible healthcare technology projects, programs... Read More →

Dawn Foster

Open Source Strategy Consultant, Self-Employed

Natalia Luzuriaga

Software Engineer, Digital Service at CMS.gov

Natalia is a software engineer supporting the Digital Service at the Centers for Medicare and Medicaid Services (CMS.gov) where she is involved in launching and growing the first Open Source Program Office in the federal government. Currently, her work is focused on building tools... Read More →

Dinne Kopelevich

Software Engineer, Digital Services at CMS.gov

Dinne is a United States Digital Corps Fellow detailed with the Open Source Program Office at the Digital Service at the Centers for Medicare and Medicaid Services. She is local to Denver, loves to travel, and has visited 6 of 7 continents.

Sachin Panayil

Software Engineer @ Digital Service at Centers for Medicare & Medicaid, Centers for Medicare and Medicaid

Sachin is a United States Digital Corps Fellow detailed with the Open Source Program Office at the Digital Service at the Centers for Medicare and Medicaid Services working as a Software Engineer. Coming from New York City, he loves Hip Hop and recently started his Muy Thai journ... Read More →

ossna2026 pdf

Wednesday May 20, 2026 3:05pm - 3:45pm CDT
200A (Level Two)

OSS Enabling & Management, Operations Management & OSPOs

Audience Experience Level Beginner
Slides Attached Yes

4:20pm CDT

Modernizing Software Verification - Craig Christianson, United States Air Force

Wednesday May 20, 2026 4:20pm - 5:00pm CDT

200C (Level Two)

In this session, I will discuss the importance of verifying safety-critical software by giving real-world examples of peoples' lives who were saved or put at risk by software. I will share the compliance challenges faced by software engineers working on safety-critical software. I will give a brief overview of software assurance requirements for safety-critical systems and show how formal methods and automated reasoning are accelerating and improving the assurance process. I will give a brief introduction to automated reasoning tools and semantics, and I will share success stories from a handful of open-source projects who are using these methods to reach assurance goals faster. I will finish by walking the audience through the design of a simple demonstration project that utilizes these technologies.

Speakers

Craig Christianson

Electrical Engineer, United States Air Force

Craig Christianson is an Electrical Engineer currently serving in the 309th Software Engineering Group in the United States Air Force. Craig is a member of SkiCAMP, a small R&D team at Hill Air Force Base working to improve software development practices in the Air Force. Craig specializes... Read More →

Modernizing Software Development pdf

Wednesday May 20, 2026 4:20pm - 5:00pm CDT
200C (Level Two)

Safety-critical Software

Audience Experience Level Beginner
Slides Attached Yes