Loading…
September 13-16, 2022
Dublin, Ireland + Virtual
View More Details & Registration
Note: The schedule is subject to change.

The Sched app allows you to build your schedule but is not a substitute for your event registration. You must be registered for Open Source Summit Europe 2022 to participate in the sessions. If you have not registered but would like to join us, please go to the event registration page to purchase a registration.

This schedule is automatically displayed in Irish Standard Time (UTC +1). To see the schedule in your preferred timezone, please select from the drop-down menu to the right, above "Filter by Date."

IMPORTANT NOTE: Timing of sessions and room locations are subject to change.


Sign up or log in to bookmark your favorites and sync them to your phone or calendar.

Monday, September 12
 

07:30 IST

09:00 IST

CHAOSScon Europe 2022 [Pre-Registration Required]
Learn about open source project health metrics and tools used by open source projects, communities, and engineering teams to track and analyze their community work. This conference will provide a venue for discussing open source project health, CHAOSS updates, use cases, and hands-on workshops for developers, community managers, project managers, and anyone interested in measuring open source project health. We will also share insights from the CHAOSS working groups on Diversity and Inclusion, Evolution, Risk, Value, and Common Metrics.

To learn more about CHAOSScon Europe 2022 click here.  

Pre-registration is required. To register for CHAOSScon Europe 2022, add it to your Open Source Summit Europe registration.

Monday September 12, 2022 09:00 - 12:30 IST
Liffey Hall 1 (Level 1)

09:00 IST

Continuous Delivery Mini Summit [Pre-Registration Required]
This half-day event aims to connect the Continuous Delivery community—from leaders, industry experts, practitioners, and open source developers—to share and discuss how to improve the world’s capacity to deliver software with security and speed.

It’ll be a great chance to catch up, learn from each other, and hear about the latest trends in Continuous Delivery.

Summit Agenda

Pre-registration is required. To register for Continuous Delivery Mini Summit, add it to your Open Source Summit Europe registration.


Monday September 12, 2022 09:00 - 12:30 IST
Liffey Meeting Room 1 (Level 1)

09:00 IST

LF Public Health Summit [Pre-Registration Required]
Over the last two years, LF Public Health has built international participation in the thriving and growing open source digital health ecosystem. This half-day event will present LFPH and it's activities and highlight members and stakeholders involved in open source digital health solutions beyond COVID, and tackling digital health transformation.

Pre-registration is required. To register for LF Public Health add it to your Open Source Summit Europe registration.

Monday September 12, 2022 09:00 - 12:30 IST
Liffey Meeting Room 3 (Level 1)

14:00 IST

ELISA Forum [Pre-Registration Required]
Enabling Linux in Safety Applications (ELISA) aims to create a shared set of tools and processes to help companies build and certify Linux-based safety-critical applications and systems whose failure could result in the loss of human life, significant property or environmental damage.

2-3pm
Join the ELISA Forum for an overview of the ELISA project, the activities of the various working groups (WGs) and how the WGs interact and work together to tackle the challenges in advancing open source in safety-critical systems and bridge the gap between functional safety and Linux kernel development velocity.

3-3:15pm Break, refreshments will be served

3:15-4:30pm
There will then be an introduction and interactive session to apply the System-Theoretic Process Analysis (STPA) methodology to a sample use case. STPA is a fairly new methodology that helps identify risks and hazards of mixed criticality systems. Because several ELISA WGs rely on STPA, this interactive session will help participants gain a better understanding of the work within ELISA.

4:30-5pm
The overview and STPA sessions will be led by ELISA project representatives, Gabriele Paoloni at Red Hat and Philipp Ahmann at Robert Bosch GmbH. Both representatives will also be available toward the end of the Forum for open discussions and Q&A as well as point to resources and documentation to onboard those who are interested in collaborating to further the work of the ELISA project.

Pre-registration is required. To register for ELISA Forum, add it to your Open Source Summit Europe registration.


Monday September 12, 2022 14:00 - 17:00 IST
Liffey Hall 1 (Level 1)

14:00 IST

Hands-On with Yocto Project [Pre-Registration Required]
Bring your boards, your questions, your problems, and your solutions to an interactive hands-on session with fellow Yocto Project experts and colleagues. We will be talking and coding hot topics like BSPs, layers, release migrations, security, and much more. Space is limited; snacks and beverages will be served.

Pre-registration is required. To register for Hands-On with Yocto Project, add it to your Open Source Summit Europe registration.

Monday September 12, 2022 14:00 - 17:00 IST
Liffey Meeting Room 1 (Level 1)

14:00 IST

Zephyr Mini Summit [Pre-Registration Required]
The Zephyr Mini-Summit is designed to introduce you to the leading Open Source RTOS built with safety and security in mind.  Attendees will learn why Zephyr is gaining the attention of developers and product makers. This session will provide an overview of the latest technologies and plans emerging from the Zephyr community.  

Pre-registration is required. To register for Zephyr Mini Summit, add it to your Open Source Summit Europe registration.

Monday September 12, 2022 14:00 - 17:30 IST
Liffey Meeting Room 3 (Level 1)
 
Tuesday, September 13
 

07:30 IST

07:30 IST

08:00 IST

First-Time Attendee Breakfast
First-Time Attendee Breakfast

We know what it feels like to attend a conference for the first time, and we want to help make that experience a little easier for our first-time attendees. Meet other newcomers, as well as Open Source Summit Europe veterans, at this informal breakfast. In addition, pick up invaluable tips and tricks on how to best navigate the event.
*We will do our best to accommodate all interested attendees, but please note that participation is on a first-come, first-served basis.

Tuesday September 13, 2022 08:00 - 08:45 IST
Level 4 Foyer

08:00 IST

09:00 IST

Automatic Operator Generation for Open AI frameworks: MindSpore/AKG - Harenome Razanajato, Huawei
Artificial intelligence frameworks such as MindSpore, TensorFlow or PyTorch aim at providing high-level abstractions to enable rapid development of new operators and at supporting various architectures to enable computation onto the desired target platform. Translating programs written by AI scientists to efficient implementations on complex parallel hardware is an extreme compilation challenge. Existing frameworks heavily rely on high-performance implementations of well-known operators through optimized libraries. However, those libraries may miss global optimization opportunities and scientists may design new operators not covered by existing libraries. In such scenarios, a more general compiler solution is required. This solution must generate high-performance code that exploits the target architecture and also be fast enough to allow researchers to quickly evaluate their new design. In this session, we will present to the community AKG (Auto Kernel Generator), which is the automatic AI/DL fused operator generation solution of the Open Source framework MindSpore. AKG relies on the polyhedral abstraction of programs to enable automatic parallelization and optimization. We will discuss the software, its architecture, abilities and roadmap, as well as the current top challenges.

Speakers
HR

Harenome Razanajato

Senior Engineer, Huawei
Harenome Razanajato, PhD, senior software engineer at Huawei. His research interests are in automatic optimization and parallelization. He graduated from the University of Strasbourg, France. His PhD thesis covered polyhedral code generation. Afterwards, he joined Huawei to contribute... Read More →


Tuesday September 13, 2022 09:00 - 09:40 IST
Liffey B Part 1 (Level 1)

09:00 IST

From Kubernetes With ♥ Open Tools For Open, Secure Supply Chains - Adolfo García Veytia, Chainguard
For the past two years, the Kubernetes Release Engineering Team (a subproject of SIG Release) has been hard at work hardening the Kubernetes supply chain, aiming to make it SLSA Level 3 compliant by the time Kubernetes 1.25 is released. The road to level 3 has produced a complete suite of open source projects that constitute the fundamental building blocks of a secure supply chain. And now, other projects and companies can leverage the Kubernetes release toolset to secure their chains! Guided by the CNCF Security TAG Best Practices whitepaper, the Release Engineering team built a set of tools that allow anyone to: - Building and publishing SBOMs (Software Bill of Materials) - Securely releasing staged images and artifacts - Signing and verifying container images and binaries leveraging Sigstore's transparency log, CA, and public infrastructure - Generating SLSA attestations of each step in a release pipeline All release tooling was designed from the get-go to be completely general-purpose and the talk will feature how other projects beyond K8s itself are using them in their releases. To finish the talk, Adolfo will demo a reference implementation of a SLSA-compliant pipeline using the K8s Release Engineering tools which any project can use to build its release process.

Speakers
avatar for Adolfo García Veytia

Adolfo García Veytia

Staff Software Engineer, Chainguard
Adolfo García Veytia (puerco) is a software engineer with Chainguard based in Mexico City. He is a Technical Lead with Kubernetes SIG Release. He is one of the TLs of the Release Engineering team, specializing in improvements to the software that drives the automation behind the... Read More →


Tuesday September 13, 2022 09:00 - 09:40 IST
Liffey B Part 2 (Level 1)

09:00 IST

Containers – A Look Under the Hood - Gerlof Langeveld, AT Computing
There are many implementations available to run containerized applications, such as Docker, CRI-O and Podman. All implementations depend on distinct features that are offered by the Linux kernel. Knowledge about these features helps you to understand how containerized applications operate under the hood and eventually helps with debugging. Gerlof covers three kernel features that are the foundation of the container concept: 1. Kernel namespaces, used to isolate a process from the other processes running on the same host.  2. Process-related root directory, that enables an application process to have its own private mini-filesystem, just containing the files that are needed to run that process.  3. Capabilities, used to determine the special privileges for a process, independent of the fact whether the process runs under root identity (uid 0) or not.  Gerlof also explains the relation of these features with particular parameters that are used for container platforms, like ‘--pid=host’ (namespaces) or ‘--cap-add=...’ (capabilities) when using Docker. During this workshop you gain hands-on experience by building a containerized application, just by using standard Linux commands.

Speakers
avatar for Gerlof Langeveld

Gerlof Langeveld

Trainer/Consultant, AT Computing
Gerlof Langeveld is trainer/consultant for AT Computing in The Netherlands. He teaches classes about programming languages, the Linux operating system (like ‘Linux System Programming' and 'Linux Performance Analysis and Tuning’), and classes about Docker and Kubernetes. Gerlof... Read More →



Tuesday September 13, 2022 09:00 - 10:35 IST
Liffey Hall 1 (Level 1)
  ContainerCon, Container Runtimes + Management and Orchestration

09:00 IST

Tutorial: Beyond Neural Search: Hands-on Building Cross-Modal/Multi-Modal Solution with Jina AI - Han Xiao & Sami Jaghouar, Jina AI
Neural search is using deep learning to search unstructured data, which has been developed rapidly over the last 2 years. With opensource framework like Jina (https://github.com/jina-ai/jina), searching cross-modal/multi-modal data via deep neural networks becomes extremely straightforward. DALL·E, a powerful image-to-text generator released by OpenAI in 2021 further boosts the popularity of multimodal applications. We now see thousands of astonishing artwork made by DALL·E every day. How all these new technologies will change our way of comprehending data? Most importantly, how can developers easily build solutions & applications leveraging those technologies? This tutorial will answer these two questions. This tutorial is bi-partite. In part 1, Dr. Han Xiao will introduce the recent advances of neural search and multi-modal intelligence. He will break down the design principle of Jina ecosystem. In part 2 (bring your laptop), Han will guide step by step to build DALL·E Flow: a Human-in-the-Loop workflow for creating HD images from text. He will demonstrate how Jina unlocks multi-modal/cross-modal capability in your solution & applications. This is a great chance to get hands dirty with Jina and DocArray's Pythonic API and to embrace the charm of generative arts.

Speakers
avatar for Han Xiao

Han Xiao

Founder & CEO, Jina AI
Dr. Han Xiao is the Founder & CEO of Jina AI, a commercial opensource company based in Berlin. Since its founding in 2020, Jina AI has raised $38M from top investors, including GGV, Cannan, YUNQI, SAP.io. Jina AI is one of the most promising AI startups globally according to CBInsights... Read More →
avatar for Sami Jaghouar

Sami Jaghouar

AI Engineer, Jina AI
Sami is an AI Engineer at Jina AI. He is one of the core maintainers of Jina framework.



Tuesday September 13, 2022 09:00 - 10:35 IST
Liffey Meeting Room 1 (Level 1)

09:00 IST

OpenSSF Day EU 2022 [Pre-Registration Required]
OpenSSF Day brings together the open source community to discuss the challenges, big-picture solutions, ongoing work and successes in securing the open source software (OSS) supply chain. The full day program will feature keynotes from Open Source Security Foundation (OpenSSF) contributors and thought leaders. Sessions include presentation, panels, and fireside chats on subjects such as security best practices, vulnerability discovery, securing critical projects, and the future of OSS security.

Agenda

Pre-registration is required. To register for OpenSSF Day EU 2022, add it to your Open Source Summit Europe registration.

Tuesday September 13, 2022 09:00 - 17:00 IST
Liffey Hall 2 (Level 1)

09:55 IST

Cloud Native Security for the Rest of Us - Tiffany Jernigan, VMware
Your mission is to secure the vast tracts of land of the Cloud Native security landscape. Where do you even start?!? It would be preposterous to cover that whole topic in a single session, but we can at least map it out. Our plan is to break it down into three key areas and review each in turn. * Platform - securing and upgrading our control planes and nodes; isolating compute, storage, and network resources; managing privileges and secrets. * User management and permissions - various ways to authenticate and authorize user access; leveraging tools like RBAC and Namespaces, and some common "gotchas". * Software supply chain - what that means; some actual threat models are; how to mitigate them. You will leave this session with a stronger understanding of the breadth and depth of Cloud Native security and resources to further develop your knowledge.

Speakers
avatar for Tiffany Jernigan

Tiffany Jernigan

Developer Advocate, VMware
Tiffany is a developer advocate at VMware and is focused on Kubernetes. She previously worked as a software developer and developer advocate (nerd whisperer) for containers at Amazon. She also formerly worked at Docker and Intel. Prior to that, she graduated from Georgia Tech with... Read More →



Tuesday September 13, 2022 09:55 - 10:35 IST
Liffey Meeting Room 3 (Level 1)

09:55 IST

Dev Team Metrics that Matter - Avishag Sahar, LinearB
What is the most valuable outcome? This is the most important question to answer before starting an engineering metrics program. In this talk I discuss which dev team metrics matter most, the outcome they produce, and pitfalls to avoid when starting a metrics initiative. The truth is, no one really likes being measured, especially devs. But business leaders like looking at numbers, so they grab what’s easily available - # of code changes, agile velocity, individual dev metrics. These types of metrics are unbalanced, exclude context, and hurt engineering culture as a whole. What you measure is what your team will produce. If you start measuring the number of code changes as a key performance metric, you are going to see coding time, PR size, and Cycle Time all increase. Don’t fall into this trap. In this session I discuss which team level metrics are most significant, the outcomes they produce, and strategies that will help you avoid the mistakes I’ve already made.

Speakers
avatar for Avishag Sahar

Avishag Sahar

Engineering Team Lead, LinearB
Avishag started her tech career at the young age of 18, as a soldier in Unit 8200, an Israeli Intelligence Corps unit of the Israel Defense Forces responsible for collecting signal intelligence (SIGINT) and code decryption. Avishag worked as a Business Intelligence Developer for a... Read More →



Tuesday September 13, 2022 09:55 - 10:35 IST
Liffey B Part 1 (Level 1)

09:55 IST

Improving Package Repository Security – From White Papers to Practice - Jussi Kukkonen, Google
Community package repositories (like PyPI or NPM) struggle to keep up with modern security demands. In this talk Jussi will cover how the repositories - and the security expectations - have changed over time. He is going to focus on the obstacles: what is preventing faster integration of modern security practices? Are community repositories more problematic than software projects in general? Some practical examples will be covered, most importantly PyPIs goal of integrating The Update Framework (TUF) into their workflows: why has even a more minimal integration taken so long and what is preventing PyPI from leveraging TUF fully, when the potential advantages seem so obvious? Finally a collaboration project, Repository Playground, is proposed: A way for the various community repository projects and the independent security projects, such as the TUF community or the SLSA community, to work together to define Best Practices and workflows in a way that goes further than white papers. https://github.com/jku/repository-playground

Speakers
avatar for Jussi Kukkonen

Jussi Kukkonen

Open Source Software Engineer, Google
Jussi is an experienced developer with a long Open Source background and an interest on build automation and supply chain security. He currently works on various upstream projects related to software supply chain security and is a maintainer of Python-TUF, the reference implementation... Read More →



Tuesday September 13, 2022 09:55 - 10:35 IST
Liffey B Part 2 (Level 1)

10:35 IST

11:05 IST

Confidential Computing and Privacy-Enhancing Technologies - The Landscape - Mike Bursell, Profian
“If the cloud is just somebody else’s computer, then how can I trust my sensitive apps and data to it?” This question – which inhibits adoption of public cloud computing for many organizations in security-sensitive or highly regulated industries – finally has some answers, provided by a variety of technologies. This session covers the (TLA-laden) landscape of key technologies, from FHE (Fully Homomorphic Technologies) to TEEs (Trusted Execution Environments, the basis for Confidential Computing), and beyond. We will compare the various approaches, the underlying technologies, and the properties that they can offer to organizations working out how to manage the risks associated with deploying to the cloud, the Edge and beyond. We will also look at why open source is playing such an important role in some of the projects embracing these technologies, including a demo of a sensitive application using the Enarx project, an open source project which is part of the Confidential Computing Consortium (Linux Foundation). This talk does not require deep technical knowledge, though it will lead pointers. Nor will it try to paint any technology as “the answer”, but will provide some guidelines about which approaches may be best suited to your organization’s environment and requirements.

Speakers
avatar for Mike Bursell

Mike Bursell

Co-founder, CEO, Profian
Mike Bursell is CEO of Profian, a company in the Confidential Computing space. He is one of the co-founders of the Enarx project (https://enarx.dev), a visible presence in the Confidential Computing Consortium and a Director on the Governing Board of the Bytecode Alliance. Previous... Read More →



Tuesday September 13, 2022 11:05 - 11:45 IST
Liffey Meeting Room 3 (Level 1)
  CloudOpen, Confidential Computing

11:05 IST

Codes of Conduct in Action - Evolving Best Practices for Incident Response - Joanna Lee, Gesmer Updegrove LLP
Codes of Conduct are essential to protecting the health and safety of open source communities. Code of Conduct (CoC) incident response is often replete with challenges, including conflict-ridden situations, messy facts, and heated emotions. When public in nature, CoC incidents can become politically divisive within a community, and certain types of incidents can expose project leadership and the hosting foundation (if there is one) to legal liability and risk. This talk will give an overview of best practices for resolving Code of Conduct incidents and navigating the many challenges of enforcement and incident resolution, including: *How to create a safe space for reporting *What fairness and due process look throughout the CoC incident response process *Tips for managing legal and community relations risks *Use of meditation as a tool for resolving conflict *How to perform thorough investigation when an investigation is needed *Navigating conflicts of interest *Balancing transparency with protecting reporters’ privacy

Speakers
avatar for Joanna Lee

Joanna Lee

VP of Strategic Initiatives & Legal, CNCF
Joanna Lee is the Vice President of Strategic Initiatives & Legal at CNCF and the Linux Foundation, where she drives complex strategic initiatives that are designed to impact the evolution of open source ecosystems, create high value new programs, improve health and sustainability... Read More →



Tuesday September 13, 2022 11:05 - 11:45 IST
Liffey Meeting Room 1 (Level 1)

11:05 IST

Bootloaders 101: How Do Embedded Processors Start? - Bryan Brattlof, Texas Instruments
When you first flip the switch or push the button, after the first electrons start flowing and crystals start vibrating, before any Linux dmesg lines appear on any screen, there is a fundamental chicken and egg question we must answer before the CPUs in our Beaglebone or Raspberry Pi can start executing our code. How do embedded processors find and run the code they need to begin executing code? Join Bryan as he goes through each stage of the bootup process for an AM62 and the constraints we must work around when we first start configuring the clocks, starting the power controllers, initializing DDR, loading the firmware, and everything else we need before we can start the Linux kernel and securely wakeup our embedded system. At the end of this session you will be familiar with the role of each bootloader and each step of how Texas Instruments’ AM62 family of SoCs loads, verifies, and uses each bootloader stage as the CPUs work their way to the Linux prompt and running your embedded applications.

Speakers
avatar for Bryan Brattlof

Bryan Brattlof

Embedded Linux Developer, Texas Instruments
Bryan is currently working with the pre-silicon validation and initial base Linux port team for the new Texas Instrument's Sitara class SoCs and other embedded processors they produce. He's currently spending a great deal of his free time flying airplanes and developing tools to make... Read More →



Tuesday September 13, 2022 11:05 - 11:45 IST
Liffey B Part 1 (Level 1)
  Open Source On-Ramp, Embedded Essentials (Beginner)

11:05 IST

What’s in a Name? Vulnerabilities, SBOMs, and the Challenge of Software Identity - Justin Murphy, Department of Homeland Security (DHS), Cybersecurity & Infrastructure Security Agency (CISA)
As we start to pay more attention to software supply chains (thank you, SBOM!), an old problem has resurfaced with a vengeance: how do we identify a particular piece of software? The software world - and the US government - has a goal for automation and easy mapping from a software dependency list to lists of known badness (vulnerabilities, potential malicious back doors, less optimal development practices, etc.). However, this requires a common namespace and shared identifiers for software. The current challenge is not that lack of naming standards, it is that we have several, and there are large gaps between them. This talk will describe the challenges presented regarding software identifiers as we try to secure the software supply chain. We’ll review existing solutions (CPE! PURL! Device identifiers! Hashes!), potential risks, and lay out a collaborative patch to addressing this over time and how the open source community can help and get involved.

Speakers
JM

Justin Murphy

Vulnerability Disclosure Analyst, Department of Homeland Security (DHS), Cybersecurity & Infrastructure Security Agency (CISA)
Justin Murphy is a Vulnerability Disclosure Analyst with the Cybersecurity and Infrastructure Security Agency (CISA). He helps to coordinate the remediation, mitigation, and public disclosure of newly identified cybersecurity vulnerabilities in products and services with affected... Read More →



Tuesday September 13, 2022 11:05 - 11:45 IST
Liffey B Part 2 (Level 1)

12:00 IST

Sponsored Session: Policy as Code with Open Policy Agent - Anders Eknert, Styra
Should user Alice be allowed to read credit reports? Should a cloud instance be deployable without basic security configuration in place? Should service X be allowed to query the database? Policy defines the rules of our systems, but how do we ensure our policies are enforced consistently in increasingly distributed and diverse tech stacks? In this talk we’ll explore the benefits of decoupling policy from our applications, deployment pipelines and platforms, and how Open Policy Agent (OPA) can help unify the way we work with policy across the stack.

Speakers
avatar for Anders Eknert

Anders Eknert

Developer Advocate, Styra
Developer advocate and a member of the open source team at Styra with a long background in software development, security and identity systems in primarily distributed environments. When not in front of his computer he enjoys watching football, cooking and Belgian beers.Speaker Photo... Read More →



Tuesday September 13, 2022 12:00 - 12:40 IST
Liffey Meeting Room 3 (Level 1)
  CloudOpen

12:00 IST

Building a Thriving / Healthy OSS Ecosystem in Africa; Lessons Learnt - Ada Nduka Oyom, Open Source Community Africa & She Code Africa
Building a community from ground up, in an under represented region as Africa, can be quite tasking And prove challenging. With over 6 years of building developer communities within Africa And founding the largest Open source community with the region, this talk would share our experience as a team And highlight on proven community strategies (successful And unsuccessful ones) utilised while also sharing lessons learnt in building out the Open source ecosystem within Africa via Open source community Africa, oscafrica.org. A major part of this session would also help connect stakeholders in the global OSS scene looking to get a lead-way into creating healthy collaborations with contributors, creators and communities alike, within the local African OSS space.

Speakers
avatar for Ada Nduka Oyom

Ada Nduka Oyom

Founder, Open Source Community Africa & She Code Africa
Ada is the Founder of She Code Africa (SCA), a non-profit organisation focused on empowering young girls and women in Africa through technical skills, She founded SCA in 2016 and has since impacted over 16,000 women members across 17 African countries with her team, while championing... Read More →



Tuesday September 13, 2022 12:00 - 12:40 IST
Liffey Meeting Room 1 (Level 1)
  Community Leadership Conference, Community Management

12:00 IST

Debugging Embedded Linux - Marta Rybczynska, Syslinbit
The sad truth is that when developing an application, we spend most of the time debugging. The case of embedded Linux is even more complicated than traditional systems, because we need to take into account the hardware interactions. In this session, Marta is going to do a gentle introduction to embedded Linux debugging. It will start with tips on approach and planning, then move to tools. Getting printfs and similar reliably from different software layers will be the first topic (including the kernel, userspace, using physical serial ports and more). Then Marta will introduce embedded debuggers, with different GDB use-cases. Finally, she will cover most popular tools like strace, perf, Wireshark and share secrets of kernel special files.

Speakers
avatar for Marta Rybczynska

Marta Rybczynska

Founder, Syslinbit & Security Lead for Oniro project, Huawei OSTC
Marta Rybczynska has network security background, 20 years of experience in Open Source including 15 years in embedded evelopment. She has been working with embedded operating systems like Linux and various real-time ones, system libraries and frameworks up to user interfaces. Her... Read More →



Tuesday September 13, 2022 12:00 - 12:40 IST
Liffey B Part 1 (Level 1)
  Open Source On-Ramp, Embedded Essentials (Beginner)

12:00 IST

Trusted-SBOM: On the Critical Importance of Verifying SBOMs - Haoxiang Zhang, Huawei & Ahmed E. Hassan, Queen's University
SBOMs are soon to become a defacto standard for communicating the content of a piece of software. Knowledge about such content is essential for many critical activities (e.g., vulnerability management and license compliance) for securing and ensuring the integrity of software. Today there are many open source and industrial initiatives/tools that focus on producing such SBOMs. However, simply producing an SBOM is not sufficient, instead we must ensure that such SBOMs are trustworthy. In particular, we must ensure that such SBOMs are accurate (not including incorrect dependencies) and comprehensive (not missing any actually-present dependencies). In this talk we advocate the critical importance of quantifying the trustworthiness of a produced SBOM. We provide examples of incorrect SBOMs, then present our efforts and toolsets to verify SBOM. In addition, we will discuss best practices to ensure the trustworthiness and traceability of the actual process that is used to produce the SBOM in turn ensuring that errors can be traced in a systematic manner and providing proof of attestation and due diligence through the whole SBOM generation process. We aim to trigger a community wide discussion on this important and critical topic while sharing our current efforts on this topic.

Speakers
avatar for Haoxiang Zhang

Haoxiang Zhang

Researcher, Huawei Technologies Canada Co., Ltd.
Haoxiang Zhang is a researcher at the Centre for Software Excellence at Huawei, Canada. His research interests include empirical software engineering, mining software repositories, and intelligent software analytics. Contact haoxiang.zhang@acm.org. More information at: https://ha... Read More →
AE

Ahmed E. Hassan

Professor, Queen's University
Ahmed E. Hassan is an IEEE Fellow, an ACM SIGSOFT Influential Educator, an NSERC Steacie Fellow, and the Canada Research Chair (CRC) in Software Analytics at the School of Computing at Queen’s University, Canada. His research interests include mining software repositories, empirical... Read More →



Tuesday September 13, 2022 12:00 - 12:40 IST
Liffey B Part 2 (Level 1)
  SupplyChainSecurityCon, Cyber Security Considerations

12:40 IST

14:00 IST

Speed Mentoring (Pre-registration Required)
Are you looking to grow your technical skills, get more involved in an open source community, or tackle a career-change? Whether you’re new or not so new to open source, we invite you to register to attend our Speed Networking and Mentoring event. You’ll have the chance to meet with several experienced mentors across many communities, from Linux and container technology to cloud and networking, for an inside perspective on advancing your career. Speed networking and mentoring will have career, technical and community tracks.
*You must be registered and attending this event in-person to participate.
Sign up now

Tuesday September 13, 2022 14:00 - 15:45 IST
Level 5 Foyer

14:10 IST

Why We Need Codes of Conduct -- and Why They're Not Enough - Aeva Black, Microsoft
Standard business approaches to interpersonal risk management (such as “just let HR handle it” and “don’t do anything that could make us liable”) do not translate effectively to open source community management, where liability extends outside organizational authority and interpersonal dynamics are fundamentally different. Conversely, ignoring community health leads to poor -- sometimes catastrophic -- outcomes for technical projects, and ultimately an increase in business risk in your software supply chain. In this talk, Aeva will examine difficult topics related to Code of Conduct enforcement in large and diverse contributor communities. They will discuss what it means to shape a community through a values-driven approach to leadership, and provide concrete suggestions for open source projects -- and their corporate sponsors -- which can improve community health and diversity. These suggestions will be based on real examples, though all identifying details will be anonymized to maintain the confidentiality of those involved.

Speakers
avatar for Aeva Black

Aeva Black

Open Source Hacker, Microsoft
Aeva Black is an incurably queer geek and open source hacker, passionate about privacy, ethics, and ancient languages. They work in Azure's Office of the CTO and hold seats on the Board of the Open Source Initiative and on the OpenSSF's Technical Advisory Council. Aeva previously... Read More →


Tuesday September 13, 2022 14:10 - 14:50 IST
Liffey Meeting Room 1 (Level 1)

14:10 IST

Accessible Neural Search and Cloud-Nativeness for ML Engineers - Han Xiao & Joan Fontanals Martínez, Jina AI
Search is fundamental for understanding data. Especially when it comes to images, audios, videos, 3D-meshes, being able to search over them often means the foundation of enabling higher-level data intelligence. In this talk, Dr. Han Xiao and Joan Fontanals Martínez will talk about how they built Jina: an opensource framework for building cross-modal/multi-modal applications on the cloud. They will break down the architecture of Jina from low-level network communication, data logic, runtime system, microservice layer, and orchestration layer. The talk aims to help the audience understand the essential technologies for building a production-ready neural search system, and how Jina can help developers significantly reduce their time-to-market.

Speakers
avatar for Han Xiao

Han Xiao

Founder & CEO, Jina AI
Dr. Han Xiao is the Founder & CEO of Jina AI, a commercial opensource company based in Berlin. Since its founding in 2020, Jina AI has raised $38M from top investors, including GGV, Cannan, YUNQI, SAP.io. Jina AI is one of the most promising AI startups globally according to CBInsights... Read More →
avatar for Joan Fontanals Martínez

Joan Fontanals Martínez

Head of Engineering, Jina AI
Joan is the head of engineering at Jina AI. He is one of the core maintainers of Jina framework.



Tuesday September 13, 2022 14:10 - 14:50 IST
Liffey Meeting Room 3 (Level 1)

14:10 IST

How ARM Systems are Booted: An Introduction to the ARM Boot Flow - Rouven Czerwinski, Pengutronix e.K.
Nowadays ARM system boot flows are becoming more and more complex. Especially 64-Bit systems rely on the ARM Trusted Firmware (TF-A) and the provided system services to implement CPU power management, system suspend and other SoC specific functions. This talk will give an overview on how an ARM system starts at the reset vector, boots up the different firmware parts and finally arrives within the linux boot-up procedure. We will also touch the topic of OP-TEE and the services provided by the TF-A, i.e. PSCI and SCMI.

Speakers
avatar for Rouven Czerwinski

Rouven Czerwinski

Embedded Software Developer, Pengutronix e.K.
After working with embedded testing in 2016, Rouven worked on the security side of things by contributing to OP-TEE and shipping products with it. Nowadays he has an interest in media pipelines and the corresponding kernel drivers to provide a flawless recording and viewing exper... Read More →



Tuesday September 13, 2022 14:10 - 14:50 IST
Liffey B Part 1 (Level 1)

14:10 IST

Cilium Workshop - Krisztian Fekete, Solo.io
Cilium is an open source software for providing, securing and observing network connectivity between container workloads - cloud native, and fueled by the revolutionary Kernel technology eBPF. In this workshop, we will review the following: - Deployment of Cilium (including hubble) on a KinD Kubernetes cluster - Deployment of the bookinfo application - Looking at the service to service communication using the Hubble UI and then looking at the gRPC endpoint which provides the data used by the UI to build the graph - Leveraging network policies to secure service to service communications and diving into how L4 and L7 policies are enforced (through eBPF and Envoy)

Speakers
KF

Krisztian Fekete

Field Engineer, Solo.io
Krisztian is enthusiastic about observability and cloud infrastructures. He's now working at Solo.io as an engineer. Previously, he was working at LastPass as senior DevOps/SRE engineer. He is building a self hosted blog on top of Istio in his spare time. The main topics of the blog... Read More →


Tuesday September 13, 2022 14:10 - 15:45 IST
Liffey Hall 1 (Level 1)
  ContainerCon, CNI (networking)

14:10 IST

Secure Python Packaging & Release Using Continuous Deployment - Martin Vrachev VMware & Jussi Kukkonen, Google
Python open source projects package release processes are often ad hoc and not particularly secure: As an example, a compromise of a maintainer's account on PyPI typically means the attacker can upload as much malware as they want. After a release, it's also impossible to verify if the release content is correct or if it matches a specific source release. This tutorial will demonstrate how to use common Continuous Deployment systems (like GitHub and Gitlab) to release a Python project securely and easily. Some aspects that will be covered: - What are the security improvements we are aiming for? - What do we need to know about GitHub/Gitlab security features? - Build reproducibility – how and why? - How to setup automated deployment to PyPI using GitHub/Gitlab? - Signing and verifying releases using Sigstore.

Speakers
avatar for Martin Vrachev

Martin Vrachev

Open Source Software Engineer, VMware
Martin Vrachev is an Open Source Engineer who has contributed to multiple Open Source security projects solving a variety of problems. His latest work is focused on secure software supply chain and more precisely on contributions towards Python-TUF. Martin's past contributions are... Read More →
avatar for Jussi Kukkonen

Jussi Kukkonen

Open Source Software Engineer, Google
Jussi is an experienced developer with a long Open Source background and an interest on build automation and supply chain security. He currently works on various upstream projects related to software supply chain security and is a maintainer of Python-TUF, the reference implementation... Read More →



Tuesday September 13, 2022 14:10 - 15:45 IST
Liffey B Part 2 (Level 1)
  SupplyChainSecurityCon, Countering Build Threats

14:10 IST

15:05 IST

Building and Supporting Open Source Communities Through Metrics - Georg Link & Emilio Galeano Gryciuk, Bitergia
Each community is different and therefore requires different metrics for data-driven decisions about building and supporting it. The CHAOSS Project was established to help empower open source communities through metrics. We have had many conversations with contributors and realized that everyone pays attention to different aspects of their communities. This talk will share what we have learned in the CHAOSS Project about having metrics for open source communities. Once the right metrics have been decided on, both technical and organizational challenges need to be overcome, which we discuss how to do. Finally, this talk will describe real-world examples of how metrics have been used to help build and support open source communities.

Speakers
avatar for Emilio  Galeano Gryciuk

Emilio Galeano Gryciuk

Marketing Specialist, Bitergia
Emilio has 5+ years of experience in business and marketing across different industries and countries. His academic background includes a bachelor's degree in Business from Americana University and a Master's degree in Marketing and Sales from the EAE Business School. Emilio is currently... Read More →
avatar for Georg Link

Georg Link

Director of Sales, Bitergia
Georg Link is an Open Source Strategist. Georg’s mission is to make open source more professional in its use of community metrics and analytics. Georg co-founded the Linux Foundation CHAOSS Project to advance analytics and metrics for open source project health. Georg is an active... Read More →


Tuesday September 13, 2022 15:05 - 15:45 IST
Liffey Meeting Room 1 (Level 1)
  Community Leadership Conference, Community Management

15:05 IST

Automating Cloud-native Spark Jobs with Argo Workflows - Caelan Urquhart & Darko Janjić, Pipekit
Companies with large computational workloads often use Apache Spark combined with numerous Python packages such as PySpark, NumPy, MLlib, XGBoost, and more. Unfortunately, as teams add the number of jobs running on a single Spark cluster managing dependencies becomes a nightmare. Kubernetes makes it easy to use numerous packages for large data jobs in distributed environments, and Argo Workflows is the best way to run pipelines on Kubernetes. This talk demonstrates how to orchestrate common Spark jobs with Argo Workflows, from the architecture to resource and workflow definitions. We'll show how to provision Spark and Argo Workflows on Kubernetes to process large data jobs. We'll also show how Argo Workflows and Kubernetes provide distinct scaling and stability advantages for Spark users by running some example jobs. We hope that listeners of this talk will learn the pros and cons of orchestrating their Spark job on Kubernetes with Argo Workflows, instead of traditional local or cloud environments.

Speakers
avatar for Caelan Urquhart

Caelan Urquhart

Co-founder, CEO, Pipekit
Caelan is the Co-founder and CEO of Pipekit, a control plane for Argo Workflows that enables massive data pipelines in minutes, saving engineering time and cloud spend. He's passionate about using distributed systems to solve data engineering challenges, and is a contributor to the... Read More →
avatar for Darko Janjić

Darko Janjić

Senior Software Engineer, Pipekit
Darko is a Senior Software Engineer at Pipekit, a control plane for Argo Workflows that enables massive data pipelines in minutes. He has extensive experience with distributed systems, virtualization, and cloud engineering across a variety of industries. Besides engineering, Darko... Read More →



Tuesday September 13, 2022 15:05 - 15:45 IST
Liffey Meeting Room 3 (Level 1)

15:05 IST

Linux Tracing Techniques - Vandana Salve, Prasme Systems
This presentation will introduce the building blocks that provide the foundation of tracing in Linux, such as ftrace, kprobes, uprobes, tracepoints and ptrace. It will cover how these concepts are used by tracing tools available for Linux today with some tracing examples for demonstration.

Speakers
avatar for Vandana Salve

Vandana Salve

Architect, Prasme systems
Vandana is a leader and expert in the field of Linux and embedded systems and has been extensively involved in kernel and system product development and management ! * Engaged with startups to build Linux embedded Systems for board support packages, device driver development and the... Read More →


Tuesday September 13, 2022 15:05 - 15:45 IST
Liffey B Part 1 (Level 1)

15:45 IST

16:15 IST

Drive Your Business With Open Source Sponsorship - Wolfgang Gehring, Mercedes-Benz Tech Innovation
In 2014, the Heartbleed Bug sent shockwaves across the internet and lead to news headlines like: “The Internet Is Being Protected By Two Guys Named Steve”. Although this headline is somewhat humorous, it revealed a crucial vulnerability of FOSS altogether: Oftentimes, important Open Source Software is maintained by a few engaged, but tired and overworked, underpaid individuals. Recent examples include the Log4Shell vulnerability whose consequences aren’t even fully clear yet.

There are a few ways to remedy this situation: By active participation through community engagement, high-quality contributions, becoming a maintainer, or through membership in Open Source foundations. Another great option is through financial sponsorship – which goes beyond just money, but also gives the software we depend on the recognition their creators deserve. Let’s explore why sponsoring is a great way to drive FOSS forward altogether, how it can be done in practice, and what our experience with Open Source sponsorship is at Mercedes-Benz. In particular, we’ll also discuss how to overcome challenges in implementing such a sponsorship program at corporate level.

Speakers
avatar for Wolfgang Gehring

Wolfgang Gehring

FOSS Ambassador, Mercedes-Benz Tech Innovation
Inspired by the Inner Source movement more than five years ago, Dr. Wolfgang Gehring turned into an ambassador for Inner and Open Source and has been working on enabling and spreading the idea within Mercedes-Benz and its IT-subsidiary Mercedes-Benz Tech Innovation. A software engineer... Read More →



Tuesday September 13, 2022 16:15 - 16:55 IST
Liffey Meeting Room 1 (Level 1)

16:15 IST

To RTOS, or not RTOS: That is the Question - Frédéric Desbiens, Eclipse Foundation
Real-Time Operating Systems (RTOS) have been a fixture of embedded computing for a long time and, more recently, IoT. Popular open-source options such as FreeRTOS and Zephyr support a wide range of hardware and provide features such as storage and networking. However, many open source projects aim to deliver many of the same features in a "bare metal" approach. In other words: they deliver frameworks that enable your applications to run directly on the hardware. Given this, which approach is right for your project? In this presentation, Frédéric Desbiens will explain the pros and cons of RTOSes and the bare metal approach. You will learn about the architecture and feature set of FreeRTOS and Zephyr in the process. You will also discover contrasting os-less frameworks such as Arduino, Espressif IDF, and Drogue IoT, which uses the Rust programming language.

Speakers
avatar for Frédéric Desbiens

Frédéric Desbiens

Program Manager — IoT and Edge Computing, Eclipse Foundation
Frédéric Desbiens manages IoT and Edge Computing programs at the Eclipse Foundation. His job is to help the community innovate by bringing devices and software together. He is a strong supporter of open source. He worked as a product manager, solutions architect, and developer for... Read More →


Tuesday September 13, 2022 16:15 - 16:55 IST
Liffey B Part 1 (Level 1)
  Embedded IoT, RTOSes vs baremetal approaches

16:15 IST

BlindAI, an Open-source Solution for Privacy-friendly AI Deployment - Daniel Huynh, Mithril Security
Confidential Computing is a recent technology that enables end-to-end encryption when analyzing sensitive data. As such, data owners can share their data to AI companies, for instance to train or consume an AI model, without ever risking their data being stolen, leaked or used for any other purpose, as data remains protected even when shared to third parties. That is why we have launched BlindAI, an Open-source project, aiming to democratize privacy-friendly AI. We leverage Confidential Computing to provide end-to-end protection guarantees, even when sending data to be analyzed by third parties. Our solution currently supports confidential deployment of ONNX models. This workshop aims to introduce the high level principles of Confidential Computing. We will show how BlindAI can be used to deploy privacy friendly AI models, including Transformers for confidential document analysis, and ResNets for medical imaging. The workshop will be organized in the following manner: - Presentation of the current challenges - Introduction to Confidential Computing - Demonstration of Confidential AI deployment with BlindAI

Speakers
avatar for Daniel Huynh

Daniel Huynh

CEO, Mithril Security
CEO of Mithril Security, a deeptech startup aiming to commoditize Confidential AI. Mithril Security allows confidential and regulated data to be shared and analyzed without revealing them. We make it possible with our open-source, fast and accessible software leveraging Confidential... Read More →


Tuesday September 13, 2022 16:15 - 16:55 IST
Liffey Meeting Room 3 (Level 1)
  Open AI & Data Forum, Security and Privacy

16:15 IST

Composing the Ultimate SBOM - Ivana Atanasova & Velichka Atanasova, VMware
The potential of SBOMs to track vulnerabilities is widely recognized. Open source tools capable of creating SBOMs exist in abundance. However, many of these tools are inventorying software post-build, which relies on heuristics and can result in missing build and dependency metadata which limits the compliance and security benefits of an SBOM. Software is modular in nature - each component has its lifecycle and our SBOM creation and management should represent the modular nature of the whole. What if instead of relying on post-build tools we utilized a sum-of-parts approach to create component level Micro-SBOMs that could be stitched together to create one high-level SBOM? We refer to the process of taking one or more Micro-SBOMs describing some component of the same top level software and transforming them into a single SBOM as "composing". Instead of asking SBOM consumers to open hundreds of fragmented Micro-SBOMs, we’re working on a tool that can do the composing for us. In this talk we will share details on why post-build scanning isn’t sufficient for producing accurate SBOM, discuss operationalisation of SBOMs and motivate the need for more modular SBOM composition. We will demo our proof-of-concept SPDX SBOM composition tool and invite your feedback and collaboration.

Speakers
avatar for Ivana Atanasova

Ivana Atanasova

Open Source Software Engineer, VMware
Ivana Atanasova is an Open Source Engineer in VMware's Open Source Program Office, where she has contributed to a variety of projects, including Tern, Python-TUF, CHAOSS' Augur, Network Service Mesh, OpenFaaS and others. Previously, Ivana worked at the Bulgarian Academy of Science... Read More →
avatar for Velichka Atanasova

Velichka Atanasova

Senior Open Source Engineering Manager, VMware
Velichka is a Senior Open Source Engineering Manager in VMware’s Open Source Program Office where she thrives exploring the innovation capabilities and collaborative power of open source. Before joining VMware in 2019, she spent more than a decade working for a large international... Read More →



Tuesday September 13, 2022 16:15 - 16:55 IST
Liffey B Part 2 (Level 1)

16:15 IST

Evaluation of OSS Options to Build Container Images - Matthias Haeussler, Novatec
The broad adoption of container technology mostly driven by the rise of Docker and Kubernetes has changed the skill expectation towards developers. It is not only required any more to be knowledgeable about the programming language, framework and respective build process. The steps of how to "containerize" the workload and deploy it also has become an expected standard. The ecosystem provides a wide range of options to approach container build. Especially for people getting started this can be challenging. The talk will give deeper insights by comparing various Dockerfile options to Cloud-Native Buildpacks (buildpacks.io/paketo.io), Google’s JIB and Source2Image under the evaluation criteria of build time, build size, standardisation, robustness and security. The implementation examples are polyglot. The intended take-away of the session is a better overview of Open Source technologies for container building options along with understanding of requirements, advantages and drawbacks. Matthias has been advocating in this space for several years and has given several conference about this topic. The contents are always up to the latest state. This session can be given as talk or tutorial. It has also been submitted as talk.

Speakers
avatar for Matthias Haeussler

Matthias Haeussler

Chief Technologist, Novatec


Tuesday September 13, 2022 16:15 - 17:50 IST
Liffey Hall 1 (Level 1)
  ContainerCon, Container Images and Registries

17:10 IST

Funding OSS: A Multi-layered Approach - Rebecca Rumbul & Paul Lenz, Rust Foundation
How can we best fund the development, maintenance, sustainability and growth of OSS ecosystems? This is a difficult question to which there are many opinions and no ‘right’ answers. Often it is OSS foundations that find themselves responsible for raising funds to support both their communities and their infrastructure, with the difficult task of deciding how to prioritise and distribute limited financial resources. This session will discuss the competing priorities in funding OSS, and the issues with the current established norms for funding OSS work, such as via individual sponsorship or through a patchwork of small and disconnected awards. Rebecca and Paul will reflect on their own experiences of establishing the Rust Foundation’s package of financial and infrastructure support. The session will discuss how they developed a more targeted approach to funding using a grants-based and impact-focused system, and will reflect on the benefits and risks associated with this. The session will also examine how gaps emerge in OSS ecosystems and how to plug these with an outcome-oriented focus. The session will provide practical actions, processes and ideas useful to anyone with an interest in how OSS can be effectively and sustainably funded.

Speakers
avatar for Rebecca Rumbul

Rebecca Rumbul

CEO, Rust Foundation
Rebecca is the CEO of the Rust Foundation, an international non-profit stewarding the Rust programming language, and is one of the world's leading experts in digital democracy. Rebecca holds a PhD in Governance, and has worked as a consultant and researcher with governments, parliaments... Read More →
PL

Paul Lenz

Director of Finance and Funding, Rust Foundation
Paul Lenz is Director of Finance and Funding for the Rust Foundation. Prior to joining the Foundation in 2022 he ran The Indigo Trust, a UK-based philanthropic organisation and before that spent six years as Head of Finance at the transparency and accountability NGO mySociety. In... Read More →



Tuesday September 13, 2022 17:10 - 17:50 IST
Liffey Meeting Room 1 (Level 1)

17:10 IST

Interfacing Sensor with Zephyr for IoT Devices - Dinesh Kumar K, Linumiz
Sensors are the devices which can monitor and measure environment based on synchronous or asynchronous events. Zephyr RTOS provides a sensor subsystem to make easy and uniform interactions with a variety of different sensors. In this talk we will explore possible ways to interface different types of sensor and use with zephyr. Also primarily focuses to add support for new sensor and share experiences about mainlining zephyr. Closing with demostration for temperature/pressure/fingerprint sensor.

Speakers
avatar for Dinesh Kumar K

Dinesh Kumar K

Embedded software engineer, Linumiz
Dinesh Kumar is an embedded software engineer works with Linumiz, and has worked on Docker, Yocto project and Zephyr RTOS for the past 2 years. He mainly worked on various application software for a variety of technologies like MQTT, WIFI, GPS, NB-IOT modem. Also, he contributed driver... Read More →



Tuesday September 13, 2022 17:10 - 17:50 IST
Liffey B Part 1 (Level 1)
  Embedded IoT, Sensor Interaction

17:10 IST

Bring the Power of ONNX to Spark as it Never Happened Before - Xiyuan Wang & Yikun Jiang, Huawei
Both data processing platforms and deep learning frameworks are evolving in their own fields. Usually, Spark is used for offline data processing, and then various deep learning frameworks are used for data inference. A simplified API for DL ​​Inferencing is very important as a bridge. What does an ideal data and deep learning inference pipeline look like? We'll discuss how to build your AI application using Spark and ONNX, the current status and initial idea of Spark commiunty to improve this pipeline, and also make full use of the capabilities of Ascend Hardware Platform. This session will include below parts: - Introduce Current status and plan for onnx contritbution of Ascend Hardware Platform. - Introduce "SPIP: Simplified API for DL Inferencing" background in the Spark community - A simple demo to show how it works. This topic help you know the latest progress of Ascend Hardware Platform integration in ONNX, as well as the initial idea of the inference pipeline improvement in the Spark community.

Speakers
avatar for Yikun Jiang

Yikun Jiang

senior software engineer, Huawei
Yikun Jiang is Senior Software Engineer, Huawei Computing Open Source Team, OpenStack Storage Project Committer, Apache Spark Contributor, has been deeply involved in cloud computing and big data open source communities for six years, and is currently works on multi-architecture support... Read More →


Tuesday September 13, 2022 17:10 - 17:50 IST
Liffey Meeting Room 3 (Level 1)

17:10 IST

Making Fuzzing Part of Your Software Development Lifecycle - Jonathan Metzman, Google
Fuzzing is a testing technique that uses randomized inputs to find bugs in software. Fuzzing is the most successful automated vulnetability/bug-finding technique and has recently experienced an enormous growth in popularity. In this talk we will share our experience helping thousands of developers incorporate fuzzing into their software development lifecycle. We will walk though tools and techniques used to secure hundreds of open source projects, including: - libFuzzer and AFL++: Coverage-guided fuzzers that can be used for fuzzing code where source is available and binaries where the source code is not available. - ClusterFuzz and ClusterFuzzLite: Continuous Integration infrastructure that runs your fuzzers to catch bugs in your software before they affect users. - OSS-Fuzz: free service that fuzzes critical open source projects such as Curl and OpenSSL. OSS-Fuzz has found 40,000 bugs (9,000 security) in more than 500 open source projects. - Syzkaller and Syzbot: Kernel fuzzing tool and infrastructure providing much of the same functionality described above for the Linux kernel. Viewers of this talk will walk away with the knowledge to start improving the security of their applications and dependencies with this essential testing technique.

Speakers
JM

Jonathan Metzman

Senior Software Engineer, Google
Jonathan Metzman is a software engineer at Google. Jonathan has worked on fuzzing for five years, first on Chromium's security team and now on Google's open source security team. Jonathan works on many open source fuzzing tools including OSS-Fuzz, a free service for open source projects... Read More →



Tuesday September 13, 2022 17:10 - 17:50 IST
Liffey B Part 2 (Level 1)

19:30 IST

All-Attendee Party at Guinness Storehouse
It's a night of savory food and good company at the Guinness Storehouse.  Help us brew some conversations in the different networking areas of this iconic building with Ireland’s most iconic beer. You won’t want to miss the breathtaking 360 degree view of Dublin from their Gravity Bar!

Shuttle service will be available to/from the reception venue.

Tuesday September 13, 2022 19:30 - 22:30 IST
Guinness Storehouse St. James's Gate, Dublin 8, D08 VF8H, Ireland
 
Wednesday, September 14
 

08:00 IST

08:00 IST

08:00 IST

Zen Zone
Wednesday September 14, 2022 08:00 - 17:20 IST
Backstage Room 5 (Level 3)

08:00 IST

09:00 IST

Keynote: Welcome & Announcements - Jim Zemlin, Executive Director, The Linux Foundation with Dr. Ibrahim Haddad, The Linux Foundation & Daniel Goldscheider, Open Digital Wallet Advocate
Speakers
avatar for Daniel Goldscheider

Daniel Goldscheider

OpenWallet Advocate
avatar for Dr. Ibrahim Haddad

Dr. Ibrahim Haddad

Executive Director, LF AI & Data Foundation and PyTorch Foundation
Dr. Ibrahim Haddad is the Executive Director of LF AI & Data and maintainer of the Open Source AI & Data landscape, an industry reference to key open source projects in the AI and Data domains. Throughout his career, Haddad held technology and portfolio management roles at Ericsson Research, the Open Source Development Labs, Motorola, Palm, Hewlett-Packard, the Linux Foundation, and Samsung Research... Read More →
avatar for Jim Zemlin

Jim Zemlin

Executive Director, The Linux Foundation
Zemlin’s career spans three of the largest technology trends to rise over the last decade: mobile computing, cloud computing and open source software. Today, as executive director of The Linux Foundation, he uses this experience to accelerate the adoption of Linux and support the... Read More →


Wednesday September 14, 2022 09:00 - 09:35 IST
Auditorium (Level 3)
  Keynote Sessions
  • Content Experience Level Any

09:00 IST

Hyperledger Foundation Mini-Summit : Open Source Blockchain Technologies [Pre-Registration Required]
Hyperledger Foundation is an open source community focused on developing a suite of stable distributed ledgers, tools, and libraries for enterprise-grade blockchain deployments. It is a global collaboration hosted by The Linux Foundation and includes leaders in finance, banking,IoT, supply chains, manufacturing and technology. This mini-summit will provide both introductory content to the foundation, our global community, and current market landscape as well as use cases for blockchain.  We will also discuss more in-depth content on current hot topics such as tokenization, digital identity, interoperability in a multi-chain world, advances in enterprise deployment tools, and why open source is already dominant in blockchain and its role in the future.

Summit Agenda

Pre-registration is required. To register for Hyperledger Foundation Mini-Summit : Open Source Blockchain Technologies, add it to your Open Source Summit Europe registration.


Wednesday September 14, 2022 09:00 - 12:00 IST
Wicklow Meeting Room 4 (Level 2)

09:40 IST

Keynote: How Can the LF Enable Europe to Collaborate Locally and Innovate Globally? - Gabriele Columbro, FINOS; Hilary Carter, The Linux Foundation; Rob Oshana, NXP Semiconductors; Sachiko Muto, OFE; Phil Robb, Ericsson; Vasu Chandrasekhara, SAP



Speakers
avatar for Gabriele Columbro

Gabriele Columbro

Executive Director, FINOS, Linux Foundation / FINOS
Gabriele is an open source leader and technologist at heart, having spent more than 10 years building thriving communities and delivering business value through open source. He thrives in working with open source communities to drive disruptive innovation, whether it’s for an early... Read More →
avatar for Hilary Carter

Hilary Carter

SVP Research & Communications, The Linux Foundation
Hilary Carter is Senior VP of Research & Communications at the Linux Foundation where she leads the creation of decision-useful insights into the open source technologies and standards underpinning much of the digital infrastructure on which the global economy depends. She is the... Read More →
avatar for Phil Robb

Phil Robb

Head of Ericsson Software Technology, Ericsson
Phil is the Head of Ericsson Software Technology (EST), where he leads a passionate group of engineers developing open source software across a wide range of projects including Linux, OpenStack, Kubernetes, and ONAP among many others.Prior to Ericsson, Phil was the V.P. of Operations... Read More →
avatar for Vasu Chandrasekhara

Vasu Chandrasekhara

CNCF Governing Board Representative; Vice President & Chief Architect, SAP
avatar for Rob Oshana

Rob Oshana

VP of Software Engineering & RD, NXP Semiconductors
Rob Oshana is vice president of software engineering R&D for NXP Microcontrollers, where he leads RISC-V efforts across the company. He is also a member of the RISC-V Foundation board of directors and Chairman of the Board for the OpenHW Group. He is a recognized international... Read More →
avatar for Sachiko Muto

Sachiko Muto

Chairman, OpenForum Europe
Sachiko Muto is Chairman and former Chief Executive Officer of OFE. She is also a senior research fellow at RISE Research Institutes of Sweden. Prior to OFE, Sachiko worked for several years in public affairs, first in London and then in Brussels. With degrees in Political Science... Read More →



Wednesday September 14, 2022 09:40 - 10:15 IST
Auditorium (Level 3)
  Keynote Sessions
  • Content Experience Level Any
  • Slides Included Yes

10:20 IST

Keynote: Building a Sustainable Infrastructure - Ross Mauri, General Manager, IBM Systems & Martin Kennedy, Managing Director of Enterprise Platforms and Storage, Citigroup
85% of companies have a sustainability strategy, but only 35% have acted on it. Ross Mauri, General Manager of IBM Systems, will discuss with a major US enterprise how your choice of open IT infrastructure can play a key role in helping your company achieve their sustainability goals.

Speakers
avatar for Ross Mauri

Ross Mauri

General Manager, IBM Systems
Ross A. Mauri is the General Manager for IBM Z. In this capacity, he is responsible for all facets of the IBM Z & LinuxONE server division including strategy, engineering, marketing, sales, support and worldwide financial performance.After joining IBM in 1980, Mr. Mauri held positions... Read More →
avatar for Martin Kennedy

Martin Kennedy

Managing Director of Enterprise Platforms and Storage, Citigroup
Martin is Managing Director of Enterprise Platforms and Storage for Citigroup Technology Infrastructure.In his current role, as Global Head of Mainframe and Host System Services, he is responsible for managing operations and engineering all Enterprise Systems disciplines globally... Read More →


Wednesday September 14, 2022 10:20 - 10:35 IST
Auditorium (Level 3)
  Keynote Sessions
  • Content Experience Level Any

10:35 IST

Keynote: Commercial Media and the Open Web - John Simmons, Executive Director, The Alliance for Open Media
We are witnessing a sea change transformation of the commercial media industry, a shift from broadcast to broadband, to a more open, flexible, user-centric media delivery infrastructure. What are some of the likely consequences?

Speakers
avatar for John Simmons

John Simmons

Executive Director, The Alliance for Open Media
John Simmons is an industry recognised expert on Web media standards. He drove Microsoft’s efforts to define DRM-interoperable encoding, adaptive bitrate streaming, the collaboration with Google, Comcast, Netflix and the W3C for HTML5 Media Extensions and a multi-year Apple collaboration... Read More →


Wednesday September 14, 2022 10:35 - 10:45 IST
Auditorium (Level 3)
  Keynote Sessions
  • Content Experience Level Any

10:45 IST

10:45 IST

Sponsor Showcase
This is the place to network, meet up, and learn more about companies that sponsor this event.

Wednesday September 14, 2022 10:45 - 19:00 IST
The Forum (Ground Level)

11:00 IST

OSPOCon Keynote: What TO-DO in Europe: Welcome & Opening Remarks - Ana Jiménez Santamaría & Chris Aniszczyk, TODO Group
OSPOs act as critical components of successful organizations. At TODO, we've seen firsthand how an effective OSPO can help an organization achieve its business goals and objectives by leveraging the power of open source with clear strategy and alignment.

This keynote shares an overview of the different efforts and new initiatives the TODO Group is working on during this year to help OSPOs in Europe and ease collaboration across communities. 

Speakers
avatar for Chris Aniszczyk

Chris Aniszczyk

CTO, Linux Foundation (CNCF)
Chris Aniszczyk is an open source executive and engineer with a passion for building a better world through open collaboration. He's currently a CTO at the Linux Foundation focused on developer relations and running the Open Container Initiative (OCI) / Cloud Native Computing Foundation... Read More →
avatar for Ana Jiménez Santamaría

Ana Jiménez Santamaría

OSPO Program Manager, TODO Group
Ana is the OSPO Program Manager at the TODO Group an open group of Open Source Program Office practitioners who want to collaborate on best practices, tools, and other ways to run successful and effective Open Source Projects and Programs. Formerly she worked at Bitergia, a Software... Read More →


Wednesday September 14, 2022 11:00 - 11:15 IST
EcoCem Room (Level 2)
  OSPOCon, OSPO Lessons Learned

11:15 IST

Distributed Tracing Integration with OpenTelemetry and Knative - Daniel Oh, Red Hat
Scaling application platforms give site reliability engineers a significant burden on collecting telemetry data from a single cluster to multiple clouds. You’re probably handy to observe metrics with comprehensive dashboards by 3rd party application performance monitoring tools in the traditional environments. However, the application topologies are getting more complex due to distributing cloud-native microservices. Infrastructures have also been varying from Linux containers to IoT edge devices, public cloud, and Kubernetes. This is a new challenge for dev and ops to trace application chains. This talk guides you through the distributed tracing integration with OpenTelemetry for serverless functions. OpenTelemetry allows you to collect telemetry data such as metrics, logs, and traces then enables you to analyze applications’ performance and behavior. I’ll also showcase a live demo of how to trace metrics of reactive RESTful APIs with step by step instructions below: - Collect local telemetry data by OpenTelemtry collector and Quarkus Dev mode - Visualize the telemetry data through the Jaeger console locally - Deploy the reactive serverless functions to verify telemetry data using OpenTelemetry and Jaeger operators

Speakers
avatar for Daniel Oh

Daniel Oh

Senior Principal Developer Advocate, Red Hat
Daniel Oh is a senior principal developer advocate at Red Hat to evangelize developers for building Cloud-Native Microservices and Serverless Functions with Cloud-Native Runtimes(i.e. Quarkus, Spring Boot, Node.js) and OpenShift/Kubernetes. Daniel also continues to contribute to various... Read More →


Wednesday September 14, 2022 11:15 - 11:55 IST
Wicklow Hall 2A (Level 2)

11:15 IST

Panel: Growing Open Source in the Irish Government - Clare Dillon, Open Ireland Network; Tony Shannon, Government of Ireland; Tim Willoughby, Ireland's Police Service; Gar Mac Criosta, Linux Foundation Public Health; John Concannon, Department of Foreign
This panel will explore the history and potential future of open source in government in Ireland. We will cover some of the successes and challenges surrounding investing in open source at a national level and discuss potential strategic steps we can take to increase the economic and social impact of open source in Ireland. We will examine the organisational constructs that can support the adoption and creation of open source and discuss if and how a National Open Source Program Office may be one way to help Ireland on its journey to an open source future.

Speakers
JC

John Concannon

Director General - Global Ireland, Department of Foreign Affairs
avatar for Clare Dillon

Clare Dillon

Co-founder and Community Organizer, Open Ireland Network
Clare Dillon has spent over 25 years working with developers and developer communities. She is a co-founder of the Open Ireland Network, a community for those interested in advancing open source at a national level in Ireland. Last year, she was also appointed Executive Director of... Read More →
TW

Tim Willoughby

Head of Digital Services and Innovation, An Garda Síochána, Ireland's Police Service
Tim is head of Digital Services and Innovation in An Garda Síochána and is the Chief Disruptor who is responsible for Innovation and new and future directions in technology and the Mobility Programme. Tim was formerly CTO of the LGMA, with over 20 years in a number of Senior Management... Read More →
avatar for Tony Shannon

Tony Shannon

Head of Digital Services, Office of Government Chief Information Officer, Department of Public Expenditure & Reform in Government of Ireland
Education and experience as Medical Doctor/ Emergency Medicine/ Informatics between Ireland, the UK & the US over 20 years. Involved in a range of change/digital programs & projects at local/regional/national/international levels over the last 20 years, initially in healthcare, then... Read More →
GM

Gar Mac Criosta

Health Service Executive, Government of Ireland, Product Manager & Chairperson for the Public Health Advisory Committee at Linux Foundation Public Health
Gar Mac Críosta is the Chairperson for the Public Health Advisory Committee at Linux Foundation Public Health (LFPH). He is an IASA certified architect and spends much of his time trying to figure out what being a sociotechnologist is; so he can be one. He regularly engages in humane... Read More →


Wednesday September 14, 2022 11:15 - 11:55 IST
Wicklow Meeting Room 1 (Level 2)

11:15 IST

Interactive Debugging of Dockerfile With Buildg - Kohei Tokunaga, NTT Corporation
Debugging Dockerfile is hard. This is even more true of large and highly multi-staged builds. You can debug it by modifying and re-running the Dockerfile but it's time-consuming and your favourite tools might be unavailable on the base image. This makes debugging a 5 min problem take hours. In this talk, Kohei will introduce an interactive debugger for Dockerfile, "buildg". buildg is implemented based on BuildKit (the core of "docker build") and makes debugging Dockerfile easier by providing gdb-inspired interactive UI/UX with breakpoints, source-level inspection and interactive shell on an arbitrary Dockerfile instruction. The talk will also share the status of integration of buildg with tools in the community.

Speakers
avatar for Kohei Tokunaga

Kohei Tokunaga

Software Engineer, NTT Corporation
Kohei Tokunaga is a software engineer at NTT Corporation, a Japan-based telecommunication company. He is a reviewer of CNCF containerd and a maintainer of BuildKit. He has talked about topics around container runtimes at FOSDEM, KubeCon+CloudNativeCon, and Japan-based events including... Read More →


slides pdf

Wednesday September 14, 2022 11:15 - 11:55 IST
Wicklow Hall 1 (Level 2)
  ContainerCon, Debugging

11:15 IST

Board Farms for Everyone: Making Hardware Debugging Easier and Sharing Boards Across the Globe! - Christopher Obbard, Collabora Ltd
Running out of desk space for your debug devices? Do you hate wasting time trying to figure out which serial port your board is hanging off? How about resetting the power of your board - do you have to lean over lots of other stuff to re-plug the power cable? Maybe you have a huge collection of embedded devices which keep growing or perhaps you have struggled because the board you want to use is with a colleague across the globe and you cannot wait for it to be shipped? These issues were all solved when Chris created a board farm at a minimal hardware cost using LabGrid. This beginner-level presentation will introduce you to a device-agnostic way to share boards across the globe and will help make your development simpler. Expect a live demo of how simple it is to remotely power-on a board, flash an image, access the console and even help verify peripherals, all without leaving your console! Practical tips of the hardware used, the Ansible recipes used to setup the software stack, connecting new boards and integration of boards in the farm to image-building CI pipelines in GitLab and GitHub will also be shown.

Speakers
avatar for Christopher Obbard

Christopher Obbard

Senior Software Engineer, Collabora Ltd
Chris is an engineer at Collabora where he works on Embedded Debian systems. Chris’s specialities include audio driver development, working with Debian GNU/Linux for ARM processors. In his spare time, Chris has built the software for the PiDeck project, a real-time embedded distribution... Read More →



Wednesday September 14, 2022 11:15 - 11:55 IST
Liffey Hall 1 (Level 1)

11:15 IST

What Does a CPU Do Before Going to Work (in an Embedded System)? - Josef Holzmayr, Mender.io
The boot process is probably the most overrated and at the same time neglected stage of running a computer. Why is that? Once one starts to think about it, it becomes obvious. A computer that is booting does not yet do anything perceived as valuable. The user who just turned it on wants to start using it as quickly as possible, and not be kept waiting. So the duration of the boot process as a whole often gets high attention. Beyond that, almost nobody cares about what happens as long as the boot finishes successfully. So for those of us who wish to understand the booting process, it is often complicated to see the actual concepts and reasons behind them. In this presentation we will look at common boot strategies found on the ARM and RISC-V instruction set architectures, and examine why and how they relate to specific hardware configurations. The various concepts such as a secondary program loader, boot source orders and suitable storage technologies will be discussed and put into context, to serve as the groundwork for a proper understanding of the topic. At all stages, we will focus on providing a beginner-friendly representation, instead of diving into advanced specifics such as boot time reduction.

Speakers
avatar for Josef Holzmayr

Josef Holzmayr

Head of Developer Relations, Mender.io
Josef has been active for more than 15 years as a "Complete”-Stack developer for industrial controls by now. He's done everything from debugging hardware to writing drivers, from application development to web front ends. A passion for showing, telling and teaching people in a both... Read More →



Wednesday September 14, 2022 11:15 - 11:55 IST
Liffey Hall 2 (Level 1)

11:15 IST

What's Missing in Embedded Build Systems - Arnout Vandecappelle, Essensium/Mind
Embedded build systems (buildroot, openembedded AKA yocto) have everything that is needed to compose the OS on which the embedded application will run. However, to develop a product, there are a number of things that the developer will still need to take care of (and find out how to do in that specific build system), even though the solutions for them are pretty generic. After giving a brief overview of the current state of buildroot and openembedded, this talk will discuss the missing links: persistence and factory reset, per-device provisioning, updates, and verified boot. Tools exist for all of those, and buildroot and openembedded provide those tools, but they don't come out of the box.

Speakers
avatar for Arnout Vandecappelle

Arnout Vandecappelle

Senior Embedded Software Architect, Essensium/Mind
Arnout Vandecappelle is working since 2008 as Senior Embedded Software Architect at Essensium/Mind, providing consultancy on Linux and Open Source Software for Embedded Systems: driver development, debugging, system integration, etc. He is a maintainer of Buildroot and has contributed... Read More →



Wednesday September 14, 2022 11:15 - 11:55 IST
Liffey Meeting Room 2 (Level 1)

11:15 IST

Elevating the Role of Open Technology in Sustainability - Building the Metrics of Success - Amanda Brock, OpenUK
Open Technology - open source software, open hardware and open data - provides a critical enabler to a sustainable future. It is no longer enough to watch from the sidelines, but time to elevate the role of Open Technology in Sustainability. As a first mover in the open source community's engagement with Open Technology for Sustainability, OpenUK hosted a full day event at COP26 in November, 2021. Although some COP26 contributors have been criticised for leaving the story behind in Glasgow. OpenUK is actively engaged via its Chief Sustainability Officer and Sustainability Advisory Board, to implement a Sustainability Strategy. This not only means that everything OpenUK does is sustainable by design, but also ensures that it drives the global Sustainability Strategy forward with Open Technology. Economic measures need refined and improved to look at the value generated and investment made as opposed to the Total Cost of ownership, but the critical path must measure the non-economic societal value provided by Open Technology, aligning to the United Nations' Sustainable Development Goals. What is an acceptable approach to measuring this? OpenUK will deliver v1.0 f its "Societal Value Metrics" for Open Technology - a means to measure the non economic values it generates.

Speakers
avatar for Amanda Brock

Amanda Brock

CEO, OpenUK
Amanda Brock is CEO of OpenUK, the UK organisaton for the business of Open Technology; Board Member, Open Source Initiative; UK Cabinet Office Open Standards Board Member; Advisory Board Member: KDE, Free BSD, Planet Crust, Everseen, and Mimoto; Charity Trustee Creative Crieff and... Read More →


Wednesday September 14, 2022 11:15 - 11:55 IST
Wicklow Meeting Room 3 (Level 2)
  Emerging OS Forum, Climate & Sustainability

11:15 IST

Scaling KVM and Its Community - Sean Christopherson, Google
KVM has grown substantially over the last few years, in more ways than one. The number of commits to x86/kvm nearly doubled year-over-year from 2019 to 2020, and rose again in 2021. KVM gained a RISC-V ported in 2021, and KVM on arm64 will be deployed on Android and multiple cloud providers in the not-too-distant-future. KVM's size and complexity has also grown to support new use cases and new hardware features. And KVM's worldwide footprint has undoubtedly grown along with cloud computing in general. Sean will examine several of the challenges KVM faces, and how KVM and its community can address those challenges to scale up the number of KVM contributors and end users, as well as the number of technologies and use cases KVM supports.

Speakers
avatar for Sean Christopherson

Sean Christopherson

Software Engineer, Google
Sean is an engineer at Google Cloud focused on KVM, and is an upstream co-maintainer for x86 KVM.


Wednesday September 14, 2022 11:15 - 11:55 IST
Liffey A (Level 1)
  KVM Forum (Joint OSS Track)

11:15 IST

The Kernel Report - Jonathan Corbet, LWN.net
The Linux kernel is at the core of any Linux system; the performance and capabilities of the kernel will, in the end, place an upper bound on what the system as a whole can do. This talk will review recent events in the kernel development community, discuss the current state of the kernel and the challenges it faces, and look forward to how the kernel may address those challenges. Attendees of any technical ability should gain a better understanding of how the kernel got to its current state and what can be expected in the near future.

Speakers
JC

Jonathan Corbet

Penguin herder, LWN.net
Jonathan Corbet is the kernel documentation maintainer, co-founder of LWN.net (and the author of its Kernel Page), a member of the Linux Foundation's Technical Advisory Board, and the lead author of Linux Device Drivers, Third Edition. He lives in Boulder, Colorado, USA.



Wednesday September 14, 2022 11:15 - 11:55 IST
Auditorium (Level 3)

11:15 IST

Bringing ML Workflows to Heterogeneous Cloud Native Machine Learning Platforms by Using Intermediate Representation - Tommy Li & Animesh Singh, IBM
In Kubeflow Pipelines v1, the pipeline spec describing ML flow is platform-dependent, which makes no chance to deploy your ML pipelines on other pipeline frameworks. To lower the barrier, Intermediate Representation(IR) is available in kfp v2. It's a generic component/step-oriented specification that fits container orchestration frameworks. More importantly, a new pipeline orchestration engine is created on the backend to support automatic lineage tracking and components that consume or produce metadata. In light of these new features, it gets a foot into ML pipeline portability. You can port the necessary components to run your pipelines on the desired platforms. Currently, IR is in alpha version and used by Kubeflow Pipelines, and Google Vertex AI. Kubeflow Pipelines with Tekton will join the list soon. In this talk, we walk through the new IR spec, a list of components that constitute the new pipeline orchestration engine, and how we adapt the new features in another pipeline framework.

Speakers
avatar for Tommy Li

Tommy Li

Senior Software Developer, IBM
Tommy Li is a senior software developer in IBM focusing on Cloud, Kubernetes, and Machine Learning. He is one of the Kubeflow committers and worked on various open-source projects related to Kubernetes, Microservice, and deep learning applications to provide advanced use cases on... Read More →
avatar for Animesh Singh

Animesh Singh

Distinguished Engineer and CTO - Watson Data and AI OSS Platform, IBM
Animesh Singh is CTO and Director for IBM Watson Data and AI Open Technology, responsible for Data and AI Open Technology strategy. Creating, designing and implementing IBM’s Data and AI engine for AI and ML platform, leading IBM`s Trusted AI efforts, driving the strategy and execution... Read More →


Wednesday September 14, 2022 11:15 - 11:55 IST
Wicklow Meeting Room 2 (Level 2)

11:15 IST

Cloud Anatomy 101: Breaking Down Cloud-Native - Grace Jansen, IBM
Getting to grips with cloud-native is as vital to your application evolution as breathing is to the body. However, with this term encompassing so many technologies, products and architectural styles, how do you decide which will be best for your own application? Diving into the anatomy and evolution of the human body can give us great insights into the journey you’ll need to make for your own application evolution. Join this session to find out why and discover what is critical for a healthy cloud-native system. This session would be different to those given previously, as this has evolved to now include a live coding demo which hasn't been included in the talk before.

Speakers
avatar for Grace Jansen

Grace Jansen

Developer Advocate, IBM
Grace is a Developer Advocate at IBM, working with Open Liberty, MicroProfile and Cloud Technologies. She has been with IBM since graduating from Exeter University with a Degree in Biology. Grace enjoys bringing a varied perspective to her projects and using her knowledge of biological... Read More →



Wednesday September 14, 2022 11:15 - 11:55 IST
Liffey B Part 2 (Level 1)
  Open Source On-Ramp, Cloud Administration Essentials (Beginner)

11:15 IST

Mind Mapping Open Source Program Offices - Ana Jiménez Santamaría, TODO Group & Thomas Steenbergen, EPAM
Open Source Program Offices and similar open source focused teams serve many organizations to provide strategy and alignment for an organization's open source efforts. Managing open source in an organization is a broad and complex topic requiring a wide scope of skills, responsibilities, team sizes, and ways of working - making it hard to get complete overview that can be shared with the wider organization or help you with managing your OSPO. The OSPO Mind Map was created by the open source community for the community to map the Open Source Program Office's key areas (responsibilities, roles, behavior, and team size) and divide them into more easily accessible parts in just one page. During this presentation, Ana and Thomas will share with the audience how this mind map is structured and how Open Source Program Office professionals can make use of the OSPO Mind Map to help implement an OSPO strategy, structure their activities and better communicate the OSPO initiative within their organization. The audience will learn the story behind the OSPO Mind Map project, a practical implementation of the mind map for their OSPO as well as ways they can contribute to the project.

Speakers
avatar for Ana Jiménez Santamaría

Ana Jiménez Santamaría

OSPO Program Manager, TODO Group
Ana is the OSPO Program Manager at the TODO Group an open group of Open Source Program Office practitioners who want to collaborate on best practices, tools, and other ways to run successful and effective Open Source Projects and Programs. Formerly she worked at Bitergia, a Software... Read More →
avatar for Thomas Steenbergen

Thomas Steenbergen

Head of Open Source Program Office, EPAM Systems, Inc.
Thomas Steenbergen is the Head of Open Source Program Office at EPAM Systems (www.epam.com). He is steering committee member and one of the co-founders/organizers of the European Chapter of the TODO group and co-founder of the OpenChain Reference Tooling Work Group - both industry working groups where companies collaborate to address shared open source challenges. He i... Read More →



Wednesday September 14, 2022 11:15 - 11:55 IST
EcoCem Room (Level 2)
  OSPOCon, OSPO Lessons Learned

11:15 IST

Do You Know What's in the Software You Run? Introducing GitBOM - Nell Shamrell-Harrington, Microsoft
Modern software is built with hundreds if not thousands of dependencies and transitive dependencies. Knowing not only what these dependencies are but exactly what parts of the dependencies are used in your software is a daunting task. Should a security vulnerability be found in particular file of a particular version of a dependency, how do you know whether your software uses that part? Enter GitBOM. GitBOM is an Open Source, minimialist scheme for build tools to 1) Build a compact artifact tree, tracking every source code file (including from dependencies) incorporated into each built artifact and 2) Embed a unique, content-addressable reference for that artifact tree into the artifact at build time. GitBOM is designed to construct verifiable artifact trees across languages, environments, and packaging formats with zero developer effort. While GitBOM is not itself an SBOM, it is compatible with and augments SBOMs. Come to this talk not only to learn about GitBOM (and how you can become involved!) but also to see how this build scheme can be implemented across languages and ecosystems. You will leave understanding how GitBOM can improve the security of your whole software supply chain.

Speakers
NS

Nell Shamrell-Harrington

Principal Software Engineer, Microsoft
Nell Shamrell-Harrington is a Principal Software Engineer at Microsoft in the Azure Office of the CTO. She is a long time Open Source contributor and maintainer - she has contributed to Chef, the Rust Programming Language, ClearlyDefined, GitBOM, and many other projects. Additionally... Read More →


GitBOM pdf

Wednesday September 14, 2022 11:15 - 11:55 IST
Wicklow Hall 2B (Level 2)

11:15 IST

Sponsored Session: Dependencies: Do's and Don'ts - Guy Bar Gil & Rhys Arkins, Mend
In today’s software ecosystem, the inclusion of dependencies in applications is practically a given. Including dependencies has clear benefits in terms of team velocity and business value, but it's also packaged (pun intended) with risks - most notably security-related ones. It is often suggested that "shifting left" is the best method to combat security risks such as vulnerabilities in dependencies, but this only catches vulnerabilities that have already been introduced. Implementing measures and best practices to prevent them from entering your application in the first place would be a more holistic approach. It is true that not all vulnerabilities can be prevented, but the latest research shows that the vast majority of publicly disclosed vulnerabilities can be. In this presentation, you’ll learn about best practices for managing your dependencies and how to reap their benefits in your applications, without compromising on security or velocity.

Speakers
avatar for Rhys Arkins

Rhys Arkins

VP of Product management, Mend
Rhys Arkins is responsible for developer solutions at WhiteSource. He was the founder of Renovate Bot, an automated tool for software dependency updating, which was acquired by Mend in 2019. Rhys is particularly fond of automation and a firm believer in never sending humans to do... Read More →
avatar for Guy Bar-Gil

Guy Bar-Gil

Head of Product Led Growth, Mend
Guy is an experienced Product Manager and current Head of Product-Led Growth at Mend. He loves engaging with people to understand and solve complex problems, with a special passion for product and company strategy. Prior to joining Mend, Guy held positions in R&D teams and served... Read More →


Wednesday September 14, 2022 11:15 - 11:55 IST
Liffey Meeting Room 1 (Level 1)

11:15 IST

Getting Started with Kernel-based Virtual Machine (KVM) - Leonard Sheng Sheng Lee, Computas
Want to get started with Kernel-based Virtual Machine (KVM)? Want to run a virtual machine on your system using open source technologies? Want to interact with KVM virtual machines from command line interface (CLI)? In this tutorial, Leonard will be teaching people to familiarize themselves with KVM technologies, which allows virtual machines to run with near native performance. Participants must have a basic knowledge of how the Linux operating system works, and must have a recent Linux based operating system running on a portable computer to join this tutorial. We will be focusing on tasks such as creating, accessing, modifying, and deleting KVMs, primarily using CLI and if time permits, using a graphical user interface (GUI) too. At the end of this tutorial, participants are expected to know how to check if KVM is supported on their computer hardware and manage KVMs with confidence.

Speakers
avatar for Leonard Sheng Sheng Lee

Leonard Sheng Sheng Lee

Senior Engineer, Computas
Leonard coaches various companies on build automation and plumbing Jenkins pipelines. All things configuration as code and cloud infrastructure are his main interests these days. He originally hails from Kuching, Malaysia, and currently lives in the outskirts of Oslo, Norway. He claims that he enjoys the picturesque nature and unpredictable weather, and try to prove it by kayaking in the fjords. He loves to immerse himself with diving in the tropics... Read More →



Wednesday September 14, 2022 11:15 - 12:50 IST
Liffey Meeting Room 3 (Level 1)

12:10 IST

Is OpenStack Still Needed in 2022? - Thierry Carrez, Open Infrastructure Foundation
Over the past 10 years, OpenStack has become the de-facto standard for providing cloud infrastructure using open source solutions. But in the past 5 years, the ecosystem focus has shifted higher in the stack onto cloud-native solutions, which run on top of an existing cloud infrastructure. Does that mean that open source cloud infrastructure solutions, like OpenStack, are no longer relevant? In this talk, Thierry Carrez, the General Manager for the Open infrastructure Foundation, the non-profit hosting the OpenStack project, will explore this question. After examining the motivation and history of OpenStack over the past decade, we will explore what makes OpenStack relevant in the next decade, with a special attention to the European context. While it is not for everyone, new use cases like Digital Sovereignty or Edge computing are driving renewed adoption of OpenStack, especially in combination with Kubernetes (what is called the Linux OpenStack Kubernetes Infrastructure, or LOKI).

Speakers
avatar for Thierry Carrez

Thierry Carrez

General Manager, Open Infrastructure foundation
Thierry is the General Manager at the Open Infrastructure Foundation, a non-profit organization fostering open development of open source infrastructure solutions. He's also the vice-chair of the Open Source Initiative, the steward of the open source definition and licenses, as well... Read More →



Wednesday September 14, 2022 12:10 - 12:50 IST
Wicklow Hall 2A (Level 2)
  CloudOpen, Open Cloud Infrastructure

12:10 IST

Open Source: The Next Generation - Mike Swift, Major League Hacking
More than 50% of developers want to contribute to Open Source but haven't yet. Most of them aren't confident in their abilities or don't know where to get started. With the demand for high quality Open Source software rapidly outpacing maintainer capacity, creating better onramps into the community is an imperative for all of us. While #GoodFirstIssues and introductory events are a start, they aren't enough if we want to train a new generation of truly Great Open Source Citizens. Instead we should be asking ourselves how to make Open Source a default part of the global software engineering curriculum. How do we ensure that every new developer coming online has the experience and confidence necessary to contribute to Open Source successfully on day one? During this talk, Swift will share insights from running the largest community of early career developers in the world and lessons learned from using Open Source to reimagine the future of tech internships to answer that question. You'll walk away with new ideas about how you can help educate, mentor, and inspire our next generation of Great Open Source citizens too.

Speakers
avatar for Mike Swift

Mike Swift

CEO & Co-Founder, Major League Hacking
Meet Swift – once an aspiring lawyer who entered the world of tech after attending his first hackathon. Now the CEO and Co-Founder of Major League Hacking (MLH), Swift is on a mission to empower the next generation of technologists. Every year, more than 100,000 developers around... Read More →


Wednesday September 14, 2022 12:10 - 12:50 IST
Wicklow Meeting Room 1 (Level 2)
  Community Leadership Conference, Community Management

12:10 IST

Back to Basics, Getting Traffic Into your Kubernetes Cluster - Nicolas Fränkel, api7.ai
However you're using your Kubernetes cluster, you'll sooner or later need to direct traffic into it. At this point, you're spoiled with choice. Kubernetes provides no less than three different objects: NodePort, Ingress, and LoadBalancer. Of course, each of them comes with its limitations. For example, LoadBalancer requires a dedicated implementation provided by Cloud Platforms but not with most local distributions. Moreover, Kubernetes is introducing a new Gateway API, adding one more way to direct traffic to the cluster. In this talk, I'd like to offer an overview of all four options, with their pros and cons, and a more in-depth explanation of the new Gateway API.

Speakers
avatar for Nicolas Fränkel

Nicolas Fränkel

Head of Developer Advocacy, Apache APISIX
Developer Advocate with 15+ years experience consulting for many different customers, in a wide range of contexts (such as telecoms, banking, insurances, large retail and public sector). Usually working on Java/Java EE and Spring technologies, but with focused interests like Rich... Read More →



Wednesday September 14, 2022 12:10 - 12:50 IST
Wicklow Hall 1 (Level 2)
  ContainerCon

12:10 IST

Basics of I2C on Linux - Luca Ceresoli, Bootlin
This talk is an introduction to using I²C on embedded Linux devices. I²C (or I2C) is a simple but flexible electronic bus to allow low-speed communication between the CPU and all sorts of chips: PMICs, ADC/DACs, GPIO expanders, video sensors, audio codecs, EEPROMS, RTCs and many more. It is so popular that knowing it is a must for any embedded system engineer. Luca will first give an introduction to what I2C is at the electrical level. He will then describe how I2C is implemented in the Linux kernel driver model and how that appears in sysfs, how to describe I2C devices using device tree and how to write a driver for an I2C device. Finally he will present the tools to communicate with the chips from userspace and share some debugging techniques, including inspection of the physical bus and software-level debugging.

Speakers
avatar for Luca Ceresoli

Luca Ceresoli

Embedded Linux and kernel engineer, Bootlin
Luca joined Bootlin in 2022 as an embedded Linux engineer. He gave several contributions to the Linux kernel, including the implementation of some I2C chips and improvements to the I2C documentation. He designed several embedded Linux products from the ground up, mostly hacking around... Read More →



Wednesday September 14, 2022 12:10 - 12:50 IST
Liffey Hall 1 (Level 1)

12:10 IST

Challenges of Deploying eBPF-based Tracing in Embedded Systems, and Alternatives in Embedded Platforms Libtracefs/libtraceevent - Bean Huo, Micron
eBPF is a very powerful tracking infrastructure that is widely used in network systems and the cloud. At Micron EBU (Embedded Business Unit), we first started with eBPF for Linux system traces and then found it difficult to deploy in all embedded worlds, especially when we faced customers with older Linux kernels and wanted to Use eBPF for issue tracking/resolving, eBPF cannot be used. This is not just a compilation issue, but also because of the eBPF dependencies in the current existing system. After a long period of exploration and comparison, we decided to use a libtracefs/libtraceevent-based approach, which will give us more confidence to deploy our tracing tools in customer systems. In this talk, I will present a comparison between the two approaches: eBPF and libtracefs/libtraceevnt, including dependencies and kernel requirements. Then I'll show a libtracefs/libtraceevent-based example of how to use libtracefs/libtraceevent as a second alternative tracing method for the embedded world.

Speakers
avatar for Bean Huo

Bean Huo

software engineer, Micron
Since my first exposure to Linux in college in 2007, I've been inspired by its open-source mission and global community collaboration. Then I decided to continue my career in the Linux field. So far, I'm a software engineer working at Micron EBU(embedded business unit), working on... Read More →



Wednesday September 14, 2022 12:10 - 12:50 IST
Liffey Meeting Room 2 (Level 1)

12:10 IST

Using OpenEmbedded Inside Containers? How and Why? - Drew Moseley, Toradex
Using containers in Embedded Linux devices is becoming more of a reality every day; notably using Docker. These devices are increasingly powerful and the benefits provided by containers are attractive to designers. The ability to easily install, update and replace application payloads makes for a powerful design used in a variety of industries. OpenEmbedded is also widely used for Embedded Linux devices and provides designers complete control over the contents of the system. It provides benefits that are difficult to achieve with traditional containers. These include image size, build reproducibility and license management. In this talk, we will look into generating container payloads using OpenEmbedded rather than the usual route of Dockerfiles and canned images available on repositories such as Docker Hub. We will investigate building images for both bare-metal and container-based execution. We will try to determine how difficult this is to do for a real application and compare it to a similar application built with the traditional Docker approach. To wrap up, we will compare both approaches, specifically in terms of image size, reproducibility, and license management/reporting. We will also discuss why you would want to do this and some use cases where it makes sense.

Speakers
avatar for Drew Moseley

Drew Moseley

Technical Solutions Architect, Toradex
Drew is currently a Technical Solutions Architect for the Torizon Linux system at Toradex. He has worked on embedded projects such as Mender, RAID storage controllers, Direct and Network-attached storage devices, and graphical pagers. He has spent the last 12 years working in Professional... Read More →



Wednesday September 14, 2022 12:10 - 12:50 IST
Liffey Hall 2 (Level 1)

12:10 IST

A Reference Architecture for Trust over the Internet with Universal Interoperability - Wenjing Chu, Futurewei Technologies Inc
Trust is what is missing in today's Internet or the Web. That is known if you have ever thought about Web3, DeFi, Metaverse, or digital identity, or the ills of social media platforms... The challenge is how to establish a trust spanning layer over the Internet and still maintain its universal interoperability. In this talk, I report the ongoing work of the Technology Architecture Task Force in the Trust over IP Foundation where I am one of the chief contributors. I will cover the Reference Architecture and, by examining the Design Principles inspired by the original Internet architecture and human-centric trust relationships, I will present the reasons for a hourglass protocol stack design for the purpose of universal interoperability. Prominent open source implementations & community specs, e.g. DIDcommv2, KERI, DWP (tbdex), libp2p, Indy/Aries, will be presented as case studies to demonstrate path for interoperability based on the Reference Architecture. We can have the cake and eat it too.

Speakers
avatar for Wenjing Chu

Wenjing Chu

Senior Director, Technology Strategy, Futurewei Technologies, Inc.
Wenjing leads Futurewei's technology strategy development in Metaverse, Web3 and Trust for the future of Internet and web. Many leading analysts have estimated up to 3 to 13 trillion USD worth of economic impact in the emerging technology super-cycle around Metaverse and web3. Wenjing... Read More →



Wednesday September 14, 2022 12:10 - 12:50 IST
Wicklow Meeting Room 3 (Level 2)
  Emerging OS Forum, Web 3.0/Crypto/Blockchain

12:10 IST

Panel Discussion: Designing and Implementing Sustainable Solutions with MongoDB on IBM LinuxONE - Kara Todd & Tina Tarquinio, IBM; Bryan Young, Home Lending Pal; Martin Kennedy, Citigroup & Joe Drumgoole, MongoDB
In today’s keynote, you heard how enterprises have helped deliver new sustainability, security and scalability benefits in their MongoDB environment on IBM LinuxONE. Now let’s hear from the teams who designed and implemented these solutions, who will discuss the challenges they faced and addressed, and how they have enabled several technology firsts as part of the solutions.

Speakers
avatar for Martin Kennedy

Martin Kennedy

Managing Director of Enterprise Platforms and Storage, Citigroup
Martin is Managing Director of Enterprise Platforms and Storage for Citigroup Technology Infrastructure.In his current role, as Global Head of Mainframe and Host System Services, he is responsible for managing operations and engineering all Enterprise Systems disciplines globally... Read More →
avatar for Joe Drumgoole

Joe Drumgoole

MongoDB, Global Director of Developer Advocacy
Joe Drumgoole is the Global Director of Developer Advocacy at MongoDB. He has over 30 years of product development experience. He still writes software (slowly) most days and his programming weapon of choice is Python. In his career, Joe has founded startups and led development teams... Read More →
avatar for Kara Todd

Kara Todd

Director of LinuxONE, IBM
Kara Todd is the Director of Linux for IBM zSystems and LinuxONE, leading all aspects of the Linux business on the platform including design, development, test, support, offering management, and financial performance. Kara joined IBM in 2002 as a z/OS Software Support engineer, working... Read More →
avatar for Bryan Young

Bryan Young

CEO, Home Lending Pal
Bryan Young is the CEO and Co-Founder of Home Lending Pal. A mortgage marketplace that uses an AI-powered home mortgage assistant and blockchain to help underserved communities find homes that fit their budget.Bryan continues to build strategic partnerships with data providers to... Read More →
avatar for Tina Tarquinio

Tina Tarquinio

IBM, Director, IBM Z and LinuxONE Product Management
Tina M. Tarquinio is the product management executive responsible for all aspects of the IBM Z and LinuxONE hardware portfolio. Under her leadership, the team has introduced new offerings that leverage the strengths of the platform, addressing new client demands and markets, and fuel... Read More →


Wednesday September 14, 2022 12:10 - 12:50 IST
Liffey Meeting Room 1 (Level 1)
  Emerging OS Forum

12:10 IST

The Future of Digital Wallets - Daniel Goldscheider, Advocate for Open Digital Wallets
The OpenWallet Foundation will create shared open source software to power secure multi purpose wallets. The panel tells the story behind this new initiative and makes a case for global cooperation to enable a plurality of interoperable wallets.

Participants Include:
Alan Bachman
Andrew Hughes - Ping Identity
Bryn Robinson Morgan - MasterCard
David Treat - Accenture
Drummond Reed - Avast
Juliana Cafik - Microsoft
Judith Fleenor - Trust over IP Foundation
Kaliya Young - IdentityWoman
Marie Austenaa - Visa
Mike Dolan - Linux Foundation
Nat Sakimura - Open ID Foundation
Nick Mothershaw - Open Identity Exchange
Pramod Varma - EkStep Foundation
Sanjay Jain - MOSIP

Speakers
avatar for Daniel Goldscheider

Daniel Goldscheider

OpenWallet Advocate


Wednesday September 14, 2022 12:10 - 12:50 IST
Wicklow Meeting Room 5 (Level 2)
  Emerging OS Forum

12:10 IST

Protected KVM on Arm64: A Technical Deep Dive - Quentin Perret, Google
Protected KVM (a.k.a. pKVM) is an extension of KVM/arm64 providing a Confidential Computing solution for Arm v8.0+ CPUs. pKVM targets SoCs that don't feature Confidential Computing hardware extensions, which makes it applicable to a wide spectrum of domain-spaces, including mobile (Android). pKVM extends the existing KVM/arm64 nVHE hypervisor with the ability to manage the CPU's stage-2 MMU, hence allowing the enforcement of access-control restrictions on host accesses to guest memory. In this talk, we will do a technical deep dive on pKVM, describe its architecture and implementation [1], and discuss opportunities for sharing core infrastructure (e.g. memory management) with other Confidential Computing solutions such as Intel TDX, AMD SEV or Arm CC-A. [1] https://lore.kernel.org/kvmarm/20220519134204.5379-1-will@kernel.org/

Speakers
QP

Quentin Perret

Software Engineer, Google
Quentin Perret is a Software Engineer at Google working on virtualization and scheduling-related topics for Android. Quentin is one of the main developers for the Protected KVM (pKVM) project and has previously worked on Energy Aware Scheduling (scheduler support for Arm big.LITT... Read More →


Wednesday September 14, 2022 12:10 - 12:50 IST
Liffey A (Level 1)
  KVM Forum (Joint OSS Track)

12:10 IST

How to Report Your Linux Kernel Bug - Thorsten Leemhuis, Freelancer
Bad bug reports are the first to be ignored by stressed kernel developers. This talk will teach you how to dramatically reduce this risk, as it will outline how to prepare and submit a decent bug report to the Linux developers; this will include describing a few common errors a lot of people make when reporting issues with the kernel. You'll also learn which Linux bugs are unlikely to be addressed, as reporting such issues might be a waste of your time. You’ll learn about the other side of the spectrum, too: which kind of bugs kernel developers have to fix quickly, as they otherwise risk getting into trouble with Linus Torvalds himself.

Speakers
avatar for Thorsten Leemhuis

Thorsten Leemhuis

Freelancer, Freelancer
Thorsten is the Linux kernel's regression tracker. He also wrote the texts on reporting bugs and handling regressions found in the kernel's documentation. In Fedora-land Thorsten is known for his many contribution to the project and related areas during the Fedora's first century... Read More →



Wednesday September 14, 2022 12:10 - 12:50 IST
Auditorium (Level 3)

12:10 IST

Airflow: Save Tons of Money by Using Deferrable Operators - Kaxil Naik, Astronomer
Apache Airflow 2.2 introduced the concept of Deferrable Tasks that uses Python's async feature. All the Airflow sensors and poll-based operators can be hugely optimized to save tons of money by freeing up worker slots when polling. This session will cover the following topics: - Introduction to the concept of deferrable operator - When to use them & Why? - Writing Custom deferrable operators & Sensors - Advantages over Smart Sensors and reschedule mode for sensor

Speakers
avatar for Kaxil Naik

Kaxil Naik

Director of Airflow Engineering, Astronomer
Kaxil is a committer and PMC member of the Apache Airflow Project and until recently was the release manager of the project. He is currently the Director of Airflow Engineering Team @ Astronomer. Currently, he is one of the top three committers of the Airflow Project based on the... Read More →



Wednesday September 14, 2022 12:10 - 12:50 IST
Wicklow Meeting Room 2 (Level 2)
  Open AI & Data Forum, Data

12:10 IST

Avoiding Pain When Operating in the Cloud - Neil Armitage, Amido
Operating in the cloud can appear to be easy and cheap but turn out to be hard and expensive to the unwary. The cloud can open up apparently unlimited computing resources and tools with the simple swipe of a credit card but on the flip side it can lead to large bills and over engineered solutions. During this talk Neil will hopefully make you aware of some of the pitfalls which he has either made or seen others do over the last 10 years of using public cloud solutions. Together we will discuss what happened and ways of hopefully avoiding the same mistakes. Topics will include how to secure your account and other security gotchas , looking at cost management and operational tips and tricks.

Speakers
avatar for Neil Armitage

Neil Armitage

Senior Consultant, Ensono Digital
Neil Armitage is currently a Senior Consultant at Ensono Digital specialising in deploying and operating large scale cloud deployments for various customers. Having worked at many levels for a diverse range of companies including Skyscanner and VMWare for over 30 years he has built... Read More →



Wednesday September 14, 2022 12:10 - 12:50 IST
Liffey B Part 2 (Level 1)

12:10 IST

Privacy-preserving Approaches to Transparency Logs - Hayden Blauzvern, Google
Append-only transparency logs have become more prominent in infrastructure over the last few years. Certificate authorities include issued certificates in transparency logs for public auditability. Sigstore, a standard for signing and verifying digital artifacts, uses a transparency log to record signing events. Blockchains are built on top of immutable logs. Append-only logs can raise interesting questions, particularly around a right to erasure. Log entries cannot be mutated or removed without impacting the integrity of the log. When an entry in a log contains personally identifiable information and a user requests that information be removed, how can a log operator handle this request? In this talk, we will discuss the technical details of append-only logs and issues around persisting PII in a transparency log, and compare and contrast techniques to provide immutable, auditable logs while preserving users' rights.

Speakers
HB

Hayden Blauzvern

Software Engineer, Google
Hayden is a software engineer on Google's Open Source Security Team, focused on making open-source software more secure. Prior to working in open source, Hayden worked for Google Cloud Platform to provide cloud-based PKI.



Wednesday September 14, 2022 12:10 - 12:50 IST
Wicklow Hall 2B (Level 2)
  SupplyChainSecurityCon, Countering Build Threats

12:50 IST

Lunch (Attendees on Own)
Lunch and snacks can be purchased in The Forum Kitchen in the back of the Sponsor Showcase on the Ground Level. Lunch Maps also available at the Registration Counter (Ground Level Foyer).

Wednesday September 14, 2022 12:50 - 14:20 IST
Lunch Concessions at The Kitchen in the Sponsor Showcase (Ground Level)

12:50 IST

Women & Non-Binary in Open Source Lunch - Sponsored by Google (Open to Women & Non-Binary Attendees)
Women in Open Source Lunch

We’d like to invite all attendees that identify as women or non-binary to join each other for a networking lunch at the event. We will begin with a brief introduction and then attendees will be free to enjoy lunch and mingle with one another. All attendees must identify as a woman or non-binary and must be registered for the conference to attend.

*We will do our best to accommodate all interested attendees, but please note that participation is on a first-come, first-served basis.

Wednesday September 14, 2022 12:50 - 14:20 IST
Level 3 Foyer

13:35 IST

Ask the Expert Session with Chris Schlaeger, AWS
Ask Chris about Linux kernel and Open Source Leadership.

Ask the Expert sessions: Sit down with open source experts to gain knowledge 1:1 and ask all your pressing questions!

No sign-up necessary - just stop by the three round tables in the Sponsor Showcase.

Speakers
CS

Chris Schlaeger

Managing Director, AWS


Wednesday September 14, 2022 13:35 - 14:10 IST
Sponsor Showcase - The Forum

13:35 IST

Ask the Expert Session with Phil Estes, AWS
Ask Phil about Container Runtimes and Open Source Leadership.

Ask the Expert sessions: Sit down with open source experts to gain knowledge 1:1 and ask all your pressing questions!

No sign-up necessary - just stop by the three round tables in the Sponsor Showcase.

Speakers
avatar for Phil Estes

Phil Estes

Principal Engineer, AWS
Phil is a Principal Engineer for Amazon Web Services (AWS), focused on core container technologies that power AWS container offerings like Fargate, EKS, and ECS.Phil is currently an active contributor and maintainer for the CNCF containerd runtime project, and participates in the... Read More →


Wednesday September 14, 2022 13:35 - 14:10 IST
Sponsor Showcase - The Forum

13:35 IST

Ask the Expert Session with Vandana Salve, Prasme Systems
Ask Vandana about Linux kernel internals, device drivers - networking and embedded, and Linux tracing.

Ask the Expert sessions: Sit down with open source experts to gain knowledge 1:1 and ask all your pressing questions!

No sign-up necessary - just stop by the three round tables in the Sponsor Showcase.

Speakers
avatar for Vandana Salve

Vandana Salve

Architect, Prasme systems
Vandana is a leader and expert in the field of Linux and embedded systems and has been extensively involved in kernel and system product development and management ! * Engaged with startups to build Linux embedded Systems for board support packages, device driver development and the... Read More →


Wednesday September 14, 2022 13:35 - 14:10 IST
Sponsor Showcase - The Forum

14:00 IST

Trust Over IP Mini Summit [Pre-Registration Required]
Join the Trust Over IP Summit. You will learn how the Trust Over IP Foundation (ToIP) is leading the way in the design, development, and adoption of a new decentralized identity architecture. This internet-scale architecture will fundamentally reimagine how users interact with applications and services, empowered with agency over their data and choice in how and where it is used.  You will hear from leaders in decentralized identity on how businesses and governments are embracing this new architecture to create convenient, secure, privacy enhancing experiences for their users.
  • Hear directly from globally recognized thought leaders on the impact decentralized identity is having on trusted interactions around the world.
  • See demos that concretely show how this works in the real-world.
  • Participate with hands-on experience of verifiable credentials.
  • Engage with the deep subject matter experts who are building this future, and get to see under the hood with a review of the ToIP architecture and open source specifications.
By joining the summit you will learn how the ToIP Architectural Stack includes governance and accountability at its core to drive confidence on who are the issuers and subjects of digital assets. You will see how this enables trust between entities and the individuals they interact with digitally.
Summit Agenda
Pre-registration is required. To register for Trust Over IP Mini Summit, add it to your Open Source Summit Europe registration.

Wednesday September 14, 2022 14:00 - 17:30 IST
Wicklow Meeting Room 4 (Level 2)

14:20 IST

The Challenges and Solutions of Open Edge Infrastructures - Ildiko Vancsa, Open Infrastructure Foundation
During the past decade cloud computing outgrew the walls of traditional large data centers and started to take over the edge. This technology evolution opened up endless opportunities to create new applications along with better utilizing hardware resources that are closer to the end users. These new opportunities also brought in new challenges, such as complexity, and put well-known ones, like interoperability, back into the spotlight. End-to-end edge infrastructures often grow to a massive scale in a geographically distributed fashion, which results in innovative, but complex solutions that requires high level of automation to handle. Along with the high demands in the software space, hardware solutions are also becoming more diverse that the software layer has to seamlessly support from the core out to the edge. This talk will use current and upcoming use cases to describe the challenges of building and operating infrastructure from core to edge. It will also introduce an open source edge cloud solution, StarlingX, that is already running in production around the globe. The presentation will show how the project is addressing the needs of geographically distributed systems on a large scale.

Speakers
avatar for Ildikó Váncsa

Ildikó Váncsa

Senior Manager, Community & Ecosystem, Open Infrastructure Foundation
As a senior manager I have a strong strategic mindset with an attention to detail and over 10 years of experience in technical leadership. An experienced speaker, I have been on stage in front of thousands of people, work with media and analysts, create strategic content for blogs... Read More →



Wednesday September 14, 2022 14:20 - 15:00 IST
Wicklow Hall 2A (Level 2)
  CloudOpen, Community Management

14:20 IST

Transformative Mediation for your Code of Conduct & Community Management Toolkit - Joanna Lee, Gesmer Updegrove LLP
Transformative Mediation is a powerful tool that can used by Code of Conduct Committees, project leaders, and community members to resolve conflict and respond to Code of Conduct incidents. Transformative Mediation (TM) is a specific approach to mediation that addresses conflict at its core. Rather than imposing a resolution on the parties, TM facilitates understanding and supports and empowers the individuals involved in their own efforts to resolve conflict and improve their interactions. In this presentation, we’ll discuss how TM differs from other types of mediation and why it’s better-suited for resolving conflict in open source communities than more traditional forms of mediation.

Speakers
avatar for Joanna Lee

Joanna Lee

VP of Strategic Initiatives & Legal, CNCF
Joanna Lee is the Vice President of Strategic Initiatives & Legal at CNCF and the Linux Foundation, where she drives complex strategic initiatives that are designed to impact the evolution of open source ecosystems, create high value new programs, improve health and sustainability... Read More →


Wednesday September 14, 2022 14:20 - 15:00 IST
Wicklow Meeting Room 1 (Level 2)
  Community Leadership Conference, Community Management

14:20 IST

Sponsored Session: Integrating Software Stacks with BuildStream 2.0 and the Remote Execution API - Sam Thursfield, Codethink
Do you suffer from any of the following -- unrepeatable builds? A single build server that has to do everything? An in-house caching solution that nobody wants to maintain?

BuildStream is a open source tool for building software stacks with a focus on build correctness and determinism.

The Remote Execution API is a set of standards for linking build tools (BuildStream, Bazel, and more) with infrastructure (caches, build farms, monitoring).

This talk will introduce both and give examples of how they are being used in big projects to achieve safe, repeatable builds.

Speakers
avatar for Sam Thursfield

Sam Thursfield

Senior Software Developer, Codethink Ltd
Sam Thursfield has a decade of experience building and integrating software stacks for clients. He has watched the state of the art progress significantly... but there still seems to be a long way to go!Sam is also a member of the GNOME Foundation and helps to maintain GNOME's desktop... Read More →



Wednesday September 14, 2022 14:20 - 15:00 IST
Liffey Meeting Room 2 (Level 1)

14:20 IST

Tales from the Crypt: Implementing Secure Boot and Disk Encryption on Tegra Platforms - Tim Orling, Konsulko Group
“Secure boot” is not one size fits all, but rather there are different implementations on different platforms. For Tegra platforms, secure boot involves a one-time only burning of keys into the on-device fuses. We’ll share the lessons learned from turning a board into a lovely paperweight as well as the reliable approach we used to confidently secure boot into the vendor’s Ubuntu based OS before creating our own Yocto Project built OS. For disk encryption with LUKS and dm-crypt, we extended our approach of testing the vendor’s OS before moving on to creating our own. The added complexity of unique passphrases derived from disk UUIDs and per-device HW-derived keys was an interesting challenge. We attempted to stay as close to the vendor's tools (luks-srv and luks-srv-app) and design as we could, to hopefully future proof the implementation for newer releases of Linux for Tegra. Extending to A/B flashing for OTA updates (e.g. rauc or mender) added additional challenges, especially when trying to generalize the approach for the meta-tegra community. The end solution must address the bootloader, initramfs, kernel command line, /etc/crypttab, /etc/fstab and more. Add in the complexity of the partition table layout and flashing tools for Tegra platforms and you are in for a wild ride.

Speakers
TO

Tim Orling

Principal Software Engineer, Konsulko Group
Tim Orling is a Principal Software Engineer at Konsulko Group. Tim joined Konsulko Group at the end of 2021. Tim was elected to the OpenEmbedded Board in 2022. He has spent many years as a volunteer developer for OpenEmbedded and the Yocto Project. He has been an open source software... Read More →


Wednesday September 14, 2022 14:20 - 15:00 IST
Liffey Hall 1 (Level 1)

14:20 IST

Panel Discussion: Research Insights Revealed! World of Open Source: Europe Spotlight 2022 - Hilary Carter & Gabriele Columbro, The Linux Foundation; Colin Eberhardt, Scott Logic; Sachiko Muto, OpenForum Europe
Linux Foundation Research in partnership with FINOS, Scott Logic, OpenForum Europe, and a host of other organizations across Europe, recently conducted a study to gain insight into open source trends and dynamics across the European continent. This panel dives into the key findings, and discusses how we can support the flourishing European open source ecosystem now, and in the future!

Speakers
avatar for Sachiko Muto

Sachiko Muto

Chairman, OpenForum Europe
Sachiko Muto is Chairman and former Chief Executive Officer of OFE. She is also a senior research fellow at RISE Research Institutes of Sweden. Prior to OFE, Sachiko worked for several years in public affairs, first in London and then in Brussels. With degrees in Political Science... Read More →
avatar for Gabriele Columbro

Gabriele Columbro

Executive Director, FINOS, Linux Foundation / FINOS
Gabriele is an open source leader and technologist at heart, having spent more than 10 years building thriving communities and delivering business value through open source. He thrives in working with open source communities to drive disruptive innovation, whether it’s for an early... Read More →
avatar for Colin Eberhardt

Colin Eberhardt

Technology Director, Scott Logic
Colin divides his time between leading the R&D team and providing advisory consultancy to clients. Widely recognised as a thought leader, Colin has a reputation throughout development circles as an expert in mobile technologies. He has also directed the team that developed a Securities... Read More →
avatar for Hilary Carter

Hilary Carter

SVP Research & Communications, The Linux Foundation
Hilary Carter is Senior VP of Research & Communications at the Linux Foundation where she leads the creation of decision-useful insights into the open source technologies and standards underpinning much of the digital infrastructure on which the global economy depends. She is the... Read More →


Wednesday September 14, 2022 14:20 - 15:00 IST
Wicklow Meeting Room 3 (Level 2)

14:20 IST

Panel Discussion: KVM-based Virtualization Contributor Q&A - Sean Christopherson, Google; Christoffer Dall, Arm; Will Deacon, Google; Susie Li, Intel; Paolo Bonzini, Red Hat & Moderated by Kashyap Chamarthy, Red Hat
A Q&A panel discussion on a variety of topics related to KVM, QEMU and more. The discussion will be for about an hour. Topics will be chosen based on several sources: a prepared list, audience questions on a live Etherpad, or interesting tangents based on live discussion. Live Etherpad link: https://etherpad.opendev.org/p/KVMForum_2022_Panel

Speakers
avatar for Paolo Bonzini

Paolo Bonzini

Distinguished Engineer, Red Hat, Inc.
Paolo is a Distinguished Engineer at Red Hat and the upstream maintainer for both KVM and various subsystems in QEMU.  As a contributor to QEMU, through the years, he has worked on various parts of the project architecture, including the threading architecture, the test frameworks... Read More →
avatar for Christoffer Dall

Christoffer Dall

Senior Principal Engineer, Arm
Christoffer Dall is the original author of the 32-bit KVM/Arm port and co-maintained KVM/Arm64 for several years before moving on to computer architecture work at Arm. Christoffer works on the Arm Confidential Compute Architecture (CCA) and has +influenced the Arm virtualization architecture... Read More →
WD

Will Deacon

Software Engineer, Google
Will has been working as an upstream Linux kernel developer for over a decade and co-maintains the arm64 architecture port. His background is largely based in low-level concurrency, memory consistency, virtual memory management and system architecture. At Google, he is part of the... Read More →
avatar for Susie Li

Susie Li

Senior Software Engineering Director, Intel
Susie Li is a Senior Software Engineering Director in Intel. She joined Intel in 1999 and had been involved in leadership roles for a variety of software projects, including UEFI/Tiano, virtualization (KVM, Xen, ACRN, HAXM), Linux kernel and OpenStack etc. Susie is a two-time winner... Read More →
avatar for Sean Christopherson

Sean Christopherson

Software Engineer, Google
Sean is an engineer at Google Cloud focused on KVM, and is an upstream co-maintainer for x86 KVM.
avatar for Kashyap Chamarthy

Kashyap Chamarthy

Senior Software Engineer, Red Hat
Kashyap Chamarthy works as part of Red Hat's cloud engineering group. He focuses his efforts on integrating low-level virtualization components (KVM, QEMU, libvirt and related infrastructure) with high-level management software (e.g. OpenStack and others). Over the past 10 years... Read More →


Wednesday September 14, 2022 14:20 - 15:00 IST
Liffey A (Level 1)
  KVM Forum (Joint OSS Track)

14:20 IST

Building an Open Metadata and Governance Ecosystem - Nigel Jones & David Radley, IBM
Metadata provides context around data. Without good metadata we can't make good use of data, and AI will remain very artificial! Egeria is a graduated project at the LF AI & Data supporting an open ecosystem for sharing metadata between tools and platforms. It provides many open types and APIs for supporting Data Governance & extensive options for integration in a distributed, not centralized, architecture. See more at https://egeria-project.org . In this session we'll explain the business problem, and show how Egeria enables open integration between tools from different vendors and communities. We'll show some of our integration patterns and talk about some integration with other LF AI & Data projects such as openlineage. We'll also show a quick demonstration & share information on how to get started, and to join the community. 

Speakers
avatar for David Radley

David Radley

Egeria Maintainer, IBM
David is an Egeria maintainer, who works for IBM. He has worked in the information management space for over 15 years and enjoys developing Egeria to simplify, integrate and manage in information and governance solutions.
avatar for Nigel Jones

Nigel Jones

Egeria Maintainer, IBM
Nigel is a maintainer on the LF AI & Data 'Egeria' project & has been since the project's inception. He is active in collaborating with others on delivering an open, extensible, metadata & governance platform. Prior to this he was working on Data Lake strategy for several years. In... Read More →



Wednesday September 14, 2022 14:20 - 15:00 IST
Wicklow Meeting Room 2 (Level 2)

14:20 IST

What Container Runtime Engine Do I Need? - Abubakar Siddiq Ango, GitLab
Docker made container technology approachable and easy to adopt, but the recent need to replace Docker has opened up several options and complexity, which can be daunting to someone new to Container technologie. Knowing what runtime engine is suited for what type of use case is crucial in making the right choice when reaching for a replacement. In this talk, Abubakar will start with a brief primer about what the Container runtime engines do, the common ones available, what they have in common and what sets them apart. We will also see different use cases applicable to different container runtime engines. At the end of the talk, the listener will be better informed in choosing the most preferred runtime engine for their workload.

Speakers
avatar for Abubakar Siddiq Ango

Abubakar Siddiq Ango

Developer Evangelism Program Manager, GitLab
Abubakar Siddiq Ango is a Developer Evangelism Program Manager at GitLab, where he finds better ways for the Developer Evangelism team to engage with the community and measure its impact. He is a Certified Kubernetes Administrator and when not working, he engages with the community... Read More →



Wednesday September 14, 2022 14:20 - 15:00 IST
Liffey B Part 2 (Level 1)

14:20 IST

EUs Efforts to Secure Open Source Software - Ciara Carey, Cloudsmith
OSS is incredibly positive - without projects like Docker, Kubernetes, Debian, NGINX, Apache, or others, technological innovation would be painfully slow. Its innovation, ease of use, and zero cost meant that nearly every piece of software contains OSS. OSS is everywhere, including data centres, hospitals, e-commerce, phone networks, mobile devices, and power stations. Last year, the Whitehouse issued an Executive Order after the fallout of SolarWinds. This kickstarted the use of SBOMs, a flurry of new projects to protect the supply chain, and the rise of OpenSSF. - How has the EU responded to Critical Threats in OSS? - Are the threats to the EU different from the USA? - The EU is not 1 country but is made up of 27 countries- how does this affect change? - Let's look at Ireland as an example country in EU and how it is affected by threats to the OSS supply chain and how the EU helps. Note, I did a blog on securing OSS projects that helps me talk about this: https://cloudsmith.com/blog/efforts-to-secure-oss-fired-up-after-log4shell/

Speakers
avatar for Ciara Carey

Ciara Carey

Developer Relations, Cloudsmith
Ciara Carey works in Developer Relations at Cloudsmith. Prior to that Ciara worked for over 10 years as a software engineer, mostly developing web apps and services for security, printing, and computer vision. Ciara is a true advocate for developers and believes the emphasis to Shift... Read More →



Wednesday September 14, 2022 14:20 - 15:00 IST
EcoCem Room (Level 2)
  OSPOCon, OSPOs in Academia and Government

14:20 IST

VEXing Open Source Security: Vulnerability Data for Everything - Andrew Martin, ControlPlane & Andres Vega
As CVEs proliferate and vulnerability scanners light up our open source projects, security teams are under increasing pressure that is pushed back onto maintainers, and we deserve better. And as we manage CVEs in our organisations is the quality of the data that we receive sufficient to manage the risk we are faced with every day? The machine-readable Vulnerability Exchange Format data standard may offer us a solution: defining the exploitability of vulnerabilities in the software and dependencies that we ship every day. Can we solve the high volume of false positives, halted releases, and late night? VEX may have the answer.
In this talk we:
- Question the efficacy of current vulnerability management approaches
- Compare the options available for enterprise vulnerability assessment
- Propose a solution to the global CVE deluge
- Suggest a contextual analysis framework for open source software security
- Attempt to enable a brighter future for the industry

Speakers
avatar for Andrew Martin

Andrew Martin

CEO, ControlPlane
Andrew has an incisive security engineering ethos gained building and destroying high-traffic web applications. Proficient in systems development, testing, and operations, he is at his happiest profiling and securing every tier of a cloud native system, and has battle-hardened experience... Read More →
avatar for Andres Vega

Andres Vega

VP of Operations, North America, ControlPlane
Andrés Vega is VP of Operations, North America at ControlPlane focused on helping global banks develop new online capabilities while meeting compliance objectives with a zero trust, continuous security approach. Previously, Andres was the Head of Product Management for Security... Read More →


Wednesday September 14, 2022 14:20 - 15:00 IST
Wicklow Hall 2B (Level 2)

14:20 IST

Ansible 101 - Bruno Cornec, FLOSSITA Association & Frédéric Passeron, HPE
So you want to automate the management of your infrastructure ? Ansible is the perfect fit for that. From hardware platform management using the Redfish protocol, passing through virtualized or containerized infrastructures, network or storage equipments, up to all the tools you may want to deploy in your environment, mail/web servers, ... Come to this workshop in order to understand the principles of Ansible, possibilities offered by the Jinja2 templtaing, et start to udnerstand how you can benefit from this sysadmin swiss army knife tool. To benefit from this workshop, come with a laptop ! !

Speakers
avatar for FREDERIC PASSERON

FREDERIC PASSERON

Master Technologist, HPE
Frederic Passeron works for Hewlett-Packard Enterprise since 2000. He is Enterprise Technical Consultant. He manages solutions around Cloud/Containers and also is responsible for the HackShack knowledge transfer platform. He has been working along the years on Linux and OpenStack... Read More →
BC

Bruno Cornec

Open Source Technology Strategist, FLOSSITA Association
Bruno Cornec has been managing various Unix systems since 1987 and Linux since 1993 (0.99pl14). Bruno first worked 8 years around Software Engineering and Configuration Management Systems in Unix environments. Since 1995, he is Open Source and Linux (OSL) Strategist and Evangelist... Read More →


Wednesday September 14, 2022 14:20 - 15:55 IST
Liffey Meeting Room 3 (Level 1)

15:15 IST

Open Source Ops Fast Track with Operate First - Marcel Hild & Oindrilla Chatterjee, Red Hat
Open source has become the defining way of developing software. But what’s next after releasing the code? Building an infrastructure for a project is hard. What CI/CD pipelines should I use, how to deploy - can I integrate with other services, where are my users? The Operate First community cloud is an environment for developing and operating Cloud Native software and a community of developers, DevOps, and SREs to learn from each other. Built on git-ops and open-source principles with open deployments and operational knowledge, the community provides a solid foundation for your project, so that you can focus on your solution. When the Open Source Climate initiative started out building an open data science platform that aggregates open climate data sets, they required an environment that supports complex data ingestion, processing, and quality management. You will learn how the team took advantage of the Operate First community-supported infrastructure, resolving foundational problems quickly and freeing time to work on the climate and data science problems. We’ll take you on a ride through cloud operations, by re-visiting the journey of the OS Climate community, explaining how your project or community can also become part of a fully open source community cloud.

Speakers
avatar for Marcel Hild

Marcel Hild

Señor Manager, Red Hat
Marcel Hild has 25+ years of experience in open source development and the IT industry. He co-founded a Linux consulting company, worked as a freelance developer, a Solution Architect for Red Hat, and a core Developer for ManageIQ, a Hybrid Cloud Management tool. Now he researches... Read More →
avatar for Oindrilla Chatterjee

Oindrilla Chatterjee

Senior Data Scientist, Red Hat
Oindrilla is a Senior Data Scientist at Red Hat, in the Office of the CTO working on emerging trends and research in ML and AI. She spent the past year developing open source AI applications for CI data.



Wednesday September 14, 2022 15:15 - 15:55 IST
Wicklow Hall 2A (Level 2)

15:15 IST

Stop Reinventing the Wheel! Community Management in 3 Steps - Karsten G Wade, Red Hat
Whether you are leading a project, an engineering team, or any group of humans looking to be successful working within Open Source projects, you are facing the need to teach and reteach (and reteach…) the same information and practices. People need to know what to do, how to do it, and where to do it, while you hope you get them to understand a smattering of why it all matters in the short time you have their attention. This session follows 3 steps to take an existing, Open Source guidebook filled with detailed and specific practices, and turns it into a manual to guide your group or organization in creating, building, and maintaining successful Open Source projects. Written by a diverse group of more than a dozen Open Source expert practitioners, the guide extrapolates and distills knowledge of not just what to do and how to do it, but also why to do it. The chapters and checklists are ready to use and/or modify, and Karsten will chop and mix them live in the session.

Speakers
avatar for Karsten Wade

Karsten Wade

Engineering Manager, Community Infrastructure & Platform, Red Hat
...


Wednesday September 14, 2022 15:15 - 15:55 IST
Wicklow Meeting Room 1 (Level 2)
  Community Leadership Conference, Community Management

15:15 IST

Buildpacks+: A Gradual Move to Cloud Native Image Builds - David Freilich, AppsFlyer
In AppsFlyer’s effort to provide a smooth internal developer experience, we needed to offer our engineers a standard and structured way to build OCI images, regardless of build environment and programming language. Enter Buildpacks. At the same time, changing build systems carries an immense amount of risk - risk we wanted to mitigate at all costs. In this talk, we’ll discuss how we prepared our environment, and utilized Buildpacks to create OCI images that work seamlessly with our current system. Along the way, we’ll highlight how we use an adjustable post-build step to ensure our images fit with the current stage of our deployment system, and to enable a gradual move to container (and cloud native) best practices. We will show how you too can move gradually, seamlessly and safely into modern Container building techniques.

Speakers
avatar for David Freilich

David Freilich

Software Engineer, AppsFlyer
David Freilich is a Software Engineer in the Platform group at AppsFlyer, where he works on providing a smooth developer experience for the entire R&D Department. He is also a platform maintainer for the Cloud Native Buildpacks project. He is passionate about clean code, delightful... Read More →



Wednesday September 14, 2022 15:15 - 15:55 IST
Wicklow Hall 1 (Level 2)
  ContainerCon, Migration and Refactoring

15:15 IST

Booting Automotive ECUs Really Fast with Modern Security Features - Brendan Le Foll, BMW Car IT GmbH
Brendan will explain what is different about using Linux in the automotive segment specifically around the boot time requirements and other interesting performance indicators which are maybe different to other industries. We will show how we use yocto/poky with a mix of android derived features as well as genivi/covesa components to implement internally 10 automotive control units in infotainment, telematics, instrument cluster and body domains. The talk will center around how to handle the challenging 2 seconds rear view camera KPI in Linux userspace as well as other lifecycle KPIs (shutdown, suspend to ram) using a relatively classic systemd/glibc Linux whilst having modern security features enabled (secure boot, dm-verity, ipsec & selinux). We will especially focus on how we configure multiple different SOC platforms to achieve these goals and what hardware characteristics are most important to achieve fast boot times. The talk will then discuss the specific patches and configuration BMW proposed to systemd specifically to allow an 'early' boot target. We would also like to use the opportunity to understand if other industries have similar issues around boot times and if we could work together to jointly maintain a systemd 'fast' profile.

Speakers
BL

Brendan Le Foll

lead software architect, BMW Car IT GmbH
Brendan has worked in a number of different industries always shipping embedded linux product, ranging from small IoT maker class devices to network attached storage devices, set top boxes and in vehicle infotainment solutions. After developing mutiple parts of such systems lately... Read More →



Wednesday September 14, 2022 15:15 - 15:55 IST
Liffey Hall 2 (Level 1)

15:15 IST

Leveraging Next Generation Cellular Networks for Drone Telemetry and Payload Communication - Ngonidzashe Mombeshora, University of Cape Town
Unmanned Aerial Vehicles (UAVs) have seen an increasing adoption by industry and hobbyists realizing an ever-increasing amount of use cases limited only by current available technology. Drone use cases such as autonomous flights and long range surveillance that require beyond visual line of sight command and control are yet to be fully realized with the efficiency for commercial viability. Such limitations include, line of sight usage, data rates and latency limitations. Attempts to solve these problems have resulted in bespoke, non interoperable walled garden solutions. This solution utilizes an open-source mobile network implementation (OpenAirInterface) to realize a software stack, working alongside current open-source hardware and software solutions for drone communication. (Professional drone autopilots (Ardupilot and PX4 support) and Mavlink), to leverage the benefits of 5G New Radio for drone telemetry and payload communication. A 4G LTE, 5G NSA and 5G SA (Non-Standalone and Standalone) test-bed stack will be implemented, and flight tests carried out to draw out the benefits and drawbacks of cellular networks with respect to 1) data rates, 2) latency and 3) beyond line of sight usage.

Speakers
avatar for Ngonidzashe Mombeshora

Ngonidzashe Mombeshora

Masters Student, University of Cape Town
Grew up in the Southern African country of Zimbabwe and then continued further south to pursue a degree in Mechatronics Engineering at the University of Cape Town.They later on continued on their pursuit for education in the form of a Masters degree in Engineering specializing in... Read More →



Wednesday September 14, 2022 15:15 - 15:55 IST
Liffey Hall 1 (Level 1)

15:15 IST

Merging your Kernel Testing Code into KernelCI - Alice Ferrazzi & Hirotaka Motai, MIRACLE LINUX powered by Cybertrust Japan Co., Ltd.
KernelCI is a project focused on testing the upstream Linux Kernel on different hardware with an open testing philosophy and high modularity. Thanks to this approach, KernelCI is expanding its testing ecosystem by allowing new tests and trees to be easily integrated into KernelCI. We will talk about two main ways of growing the current KernelCI ecosystem: Adding to the KernelCI code Using KCIDB (KernelCI’s results aggregation system) From a CIP project (Civil Infrastructure Platform) testing member and KernelCI CIP instance mentor, you will get an overview of the effort of the CIP project to merge its current testing system into KernelCI, and how it is possible to collaborate and send test results to KernelCI using KernelCI’s common reporting system KCIDB. The CIP project tests merged into KernelCI are currently used for testing the CIP Kernel. The CIP Kernel is currently used for example for isar CIP core and EMLinux (an embedded Linux distribution). This talk will give an overview of what we learned from making GKernelCI (Gentoo Kernel automatic testing system) and CIP testing systems collaborate with KernelCI. What we did, what is still missing and what is planned in the future. We hope that this experience will help future collaboration with the KernelCI project.

Speakers
avatar for Hirotaka Motai

Hirotaka Motai

Expert Engineer, MIRACLE LINUX powered by Cybertrust Japan
Tell us about yourself. What should people talk to you about?:I work for Cybertrust Japan as an Expert Software Engineer, a projectleader for embedded systems and also a CIP representative.Our team provides Embedded Linux created by yocto for our customers.I am interested in Real-time... Read More →
avatar for Alice Ferrazzi

Alice Ferrazzi

Senior Engineer, MIRACLE LINUX powered by Cybertrust Japan Co., Ltd.
Alice Ferrazzi is a Gentoo Linux Developer and the Gentoo Kernel Project Leader. She holds Gentoo study meetings in Tokyo, Japan and organizes Gentoo booth at various open source events. Furthermore, she is currently working as IoT Technology division as embedded software engineer... Read More →



Wednesday September 14, 2022 15:15 - 15:55 IST
Liffey Meeting Room 2 (Level 1)

15:15 IST

Fireside Chat with Soumith Chintala, Meta & Dr. Ibraham Haddad, LF AI & Data Foundation and PyTorch Foundation
Join us for a conversation between Soumith Chintala and Ibrahim Haddad about the creation of PyTorch Foundation. Over 150,000 developers and 18,000 organizations work with PyTorch today. In this conversation you will learn about:
  • PyTorch’s evolution as an open source project
  • Where PyTorch is used in production environments and in academic settings
  • Next steps for the project under the PyTorch Foundation

Speakers
avatar for Dr. Ibrahim Haddad

Dr. Ibrahim Haddad

Executive Director, LF AI & Data Foundation and PyTorch Foundation
Dr. Ibrahim Haddad is the Executive Director of LF AI & Data and maintainer of the Open Source AI & Data landscape, an industry reference to key open source projects in the AI and Data domains. Throughout his career, Haddad held technology and portfolio management roles at Ericsson Research, the Open Source Development Labs, Motorola, Palm, Hewlett-Packard, the Linux Foundation, and Samsung Research... Read More →
avatar for Soumith Chintala

Soumith Chintala

Lead PyTorch Maintainer, AI Researcher, Meta
Soumith Chintala is a researcher in AI, currently at Meta. Soumith is well known for creating and leading PyTorch, a widely used AI framework. Soumith has published widely on high-performance machine learning systems, generative models and computer vision algorithms. He holds a Masters... Read More →


Wednesday September 14, 2022 15:15 - 15:55 IST
Liffey Meeting Room 1 (Level 1)
  Emerging OS Forum

15:15 IST

How Open Source Helps a Grid Operator with the Challenges of the Energy Transition - Jonas van den Bogaard & Nico Rikken, Alliander N.V.
The energy transition poses new challenges to all parties in the energy sector. For grid operators, the rise in renewable energy and the electrification of energy consumption drives the grid to its limits. By using open source, participating in Open Source projects, Open Sourcing internal projects like OpenSTEF and Power Grid model, and being a member of LF Energy, the Dutch Grid Operator Alliander aims to unleash the power of open source collaboration to further the energy transition. OpenSTEF provides a complete software stack that forecasts the load on the electricity grid for the next hours to days. Given a time series of measured load or generation, a fully automated machine learning pipeline is executed which delivers a probabilistic forecast of future load. Power-grid-model is a Python library for steady-state distribution power system analysis. Currently, it supports the following calculations: 1) Symmetric and asymmetric power flow calculation with Newton-Raphson method and linear method, and 2) Symmetric and asymmetric state estimation with an iterative linear method. In this talk, we will tell you more about the OpenSTEF project and Power Grid Model project, and how these projects support the adoption of renewable energy in the Netherlands.

Speakers
avatar for Jonas van den Bogaard

Jonas van den Bogaard

Solution Architect & Open Source Advocate, Alliander N.V.
Jonas van den Bogaard is a solution architect & Open Source Advocate at Alliander, a distribution system operator (DSO) in the Netherlands. Alliander provides reliable, affordable, and accessible energy transport and distribution to a large part of the Netherlands. He is involved... Read More →
avatar for Nico Rikken

Nico Rikken

Solution architect & DevOps engineer, Alliander N.V.
Nico Rikken is a trained electrical engineer working in IT as a solution architect and DevOps engineer, using Open Source software like Kubernetes. He has been actively involved in the Free Software community since 2014 and is currently the Country Coordinator Netherlands for the... Read More →



Wednesday September 14, 2022 15:15 - 15:55 IST
Wicklow Meeting Room 3 (Level 2)
  Emerging OS Forum, Climate & Sustainability

15:15 IST

Open-Source QEMU and RTL Co-simulation - Edgar Iglesias, AMD
In this talk Edgar will show how AMD-Xilinx uses QEMU in all phases of its SoC/FPGA development programs. Edgar will explain how QEMU helps AMD-Xilinx to do SW development earlier and how users can co-develop SW along with HW/RTL. Edgar will explain the basics of co-simulation and cover various Open-Source tools and frameworks that are used together with QEMU to create Open-Source co-simulation setups targeting both SW development and RTL development. Edgar will explain how QEMU works together with Verilator (an Open-Source Verilog simulator) and libsystemctlm-soc, an Open-Source co-simulation framework largely developed in the DARPA POSH program that implements SystemC/TLM-2.0 transactors, RTL transactors, FPGA Hardware-in-the-loop and more.

Speakers
EI

Edgar Iglesias

Principal Software Engineer, AMD
Edgar Iglesias is a Principal Software Engineer at AMD-Xilinx. He has over 25 years of experience working primarily in the areas of Embedded Systems, Virtual Platforms and Co-simulation. Over the years, he has contributed to numerous Open-Source projects (such as QEMU) and has previously... Read More →


Wednesday September 14, 2022 15:15 - 15:55 IST
Liffey A (Level 1)
  KVM Forum (Joint OSS Track)

15:15 IST

Building Robust ML Production Systems Using OSS Tools for Continuous Delivery for ML (CD4ML) - Dr. Fabio M. Grätz, Merantix Momentum
Teams living a DevOps culture leverage continuous integration & continuous delivery (CICD) to frequently and reliably release software, rapidly launch new features, and maintain robustness through testing and automation. In contrast to that, most ML teams test and deliver their models manually and infrequently, leading to long and error-prone delivery cycles. Data and hyper parameter configuration lack versioning, making lineage tracking and reproducing results difficult. ML has been described as a “High Interest Credit Card” as high maintenance cost can be incurred. To reduce this risk, continuous delivery for ML (CD4ML) extends CICD by introducing software best practices to ML: data, code, and hyper parameters are versioned, the process from data validation to model deployment is automated and tested. Statistical metrics of deployed models are monitored to trigger retraining if models decay. Fabio shows how ML-teams at Merantix Momentum live a MLOps culture and use vendor-agnostic OSS tools to build robust ML production systems for various industries: Flyte (workflow orchestration on Kubernetes), Mlfow, Squirrel (data mesh and versioning), Hydra (configuration), and seldon (deployment) are combined to build ML-systems that continuously train, test, deploy, and monitor models.

Speakers
avatar for Dr. Fabio M. Grätz

Dr. Fabio M. Grätz

MLOps Lead, Merantix Momentum
Dr. Fabio Grätz leads MLOps at Merantix Momentum. His team provides a self-serve internal developer platform (IDP) with opinionated services for building robust and maintainable ML production systems: ML-teams combine these services to bridge the gap between development and operations... Read More →


Wednesday September 14, 2022 15:15 - 15:55 IST
Wicklow Meeting Room 2 (Level 2)

15:15 IST

With FinOps Through the Cloud Cost Jungle - Vanessa Kantner & Vivien Pfeiffer, Liquid Reply
Today, the public cloud is ubiquitous. Through scalability and self-service capabilities, the cloud usage jungle grows unmanaged and wild. Engineers spin-up new cloud resources by the push of a button. Due to the on-demand nature of the cloud, in contrast to before, there are no standardized procurement or controlling processes in place to oversight the cloud development within the company. The loss of control is accompanied by the loss of transparency and a rising pile of resource waste. The FinOps approach and the FinOps Foundation, which coined the word, dedicate itself to continuously enhancing best practices around cloud financial management within an active open source community. This session covers how people in technical roles – engineers, product owners or project managers – can support cloud cost and usage transparency with the goal of preventing overspending and creating the most value out of the cloud. Vivien and Vanessa show you the ropes through the cloud cost jungle and share with you FinOps best practices to integrate into your daily work.

Speakers
avatar for Vivien Pfeiffer

Vivien Pfeiffer

FinOps Consultant, Liquid Reply
Vivien has a special interest on the analysis for Cloud Cost Management with the goal of getting the most value for her customers out of their cloud usage. She supports the customer end-to-end on their cloud journey with a focus on AWS. On this journey, she specializes on knowledge... Read More →
avatar for Vanessa Kantner

Vanessa Kantner

Manager FinOps, Liquid Reply
Vanessa is a Manager leading the FinOps topic within Liquid Reply. She works with many different clients, from SMEs to large corporations in the insurance and automotive industry, developing and implementing the FinOps strategy using AWS, Azure, GCP or a multi-cloud mixture of those... Read More →



Wednesday September 14, 2022 15:15 - 15:55 IST
Liffey B Part 2 (Level 1)

15:15 IST

Gitsign – Keyless Git Commit Signing - Billy Lynch, Chainguard Inc
Tools like cosign have made it easy to improve software supply chains by making it simple to sign containers. But securing software supply chains means more than just signing containers! Ideally, every step in our release pipeline should be signed — from the artifacts we produce tracing back all the way to the source they originated from. In this talk, we'll take a look at Gitsign, one of Sigstore's latest projects that brings "keyless" signing to Git. We'll dive into how Gitsign works and how it fits into the rest of Sigstore, as well as how it can be applied to your development, CI/CD, and GitOps workflows.

Speakers
avatar for Billy Lynch

Billy Lynch

Staff Software Engineer, Chainguard Inc
Billy is a staff software engineer at Chainguard, working on developer tools and securing software supply chains for everyone! He is an active contributor and maintainer to the Sigstore and Tekton projects, and is the creator of gitsign. Prior to working at Chainguard, Billy worked... Read More →



Wednesday September 14, 2022 15:15 - 15:55 IST
Wicklow Hall 2B (Level 2)

16:10 IST

16:40 IST

RecoverMonitor: Edge-enabled Open-source Wearable Devices for Monitoring Healthcare Remote Patient Recovery with Precision and Efficiency - Peng Du & Preston Lau, Futurewei Technologies
Patient monitoring has always been a critical aspect in the recovery of healthcare patients. Towards that goal, this talk provides an in-depth overview of how open-source wearables devices using cloud & edge-computing platform can provide precision and efficiency to healthcare providers. Our use case enables tracking, monitoring, and alerting in various scenarios and settings, such as around-the-clock health remote monitoring of smart data like body temperature, blood oxygen, and heart rate of the patients. The goal is to ensure patient safety during medical procedure recovery and/or rehabilitation. This talk provides valuable insights into building secure and reliable applications for wearable devices using open-source operating system together with an open-source edge computing platform called KubeEdge, which offers the benefit of lower latency and enhanced end-user experience to patients. Our talk demonstrates the benefits and opportunities evolving out of the open-source ecosystem towards enablement of the next generation emerging applications landscape. A cloud-edge synergy based smart early warning system can be built to support healthcare providers to evaluate the data and offer treatment and prevention.

Speakers
avatar for Preston Lau

Preston Lau

Senior Director of Strategy & Business Development, Futurewei Technologies
Preston Lau is the senior director of strategy & business development at Futurewei Technologies. In his current role, He is leading cross-functional strategies for AI machine learning and open source initiatives in support of the company growth in new markets & new innovative product... Read More →
avatar for Peng Du

Peng Du

Principal Software Architect, Futurewei Technologies
Dr. Du works as a Principal Software Architect at Futurewei Technologies. He contributes to the advancement of Kubernetes cluster resource management, scheduling system, container runtime, etc. Before Futurewei, Dr. Du worked at Amazon AWS and Microsoft Azure. Dr. Du holds a PhD in... Read More →


Wednesday September 14, 2022 16:40 - 17:20 IST
Wicklow Hall 2A (Level 2)
  CloudOpen, Edge Cloud Computing

16:40 IST

Sponsored Session: Killing the Reverse Proxy from the Inside: the Evolution of NGINX Unit - Liam Crilly, NGINX
NGINX as a web server and reverse proxy has been integral to the architectural patterns for web services and applications for over a decade. From the LEMP stack, to containerized apps, to Ingress Controllers for Kubernetes. But in another open source NGINX project, there is a mission to kill the reverse proxy because it represents an unnecessary layer in the application stack that results in application behaviour being described in several places. In this session we explore the challenges of distributed configuration in cloud-native infrastructure, and the complexities that this leads to.  We contrast this with the benefits of killing the reverse proxy and designing for a simpler application stack. Finally, we introduce NGINX Unit, created by the original NGINX team on an evolved architecture with a vision of delivering a simpler architecture for web applications.

Speakers
avatar for Liam Crilly

Liam Crilly

Sr Dir Product Management, NGINX
Liam Crilly, Senior Director of Product Management at F5, leads the NGINX Unit incubation group. Liam has 20 years experience in the Internet industry. He knew it was going to be a big deal when he wrote his first web app in 1993, at the dawn of the graphical Internet. Prior to joining... Read More →



Wednesday September 14, 2022 16:40 - 17:20 IST
Liffey Meeting Room 1 (Level 1)
  CloudOpen

16:40 IST

The Business Of Open Source: How Big Money, Investors, and Greed are Changing Open Source Forever - Donnie Berkholz, Percona
The changing landscape of the open-source industry has taken a potentially dark turn in the last few years. Instead of focusing on inclusion, innovation, and collaboration a new generation of so called open source drive companies has emerged flush with investor money and looking to maximize the returns for their investors and shareholders at all costs. In an effort to accelerate “revenue” and “profits” these companies are looking to rewrite the definition of what they consider open source. We are in a battle for not only the hearts and minds of the FOSS community but our collective future. As new developers start open source projects more will be compelled to choose more restrictive licensing models ( i.e. SSPL ), invest less in the community, and “control” as much of the code and product as possible. I will talk about the trend, talk about the common business models, and offer a few alternatives.

Speakers
avatar for Donnie Berkholz

Donnie Berkholz

SVP Product, Percona
Donnie Berkholz, Ph.D., is SVP Product Management and a member of the Executive Management Team at Percona. His background includes leadership, advisory, and engineering roles at organizations including Docker, Scale Venture Partners, travel-tech leader CWT, 451 Research, RedMonk... Read More →



Wednesday September 14, 2022 16:40 - 17:20 IST
Wicklow Meeting Room 1 (Level 2)

16:40 IST

How Testability Drives Observability - Ken Hamric, Tracetest (Kubeshop)
So you have OpenTelemetry tracing working, but how good is the data contained in the traces? Have you ever had a production issue, looked at the trace and thought “I still can’t tell what is going on!”. We need QA for our Traces… or at least a process that drives them to improve over time. Trace-based testing is a technique that is becoming popular to test systems at an integration or end-to-end level by applying assertions against the data contained in an OpenTelemetry (OTel) trace. Trace-based testing provides much deeper testing than traditional black box testing because it takes advantage of the richness of the information contained in the trace. We will demonstrate via a live coding exercise that utilizing trace-based testing not only allows you to quickly increase test coverage, but the practice results in improved traceability. In this session, Ken will look at a failure scenario and the associated trace. He will then work through the process of creating a trace based test to cover this scenario, improving the OTel instrumentation as part of this process. With the test completed, he will show how the addition of the data also improves the trace, increasing observability.

Speakers
avatar for Ken Hamric

Ken Hamric

Founder, Tracetest (Kubeshop)
Ken has been a developer for 35 years and has founded multiple tech startups, including CrossBrowserTesting.com and his latest open source project, Tracetest.io. Tracetest allows you to build deep integration tests graphically via your OpenTelemetry based traces.



Wednesday September 14, 2022 16:40 - 17:20 IST
Wicklow Hall 1 (Level 2)

16:40 IST

Automating and Managing an IoT Fleet Using Git - Matthias Lüscher, Schindler AG
During this presentation, the listener will learn how software dinosaurs (meant positively) like Debian can be combined with modern tools like Ansible, git and Mender by applying best practices like GitOps and infrastructure as code. The outcome will be a highly scalable, robust and traceable embedded fleet setup that is easy to operate with a reduced number of tools at a global scale using a modest server infrastructure. During the presentation a concrete example of managing an individual IoT device will be shown. The IoT device will furthermore receive an automatically built OS image that gets dispatched over the air. Hardware-in-the-loop testing guarantees the quality of the OS image. Finally a sample IoT fleet of seven devices (5 Raspberry Pis, 1 Compulab IoT gateway, 1 Variscite SOM on a development board) will be managed using a git repository instead of a typical IoT fleet management tool. The presentation done by Matthias Lüscher shall encourage the audience to discover tools and best practices from other domains and apply them successfully to embedded projects.

Speakers
avatar for Matthias Luescher

Matthias Luescher

Principal Engineer, Schindler AG
I am working at Schindler AG as a Principal Engineer. During my daily job I am responsible for the OS and container setup of more than 300k IoT gateways. As I am interested in open source software, security, IoT and DevOps and eager to automate boring workflows I created edi - a tool... Read More →



Wednesday September 14, 2022 16:40 - 17:20 IST
Liffey Hall 1 (Level 1)

16:40 IST

How to Get Your DT Schema Bindings Accepted in Less than 10 Iterations - Krzysztof Kozlowski, Linaro
New Devicetree bindings are expected to be in DT schema (YAML) format. Progressively we also convert existing TXT bindings to this format. In the talk, Krzysztof will shortly describe best and expected practices, common mistakes and useful tricks when writing new DT schema bindings or when converting from existing TXT format. Hopefully the session will serve as a cheat sheet when writing new DT schema bindings. Expected knowledge: Devicetree, bindings and some existing experience with DT schema (YAML)

Speakers
avatar for Krzysztof Kozlowski

Krzysztof Kozlowski

Linux Kernel Maintainer, Linaro
Krzysztof Kozlowski is an active Linux kernel developer, working currently for Linaro on upstream development of Qualcomm ARM/ARM64 SoCs. Krzysztof maintains several upstream Linux kernel subsystems: devicetree bindings (as a co-maintainer with Rob Herring), Memory controller drivers... Read More →



Wednesday September 14, 2022 16:40 - 17:20 IST
Liffey Meeting Room 2 (Level 1)

16:40 IST

Implementing UEFI-based Secure Boot + OTA Update for Embedded ARM Devices - Jan Kiszka & Christian Storm, Siemens AG
At ELC 2020, we presented our concept of securing the boot phase of updatable embedded devices leveraging UEFI Secure Boot. Applying this concept to a real 64-bit ARM device revealed some surprising rough edges lurking around the corners. In this talk, we dive into these issues and present solutions found while the journey. We explain how to adopt the pre-integration of an Over-the-Air Update method combined with Secure Boot that has been upstreamed to the Civil Infrastructure Platform project. In particular UEFI-based Secure Boot via U-Boot, hardening U-Boot for that, building unified kernel images with device tree override options, and creating a read-only rootfs with persistent overlays plus their integrity protection is covered. Although the pre-integration is done with the Debian-based embedded system builder Isar, the concepts and solutions presented are generic and easily transferable to other (meta-)distributions.

Speakers
avatar for Jan Kiszka

Jan Kiszka

Principal Key Expert, Siemens AG
Jan Kiszka is working as consultant, open source evangelist and Principal Key Expert Engineer in the Competence Center Embedded Linux at Siemens Technology. He is supporting Siemens businesses with adapting, enhancing or strategically driving open source as platform for their product... Read More →
avatar for Christian Storm

Christian Storm

Senior Key Expert, Siemens AG
Christian Storm works as Open Source consultant, Architect and Developer for Siemens Technology.



Wednesday September 14, 2022 16:40 - 17:20 IST
Liffey Hall 2 (Level 1)

16:40 IST

How the Lessons of COVID-19 are Helping to Improve Healthcare Delivery - Adam Fowler, VMware
Consumer mobile devices were used for Digital Contact Tracing during COVID-19. This rapidly created innovations in Bluetooth Low Energy based messaging protocols and reliability, decentralised healthcare data analysis, and privacy and data sovereignty. These lessons are now being applied to the wider healthcare landscape. This session will focus on how the lessons learnt from COVID-19 open source software through the Linux Foundation Public Health projects, including Herald an opensource reliable messaging platform that started by supporting Bluetooth Low Energy, are currently being applied more broadly, and what is coming over the next 12-36 months. For hospitals, tracking hospital equipment and biopsies to reduce waste and improve patient outcomes is a primary focus. The technology is also being applied to assist with patient monitoring and safety. In-hospital navigation is also being trialed. A future innovation is replacing pagers in hospitals with a more reliable method providing greater patient context, and the ability to respond more quickly. For individual health, fully decentralised digital contact tracing with less privacy concerns than is currently possible is being worked on. Applying machine learning on wearables, and patient data privacy and consenting too.

Speakers
AF

Adam Fowler

Advisory Platform Architect, VMware, Inc.
Platform Architect, Modern Applications Business Unit (Tanzu), VMware at VMware. Maintainer of the Herald open source reliable consumer Bluetooth & COVID-19 tech project. Chair Linux Foundation Public Health (LFPH) TAC. VMware rep to ETSI eHealth TC. Chair Open::UK Healthcare Data... Read More →


Wednesday September 14, 2022 16:40 - 17:20 IST
Wicklow Meeting Room 3 (Level 2)
  Emerging OS Forum, Public Health/COVID

16:40 IST

Unifying Confidential Attestation - Tobin Feldman-FItzthum & Dov Murik, IBM
With the recent rise of several confidential computing technologies, the term attestation has become overloaded. Different platforms offer attestations with different properties and flows, none of which match with traditional techniques. This talk will highlight crucial differences between SEV-ES, SEV-SNP, and Intel TDX. This talk will also discuss strategies for reconciling these differences and unifying confidential attestation. One approach is for each platform to support a secure vTPM backed by the hardware root of trust. This would allow standardization between platforms and between confidential and traditional workloads. This talk will discuss the feasibility and complexities of implementing and deploying secure vTPMs. This talk will also discuss the Confidential Containers Attestation Agent, another approach for unified attestation, that does not require extensive guest or host support. This talk will also highlight related approaches such as those proposed in the Libvirt community and offer some conclusions about where standardization makes the most sense.

Speakers
TF

Tobin Feldman-FItzthum

Software Engineer, T.J. Watson IBM Research Center
Tobin Feldman-Fitzthum is a Software Engineer at the T.J. Watson IBM Research Center. He works on secure virtualization and confidential computing. Tobin was a founding maintainer of the Confidential Containers CNCF Sandbox Project. He has also worked on encrypted disks and fast live... Read More →
avatar for Dov Murik

Dov Murik

Research Staff Member, IBM
Dov Murik is a Research Staff Member in IBM Research, working on various aspects of information and system security, and recently focusing on confidential computing. Previously he worked on malware detection, phishing prevention, and AI security. Before that he was part of IBM Trusteer... Read More →


Wednesday September 14, 2022 16:40 - 17:20 IST
Liffey A (Level 1)
  KVM Forum (Joint OSS Track)

16:40 IST

QEMU: Emulating Your Way to Success - Ben Dooks, Codethink
QEMU is a versatile virtualiser and emulator that runs and emulates many of today's modern systems. It can be helpful in many projects from developing new Linux systems or drivers, creating test rigs, bootstraping distributions to tinkering with new systems without having to leave the comfort of your PC. Codethink has used QEMU in a number of projects from effective testing of a new low-level kernel feature (where emualting a different X86 from the devleoper laptop is very useful), virtualised hardware to be used in test farms to allow emulation for software development of the boot-stack  of a yet-to-be-delivered SoC. With all the different aspects, we'll look at the emulation modes, the interfaces that qemu provides and how it can be used to provide flexible support.

Speakers
BD

Ben Dooks

Senior Engineer, Codethink
Ben Dooks, Senior Engineer and Open Source Consultant with more than 15 years’ experience contributing to Linux Kernel. Dooks joined Codethink 8 years ago, and since then he's been involved in a range of projects involving the Linux kernel, such as the MEG project, amongst othe... Read More →



Wednesday September 14, 2022 16:40 - 17:20 IST
Auditorium (Level 3)

16:40 IST

Diskless Booting of RPi 400 Using Bootp, tftp, iscsi and NFS - Pascal van Dam, Poortier Management
The RPi 400 are ideal candidates that can replace workstations in class rooms. Running a 4 c-core ARM64 processor, 4GiB of memory, a network adapater and video connectors built in a small 'keyboard' casing make them ideal replacements for class room workstations. However the SD cards that these SBCs boot from are very fragile. Booting from USB sticks would be better, but having them boot remotely over the network would also solve the management problem. In this presentation Pascal will talk you to the process of engineering a solution that will allow the RPi 400 but also other Raspberry Pi's to boot from the network. The PIs will bootstrap using bootp and tftpboot and then connect an iSCSI root disk to boot from. In the talk I will discuss issue we faced like how to keep the kernel and initrd up-to-date after doing an OS upgrade. The whole solution is automated with Ansible so one can quickly roll out tens of RPi 400's. The icing on the cake is central user management with a NFS based home share and centralized user management either by FreeIPA or Active Directory with Samba.

Speakers
PV

Pascal van Dam

Linux & K8S Architect, Poortier Management
Pascal is a proud father of 4 sons. The eldest one has already joined the company and the 2nd eldest one is eager to join the company in 2022. He is working in the IT branche since 1996 and has worked for several companies like IBM, Cap Gemini, Belastingdienst, ING and Robeco. Right... Read More →


Wednesday September 14, 2022 16:40 - 17:20 IST
Liffey Meeting Room 3 (Level 1)

16:40 IST

Getting Into Linux Kernel Development After 30 Years - Muhammad Usama Anjum, Collabora
Linux Kernel has celebrated its 30th anniversary. As an open-source project, it constantly needs new developers and contributors who are ready to dive deeply into so much old codebase, which is evolving every minute. The documentation of all the components isn't available and even if it is available, it isn't updated from where the beginners should start understanding and contributing. There are several efforts to entice new people through trainings, internships, and easy communication mechanisms. All of these will be mentioned in my talk, including some paths which the newbies have taken to successfully become Linux Kernel developers. This talk will serve as awareness and advice to kernel newbies.

Speakers
avatar for Muhammad Usama Anjum

Muhammad Usama Anjum

Software Developer, Collabora
Muhammad Usama Anjum is a Consultant Linux Kernel Developer at Collabora in the Core Kernel Team. He is passionate about the Linux Kernel. He has worked on several components of the Linux Kernel and has made several contributions. His areas of interest include ChromeOS and gaming... Read More →



Wednesday September 14, 2022 16:40 - 17:20 IST
Liffey B Part 2 (Level 1)

16:40 IST

When Your Open Source Tool Turns to the Dark Side - Dotan Horovits, Logz.io
Imagine waking up one morning to find out that your beloved open source database, which lies at the heart of your system, is being relicensed. What does that mean? Can you still use it as before? Could the new license be infectious and require you to open source your own business logic? This doom’s day nightmare scenario isn’t hypothetical. It is, in fact, very real, for databases and other OSS, with several examples over the past year alone. On this talk Horovits will review some of the less known risks of open source, and share his lessons learned from Elasticsearch’s recent relicensing move, as well as other case studies from the past year. If you use OSS, you’ll learn how to safeguard yourself. If you’re in the process of evaluating a new OSS, you’ll learn to look beyond the license and consider additional criteria. If you're debating open-sourcing a project, you'll gain important perspectives to consider.

Speakers
avatar for Dotan Horovits

Dotan Horovits

Principal Developer Advocate, Logz.io
Horovits lives at the intersection of technology, product and innovation. With over 20 years in the hi-tech industry as a software developer, a solutions architect and a product manager, he brings a wealth of knowledge in cloud computing, big data solutions, DevOps practices and more.Horovits... Read More →



Wednesday September 14, 2022 16:40 - 17:20 IST
EcoCem Room (Level 2)
  OSPOCon, OSPO Lessons Learned

16:40 IST

Attesting Practically: Exploring the Glue Behind Secure Runtime Environments - Jim Bugwadia, Nirmata
Attestations are rapidly gaining popularity in the software supply chain security community. But most people don’t yet have a practical understanding of how to use them to improve their existing software delivery pipelines, or how they can help you secure your runtime environments. In this talk, Jim will explore how to use Cosign, in-toto attestations, and VEX documents to act as the connective tissue between scanners and policy engines like Kyverno to create secure and auditable runtime environments. He will walk through an end-to-end flow that demonstrates how this system will allow you to react to software security threats and triage them effectively — allowing your teams to focus on critical issues and navigate through the noise and chaos.

Speakers
avatar for Jim Bugwadia

Jim Bugwadia

Co-founder and CEO, Nirmata
Jim Bugwadia is a co-founder and the CEO of Nirmata, the Kubernetes policy and governance company.  Jim is an active contributor in the cloud native community and currently serves as a co-chair of the Kubernetes Policy and the Multi-Tenancy WG. Jim is also a creator and maintainer... Read More →



Wednesday September 14, 2022 16:40 - 17:20 IST
Wicklow Hall 2B (Level 2)
  SupplyChainSecurityCon, Countering Dependency Threats

16:50 IST

Lightning Talk: Scoring Dependencies to Detect “Weak Links” in your Open-source Software Supply Chain - Ashish Bijlani, Ossillate, Inc.
From a benign left-pad beginning to recent protestware, software supply chain attacks on open-source package managers such as NPM and PyPI have grown manifold. Bad actors today leverage highly sophisticated techniques such as typo-squatting, repo-jacking, and social engineering to "supply" malicious dependencies. Yet, there is no robust way to measure such risks.

This talk will present PACKJ, an open-source data-driven tool to score dependencies and measure the level of potential supply chain risks. It checks for several risky code/metadata attributes that indicate malware or make a package vulnerable to typo-squatting, account hijacking attacks. These attributes are empirically identified in our study of 651 publicly documented malicious packages. Risk scores can be customized to match the threat model. Using PACKJ, we have already identified several abandoned and malicious packages. This presentation will include a brief demo and highlight our findings.

Speakers
AB

Ashish Bijlani

Research Scientist, Ossillate, Inc.
Ashish is a published author and researcher with a Ph.D. in Computer Science from Georgia Institute of Technology and extensive experience in building secure systems software from the ground-up. He has worked in the industry for over a decade, coupled with nearly a decade of top-tier... Read More →


Slides pdf

Wednesday September 14, 2022 16:50 - 17:00 IST
Wicklow Meeting Room 2 (Level 2)

17:30 IST

Introducing the libblkio High-performance Block I/O API - Stefan Hajnoczi & Alberto Faria, Red Hat
Applications are increasingly integrating high-performance I/O interfaces such as Linux io_uring, userspace device drivers, and vhost-user device support. The effort required to add each of these low-level interfaces into an application is relatively high. libblkio provides a single open source API for efficiently accessing block devices and eliminates the need to write custom code for each one. Designed to work on bare metal, inside containers, and in virtual machines, libblkio enables applications to run in each of these environments without rewriting code. Blocking, event-driven, and polling mode are supported and give applications the choice of I/O model, making it easy to integrate libblkio into existing applications. The new libblkio QEMU block driver and fio ioengine allow virtual machines and benchmarking workloads to take advantage of libblkio today. We will discuss the libblkio API design, available drivers, and roadmap so that more applications can benefit from libblkio.

Speakers
avatar for Stefan Hajnoczi

Stefan Hajnoczi

Senior Principal Software Engineer, Red Hat
Stefan works on QEMU and Linux in Red Hat's Virtualization team with a focus on storage, VIRTIO, and tracing. Recent projects include libblkio, virtiofs, storage performance optimization for NVMe drives, and out-of-process device emulation. Stefan has been active in the QEMU community... Read More →
AF

Alberto Faria

Software Engineer, Red Hat
Alberto is a graduate student and has recently joined Red Hat's Virtualization team. His work focuses on storage, and he has previously conducted academic research into that same field.


Wednesday September 14, 2022 17:30 - 18:10 IST
Liffey A (Level 1)

17:30 IST

Embedded Linux Conference Technical Showcase
"Seeing is believing!" Unlike in Desktop or Server applications of Linux, in embedded systems Linux technology is usually unseen. Although it is a challenge, we want to expose Linux software and techniques so that other developers who are interested in this technology can learn, and become potential contributors themselves. We hope that through opening up technical details and projects (in the way of Open Source development), these demonstrations will provide insights that are helpful to developers.

Wednesday September 14, 2022 17:30 - 19:00 IST
The Forum (Ground Level)

17:30 IST

Sponsor Showcase Booth Crawl & Onsite Attendee Reception
Everyone is invited to join their fellow attendees after sessions conclude for drinks, canapés, networking, and the opportunity to check out the latest and greatest sponsor products and technologies!

Wednesday September 14, 2022 17:30 - 19:00 IST
The Forum (Ground Level)
 
Thursday, September 15
 

06:45 IST

5K Fun "Run"

5k Fun "Run"


Don’t forget to pack your running gear because the Fun “Run” is on! This activity is great for all fitness levels as there will be (3) pace groups: walking, jogging, and a running group.
Our local guides will take you past some of Dublin’s most famous landmarks including the Custom House, O’Connells, and the Halpenny bridges. We’ll head into the heart of Temple Bar to see cobblestone streets and the unique local pubs before passing through the grounds of Dublin Castle and St Patrick’s Cathedral to the front square of Trinity College. You’ll hear tales and secrets about these memorable buildings as we take it all in on foot.

There is no cost to participate and space is available on a first-come, first-served basis.

*Participants must be registered for the event, have their event badge, and will be required to provide their own running attire and water.

Thursday September 15, 2022 06:45 - 08:00 IST
CCD Entrance

08:00 IST

08:00 IST

08:00 IST

08:00 IST

09:00 IST

Keynote: Linus Torvalds, Creator of Linux & Git, in conversation with Dirk Hohndel, Chief Open Source Officer, Cardano Foundation
Speakers
avatar for Dirk Hohndel

Dirk Hohndel

Chief Open Source Officer, Cardano Foundation
Dirk is the Chief Open Source Officer of the Cardano Foundation, focused on creating a vibrant open source third party contribution ecosystem for the Cardano infrastructure. Dirk was previously VMware’s Chief Open Source Officer, where he lead the company’s Open Source Program... Read More →
avatar for Linus Torvalds

Linus Torvalds

Creator, Linux & Git
Linus was born on December 28, 1969, in Helsinki, Finland. He enrolled at the University of Helsinki in 1988, graduating with a master’s degree in computer science. His M.Sc. thesis was titled “Linux: A Portable Operating System” and was the genesis for what would become the... Read More →


Thursday September 15, 2022 09:00 - 09:25 IST
Auditorium (Level 3)
  Keynote Sessions
  • Content Experience Level Any

09:30 IST

Keynote: Open Source, Open Internet, and Open Standards - Emilio Salvador, Head of Standards, Open Source Program Office, Google
Speakers
avatar for Emilio Salvador

Emilio Salvador

Head of Standards, Open Source Program Office, Google
Emilio Salvador has built a career on helping developers adopt the latest technologies and frameworks while working at Microsoft, Amazon, and since 2019 Google. He is now part of the Google Open Source Program Office where he is leading its standards and compliance efforts.


Thursday September 15, 2022 09:30 - 09:45 IST
Auditorium (Level 3)
  Keynote Sessions
  • Content Experience Level Any

09:50 IST

Keynote: The Future of Open Source is Trust - Christopher "CRob" Robinson, Director of Security Communications, Product Assurance & Security, Intel Corporation
It’s no longer enough for code to be elegant, ingenious, and useful: especially now, it needs to be safe. Our software supply chain must be safe and verifiable. For developers to use open-source code, they must be able to trust where that code came from and how secure it is. For open source to flourish, we all need to be able to trust our open ecosystem – top to bottom and end to end. A leader in open source from the beginning, Intel has continuously worked to strengthen and grow the future of open source. We work with standards, tools, and processes to create trusted expectations in the software, products, and services we deliver. Learn about our efforts and how we can build trust in the open ecosystem together.

Speakers
avatar for Christopher 'CRob' Robinson

Christopher 'CRob' Robinson

Director of Security Communications, Product Assurance & Security, Intel Corporation



Thursday September 15, 2022 09:50 - 09:55 IST
Auditorium (Level 3)
  Keynote Sessions
  • Content Experience Level Any
  • Slides Included Yes

09:55 IST

Keynote: Building a Sustainable Future through Open Source - Bryan Che, Chief Strategy Officer, Huawei; CNCF Governing Board Member and O3DE Foundation Governing Board Member
There is perhaps no greater shared challenge facing our world today than climate change. If we are to address this issue, we most both improve the technologies we use and also use our technologies to improve the world. From improving energy efficiency to protecting the wild, open source has a key role to play in building a sustainable future.

Speakers
avatar for Bryan Che

Bryan Che

Chief Strategy Officer, Huawei; CNCF Governing Board Member and O3DE Foundation Governing Board Member
Bryan Che is Chief Strategy Officer at Huawei. There, he leads Huawei’s vision and strategy across its overall businesses and portfolio, which spans mobile and consumer electronics, telecommunications, and cloud and AI.Bryan has tremendous experience building new enterprise businesses... Read More →


Thursday September 15, 2022 09:55 - 10:00 IST
Auditorium (Level 3)
  Keynote Sessions
  • Content Experience Level Any

10:00 IST

Keynote: Does eBPF Mean the End of the Sidecar Model? - Liz Rice, Chief Open Source Officer, Isovalent
eBPF is a kernel technology that lets us dynamically change the way that the kernel behaves - and it’s revolutionizing cloud native tooling. Tools built with eBPF have the power to observe, secure and connect all the processes on a (virtual) machine. This means there’s no longer a need to inject a container into a pod’s namespace in order to interact with that pod. Could this be the end of the sidecar model that has, until now, been commonly used to instrument cloud native applications?  

This talk clarifies how eBPF makes sidecars unnecessary for many use-cases, and discusses the arguments for and against sidecars in complex abstractions like service mesh.

Speakers
avatar for Liz Rice

Liz Rice

Chief Open Source Officer, Isovalent
Liz Rice is Chief Open Source Officer with eBPF specialists Isovalent, creators of the Cilium cloud native networking, security and observability project. She was Chair of the CNCF's Technical Oversight Committee in 2019-2022, and Co-Chair of KubeCon + CloudNativeCon in 2018. She... Read More →


Thursday September 15, 2022 10:00 - 10:15 IST
Auditorium (Level 3)
  Keynote Sessions
  • Content Experience Level Any

10:15 IST

Keynote: Expecting Problems as We Explore Possibilities - Mark Pollock, Explorer, Innovator and Collaboration Catalyst
Sometimes we choose the challenge, sometimes the challenge chooses us. What we decide to do next is what counts.

Deciding to be a competitor offers us a chance of moving forward, but finding a way to collaborate allows us to make the big breakthroughs.

Mark Pollock’s keynote on expecting problems as we explore possibilities focuses on how we decide to respond to challenges to help us become more resilient and reach our performance potential.

Speakers
avatar for Mark Pollock

Mark Pollock

Explorer, Innovator and Collaboration Catalyst
Over the last 20 years, Mark Pollock has studied how to build resilience and collaborated with others so that they achieve more than they thought possible.Unbroken by blindness in 1998, Mark became an adventure athlete competing in ultra-endurance races across deserts, mountains... Read More →


Thursday September 15, 2022 10:15 - 10:35 IST
Auditorium (Level 3)
  Keynote Sessions
  • Content Experience Level Any

10:35 IST

10:35 IST

Sponsor Showcase
This is the place to network, meet up, and learn more about companies that sponsor this event.

Thursday September 15, 2022 10:35 - 18:40 IST
The Forum (Ground Level)

11:00 IST

Lightning Talk: Testing and Validating Container Images with Container Canary - Jacob Tomlinson, NVIDIA
Bring-your-own-container models are widely supported on today’s modern compute platforms. In other words, users can provide their own container images within their custom software environment. However, user-provided containers must satisfy each platform's unique requirements–which can vary from platform to platform. For example, you may need to: • Use a specific non-root user. • Place the home directory in a certain location. • Install dependency packages. • Run web applications on designated ports. Keeping your container images conformant with these arbitrary requirements can be challenging. As a result, Jacob is introducing a new open-source tool called Container Canary to capture these requirements and automatically test against them. In other words, Container Canary provides a specification for recording these requirements as a manifest that can be checked into version control. You can then use the canary CLI tool to validate containers against that manifest.

Speakers
avatar for Jacob Tomlinson

Jacob Tomlinson

Senior Software Engineer, NVIDIA
Jacob Tomlinson is a senior Python software engineer at NVIDIA with a focus on deployment tooling for distributed systems. His work involves maintaining open source projects including RAPIDS and Dask. RAPIDS is a suite of GPU accelerated open source Python tools which mimic APIs from... Read More →



Thursday September 15, 2022 11:00 - 11:10 IST
Wicklow Hall 1 (Level 2)
  ContainerCon

11:00 IST

Scaling SLOs with Kubernetes and Cloud Native Observability - George Hantzaras, Citrix Systems
Defining Service Level Objectives and Service Level Indicators is a really important aspect of implementing SRE. Through service metrics (SLOs, SLIs, Error Budgets), SRE can help us measure our system’s performance and improve customer experience. They not only enable your teams to monitor and plan around reliability, but can also be early predictors of customer satisfaction, NPS, churn rates, and more. With the rise of cloud native technologies, it has become more and more relevant to automate our observability, extending it to an SLO-as-code model. In this session we’ll see how SLOs have evolved and can be used in a Cloud Native world. We’ll then explore how technologies like Kubernetes and Prometheus can help us scale SLOs, while promoting best practices and standards using Observability as code. Finally, we’ll see how to put all these together with Jenkins and Rancher, to operationalize error budgets.

Speakers
avatar for George Hantzaras

George Hantzaras

Director, Cloud Platform Engineering, Citrix Systems
George is a distributed systems expert and a hands-on engineering leader with focus on delivering B2B cloud services at scale. He is a Director of Cloud Platform Engineering at Citrix, coming from a DevOps background, he focuses on implementing SRE at enterprise scale working with... Read More →


Thursday September 15, 2022 11:00 - 11:40 IST
Wicklow Hall 2A (Level 2)

11:00 IST

Panel Discussion: Mental Health in Community Caretaking - Monica Ayhens-Madon, Independent; Karen Hixson, Karen Hixson LPC; Ruth Ikegah, CHAOSS; Amy Marrich, Red Hat
Community caretakers are treasures in our open source communities. As social, economic, and environmental challenges mount in our world, burnout seems like an acceptable hazard in these roles. How do we give back and take care of our community caretakers? In this panel we’ll explore common issues with community management such as burnout, maintaining boundaries, and getting extra support when needed. The panel will feature community caretakers from across the open source ecosystem with a range of experiences and expertise. We will focus on various strategies to both normalize the discussion of mental health in these roles along with approaches to mitigate the impact of burnout. We hope to inspire other community caretakers to spark change and advocate for a focus on the social, emotional, and mental wellbeing of community caretakers and to support reasonable expectations in these roles. Attendees to the panel will receive a sense of solidarity with fellow community caretakers and come away with new practices to bring to their roles.

Speakers
avatar for Amy Marrich

Amy Marrich

Open Source Evangelist, Red Hat
Amy Marrich is an Open Source Evangelist at Red Hat. She currently serves as the Chair of the CentOS Project and on the Open Infrastructure Foundation Board of Directors and the CHAOSS Projects Governing Board. In addition she serves on the OpenStack Technical Committee, as chair... Read More →
avatar for Monica Ayhens-Madon

Monica Ayhens-Madon

Community Enabler, Independent
Monica Ayhens-Madon most recently served the Ubuntu Community Representative at Canonical, as part of the Community Team, where she advocated for volunteer contributors to the Ubuntu project, and supported community governance and initiatives. She is also an Ubuntu member and a contributor... Read More →
avatar for Ruth Ikegah

Ruth Ikegah

Community Lead, CHAOSS
Ruth Ikegah is an Open-source Advocate, Technical Writer, GitHub star, and a People person. She is sparked about onboarding beginners into the tech system, especially the open-source space. Asides from being actively involved in tech, She is a social volunteer and a voluntary blood... Read More →
KH

K Hixson

Counselor, Karen Hixson LPC
K Hixson is a doctoral level professional counselor, clinical supervisor, and continuing education trainer living in Portland, Oregon. They are passionate about providing politically aware and social justice informed therapy in these challenging times. When they get time off, they... Read More →



Thursday September 15, 2022 11:00 - 11:40 IST
Wicklow Meeting Room 1 (Level 2)
  Community Leadership Conference, Community Management

11:00 IST

Sponsored Session: Building Developer Platforms, Birds of Feather - Ivan Pedras, Docker
Internal Developer Platforms are getting a lot of attention in the last few months for a reason: they promise to reduce repetitive tasks, give back precious time to engineers by reducing toil and removing bottlenecks. Many companies have embarked in the journey of building IDPs. This is a chance to discuss what has worked well, not so well and what we can all do better going forward. Bring your on-boarding stories, your fears, your successes to share and discuss how we can build better Developer Platforms.

Speakers
avatar for Ivan Pedras

Ivan Pedras

Principal Software Engineer, Docker
Ivan Pedrazas had been designing and building distributed systems for 15 years. In the last few months he’s been doing some research about complexity in the production and management of software artifacts. Ivan has built a few platforms on top of Kubernetes. Ivan is a Principal... Read More →


Thursday September 15, 2022 11:00 - 11:40 IST
Wicklow Hall 2B (Level 2)
  ContainerCon

11:00 IST

Overcoming Imposter Syndrome to Become a Conference Speaker! - Dawn Foster, VMware
Open source conferences are always striving to increase their diversity by recruiting new speakers and encouraging people from underrepresented groups to submit talks. The goal of this talk is to provide resources to help everyone feel included, welcome, and worthy of being a conference speaker. As a new speaker, how do you decide what topic to cover? What can you do to help your topic stand out? How do you prevent imposter syndrome from getting in the way of your success as a speaker? You do not need to be the world’s leading expert on a topic to give a presentation. You just need to know a few things that can help other people learn enough about the topic to get started. By bringing your authentic voice and unique perspective to the topic, people will walk away from your talk with new insights that they wouldn’t get from another speaker. This talk contains several sections. Selecting a topic and conference for your topic. Writing a title and abstract that will increase the chances of your talk being accepted. The importance of your bio during the talk selection process. Tips for writing and preparing your presentation. The audience will walk away with practical advice about writing and submitting talk proposals along with some tips for delivering a successful presentation.

Speakers
avatar for Dawn Foster

Dawn Foster

Director Open Source Community Strategy, VMware
Dawn is Director of Open Source Community Strategy within VMware’s OSPO. She is a Governing Board member / maintainer for CHAOSS, Steering Committee member for the TODO Group, co-chair of the CNCF Contributor Strategy TAG, and OpenUK board member. She has 20+ years of experience... Read More →



Thursday September 15, 2022 11:00 - 11:40 IST
Wicklow Meeting Room 5 (Level 2)

11:00 IST

Continuous Delivery of IoT Sensors - Ulf Lilleengen, Red Hat
Many embedded devices have for a long time been exempt from modern software practices such as continuous delivery, and enabling these practices have been justified only for larger vendors with a big number of devices in the field. The problems with this approach are the same as for regular software: out of date software that contains bugs and security issues, and making changes become hard. The Drogue IoT project builds on top of existing open source technologies such as Apache Kafka, Kubernetes, Tekton and PostgreSQL and protocols such as MQTT, to build an open source IoT platform. In this presentation, we will demonstrate firmware update capabilities in Drogue IoT, using a Tekton build pipeline, OTA on top of Bluetooth Low Energy (BLE) and a Linux gateway component. As Drogue IoT is extensible, we can leverage both OCI compatible registries, like Docker.io, or alternatively, a system like Eclipse hawkBit, to manage firmware revisions.

Speakers
avatar for Ulf Lilleengen

Ulf Lilleengen

Principal Software Engineer, Red Hat
Ulf Lilleengen is a software engineer at Red Hat in the Research and Products team, currently focused on Rust and embedded in the Drogue IoT project.



Thursday September 15, 2022 11:00 - 11:40 IST
Liffey Meeting Room 1 (Level 1)
  Embedded IoT, Connected Sensors

11:00 IST

BoF: Embedded Linux Ecosystem - Tim Bird, Sony Corporation
In the Birds-of-a-Feather session, Tim will discuss the current status of the embedded Linux ecosystem.  Who are the major players?  Who is doing a good job of contributing upstream?  Are there things that multiple people are working on, where they could combine or share their efforts?  What things can we do to make sure that new developers feel welcome?  What can we do to make it so that developing, distributing and maintaining an embedded Linux product is as easy as possible?  What resources (e.g. the elinux wiki, or the embedded-linux kernel mailing list) could we utilize more effectively, to build our ecosystem?

Tim doesn't have all the answers for these. But come join us for an open discussion of the issues, and let's brainstorm solutions together.

Speakers
avatar for Tim Bird

Tim Bird

Principal Software Engineer, Sony Electronics
Tim Bird is a Principal Software Engineer for Sony Corporation, where he helps Sony use Linux and other open source software in their products. Tim is the maintainer of the Fuego test framework, and is involved in various groups in the Linux Foundation, including LF Board of Directors... Read More →



Thursday September 15, 2022 11:00 - 11:40 IST
Liffey Hall 1 (Level 1)
  Embedded Linux Conference (ELC)

11:00 IST

Delta OTA Update with SWUpdate - Stefano Babic, DENX Gmbh
Embedded Systems are become more and more complex, and the size of the whole Software running on devices increases steadily in last years. An incremental OTA update will save a lot of bandwidth if it is able to download just the changed part ("delta") of the running software. Updating full images is a very strong and reliable strategy for IOT and embedded systems, but creating a delta binary image is often a challenge. This talk will offer an overview about different mechanisms to generate delta update. It will show how to apply them to "SWUpdate" and it will present the "Delta Update" feature introduced in SWUpdate since release 2021.11. The talk will then go in details how delta update is working in SWUpdate and describe which requirements are required to get it working for your project.

Speakers
SB

Stefano Babic

Senior SW Engineer, DENX Gmbh
Dipl-.Engineer Stefano Babic graduated in Electrical Engineering from the University of Milan. His focus is on Embedded Linux, mainly but not only for the the ARM and PowerPC architectures. He is currently U-Boot custodian for NXP's i.MX processors. He is author and maintainer of... Read More →



Thursday September 15, 2022 11:00 - 11:40 IST
Liffey Hall 2 (Level 1)
  Embedded Linux Conference (ELC), System Upgrades

11:00 IST

Improving Wireless PAN Support - Miquèl Raynal, Bootlin
Anybody eager to learn about IoT devices has at least once tried to play with Zigbee or 6lowpan sensors. These two protocols are built on top of a well common MAC/PHY specification: IEEE 802.15.4, also known as Wireless Personal Area Networks: WPAN, designed to be low-rate/low-range wireless networks. There is already substantial support for this protocol in the Linux kernel but when my journey started, several of the MAC-related operations well described in the specification were not implemented, making the subsystem mainly useful for very simple use cases: peer-to-peer transmissions. This is unfortunate as a significant part of the idea behind WPAN is to make these networks quite adaptive and resilient, which requires a minimal subset of the peer management procedure to be supported. Besides a number of preparation changes, the main idea behind the continuous flow of patches was to bring support for the scanning procedure which allows a PAN controller to detect all the compatible devices around it in different ways. Discovering these devices is the first step in order to associate them together and build up starred networks. This talk will be an opportunity to explain the new APIs allowing such discoveries and provide a state of the art of the support in the mainline kernel.

Speakers
avatar for Miquèl Raynal

Miquèl Raynal

Embedded Linux engineer, Bootlin
Miquèl joined Bootlin in 2017 as an embedded Linux engineer. He is the maintainer of the NAND subsystem in the Linux kernel, and co-maintainer of the MTD subsystem. Over the past years, he has contributed to various kernel subsystems and more recently he focused his efforts on bringing... Read More →



Thursday September 15, 2022 11:00 - 11:40 IST
Liffey Meeting Room 2 (Level 1)

11:00 IST

Green Software - Introduction to Carbonaware SDK and Carbon CI pipeline - Szymon Duchniewicz & Fergus Kidd, Avanade
What makes software green? What standards should you follow? What open-source tooling helps you build green software? These are some of the questions the Green Software Foundation helps answer, by building a trusted ecosystem of people, standards, tooling and best practices for Green software. Szymon and Fergus will give an introduction to the GSF from the perspective of improving sustainability in code and 2 growing projects ran by the GSF: the Carbonaware SDK and the Carbon CI pipeline tooling. This session will help you understand what we as software developers can influence to produce greener, more sustainable applications and what tools we can use to achieve that.

Speakers
avatar for Szymon Duchniewicz

Szymon Duchniewicz

Open Technology Engineer, Avanade
Computer Science student at UCL and software engineer with passion for Open source technologies, Internet of Things, embedded systems and windsurfing :). Member of the Green Software Foundation, Co-chairing the Carbonaware SDK project.
avatar for Fergus Kidd

Fergus Kidd

Emerging Technology R&D Engineering lead, Avanade
Fergus is Avanade’s Emerging Technology R&D Engineering lead. He works on developing assets and demonstrations around new and future technologies, focussing on innovative use cases to show the power of new technologies in the enterprise. Fergus has an academic background in physics... Read More →



Thursday September 15, 2022 11:00 - 11:40 IST
Wicklow Meeting Room 3 (Level 2)
  Emerging OS Forum, New & Emerging Open Source Projects

11:00 IST

More Science Fiction than Fairy Tale: A Discussion of the Linux Kernel Memory Model - Jonas Oberhauser, Huawei
The Linux Kernel runs on a variety of architectures under an aggressively optimizing compiler. Both compiler and hardware reorder memory operations in various ways to improve performance, resulting in drastically different behaviors of mainly concurrent code on each platform. To allow concurrent components for the kernel to be developed in a mostly platform-independent way, developers and researchers tackled the daunting effort of providing a unified abstraction of these hardware and compiler optimizations in the form of 1) a library of concurrency primitives and 2) a high-level mathematical model of these optimizations which predicts their visible effects when using that library. This Linux Kernel Memory Model (LKMM) was published under the title "Frightening small children and disconcerting grown-ups: Concurrency in the Linux kernel", reminiscent of German fairy tales. We explain how to read and use such models for practitioners, and show on various examples that perhaps the LKMM is less like a fairy tale and more like science fiction, as it involves time travel, robots, and lots of moving parts. We discuss some areas where the LKMM might be improved further, e.g., where it makes incorrect predictions on Linux code or allows behaviors unintended by its original designers.

Speakers
avatar for Jonas Oberhauser

Jonas Oberhauser

Researcher, Huawei
Jonas is a full-stack formal verification researcher at Huawei Dresden Research Center, and spends his time looking at systems from the gate-level hardware over compiler and operating systems to low-level libraries for user code. His recent focus has been on concurrency and weak-memory... Read More →



Thursday September 15, 2022 11:00 - 11:40 IST
Auditorium (Level 3)
  LinuxCon, Programming Languages and Toolchains

11:00 IST

Community Data: What to Measure and Why? - Cali Dolfi, Red Hat
Community metrics give you a lot of data about an open source community -- but do they give you insight? By understanding the nuances of open source communities, community managers can capitalize on data science workflow to move from metrics just being a checkbox of raw data to obtaining information that pushes the boundaries on what can be discovered. With this holistic information, community members can make path changes and more powerfully advocate for themselves in the language of the new age: data analysis. This will look at visualizations and metrics from the perspective of the individual community and from the ever-connected open source ecosystem. Through the Augur OSS project, Project Sandiego is able to take on the task of giving insight, not just data points. From here, we can begin to question what assumptions we make, from the data and community perspective. From this presentation you will leave with a better understanding of how to give actionable insights for people within and outside a particular community that builds on the historical knowledge around open source. This will also serve as a specific use-case examination on the care and nuance that should be considered for any data science analysis performed. *This will include new findings from NA presentation

Speakers
avatar for Cali Dolfi

Cali Dolfi

Data Scientist, Red Hat
Cali Dolfi is a Data Scientist in the Open Source Program Office at Red Hat. Her work focuses on changing the way we look at open source communities through the lens of data science and machine learning. Outside of data science, her passion lies in making careers in technology more... Read More →



Thursday September 15, 2022 11:00 - 11:40 IST
Wicklow Meeting Room 2 (Level 2)
  Open AI & Data Forum, Community data analysis

11:00 IST

Navigating the Linux Graphics Stack - Michael Tretter, Pengutronix
DRI, DRM, KMS, FB, EGL, Wayland, V4L2: The Linux graphics stack can be very confusing and intimidating. Unfortunately, the first contact is usually when a system is not performing as expected and needs to be debugged. This situation can easily occur for embedded systems with a graphical user interface. Due to hardware resource constraints, handling the large amount of data involved in graphics makes it necessary to use optimized hardware paths to fulfill (soft) real-time system requirements such as a certain frame rate. Understanding these acronyms and the components that constitute the graphics stack is necessary for working with the internals on embedded systems. This is essential for optimizing a system's graphics performance or investigating observed performance issues, and communicating findings to others. To make the Linux graphics stack less scary, Michael will take you by the hand and give you a guided tour. We will find out, which software components are involved in the Linux graphics stack, and discuss which APIs are used to interact with these components and which should be avoided. Furthermore, we will look at the tools and methods which can be used for debugging.

Speakers
avatar for Michael Tretter

Michael Tretter

Software Engineer, Pengutronix
Michael Tretter works as an Embedded Linux developer at Pengutronix. His main field of work is the Linux graphics infrastructure including device drivers, Mesa, Weston, and GStreamer. He previously gave talks about various graphics related topics at the ELC-E and the FOSDEM.



Thursday September 15, 2022 11:00 - 11:40 IST
Liffey B Part 2 (Level 1)

11:00 IST

Lowering the Cost of Open Source by Increasing Transparency - Julia Ferraioli, Cisco
With the proliferation of open source projects available to do everything from complex machine learning to converting tabs to spaces, making smart decisions for what projects to take on as your dependencies has never been harder. What is important to one project, developer, or company when adopting an open source dependency may vary greatly from another. The uncomfortable situation that many find themselves in is not knowing what to evaluate or even how to find the relevant information. Current open source initiatives focus on the composition of open source software, the security posture of its operational practices, and other forms of compliance – the importance of which should not be downplayed! Still, given the importance of open source software in today's technological landscape, we need to think outside of the box and examine what other challenges consumers of open source face when assessing, adopting, and patching open source code. This talk will take a look at how maintainers can provide critical information about their own projects to potential adopters, as well as introduce ways that open source programs offices can consume this information to streamline evaluation, improve maintenance, and facilitate contributions back upstream.

Speakers
avatar for Julia Ferraioli

Julia Ferraioli

Open Source Technical Leader, Cisco
julia ferraioli is a member of the open source software community, focused on open source compliance, sustainability, tooling, and research. Her background includes research in machine learning, robotics, HCI, and accessibility. Julia finds energy in developing creative demos, creating... Read More →


Thursday September 15, 2022 11:00 - 11:40 IST
EcoCem Room (Level 2)
  OSPOCon, OSPO Lessons Learned

11:00 IST

Zero-Configuration Runtime Software Component Detection - Inhyeok Jang, The Affiliated Institute of ETRI
SBOM has received significant attention due to recent incidents. Therefore, you can find many related tools and resources for generating it. However, detecting information about software running in an operating environment remains an unresolved problem. Although Apache patched the Log4Shell vulnerability last year, many applications and systems are still vulnerable. It becomes more challenging to detect and fix when an application embeds a vulnerable software component buried in long dependency chains. In this talk, Inhyeok Jang finds out how to determine whether vulnerable software is running on your systems and applications. In particular, he uses eBPF to detect which version of the software of interest, such as Log4j and Spring Core, from the running system without an initial configuration for each application. To this end, he will show what information needs to be obtained from the kernel when executing the java application. He also introduces how to process the data collected from the Linux kernel in the userspace to find out Java Archive information such as title and version. Using the implemented runtime java component detector, he verifies whether the vulnerable version of the component is used in the container images in a public repository and talks about the result.

Speakers
IJ

Inhyeok Jang

Senior Researcher, The Affiliated Institute of ETRI
Inhyeok Jang is a senior security researcher at the Affiliated Institute of Electronics and Telecommunications Research Institute. He has a particular interest in container runtime security, currently focusing on kernel instrumentation using eBPF.



Thursday September 15, 2022 11:00 - 11:40 IST
Liffey Meeting Room 3 (Level 1)

11:15 IST

Lightning Talk: GitOps - At a Glance - Lavakush Biyani, Student
Hello Folks, Have you heard about GitOps and are curious to know what it's all about ? In this talk Lavakush will describe all about the GitOps, its principles, key benefits and how it turned the developer's life more easier. Firstly, Lavakush would be briefing about the GitOps and getting an overview on it.GitOps was pioneered in 2017.GitOps is a branch of DevOps that focuses on using git repositories as a single source of truth to manage infrastructure and application code deployments. After having an overview of Gitops, Lavakush will dive into its principles of Gitops and would convey how to start managing your cluster with GitOps workflows the following must be in place: 1) The canonical desired system state versioned in Git. 2) Software agents to ensure correctness and alert on divergence. 3) Approved changes that can be automatically applied to the system. Lastly, I would be discussing more about the benefits of GitOps and its best practices.By applying GitOps best practices, there is a ‘source of truth’ for both your infrastructure and application code, allowing development teams to increase velocity and improve system reliability. Key takeaways from this session: Everyone would learn abundantly new facts about Gitops in detail through this talk.

Speakers
avatar for Lavakush Biyani

Lavakush Biyani

Student
This is Lavakush Biyani and I'm currently a prefinal year UG student from India. My interests are lies in web development and in Devops field.  Apart from this I love to be in the communities. I'm Admin Lead of Hackclub Hackerabad , Postman Student Expert, Student Ambassador of Kubesimplify... Read More →



Thursday September 15, 2022 11:15 - 11:25 IST
Wicklow Hall 1 (Level 2)
  ContainerCon

11:30 IST

Lightning Talk: Writing Kubectl Plugins Using WebAssembly - Flavio Castelli, SUSE
WebAssembly started as a web technology but is now growing well beyond that. Many programming languages already support WebAssembly and new ones are joining the ranks as we speak.  This session will show how WebAssembly can even be used to write and distribute kubectl plugins. We'll talk about the pros and cons of this approach and, most important of all, what are the lessons learned along the way.  The ultimate goal of the session is to spark the attendee's curiosity and have more people experiment with WebAssembly to solve their day-to-day challenges.

Speakers
avatar for Flavio Castelli

Flavio Castelli

Distinguished Engineer, SUSE
Flavio Castelli is a Distinguished Engineer at SUSE. His main areas of focus are Linux Containers, Kubernetes and WebAssembly. Flavio loves exploring new technologies, contributing to open source projects and sharing his knowledge.



Thursday September 15, 2022 11:30 - 11:40 IST
Wicklow Hall 1 (Level 2)
  CloudOpen

11:55 IST

Security with Certificates in Kubernetes - Akshat Khanna & Unnati Mishra, VMware
Certificates are an integral part of a secure Kubernetes cluster deployment. They are mainly used to secure the Kubernetes API server using TLS, but certificates (and keys) are also used for other cluster functions such as client authentication, and encryption of secrets. It provides security and identity to all components of Kubernetes. What we are going to talk about: 1. What is a PKI and what are certificates? 2. Why does the world need them? 3. How do I create a CA, certificates and sign them? 4. What's the significance in Kubernetes? 5. How do I handle certificates in Kubernetes? 6. What are the tools to generate certificates? 7. How does Kubeadm automatically generate the certificates for K8s Cluster?

Speakers
avatar for Akshat Khanna

Akshat Khanna

Member of Technical Staff, VMware
Akshat Khanna is an MTS at VMware and a recent B.Tech graduate in Computer Science from SRM Institute of Science and Technology, Chennai. He is currently working on Kubernetes solution for the edge location and also has been contributing to open-source. He has a good experience of... Read More →
avatar for Unnati Mishra

Unnati Mishra

Member Of Technical Staff, VMware
I am Unnati Mishra, working as a Member Of Technical Staff at VMware ,India. I have recently graduated from college, currently working with the Release Engg team of the VMware product- Tanzu Kubernetes Grid. I have participated in many Hackathons and won a few of them. You can find... Read More →



Thursday September 15, 2022 11:55 - 12:35 IST
Wicklow Hall 2A (Level 2)

11:55 IST

The Role of Foundations in Today's Open Source - Thierry Carrez, Open Infrastructure Foundation
The rise of software development forges like GitHub has dramatically reduced friction to create and run open source projects. In this context, what is the role of Foundations today, in the wider open source ecosystem? In this talk, Thierry Carrez, General Manager at the Open Infrastructure Foundation and vice-chair of the Open Source Initiative, will share his vision on this topic. After a quick history of open source Foundations, this talk will present a landscape of the type of open source Foundations in activity today, with their differences in scope and principles, then focus on the value add of modern Foundations: enabling open collaboration across several organizations by providing a range of services to the supported project.

Speakers
avatar for Thierry Carrez

Thierry Carrez

General Manager, Open Infrastructure foundation
Thierry is the General Manager at the Open Infrastructure Foundation, a non-profit organization fostering open development of open source infrastructure solutions. He's also the vice-chair of the Open Source Initiative, the steward of the open source definition and licenses, as well... Read More →



Thursday September 15, 2022 11:55 - 12:35 IST
Wicklow Meeting Room 1 (Level 2)

11:55 IST

SOS: Simplifying Operators Substantially - A Hands-on Workshop for Beginners in k8s Native Applications - Manna Kong & Soundharya Pabba, Red Hat
In this workshop, we will focus our talk on Kubernetes native applications aka ‘Operators’. We hope to bring resources to cloud native learners as we share our own story as Junior Software Engineers trying to navigate the cloud native world, from creating frontend web applications to Kubernetes native applications. To reinforce the knowledge we gained, we found hands-on learning was a necessary supplement, so this tutorial workshop is an extended version of our operator presentation that provides hands-on labs for attendees to experiment and create an operator. During our recent excursion to Cloud Native Rejekts, we were faced with the constant question, “Why Operators?”. In this workshop, we hope to provide a more simplified explanation as to what Operators are, where they come from, why they exist, who should use them, why applications can benefit from an Operator, and how we hope to enable the community to continue exploring all the capabilities an Operator provides.

Speakers
avatar for Manna Kong

Manna Kong

Associate Software Engineer, Red Hat Inc.
Manna is a 23 year-old Hmong-American professional located in the USA. She works as an Associate Software Engineer at Red Hat on the Ecosystem Experience Engineering team. Her team specializes in all things Kubernetes and operators, from assisting partners with their operators to... Read More →
SP

Soundharya Pabba

Software Engineer, Red Hat Inc.
Soundharya Pabba is a 23-year-old international professional located in the USA. She is a Software Engineer at RedHat in the Operator Enablement Team. Her team works on OpenShift, Kubernetes, and Operators; helping partners build their Kubernetes Operators and conducting various operator... Read More →



Thursday September 15, 2022 11:55 - 12:35 IST
Wicklow Hall 1 (Level 2)
  ContainerCon, APIs + SDKs + Frameworks and Libraries

11:55 IST

Panel Discussion: Open Source as a Second Language - Chan Voong, Comcast; Clare Dillon, Innersource Commons; Nithya Ruff, Amazon; Ana Jimenez Santamaria, TODO Group; Vicky Twomey-Lee, Coding Grace
The open source community has developed a vocabulary and culture that can be viewed as a second language. In learning open source, there can be a steep learning curve for those who do not initially arrive at it in their education, early careers or only participate as a small percentage of their work. To speak the language, one must meet colleagues in common areas like Github, learn the terminologies and methods, practice contributing, and repeat often to become fluent. However, there are still language barriers as open source practices differ across companies, and stakeholders can drastically vary anywhere between legal, security, and technical experts that bring their own lingo. With developers being distributed globally, there are challenges but also opportunities for open source software to be written in multiple programming languages and languages other than English. This panel brings diverse perspectives and will share how they learned to speak open source, guidance on working with stakeholders, and why open source has become a primary language in their careers. They will explore the impact of language, open source culture and communication styles, and strategies for making language inclusive.

Speakers
avatar for Ana Jiménez Santamaría

Ana Jiménez Santamaría

OSPO Program Manager, TODO Group
Ana is the OSPO Program Manager at the TODO Group an open group of Open Source Program Office practitioners who want to collaborate on best practices, tools, and other ways to run successful and effective Open Source Projects and Programs. Formerly she worked at Bitergia, a Software... Read More →
avatar for Vicky Twomey-Lee

Vicky Twomey-Lee

Founder, Coding Grace
Coder, Mentor, Tech Event Organiser, Advocates Diversity in Tech and Maker Advocate. Involved with Coding Grace (diversity-friendly workshops and events), PyLadies Dublin, Women Who Code Dublin, Women in Technology & Science Ireland, GameCraft (community game jams).Ran Python Ireland... Read More →
avatar for Nithya Ruff

Nithya Ruff

Chair, Board of Directors / Head, Open Source Program Office, The Linux Foundation / Amazon
Nithya A. Ruff recently joined Amazon as the Head of Amazon’s Open Source Program Office. Amazon is guided by four principles: Customer Obsession, Invent and Simplify, and Think Big; especially as they relate to the engagement, contribution, and participation in the broader Open... Read More →
avatar for Clare Dillon

Clare Dillon

Co-founder and Community Organizer, Open Ireland Network
Clare Dillon has spent over 25 years working with developers and developer communities. She is a co-founder of the Open Ireland Network, a community for those interested in advancing open source at a national level in Ireland. Last year, she was also appointed Executive Director of... Read More →
CV

CHAN VOONG

OSPO Technical Program Manager, Comcast
Chan Voong Pronouns: she/her/hers Phonetic pronunciation: chAn vung As a certified project management professional and a practicing scrum master, Chan has managed several federally-funded, health-related and data-driven research and software development projects. Previously, she spent... Read More →


Thursday September 15, 2022 11:55 - 12:35 IST
Wicklow Meeting Room 5 (Level 2)

11:55 IST

Using OpenThread to Enable Low-Power IP Connectivity on Your MCU Project - Stefan Schmidt, Huawei Technologies
When designing battery-powered devices, wireless connectivity is a sore point for the power budget. Wi-Fi is easily available, but drains batteries fast. Bluetooth LE on the other hand helps to conserve power, but suffers from higher latency and limited use compared to a full mesh network with IP connectivity. Thread offers a sweetspot in-between by using low-power transceivers, mesh capabilities and IPv6. In this talk Stefan looks at the technical aspects of integrating and using OpenThread for your project or product. With the goal to operate on a coin-cell battery for months, or even years, while still maintaining connectivity to the local mesh network in your home and, if wanted, to the cloud. Stefan starts with discussing operations on bare-metal, RTOS and Linux. Followed by a deep dive into the technologies OpenThread uses and explanations on how they work: 6lowpan to adapt IPv6 to the limitations of the 802.15.4 physical and mac layers. IPv6 to allow for for link-local, mesh and global addresses and routing. Recent additions to mDNS to allow for a discovery proxy (rfc8766) in combination with the newly developed Service Registration Protocol (draft-ietf-dnssd-srp). The later combination allows to avoid flooding mDNS messages on the low-power network to save power.

Speakers
SS

Stefan Schmidt

Principal Solution Architect Open Source, Huawei Technologies
Stefan Schmidt is a FOSS contributor for 16+ years now. During this time he worked on different projects and different layers of the Linux ecosystem. From bootloader and Kernel over build systems for embedded to user interfaces. He was serving as a technical steering committee member... Read More →



Thursday September 15, 2022 11:55 - 12:35 IST
Liffey Meeting Room 1 (Level 1)
  Embedded IoT, Communication Technologies

11:55 IST

Beyond Complex Cameras: Complex Video Graphs Using PipeWire - George Kiagiadakis, Collabora
PipeWire is well-known for its audio routing capabilities, but it can do more. Its integration with libcamera offers the means to manage complex camera devices and mix them up with complex use cases, in demanding scenarios where video needs to be routed through multiple components efficiently. In this talk, George will present a few such use cases, showing in practice, with a demo, how PipeWire handles them in a simple but powerful manner, taking also into account the design and needs of modern embedded systems.

Speakers
avatar for George Kiagiadakis

George Kiagiadakis

Principal Software Engineer, Collabora
George Kiagiadakis is a principal open source software engineer at Collabora, with over 13 years of experience in embedded multimedia projects. He is the author of WirePlumber, a modular session manager for PipeWire, and an active contributor to PipeWire and GStreamer. In the past... Read More →



Thursday September 15, 2022 11:55 - 12:35 IST
Liffey Hall 1 (Level 1)

11:55 IST

From a Security Expert's Diary: DOs and DON'Ts When Choosing Software for your Next Embedded Product - Marta Rybczynska, Huawei OSTC
There are many things to do when designing a new embedded product. All of them will have an impact on the final security of the product, including: hardware features, the choice of the operating system to use, update system and policies and more. In this talk, Marta is going to give practical advice on choosing software packages for your next product. She will also list common errors. The discussion will be rich in examples from the Eclipse Oniro project and the Yocto Project ecosystem in general, and will include a number of tools available from OpenSSF and other sources. Some of the questions she will answer are: - Should I use a general-purpose distribution, build my own, or a specialized one? - How to choose between software modules doing the same thing? - How to find out if a software package is supported? Maintained? And what's the difference? - Why do I need an update system? - Should I enable secure boot?

Speakers
avatar for Marta Rybczynska

Marta Rybczynska

Founder, Syslinbit & Security Lead for Oniro project, Huawei OSTC
Marta Rybczynska has network security background, 20 years of experience in Open Source including 15 years in embedded evelopment. She has been working with embedded operating systems like Linux and various real-time ones, system libraries and frameworks up to user interfaces. Her... Read More →



Thursday September 15, 2022 11:55 - 12:35 IST
Liffey Hall 2 (Level 1)

11:55 IST

Implementing A/B System Updates with U-Boot - Michael Opdenacker, Bootlin
A popular way to implement system updates is through the A/B scheme, in which you have two copies of the root filesystem, one which is active, and one that is meant to contain the next update. When a new update is successfully applied, you need to make the corresponding partition become the new active one. That's when a number of practical questions arise, such as how to identify the active partition, how to detect when the new system fails to boot properly, and how to fall back to the previous version? It was hard to find documentation about how U-Boot could address such needs to implement a functional and failsafe A/B system update mechanism. This presentation proposes to address this need by sharing the practical solutions we found, using lesser known commands and capabilities in U-Boot. We will also explain how the Linux side can cooperate with the U-Boot side. Fortunately, you won't need to erase half of your brain to get updated on this topic.

Speakers
avatar for Michael Opdenacker

Michael Opdenacker

Embedded Linux Engineer, Bootlin
Michael Opdenacker is the founder of Bootlin, an engineering company specialized in embedded Linux, which appears regularly in the top 20 companies contributing to the Linux kernel. Michael has also contributed to the LWD project (Linux World Domination) by training hundreds of engineers... Read More →



Thursday September 15, 2022 11:55 - 12:35 IST
Liffey Meeting Room 2 (Level 1)
  Embedded Linux Conference (ELC), System Upgrades

11:55 IST

Managing Audits for Critical Open Source Projects - Amir Montazery, Open Source Technology Improvement Fund, Inc (OSTIF)
OSTIF has been facilitating and managing security audits and related work for critical open source projects for over 7 years. Responsible for approximately 20 audits (and counting) and resulting in over 30 Critical/High vulnerabilities found and patched, OSTIF has a refined process for connecting security experts with project maintainers to holistically improve security posture.

Speakers
avatar for Amir Montazery

Amir Montazery

Managing Director, Open Source Technology Improvement Fund (OSTIF)
Amir Montazery is a Chicago native and Chief Operating Officer at Open Source Technology Improvement Fund (OSTIF). He brings a diverse skillset to developing OSTIF's community and corporate sponsorships.  OSTIF takes a focused, maximum impact approach to security audits with minimal... Read More →



Thursday September 15, 2022 11:55 - 12:35 IST
Wicklow Hall 2B (Level 2)
  Emerging OS Forum, Security

11:55 IST

Panel: Blockchain in Action in the Fight Against Climate Change - Daniela Barbosa, Linux Foundation; Coenraad Van Deventer, Circulor; Nancy Norris, Government of British Columbia; Kamlesh Nagware, Snapper Future Tech
The effects of climate change are being felt worldwide, creating an ever-growing urgency for new solutions. Many have touted the potential of blockchain technologies to deliver a new level of traceability and transparency that will wring out wasteful, unsustainable practices from critical manufacturing, mining, farming and other processes. In this session, Hyperledger’s Daniel Barbosa will lead a conversation with Douglas Johnson-Poensgen of Circulor, Nancy Norris of the Government of British Columbia’s Ministry for Energy, Mines and Low Carbon Innovation and Kamlesh Nagware of Snapper Future Tech about the actual impact blockchain is having on the market. They will share details from deployments in markets from around the world that are tackling issues ranging from sourcing raw materials for electric vehicles to improving plastics recycling to validating emissions and sustainability efforts in mining and natural gas. In addition, they will cover - Why traceability and verification have emerged as important weapons in addressing climate change - The role of blockchain in critical cross-industry and public/private collaboration - Pathways to sustainability for blockchain technologies and growing adoption of tokens, credentials, smart contracts and more in the climate fight

Speakers
avatar for Daniela Barbosa

Daniela Barbosa

General Manager Blockchain, Healthcare and Identity at the Linux Foundation and Executive Director of Hyperledger Foundation, Linux Foundation
Daniela Barbosa serves as General Manager Blockchain, Healthcare and Identity at the Linux Foundation and as Executive Director of Hyperledger Foundation with overall strategic and operational responsibility for staff, programs, expansion and execution of Hyperledger’s mission... Read More →
avatar for Kamlesh Nagware

Kamlesh Nagware

Chief Technology Officer, Snapper Future Tech
Kamlesh Nagware is Chief Technology Officer of Snapper Future Tech. He is among the top 30 Influencers of Blockchain in India. He is the Hyperledger India Chapter Co-Chair and a member of the Hyperledger Technical Steering Committee (TSC), which drives the technical direction of Hyperledger... Read More →
avatar for Nancy Norris

Nancy Norris

Senior Director of ESG & Digital Trust, Ministry for Energy, Mines and Low Carbon Innovation of the Government of British Columbia
Nancy Norris is the Senior Director of ESG & Digital Trust in the Ministry for Energy, Mines and Low Carbon Innovation for the Government of British Columbia, Canada’s western-most province. Nancy has over 10 years of experience in strategic policy roles in the energy and mining... Read More →



Thursday September 15, 2022 11:55 - 12:35 IST
Wicklow Meeting Room 3 (Level 2)
  Emerging OS Forum, Web 3.0/Crypto/Blockchain

11:55 IST

Performance Insights into eBPF Step by Step - Dmitrii Dolgov, Red Hat
Having full visibility throughout the system you build is well established best practice. Usually one knows which metrics to collect, how and what to profile or instrument to understand why the system exhibits this level of performance. All of this becomes more challenging as soon as eBPF layer is included. In this talk Dmitrii shed some light on those bits of your service that use eBPF, step by step with topics such as: * How to collect execution metrics of eBPF programs? * How can we profile these eBPF programs? * What are the common pitfalls to avoid? The talk will provide the attendees with an approach to analyze and reason about eBPF programs performance.

Speakers
avatar for Dmitry Dolgov

Dmitry Dolgov

Senior Software Engineer, Red Hat
PostgreSQL contributor, passionate about performance and Linux kernel.


slides pdf

Thursday September 15, 2022 11:55 - 12:35 IST
Auditorium (Level 3)
  LinuxCon, eBPF

11:55 IST

Defining an Open Source AI - Stefano Maffulli, Open Source Initiative
In this session, open source advocates, researchers and developers will be invited to participate in a thought-provoking discussion about a seismic shift facing open source today: What characteristics should be in an Open Source AI? The traditional view of open source code implementing AI algorithms may not be sufficient to guarantee inspectability, modifiability and replicability of the AI systems. AI is already deciding who stays in jail or which customers deserve credit to buy a house. More kinds of “autonomous” systems are appearing so fast that government regulators are rushing to define policies. The Open Source Initiative is leading an exploration of the world of AI and Open Source, diving deep around the boundaries of data and software to discover how existing concepts like copy, distribution, modification of source code apply in the context of Artificial Intelligence. We’ll share the first results of OSI’s Deep Dive: AI, the multi-part event that is helping OSI stakeholders frame a conversation to discover what’s acceptable for AI systems to be “Open Source.”

Speakers
SM

Stefano Maffulli

Executive Director, Open Source Initiative
Stefano is an experienced leader of open source organizations, from non-profits advocacy groups and trade organizations to business ventures and community projects across countries. With a proven track record in community building, he’s also an active contributor to open source... Read More →


Thursday September 15, 2022 11:55 - 12:35 IST
Wicklow Meeting Room 2 (Level 2)

11:55 IST

Peeling Back the Layers of Storage - John Hawley, VMware
Linux has a myriad of storage options, and a number of layers that can be built one on top of another, to form some very robust, but potentially very complex, stacks that provide the entirety of the storage system. My intention is to work my way up from the most basic storage layer, physical storage, and explain what options there are from basic single disk and a file system type systems, to a full layered look at a system with raided disks, ssd caching, deduplication, all the way up through file systems in user space. This is specifically targeted as a high level overview of the systems involved, block, volume, and filesystems but it's also intended to go over some more complex systems, and how to achieve things like on the fly disk compression, deduplication, and give an overview of the different technologies available to achieve similar ends.

Speakers
JH

John Hawley

Open Source Developer, VMware
John 'Warthog9' Hawley led the system administration team on kernel.org for nearly a decade, leading a team including four other administrators. His other exploits include working on Syslinux, OpenSSI, a caching Gitweb, and patches to bind to enable GeoDNS. He's the author of PXE... Read More →


Thursday September 15, 2022 11:55 - 12:35 IST
Liffey B Part 2 (Level 1)

11:55 IST

Sponsored Session: Creating Community in a Complex World: Everything Old is New Again - Amy Marrich, Red Hat
Against a backdrop of ever increasing global challenge - from climate to COVID to armed conflict - the world of open source development and community stands at the same crossroad that has always been before us: How we will choose to build our future projects, advance the state of the art, and sustain efforts focused on critical technical infrastructure? In this talk, Leslie Hawthorn will explore the key opportunities before us and how we can best leverage the lessons of early successes - and failures - in the open source world to navigate our future.

As part of this discussion, she will explore promising trends on the global open source scene, including:
  • The must-be-seized potential of expanding open source development in an era when technical knowledge has become available to practitioners at an unforeseeably high velocity.
  • The rise and institutionalization of the Open Source Program Office as a vehicle for increasing collaboration and efficiency outside of the corporate sector;
  • The role of open source software as a vehicle for reskilling our workforce, creating economic mobility, and solving global problems at a local level.

Attendees of this talk will leave with:
  •  A solid understanding of the shifting landscape of the human element in our open source software development.
  • Best practices for businesses to best engage in this shifting landscape, particularly in their application to emerging arenas for open source, from industry verticals to academia.
  • How to engage the opportunity to rethink “the new normal” as a fertile ground for both innovation and sustainable growth and evolution of our communities. 

Additionally, you will be treated to a whirlwind tour of some of the very best moments to advance the community state of the art that your humble speaker has personally witnessed over the past 15+ years while working with hundreds of different communities across the globe.

Speakers
avatar for Amy Marrich

Amy Marrich

Open Source Evangelist, Red Hat
Amy Marrich is an Open Source Evangelist at Red Hat. She currently serves as the Chair of the CentOS Project and on the Open Infrastructure Foundation Board of Directors and the CHAOSS Projects Governing Board. In addition she serves on the OpenStack Technical Committee, as chair... Read More →


Thursday September 15, 2022 11:55 - 12:35 IST
EcoCem Room (Level 2)
  OSPOCon

11:55 IST

Tracking Attackers in Open Source Supply Chain Attacks: The New Frontier - Tzachi ( Zack) Zorenshtain, Checkmarx
Widespread use of open source software has motivated malicious actors to take advantage of the medium, spawning significant and widespread attacks. To be able to identify these threats at scale we automated this process and would like to present and share some open source tools to detect those attacks. RED LILI This is the largest batch of malicious packages from a single threat actor (1500 packages and still counting ). We will dive into the attack and discuss the infrastructure required for such attacks. To keep track of RED-LILI as they continue to publish malicious packages, our research team has launched RED-LILI Tracker (https://red-lili.info) UA-Parser (Good package gone BAD) An attacker comprised a legitimate account of a popular open-source contributor. We will dive into the attack and TTPs used (Account Takeover) and will discuss Chain alert Free service for the open-source community to alert on those attacks. Protestware A pro-Ukraine NPM user account riaevangelist released several new versions of its popular package “node-ipc” (over million weekly downloads ), which included a wiper functionally targeting Russian and Belarusian IP addresses and running a malicious payload, destroying all files on disk by overwriting their content with a heart emoji “❤️” .

Speakers
TZ

Tzachi Zorenshtain

Head Of Supply Chain Secuirty, checkmarx
Tzachi Zorenshtain is the Head of SCS, Checkmarx. Prior to Checkmarx, Tzachi was the Co-Founder and CEO of Dustico, a SaaS-based solution that detects malicious attacks and backdoors in open-source software supply chains, which was acquired by Checkmarx in August 2021. Tzachi is armed... Read More →


Thursday September 15, 2022 11:55 - 12:35 IST
Liffey Meeting Room 3 (Level 1)

12:35 IST

Better Together Diversity Lunch - Sponsored by arm
Better Together Diversity Lunch

The Better Together Diversity Lunch offers the opportunity for all event participants from marginalized communities (including race, gender, sexual orientation, and disability), and their allies, to join together to build connections to carry through the event and beyond. Our hope is that this event will help continue to increase the diversity both at the event as well as in the open source community as time goes on.

No pre-registration is required to attend. We do our best to accommodate everyone interested in joining, but please note that participation is on a first-come, first-served basis.

Who Can Attend?
Any event participant from a marginalized community (including race, gender, sexual orientation, and disability) and their ally guests.

Is This Event Open to Allies?
Attendees of the Better Together Diversity Lunch are welcome to invite (1) Ally to this event.
We encourage allies to support diversity in tech while at the event by also participating in the Diversity Empowerment Summit, and by seeking out and engaging with diverse attendees onsite.
If you are interested in learning about the other ways the Linux Foundation promotes diversity and inclusion, visit our Diversity & Inclusion page.

Thursday September 15, 2022 12:35 - 14:05 IST
Level 3 Foyer

12:35 IST

Lunch (Attendees on Own)
Lunch and snacks can be purchased in The Forum Kitchen in the back of the Sponsor Showcase on the Ground Level. Lunch Maps also available at the Registration Counter (Ground Level Foyer).

Thursday September 15, 2022 12:35 - 14:05 IST
Lunch Concessions at The Kitchen in the Sponsor Showcase (Ground Level)

13:30 IST

Ask the Expert Session with Donnie Berkholtz, Percona
Ask Donnie about the future of OSS business models, DevOps, Observability, OSS Licensing, Containers and Data.

Ask the Expert sessions: Sit down with open source experts to gain knowledge 1:1 and ask all your pressing questions!

No sign-up necessary - just stop by the three round tables in the Sponsor Showcase.

Speakers
avatar for Donnie Berkholz

Donnie Berkholz

SVP Product, Percona
Donnie Berkholz, Ph.D., is SVP Product Management and a member of the Executive Management Team at Percona. His background includes leadership, advisory, and engineering roles at organizations including Docker, Scale Venture Partners, travel-tech leader CWT, 451 Research, RedMonk... Read More →


Thursday September 15, 2022 13:30 - 13:55 IST
Sponsor Showcase - The Forum

13:30 IST

Ask the Expert Session with Ivana Atanasova, VMware
Ask Ivana about Supply Chain Security and Open Source Leadership.

Ask the Expert sessions: Sit down with open source experts to gain knowledge 1:1 and ask all your pressing questions!

No sign-up necessary - just stop by the three round tables in the Sponsor Showcase.

Speakers
avatar for Ivana Atanasova

Ivana Atanasova

Open Source Software Engineer, VMware
Ivana Atanasova is an Open Source Engineer in VMware's Open Source Program Office, where she has contributed to a variety of projects, including Tern, Python-TUF, CHAOSS' Augur, Network Service Mesh, OpenFaaS and others. Previously, Ivana worked at the Bulgarian Academy of Science... Read More →


Thursday September 15, 2022 13:30 - 13:55 IST
Sponsor Showcase - The Forum

13:30 IST

Ask the Expert Session with Josef Holzmayr, Mender
Ask Josef about OTA Updates, The Yocto Project, Developer Relations in Embedded Linux.

Ask the Expert sessions: Sit down with open source experts to gain knowledge 1:1 and ask all your pressing questions!

No sign-up necessary - just stop by the three round tables in the Sponsor Showcase.

Speakers
avatar for Josef Holzmayr

Josef Holzmayr

Head of Developer Relations, Mender.io
Josef has been active for more than 15 years as a "Complete”-Stack developer for industrial controls by now. He's done everything from debugging hardware to writing drivers, from application development to web front ends. A passion for showing, telling and teaching people in a both... Read More →


Thursday September 15, 2022 13:30 - 13:55 IST
Sponsor Showcase - The Forum

13:30 IST

Ask the Expert Session with Thomas Petazzoni, Bootlin
Ask Thomas about Embedded Linux and Kernel engineering.

Ask the Expert sessions: Sit down with open source experts to gain knowledge 1:1 and ask all your pressing questions!

No sign-up necessary - just stop by the three round tables in the Sponsor Showcase.

Speakers
avatar for Thomas Petazzoni

Thomas Petazzoni

CEO, Bootlin
Thomas Petazzoni is the co-owner and CEO of Bootlin, an engineering company specialized in embedded Linux systems, offering training and engineering services. Thomas has contributed over 5000 patches to the Buildroot project, which is one of the co-maintainers. Thomas has already... Read More →


Thursday September 15, 2022 13:30 - 13:55 IST
Sponsor Showcase - The Forum

14:05 IST

Show Me the Schema! RPCs and Learning to Love Code Gen - Eddie Zaneski, Chainguard
OpenAPI, gRPC, Thrift - just pick one. The time has come to stop writing clients by hand. In this session, we will explore the state of modern RPC (remote procedure call) frameworks and their backing IDLs (interface definition language). You'll learn why you should publish more about your API than just documentation and how code generation can improve developer experience and productivity.

Speakers
avatar for Eddie Zaneski

Eddie Zaneski

Software Engineer, Chainguard
Eddie lives in Denver, CO with his wife and dog. He loves open source and works on the Kubernetes project. When not hacking on random things you'll most likely find him climbing rocks somewhere.



Thursday September 15, 2022 14:05 - 14:45 IST
Wicklow Hall 2A (Level 2)
  CloudOpen, APIs

14:05 IST

Encore Presentation: Building and Supporting Open Source Communities Through Metrics - Georg Link & Emilio Galeano Gryciuk, Bitergia
Each community is different and therefore requires different metrics for data-driven decisions about building and supporting it. The CHAOSS Project was established to help empower open source communities through metrics. We have had many conversations with contributors and realized that everyone pays attention to different aspects of their communities. This talk will share what we have learned in the CHAOSS Project about having metrics for open source communities. Once the right metrics have been decided on, both technical and organizational challenges need to be overcome, which we discuss how to do. Finally, this talk will describe real-world examples of how metrics have been used to help build and support open source communities.

Speakers
avatar for Georg Link

Georg Link

Director of Sales, Bitergia
Georg Link is an Open Source Strategist. Georg’s mission is to make open source more professional in its use of community metrics and analytics. Georg co-founded the Linux Foundation CHAOSS Project to advance analytics and metrics for open source project health. Georg is an active... Read More →
avatar for Emilio  Galeano Gryciuk

Emilio Galeano Gryciuk

Marketing Specialist, Bitergia
Emilio has 5+ years of experience in business and marketing across different industries and countries. His academic background includes a bachelor's degree in Business from Americana University and a Master's degree in Marketing and Sales from the EAE Business School. Emilio is currently... Read More →



Thursday September 15, 2022 14:05 - 14:45 IST
Auditorium (Level 3)
  Community Leadership Conference, Community Management

14:05 IST

Tightrope Walking: Best Practices & Lessons Learned on Community and Business Building From the World's Best Open Source Creators & Maintainers - Ben Rometsch, Flagsmith
In the middle of 2021, my co-founders and I were struggling to get our open source business off the ground. We were struggling with questions of community, licensing, product and business models. Eventually, the questions became so many that I decided to reach out to some of the world's best open source maintainers and creators to ask them and avoid some of the biggest pitfalls. The best part about open source is that once a problem is solved, if it is shared with the world, we don't have to solve it again. With that ethos in mind, I decided to start recording these insightful conversations and turned that into a podcast called The Craft of Open Source. Fast forward to today, I've met with over 40 of the Open Source Communities greatest contributors and want to share those learnings with the audience. Some of the people that we've interviewed include: DHH of Ruby on Rails, Mitchel Hashimoto of HashiCorp, Heather Meeker of Open Source Capital and many many more!

Speakers
avatar for Ben Rometsch

Ben Rometsch

Co-Founder & CEO, Flagsmith
I used to be a software engineer. Now I'm jealous of software engineers. I am currently working full time on Flagsmith, an open source feature management platform that we started in 2018. Prior to Flagsmith, I ran a software agency in London for 20 years.



Thursday September 15, 2022 14:05 - 14:45 IST
Wicklow Meeting Room 1 (Level 2)

14:05 IST

Kubernetes Security After Pod Security Policies Removal - Víctor Cuadrado Juan & Raúl Cabello Martín, SUSE
As everybody knows, Pod Security Policies are going to disappear from Kubernetes. For a long time, external Admission Controllers were advertised as the only way to replace them. However, now Pod Security has emerged as a replacement. Is Pod Security enough to replace the old Pod Security Policies? What about external Admission Controllers, are they still needed? This talk will give clarity and help you understand how to keep your clusters secure.

Speakers
avatar for Raul Cabello Martin

Raul Cabello Martin

Senior Software Engineer, SUSE Software Solutions
Raul is a Senior Software Engineer at SUSE Rancher, where he is a maintainer of Kubewarden an Open Source security project. He is passionate about software development, Kubernetes and cloud native technologies.
avatar for Víctor Cuadrado Juan

Víctor Cuadrado Juan

Open Source Software Developer, SUSE
Víctor started his involvement with Open Source in university, contributing to Debian. Nowadays, he works as software developer on security projects such as Kubewarden, as part of SUSE Rancher, and before, as an automation engineer for cloud native distributed technologies based... Read More →



Thursday September 15, 2022 14:05 - 14:45 IST
Wicklow Hall 1 (Level 2)
  ContainerCon, Security/Authentication

14:05 IST

The Unexpected Demise of Open Source Libraries - Liran Tal, Snyk
Hello there dear developer building your app on open source dependencies. Oh wait, did you think open source code lives forever? Think again! Did you hear about the maintainer discontinuing a library despite having tens of millions of downloads? What about a maintainer who intentionally introduced code to break the functionality of his package which receives millions of downloads? So, did you ever wonder why dependencies die? Join me on a journey full of humor and horror across real-world incidents to learn how even the mightiest of open source projects got defeated. What can we learn from past incidents on the continuous struggles of open source software sustainability, maintainer burnout, and how it impacts us.

Speakers
avatar for Liran Tal

Liran Tal

Director of Developer Advocacy, Snyk
Known for his open source and JavaScript security initiatives, Liran Tal is an award-winning software developer, security researcher, and community leader in the JavaScript community. He's an internationally recognized GitHub Star, acknowledged for his open source advocacy, and has... Read More →



Thursday September 15, 2022 14:05 - 14:45 IST
Liffey Meeting Room 1 (Level 1)
  Critical Software Summit, Cyber Security Considerations

14:05 IST

Building a Diverse and Inclusive Open Source Community - Ruth Ikegah, CHAOSS
"Should I be concerned about diversity? How would it benefit my community? What should my community do to promote DEI? How do I facilitate this conversation in my community?” As DEI has become increasingly popular in discussions, these questions and more are often pondered and asked by open-source members or contributors - these concerns and questions are valid. Diversity and inclusion are indeed the heart of a healthy open-source community. As one of the core contributors to CHAOSS DEI's [https://chaoss.community/] badging group, I would like to share with you the focus areas and metrics we have curated to foster diversity and inclusion in your open-source community.

Speakers
avatar for Ruth Ikegah

Ruth Ikegah

Community Lead, CHAOSS
Ruth Ikegah is an Open-source Advocate, Technical Writer, GitHub star, and a People person. She is sparked about onboarding beginners into the tech system, especially the open-source space. Asides from being actively involved in tech, She is a social volunteer and a voluntary blood... Read More →



Thursday September 15, 2022 14:05 - 14:45 IST
Wicklow Meeting Room 5 (Level 2)

14:05 IST

Cameras, Devicetree and ACPI: A Device Driver Perspective - Sakari Ailus, Intel
There are two classes of integrated camera hardware on the market today, USB cameras as well sets of hardware components such as raw image sensors, image signal processors (ISP), lens voice coil modules (VCM) that together can be used to implement a digital camera. USB cameras are self-contained and work with a single device driver but what about this other option? Its benefits compared to a USB camera include more choice in component selection, better control and better image quality. Traditionally found in mobile phones, during the past few years such cameras have found their way to laptops and tablets as well. There is also a downside: all the complexity of implementing a digital camera is exposed to the operating system. Each component requires a driver and most of these drivers require information on the system they're running on from the system firmware. Each component also requires low-level control from the operating systems. This presentation discusses DT and ACPI firmware interfaces in the scope of cameras, their differences as well as how device drivers interface with them.

Speakers
SA

Sakari Ailus

Software engineer, Intel
Sakari has been working on both Linux and cameras for around 15 years. Sakari maintains V4L2 camera sensor drivers as well as CSI-2 related drivers and is one of the V4L2 and Media Controller core developers.



Thursday September 15, 2022 14:05 - 14:45 IST
Liffey Hall 1 (Level 1)

14:05 IST

Growing a Lab for Automated Upstream Testing: Challenges and Lessons Learned - Laura Nao, Collabora Ltd.
With great labs comes great responsibility! In this presentation, we will walk through the challenges of maintaining and growing the Collabora LAVA lab, which now counts more than 100 devices of several types running thousands of test jobs every day. Our main goal is to build an ecosystem of devices that open source projects can use for automated testing on various hardware. Successful CI initiatives such as KernelCI and MesaCI have been leveraging the Collabora lab for their automated upstream testing and development workflows, with more than a hundred thousand test jobs running every month. Maintaining and scaling up on such a large lab comes with its own sets of requirements and challenges. As coverage increases in the project pipelines, the impact of any unreliability or failure in the hardware pool multiplies. Continuous monitoring and recovery mechanisms are crucial to ensure good device availability and reliability. We will discuss the lifecycle of devices inside the lab from the bring up to the day-to-day care, as well as the ongoing efforts to make the Collabora LAVA lab more robust as it grows.

Speakers
avatar for Laura Nao

Laura Nao

Software Engineer, Collabora Ltd.
Laura is a consultant software engineer in the Collabora's LAVA lab team. Her current work is focused on helping maintaining the devices in the Collabora lab and improving the infrastructure, to provide a reliable testbed for automated upstream testing.



Thursday September 15, 2022 14:05 - 14:45 IST
Liffey Hall 2 (Level 1)

14:05 IST

Walking Through the Linux-Based Graphics Stack - Paul Kocialkowski, Bootlin
The graphics stack used with the Linux kernel is a notoriously complex beast. From userspace down to the kernel level, a number of components are involved and interact with eachother. It is also an area that is constantly evolving to meet new use cases, refresh legacy implementations and achieve better performance. This makes it difficult to have a clear idea of the big picture and what is actually happening when using graphics-related components. This presentation will detail a walk through the graphics stack, with actual examples of displaying a buffer and rendering using the GPU. Going from the application level through the system libraries, down to the kernel and ending with actual hardware configuration. State-of-the-art technologies such as Wayland and DRM will be highlighted with relevant excerpts from the source code of related free software projects that are widely used today.

Speakers
avatar for Paul Kocialkowski

Paul Kocialkowski

Enmbedded Linux Engineer, Bootlin
Paul joined Bootlin in 2018 and started with bringing support for the Allwinner VPU to mainline Linux. He went on to cover more topics related to graphics and multimedia, with various contributions to the DRM and V4L2 Linux subsystems as well as various related projects. Before that... Read More →



Thursday September 15, 2022 14:05 - 14:45 IST
Liffey Meeting Room 2 (Level 1)

14:05 IST

How to Help the Next Generation - Jeff Reser, SUSE
The technology skills gap is not new. Mainframe organizations are aware of the skills gap and the difficulties of attracting new talent to the mainframe because of misguided notions that it’s an outdated system. Far from being obsolete, many mainframes today are seeing increased workloads as they underpin high volume transactions in a number of industry sectors, boosted especially by the rise in customer facing online and mobile applications. Whole generations of people are “touching” the mainframe in this way without even realizing it. Open Mainframe Project aims to educate the next generation through its hands-on programs including the COBOL Programming Course, Mainframe Open Education and the Mentorship Program. In this presentation, attendees will learn more about these programs and how to can get involved.

Speakers
avatar for Jeff Reser

Jeff Reser

Head of Solution Marketing, SUSE
Jeff Reser leads product marketing at SUSE, with an additional focus on AI and high performance computing. With a degree in astrophysics, Jeff has a passion for data analytics, space research and understanding the impact that things like climate change has on our lives and our pl... Read More →



Thursday September 15, 2022 14:05 - 14:45 IST
Liffey Meeting Room 3 (Level 1)
  Emerging OS Forum, New & Emerging Open Source Projects

14:05 IST

Understanding Self-Sovereign Identity the Open Standards and the Open Source - Kaliya Young, Identity Woman
Self-Sovereign Identity (SSI), also called Decentralized Identity, is an emerging paradigm for digital identity that many open source projects are building upon. This talk will elaborate on why it is extremely important for the open source community/projects in the SSI space to stay aligned with the evolving open standards as well as become an important feedback loop for standard development. The speaker will present an overview of the various efforts in the open standard communities including the W3C Credentials Community Group and relevant working groups, the Decentralized Identity Foundation, and the Trust over IP Foundation, the latter two being hosted at the Linux Foundation. She will also highlight key open source projects that implement these standards. The technology will be contextualized relative to earlier paradigms for digital identity including traditional Enterprise Identity and Access Management and protocols like OpenID for social login. Attendees will walk away with a clear understanding of open-standard-based open source development and a starting point to engage with the communities developing the technology. The material being shared will echo the new course being developed at LF Training focused on Self-Sovereign Identity.

Speakers
avatar for Kaliya Young

Kaliya Young

Identity Expert, Identity Woman
Kaliya, widely known as the Identity Woman, is a top expert in decentralized / self-sovereign identity. She has committed her life to the development of an open standards based identity layer of the internet that empowers people. Kaliya co-founded the Internet Identity Workshop (IIW... Read More →


Thursday September 15, 2022 14:05 - 14:45 IST
Wicklow Meeting Room 3 (Level 2)
  Emerging OS Forum, Self-Sovereign Identity

14:05 IST

Panel Discussion: Corporate Strategies for Sustainable Investing in the Open Source Ecosystem - Mike Fix, Stripe, Inc.; Richard Littauer, Open Source Collective; Suzanne Ambiel, VMware & Alyssa Wright, Bloomberg
The open source community suffers from both a long-term lack of funding from corporations which benefit from its code, and from a lack of governance which affords growth and sustainability. This tenuity leads to an unstable landscape for corporate involvement. As awareness of this problem has grown, engagement in existing solutions remains lacking - particularly from companies who would benefit from a more secure, well-resourced open source ecosystem.
Many corporate OSPOs altruistically support projects fiscally, hoping for a short-term ROI. However, the return on altruistic endeavors is often itself short lived, and so investments dry up. How can corporations effectively leverage the altruistically motivated OSS practitioners internally with an eye towards long-term returns for their investments in the projects they touch, the ecosystem they work in, and their own competitive markets?
This panel, led by Community Development Manager at Open Source Collective, Richard Littauer, invites OSPO leaders Suzanne Ambiel (VMware), Alyssa Wright (Bloomberg), and Mike Fix (Stripe) to discuss corporate strategies for investing in open source sustainably. How can companies fund projects with an eye towards real return on investment, in order to keep their programs running for the long haul?

Speakers
avatar for Suzanne Ambiel

Suzanne Ambiel

Director, Open Source Marketing & Strategy, VMware
Suzanne is the Director of Open Source Marketing and Strategy at VMware working side by side with VMware's OSPO. A 12-year veteran of VMware, Suzanne began her journey in open source with the inception of VMware's OSPO team. She's presented at Open Source Summit, Linux Foundation... Read More →
avatar for Alyssa Wright

Alyssa Wright

Lead, Open Source Program Office, Bloomberg
Alyssa leads Bloomberg’s Open Source Program Office (OSPO), which is located in the Chief Technology Office and serves as the center of excellence for Bloomberg’s engagements and consumption of open source software. When not helping define open source strategies and implementing... Read More →
avatar for Richard Littauer

Richard Littauer

Community Development Manager, Open Source Collective
Richard Littauer (he/him) is the community manager for Open Source Collective, the largest fiscal host for open source projects. He has spent the last decade working in open source communities, particularly in the Node.js and decentralized internet space. He is the main panelist for... Read More →
avatar for Mike Fix

Mike Fix

Software Engineer, Head of Open Source, Stripe, Inc.
Mike Fix is frontend engineer and head of Open Source at Stripe. On the side, he's also the maintainer of various open-source projects, such as Carbon (carbon.now.sh) and Repo Ranger (reporanger.com). These days you will find him working over coffee in San Francisco.


Thursday September 15, 2022 14:05 - 14:45 IST
EcoCem Room (Level 2)
  OSPOCon, OSPO Lessons Learned

14:05 IST

How To Break a Network - Jack Min Ong, MoneyLion
Pretty much every developer has to interact with the network stack at some point in their workflow, be it to deploy a service, interact with sensors, or access resources on the company network. It is thus no surprise that a good understanding of computer networking is often the distinguishing factor between those who can get things done and those who perpetually have to wait for IT to fix their problems. This tutorial aims to provide a top-down overview of computer networking, starting with typical functioning use cases which then get misconfigured. In the process of figuring out why the misconfiguration breaks the network, attendees are introduced to the key concepts in computer networking in a more motivated way, without the boring theory and terminology that constitutes a typical networking course.

Speakers
avatar for Jack Min Ong

Jack Min Ong

Junior SRE, MoneyLion
Jack Min is a Junior SRE at MoneyLion as well as an undergraduate student majoring in Artificial Intelligence at Universiti Malaya. Prior to his current role, he worked for 2 years on multiple projects in his local community in roles requiring Linux system administration, container... Read More →



Thursday September 15, 2022 14:05 - 15:40 IST
Liffey B Part 2 (Level 1)

14:05 IST

Data, Equity & Allyship Workshop - Dora Grzetic, Avanade UKI & Sarah Rench, Avanade
This interactive session will be co-facilitated by Avanade’s Sarah Rench, Data & AI Security Lead, and Dora Grzetic, UKI Employee Experience & Learning Lead. The Data, Equity & Allyship session is an interactive session that emphasizes the ethical and social implications of Diversity, Equity and Allyship in AI and Machine Learning. Specifically, the session will cover:

  • Emotional Intelligence and Bias
  • AI and Machine Learning, and ML risks
  • Ethical and Social Implications
  • How to break bias
  • Importance of Diversity, Equity, Inclusion and Allyship and how to implement it

The session will provide an opportunity for individuals to learn from industry experts and share their own learnings.

**Note: Due to the level of discussion and interaction occurring during this workshop, it is not possible to deliver to a virtual audience and this session will be in-person only.**

Speakers
SR

Sarah Rench

Global Data, AI and Industry Solutions Director, Avanade
Sarah Rench is the Global Data, AI and Industry Solutions Director at Avanade and has experience building various data systems across the full data lifecycle and specializes in; Data quality systems using machine learning for UK, European and Global regulations, Data governance and Risk manag... Read More →
avatar for Dora Grzetic

Dora Grzetic

UKI Employee Experience & Learning Lead, Avanade UKI
Dora Grzetic is the UKI Employee Experience & Learning Lead at Avanade UKI. Having completed her MSc in Organisational Psychology at City University London, Dora joined Avanade in 2017 where she grew her career and now runs a team focused on employee value proposition. In her role... Read More →



Thursday September 15, 2022 14:05 - 15:40 IST
Wicklow Hall 2B (Level 2)
  Special Events / Exhibits / Breaks

15:00 IST

Kubetest2: Because Now You Can Test Kubernetes on Your Bespoke Cloud Too! - Priyanka Saggu, VMware
Do you want to test Kubernetes end-to-end on your cloud? Also curious to know how other projects in the Kubernetes ecosystem do this? If so, you will love our Kubetest2 session. Kubetest2 is a testing framework maintained by Kubernetes SIG Testing that allows you to test Kubernetes both locally and on the cloud. It manages cluster configuration, e2e testing, log collection, and test environment disposal. Kubetest2 natively supports GCP, GKE & KinD deployers, but also enables writing custom deployers out-of-tree. A custom Kubetest2 deployer is possible, but it needs some prior context & knowledge of Kubetest2 internals. To that end, this talk will provide attendees with the following takeaways: * What is Kubetest2, how it is architected, and its evolution from its predecessor Kubetest * Benefits of using Kubetest2 as a testing tool for your project * Reasons to use a bespoke Kubetest2 deployer Finally, we will demo how to develop a custom deployer for your own cloud provider.

Speakers
avatar for Priyanka Saggu

Priyanka Saggu

Member of Technical Staff, VMware
Priyanka Saggu is a open source software engineer at VMware, with contributions to many parts of the upstream Kubernetes project through SIGs such as Release, Testing, ContribEx, and CLI. She is also the Enhancement Lead for the Kubernetes v1.25 release cycle and has been on the Release... Read More →


Thursday September 15, 2022 15:00 - 15:40 IST
Wicklow Hall 2A (Level 2)
  CloudOpen, Testing

15:00 IST

Panel Discussion: Community Response to Non-Practicing Entity Patent Risk in OSS - Shawn Ambwani, Unified Patents; Keith Bergelt, Open Invention Network; Karen Copenhaver, The Linux Foundation & Stephen Walli, Microsoft
Over the course of the last three to five years, patent aggression from operating companies against open source project code has declined as more and more operating companies like Microsoft have agreed to cross-license patents that read on core open source software (OSS) functionality through participation in the Open Invention Network Patent Non-Aggression Community.  During this period, however, patent aggression against critical OSS project functionality has risen at an accelerated rate from non-practicing entities (NPEs) seeking to monetize patents that have, for the most part, been purchased from the secondary market.   As such, coordinated countermeasures have been adopted by Microsoft, the Linux Foundation and Open Invention Network through the founding and funding of the OSS Zone managed by Unified Patents. Two plus years into its formation the OSS Zone has realized substantial success in invalidating poor quality patents held by NPEs that had been asserting them against critical open source functionality. The panel will discuss the nature of non-practicing entity patent risk to OSS, the motivation for a collaborative partnership between the founding/funding parties, and provide an overview of patent risk mitigation benefits attributable to this initiative.

Speakers
avatar for Shawn Ambwani

Shawn Ambwani

Co-Founder / COO / SVP Legal, Unified Patents
avatar for Keith Bergelt

Keith Bergelt

CEO, Open Invention Network
Keith Bergelt is the CEO of Open Invention Network (OIN), the largest patent non-aggression community in history, created to support freedom of action in Linux as a key element of open source software. Funded by Google, IBM, NEC, Philips, Sony, SUSE, and Toyota, OIN has more than... Read More →
avatar for Karen Copenhaver

Karen Copenhaver

Strategic Advisor, Linux Foundation
Karen Copenhaver is a strategic advisor to the Linux Foundation. She was previously a partner in Choate, Hall & Stewart LLP ‘s Business & Technology practice, focusing on technology transfer and licensing of intellectual property, with a specific emphasis on open source business... Read More →
avatar for Stephen Walli

Stephen Walli

Principle Program Manager, Microsoft
I'm a principal program manager at Microsoft in the Azure Office of the CTO. I've worked with Docker, been a Distinguished Technologist at Hewlett-Packard, technical director at the Outercurve Foundation, founded a start-up, and been a writer and consultant. I've been around open... Read More →


Thursday September 15, 2022 15:00 - 15:40 IST
Wicklow Meeting Room 1 (Level 2)
  Community Leadership Conference

15:00 IST

The Current and Future State of Istio - Lin Sun, Solo.io
Curious where the Istio project is headed? Albeit being the most widely adopted service mesh in production today, there are multiple challenges with Istio such as coordinating sidecar proxy lifecycle with application container, cost of ownership to updating sidecars which often have CVEs, ability for control plane to handle large number of proxies and push configurations promptly, shorten data plane network traffic to improve latency etc. This talk will focus on these challenges and how the Istio project plans to tackle these challenges going forward.

Speakers
avatar for Lin Sun

Lin Sun

Director of Open-Source, Solo.io
Lin is the Director of Open-Source at Solo.io and a CNCF ambassador. She has worked on Istio service mesh since 2017 and serves on the Istio Technical Oversight Committee and Steering Committee. Previously, she was a Senior Technical Staff Member and Master Inventor at IBM for 15... Read More →



Thursday September 15, 2022 15:00 - 15:40 IST
Wicklow Hall 1 (Level 2)

15:00 IST

Address Space Isolation for Enhanced Safety of the Linux Kernel - Igor Stoppa, NVIDIA
Linux is entering fields dominated by specialised embedded OS, like Safety applications. However, Linux was not designed to pass the safety qualification process, where claims about system safety need the backing of both argumentation and objective evidence. In a system with components having different levels of Safety, the less-safe components cannot generate undetected interference in safer ones. The kernel-space memory management is not helping, though. For example, a buggy device driver can interfere with any other non-write protected component, including scheduling metadata, execution stacks, etc. The proposal identifies a strategy for functional partitioning of the system, identification of critical elements, and various mechanisms to increase their safety. It will describe changes to the Linux kernel, both for memory management, creating an opt-in level of address space isolation, and also other specific tweaks, for hardening critical aspects, like the kernel stack, against interference. The goal is to expand both the prevention and the detection of interferences that external monitoring alone would not detect easily. Participants will learn both a methodology for the safety analysis of a Linux system, and mechanism for improving the safety of selected components.

Speakers
avatar for Igor Stoppa

Igor Stoppa

Sr SW Safety Architect, NVIDIA
Igor received his Msc in Electronic Engineering from Politecnic University of Turin in 2001. Since then, he has worked primarily on Linux systems. Most notable examples include: power management for Nokia Internet Tablets; Test automation infrastructure, Distro Image creation and... Read More →



Thursday September 15, 2022 15:00 - 15:40 IST
Liffey Meeting Room 1 (Level 1)

15:00 IST

How the LFX Mentorship Program Helped me Level-Up My Career - Navendu Pottekkat, API7.ai
In 2020, I made my first open source contribution. It was very rewarding that I started to spend more time contributing to open source. I was just starting to program full-time and I had a lot to learn. That is when I was accepted into the Linux Foundation Mentorship Program. It gave me access to mentors and helped me improve my coding skills. It also helped me to work on open source while getting a stable stipend. This journey led me to full-time roles writing open source code. Today, I help pay it forward by being a mentor through the same program. In this talk, I walk through how this program has been beneficial to me and others who come from similar backgrounds that offer very less opportunities. I will also share my journey that led to working in open source full-time with very global and diverse teams. This talk is for both mentors and mentees wanting to level up in their careers through open source.

Speakers
avatar for Navendu Pottekkat

Navendu Pottekkat

Developer Advocate, API7.ai
Navendu Pottekkat works as a Developer Advocate for API7.ai. Navendu's passion for designing, developing, and deploying scalable, distributed systems is evident in each initiative he advances as an open source maintainer. He dedicates to helping new contributors to open source by... Read More →


Thursday September 15, 2022 15:00 - 15:40 IST
Wicklow Meeting Room 5 (Level 2)
  Diversity Empowerment Summit, Mentorship

15:00 IST

CIP (Civil Infrastructure Platform): Reusing and Strengthening OSS Component Security for Achieving Industrial Grade Security - Dinesh Kumar, Toshiba Software India Pvt Ltd
CIP (Civil Infrastructure Platform) members are constantly engaged to uncover the potential of Open Source based components for building Industrial Software which have a long life span, this endeavour is further strongly supported by CIP community. The primary focus of this talk would be to discuss how CIP Security work group along with other CIP work groups is working to respond the threats posed by ever growing security concerns. As part of the effort CIP Security WG is working with accredited IEC Certification body to meet international Cybersecurity standards by re-using numerous Debian based components in CIP. CIP is not just reusing Debian based components instead working with several open source communities to strengthen the security of their components. In addition, there will be updates from CIP (Civil Infrastructure Platform) project how CIP is progressing to meet IEC-62443 security requirements by identifying required Debian packages and creating IEC security layer in CIP. It would help developers to get insight into CIP Security work group efforts as well as opportunity to learn more about overall CIP OSBL.

Speakers
avatar for Dinesh Kumar

Dinesh Kumar

Engineering Manager, Toshiba Software India Pvt Ltd
Experienced, in developing Embedded linux software , Secure boot, Debian packages, board support packages, development of Android Application & Framework. My research interest includes embedded linux, Linux kernel security, cybersecurity and Cloud technologies. Currently working for... Read More →



Thursday September 15, 2022 15:00 - 15:40 IST
Liffey Hall 2 (Level 1)

15:00 IST

SBOMs: Essential for Embedded Systems Too! - Kate Stewart, The Linux Foundation
With the recent focus on improving Cybersecurity, the expectation that a Software Bill of Materials (SBOM) can be produced, is becoming the norm. Having a clear understanding of the software running on an embedded system, especially in safety critical applications, like medical devices, energy infrastructure, etc. has become essential. Regulatory authorities have recognized this and are starting to expect it as a condition for engagement. Safety critical certifications require this level of information already, it just needs to be shared in a standard format so others can do better risk management and vulnerability analysis, as well. This talk will provide an overview of the emerging regulatory landscape, as well as examples of how SBOMs are already being generated today for embedded systems by open source projects such as Zephyr, Yocto and others.

Speakers
avatar for Kate Stewart

Kate Stewart

Vice President of Dependable Embedded Systems, The Linux Foundation
Kate Stewart is Vice President of Dependable Embedded Systems at the Linux Foundation. She works with the safety, security and license compliance communities to advance the adoption of best practices into embedded open source projects. Since joining The Linux Foundation, she has launched... Read More →


Thursday September 15, 2022 15:00 - 15:40 IST
Liffey Meeting Room 2 (Level 1)
  Embedded Linux Conference (ELC), Security

15:00 IST

Technical Introduction to EVerest: Open Source Firmware for EV Charging Stations - Kai-Uwe Hermann & Piet Gömpel, PIONIX GmbH
This presentation introduces EVerest, an open source software stack for electric vehicle charging infrastructure, with specific examples of usage and integration into large-scale solutions. EVerest was designed with modularity and customizability in mind. It consists of a framework for configuring multiple interchangeable modules that are coupled via MQTT. By abstracting standards and use cases, EVerest runs on any Linux device without major customization efforts, from AC home chargers to DC public charging stations. In addition to communicating with vehicles using ISO15118 and EN61851, EVerest plans to integrate further communication such as ChaDeMo as well as supporting cloud-based management solutions, energy management including openADR and USEF, PV integration, and grid friendliness. A feature-complete OCPP cloud connectivity stack is already included.

EVerest is an Apache2.0 licensed project within LF Energy. It was initiated by PIONIX GmbH to support the electrification of the mobility sector.

Speakers
avatar for Piet Gömpel

Piet Gömpel

Software Developer, PIONIX GmbH
Piet combined studies of Renewable Energy Technologies and IT-Engineering. Since May 2022 he works as a software developer for Pionix and contributes to the Linux Foundation Energy Project EVerest, an open source software stack for electric vehicle charging infrastructure.
avatar for Kai-Uwe Hermann

Kai-Uwe Hermann

System Architect, PIONIX GmbH
Kai studied computer science at the Karlsruhe Institute of Technology in Germany until 2019 and continued to work as a researcher in a robotics and autonomous driving group. In 2021 he started as a System Architect at PIONIX and is one of the driving forces behind the Linux Foundation... Read More →



Thursday September 15, 2022 15:00 - 15:40 IST
Liffey Hall 1 (Level 1)

15:00 IST

Demystifying the WASM Landscape: A Primer - Divya Mohan, SUSE
Although WebAssembly is a pretty nascent technology (MVP was released in 2017!), there has been a spike in the number of toolchains, interfaces, runtimes, market players, and offerings ever since. To an absolute beginner, the sheer amount of terminology being thrown at them could make the entire exercise of getting onboarded intimidating. With an in-depth and updated coverage of the WASM landscape, this talk aims to be a technical discussion illustrating where each of the above fit in. What's more? The speaker will contrast it with existing frameworks for the audience's ease of understanding. By the end of the talk, the audience will walk away with a clear understanding of - The WebAssembly spec - What the current landscape looks like - Where we are headed

Speakers
avatar for Divya Mohan

Divya Mohan

Technical Writer, SUSE
A systems nerd and a CNCF ambassador, Divya currently is a technical writer at SUSE. She is extremely passionate about contributing to Open Source & co-chairs the documentation efforts for the Kubernetes and LitmusChaos projects. She has served on a few Release cycles for Kubernetes... Read More →



Thursday September 15, 2022 15:00 - 15:40 IST
Wicklow Meeting Room 3 (Level 2)
  Emerging OS Forum, WebAssembly (Wasm)

15:00 IST

How to Build Trustworthy AI with Open Source - Diana Atanasova & Teodora Sechkova, VMware
Artificial Intelligence (AI) is no longer in the future. AI has left the research laboratories and has become rapidly part of various aspects of our lives. As AI adoption grows and the system's complexity increases, the consequences of making wrong decisions also rise significantly. The more we depend on AI to make decisions on our behalf, the more we require mature AI systems that we can trust. To ensure AI systems continuously behave in a trustworthy manner, research communities and governmental bodies began efforts to define guidelines and principles like Trusted AI, Responsible AI, Ethical AI, and Trustworthy AI. Each guide gives its taxonomy and categories of properties the AI needs to achieve for the good of humanity. In this session, Teodora and Diana will walk you through the Trusted AI ecosystem and demo existing open source projects: Adversarial Robustness Toolbox, AI Fairness, AI Explainability, and more to show how to leverage the existing tools to insert accountability into your machine lifecycle and improve the trustworthiness of your system.

Speakers
DA

Diana Atanasova

Open Source Engineer, VMware
Diana Atanasova is an Open Source Engineer in VMWare’s Open Source Technology Center. She is contributing to Kubeflow – ML workflow framework and has interests in AI ethics and security. Diana holds a master's degree in Applied Mathematics and Informatics.
avatar for Teodora Sechkova

Teodora Sechkova

Open Source Software Engineer, VMware
Teodora is an open source software engineer at VMware’s Open Source Program Office. During her first years in VMware, she was an active contributor and maintainer of The Update Framework (TUF) - a framework for securing software update systems. Currently, she invests her time in... Read More →



Thursday September 15, 2022 15:00 - 15:40 IST
Wicklow Meeting Room 2 (Level 2)

15:00 IST

Building a Team for the Upstream: Things We Learned Building InnerSource Teams for Open Source Impact - Emma Irwin, Microsoft
When efforts to contribute to, participate-in, lead and support upstream projects are siloed in product teams, or reliant on advocacy of individuals who 'get it' , the impact for our customers, and the entire ecosystem falls short of the potential. In this talk, Emma will share the concept of 'internal community building' to both empower and scale impact on upstream projects and beyond. Specifically, this talk will focus on three of Microsoft's cross-organizational community building efforts, each it's own group with specific goals : - Upstream impact on open source metrics (CHAOSS) - Upstream impact on diversity equity and inclusion - And (no big deal) every open source project on the planet. This is InnerSource working for open source, and I will share what has worked (and not worked!) . Go team upstream!

Speakers
EI

Emma irwin

Senior Program Manager, Microsoft
Emma has been building open source software and open source communities for about as long as she can remember. Her role at Microsoft's Open Source Programs Office (OSPO) building, empowering and activating developers and their teams around open source is a combination of all the things... Read More →


Thursday September 15, 2022 15:00 - 15:40 IST
EcoCem Room (Level 2)
  OSPOCon, OSPO Lessons Learned

15:00 IST

How to Identify and Avoid Cracks and Bumps in your Digital Infrastructure? By Considering the Health of Open Source in your Intake Process - Johan Linåker, RISE Research Institutes of Sweden
Open Source Software (OSS) makes up a pivotal part of today's digital infrastructure. Like roads and bridges, the digital infrastructure requires continuous maintenance to avoid cracks and bumps that, in turn, can cause severe effects. Such maintenance, however, can not be taken for granted. Companies need to be aware of what OSS is used, or considered in the intake process. But what should one look for, and how? What can be done to mitigate, or address the risk of cracks and bumps arising? In this talk, Johan will answer these questions based on ongoing empirical research, as well as experience from the industry. More specifically, Johan will present how companies can analyze the health of the OSS projects, i.e., their ability to stay viable long-term and maintain the OSS. By analyzing the health, (potential) users of the OSS can evaluate whether to use or continue using the OSS. It can also enable them to proactively improve the health of an OSS project and thereby lowering the risk of vulnerabilities being introduced. The audience will be provided with practical examples of what aspects to consider to analyze health based on context and risk, how to set up a screening process, and how to work proactively in improving the health and sustainability of the OSS used.

Speakers
avatar for Johan Linåker

Johan Linåker

Senior Researcher, RISE Research Institutes of Sweden
Johan is an empirical software engineering researcher with interest and passion for how industry and public sector can use and collaborate on open source software and open and shared data to enable a value-driven digitization, both for their organizations and society at large. He... Read More →



Thursday September 15, 2022 15:00 - 15:40 IST
Liffey Meeting Room 3 (Level 1)

15:40 IST

16:10 IST

The Force Awakens: Managing Millions of Kubernetes Clusters at the Edge - Di Xu, Tencent
The benefits and paradigms offered by cloud native, such as observability, loosely coupled systems, declarative APIs, robust automation and etc, have made Kubernetes an ideal go-to platform for the edge. And Kubernetes is extending to the edge rapidly. The challenge with the edge is to take all these learnings and benefits from Kubernetes and transfer them to the edge. How does a single/small organization manage thousands of millions of clusters and thousands of millions of applications running on disparate and disaggregated infrastructure without the need to juggle different management tools for each environment? In this presentation, they will bring in a novel engineering perspective to unveil the power of millions of Kubernetes clusters to the edge. Also they will share all the lessons learnt and practical tips & tricks on such massive clusters management. In the end, a benchmarking will be given.

Speakers
avatar for Di Xu

Di Xu

Senior Engineer, Tencent
Currently, he is working at Tencent as a staff engineer, leading a small team working on open source cloud native projects and distributed cloud platform development. Also, he is a top 50 code contributor in Kubernetes community. He had spoken many times at open source conferences... Read More →



Thursday September 15, 2022 16:10 - 16:50 IST
Wicklow Hall 2A (Level 2)
  CloudOpen, Edge Cloud Computing

16:10 IST

Uncovering Community and Project Insights Through Data Driven Methods - Oindrilla Chatterjee, Red Hat
How do you assess and track the health of your project in an open source, data-driven way? Github repositories reveal crucial information about the project e.g. velocity, blockers, community health, etc. which can ultimately help guide the development of the project. In this talk, we show how we can get deeper insights into the software development process by creating a set of open source data science workflows that collect data about a repo’s PR’s, analyze them, and visualize key metrics on a dashboard. I will also show how to build and deploy ML models that can be used to supplement the project development process. Specifically, I'll show how to create these dashboards and services on an open source community cloud where data scientists get an environment for solving data science challenges without setting up the infrastructure and services. This also provides an environment where operations are open source, so that data scientists have full visibility into the platform and their workloads every step of the way. By the end of this talk, attendees would have learned how to use the set of ML tools to derive key metrics from their Github repos and use the open source tools for creating reproducible notebooks, models as services, building automated pipelines and dashboards.

Speakers
avatar for Oindrilla Chatterjee

Oindrilla Chatterjee

Senior Data Scientist, Red Hat
Oindrilla is a Senior Data Scientist at Red Hat, in the Office of the CTO working on emerging trends and research in ML and AI. She spent the past year developing open source AI applications for CI data.



Thursday September 15, 2022 16:10 - 16:50 IST
Wicklow Meeting Room 1 (Level 2)

16:10 IST

Open Container Data Protection - State, Trend and the Kahu! - Sanil Kumar D & Sushantha Kumar, Huawei
Most of the industry reports confirm the momentum towards the container application deployments, and hence the container storage. The session explores the current state and solution trends in container data management, specifically for container data protection. It discusses how the new storage products are shaping up along with the changes in the open-source solution ecosystem. The session introduces the open-source project - Kahu from SODA Foundation for container data protection, along with its architecture, working demo (data/metadata backup), and future feature set. During this session, the speaker(s) interact with the audience to get their input and collaboration further for this to build a heterogeneous and hybrid data protection solution for Kubernetes(/container application deployments).

Speakers
avatar for Sanil Kumar D

Sanil Kumar D

TOC Co-chair, Chief Architect, Huawei / SODA Foundation
Job Title: Chief Architect, Head Data Management at Huawei Technologies India & TOC CoChair, Architecture Lead, SODA Foundation Product development expertise in the areas of Linux, Open Source, ARM Ecosystem, Cloud, Data Management, and Emerging Technologies(like Edge Computing, Blockchain... Read More →
avatar for Sushantha Kumar

Sushantha Kumar

System Architect, HUAWEI TECHNOLOGIES INDIA PRIVATE LIMITED
Sushantha Kumar is a Lead Architect, Data Management Team at Huawei Technologies India. Member of SODA Foundation. Currently working on a container data management project at SODA Foundation. Prior to this, worked on the PaaS platform for cloud-native applications. Also has exposure... Read More →



Thursday September 15, 2022 16:10 - 16:50 IST
Wicklow Hall 1 (Level 2)
  ContainerCon, Cloud Native Storage

16:10 IST

Enabling Linux in Safety-Critical Applications - ELISA Insights - Philipp Ahmann, Robert Bosch GmbH & Elana Copperman, Mobileye
The ELISA project has taken on the challenge to make it easier for companies to build and certify Linux-based safety-critical applications. ELISA members are defining and maintaining a common set of elements, processes and tools that can be incorporated into specific Linux-based, safety-critical systems amenable to safety certification. This talk will give an overview of the goals and technical strategy of the ELISA project. It provides information about the different work groups, their interaction and contributions. These work groups focus on Linux Features for Safety-Critical Systems, Software Architecture, Open Source Engineering Process, Tool Investigation and Code Improvement. They are complemented by use case work groups dealing with Automotive, Medical and wider Industrial IoT systems. Attendees will leave the talk with an understanding where the ELISA project stands today. They get insights which methodologies and tools are used, which challenges are tackled next by the work groups and why the different puzzle pieces are all needed for enabling Linux in safety-critical applications.

Speakers
avatar for Elana Copperman

Elana Copperman

System Architect, Mobileye
Elana Copperman, PhD is a System Software Architect at Mobileye (until recently, part of Intel). She provides support for designing safety features in Mobileye products, including system boot, drivers, and Linux infrastructure. Before working at Mobileye, she worked as a Security... Read More →
avatar for Philipp Ahmann

Philipp Ahmann

Product Manager, Robert Bosch GmbH
Philipp Ahmann is a technical business development manager at Robert Bosch GmbH with focus on Open Source activities. He represents the ELISA project of the Linux Foundation as technical steering committee chair and leads the automotive as well as systems work group. He has more than... Read More →



Thursday September 15, 2022 16:10 - 16:50 IST
Liffey Meeting Room 1 (Level 1)

16:10 IST

Diversity in Open Source, an Asian Perspective - Masae Shida, VMware
Many open source communities struggle to achieve strong community participation from Asia despite the region representing 60% of the entire world population. Although there are numerous participants from India and China, the number is disproportionately low when compared with North America and Europe. An obvious reason could be time zones, however, as a Japanese woman who grew up and worked in Japan, and as a wife and a mother, it seems probable this could be explained by culture and other social barriers like language. Although we appreciate the benefit of diversity in open source, it remains challenging to have an optimally balanced community. Do we compromise by having some people in each region to convince ourselves that we’ve achieved a target? Or do we look for ways to overcome the barriers enabling real benefit from multiple perspectives? Many DEI categories are grouped together which removes our ability to identify areas needing improvement. Asia consists of 40 countries whose culture and languages are very different, and Asians who grew up in North America have different perspectives from those who grew up in Asia. Diversity is defined by a combination of multiple factors. Let’s look at our goals more closely and see what communities can actually do to bring real value.

Speakers
avatar for Masae Shida

Masae Shida

Senior Program Manager, VMware
Masae is a Senior Program Manager in the Open Source Strategy team within VMware's OSPO, where she leads the company’s product strategies and community contributions alignment, to improve the business and entire ecosystem's sustainability. She has presented at LF Open Source Summit... Read More →


Thursday September 15, 2022 16:10 - 16:50 IST
Wicklow Meeting Room 5 (Level 2)

16:10 IST

A Month Off: Migrating a Robot Controller from the Proprietary INtime RTOS to Linux - Dirk Eibach, Carl Cloos Schweisstechnik GmbH
Carl Cloos Schweisstechnik GmbH is maintaining its own robot control software since the 1980s. At that time Intel was offering a Realtime Operating System called RMX to create some demand for their processors. Cloos was probably the first company using conventional PC technology to control industrial robots, and RMX was a perfect fit. Today RMX is called INtime and is licensed by TenAsys Corporation. It can be tightly integrated with the Windows platform which makes GUI development easy for people coming from that background. In 2021 there was a pretty interesting offer for the next Cloos robot controller platform hardware, but it was Linux based. As the controller software team at Cloos consists mainly of Windows developers, that was a tough call. But in 2019 a Linux nerd (our speaker) had joined the team and he suggested to do a study: take a month off from all running projects and evaluate what could be achieved in porting the controller software to Linux in that time. To his astonishment, everybody agreed. This is the story of that month. It is a story of technical and human challenges, a story of sweat and tears, a story of success and failure. And yes, there will be technical details, no worries.

Speakers
avatar for Dirk Eibach

Dirk Eibach

Embedded Software Developer, Carl Cloos Schweisstechnik GmbH
Dirk Eibach is an embedded software developer who has worked on linux based embedded systems since 2004. He has actively contributed to the U-Boot project and the Linux Kernel. In his current position at Carl Cloos Schweisstechnik GmbH he is working on control software for seam welding... Read More →



Thursday September 15, 2022 16:10 - 16:50 IST
Liffey Meeting Room 2 (Level 1)

16:10 IST

Graphics: A Frame's Journey - Daniel Stone, Collabora
Modern systems have come a long way from waking up every 16 milliseconds to peek and poke into a framebuffer which was directly displayed to the user. A single image frame may begin in a camera, be pushed through an image signal processor, be sent through several layers of web browser for processing and using the GPU to add funny hats, then be sent simultaneously to a media codec to send to your friends, as well as onwards through the window system to your display controller, possibly with colour correction, alpha blending, and more, along the way. These systems are every bit as complex as they are poorly understood. In this talk, Daniel will attempt to answer all the questions you never knew you had, such as: is GBM really the Generic Buffer Manager? What's wrong with fbdev? How do I even allocate buffers? Why won't Wayland give me 1000fps on glxgears? If GPUs are so very fast, why does everyone tell me I can't use them because they're slow? And what do these window system people even do all day, anyway? The talk is aimed at anyone who wishes they understood the complexity of modern display pipelines, plans for future development, and how to develop applications & products that use the full capability of modern hardware at maximum effectiveness.

Speakers
avatar for Daniel Stone

Daniel Stone

Graphics Lead, Collabora
Daniel is the graphics lead at Collabora, working on the upstream open-source graphics stack. He has been working specifically on Wayland and Weston, as well as Mesa, kernel modesetting, and others. Mainly focusing on window systems, display, and integration between disparate components... Read More →


Thursday September 15, 2022 16:10 - 16:50 IST
Liffey Hall 1 (Level 1)

16:10 IST

PCI Endpoint Drivers in Linux Kernel and How to Write One - Manivannan Sadhasivam, Linaro
PCIe Endpoint framework has been available in the Linux Kernel since the v4.11 release. The PCIe Endpoint framework allows Linux Kernel to be used on the PCIe Endpoint devices like Modems, WLAN chipsets, Network Controllers, etc... contrary to the traditional host side implementation such as the PCs. This talk will present an overview of the framework, its implementation details, and share some ideas on how to model a real-world PCIe endpoint function. Finally, the talk will also discuss some of the pain points of the framework and ways to address them. The motivation of this talk is to provide the PCIe device manufacturers the information on how to use the PCIe Endpoint framework in a real-world product.

Speakers
avatar for Manivannan Sadhasivam

Manivannan Sadhasivam

Senior Kernel Engineer, Linaro
Mani is an Opensource enthusiast and Linux Kernel Developer. Currently, he is working on upstreaming the Linux kernel support for Qualcomm PCIe modems at Qualcomm Landing of Linaro.



Thursday September 15, 2022 16:10 - 16:50 IST
Liffey Hall 2 (Level 1)

16:10 IST

Improving Developer Experience with Backstage - Suzanne Daniels, Spotify
Onboarding is difficult, finding information can be a pain, collaborating across teams or domains is hard, and new tools and frameworks seem to pop up endlessly. This and other modern frustrations are causing friction in the day-to-day lives of developers. This friction is taking away pleasure, effectiveness, and will eventually result in bad code, people leaving or being burnt out. Investing in Developer Happiness is key, but where to begin? Should you build yet another portal? Implement that new DevOps platform? Try that Inner Source thing? In this session we're discussing how Backstage can help address these and other challenges and see it in action. Backstage is an open platform for building developer portals, and a popular CNCF incubator project.

Speakers
avatar for Suzanne Daniels

Suzanne Daniels

Developer Relations Lead, Spotify
Suzanne's passion is finding ways to help developers and engineers get the tools and skills to do what they do best: creating the (open source) software this world runs on while trying to innovate and make sense of buzzwords at the same time. She's organizer of events, host and a... Read More →


Thursday September 15, 2022 16:10 - 16:50 IST
Wicklow Meeting Room 3 (Level 2)
  Emerging OS Forum, New & Emerging Open Source Projects

16:10 IST

What is the Big Deal with the Open Programmable Infrastructure Project? - Michael Lynch, Intel Corporation & David Wills, NVIDIA
Open Programmable Infrastructure (OPI) Project is a new project within the Linux Foundation, announced earlier this year. OPI aims to foster a community-driven, standards-based open ecosystem for next-generation architectures and frameworks based on Data Processing and Infrastructure Processing Units - a new class of cloud and datacenter infrastructure that is emerging into the marketplace. The objective of the project is to foster a community-driven, standards-based, open ecosystem for next generation architectures and frameworks based on IPUs, DPUs, or even switches.

The project is designed to facilitate the simplification of network, storage and security APIs within applications to enable more portable and performant applications in the cloud and datacenter across DevOps, SecOps and NetOps.

Explore the OPI community first hand by joining us. You will learn more about this project, the community and how you could participate and, even, contribute. This is an informal session where you will meet and mingle with members of the OPI community and other like-minded attendees!

Speakers
avatar for Michael Lynch

Michael Lynch

Senior Director, Cloud Networking Solutions, Intel Corporation
Mike Lynch is a Senior Director in Intel’s Ethernet Products Group responsible for customer and ecosystem solutions for Intel's networking products across Cloud, Telco and Enterprise market segments. His primary responsibility is driving the evolution of cloud networking supported... Read More →



Thursday September 15, 2022 16:10 - 16:50 IST
Wicklow Hall 2B (Level 2)

16:10 IST

A New CPU Frequency Control Mechanism on Linux - Ray Huang, AMD
AMD CPU platforms used ACPI based CPU frequency driver to manage CPU frequencies with switching only in 3 P-states for a long time. ACPI CPUFreq is very great driver to support frequency control on traditional AMD processors. However, for recent Zen2 and later CPUs, this approach is not very power efficient anymore and conflicts with AMD hardware dynamic power management unit. So, we introduce AMD P-State kernel CPUFreq driver early of this year that is using ACPI CPPC based fine grain frequency control instead of legacy only 3 ACPI P-States, and it is merged into kernel 5.17. Then we continue adding the CPUPower and AMD P-State tracer support in kernel 5.18. And we are in progress to add the related AMD P-State unit tests into kselftest framework. This is the initial work that we start to support new fine grain frequency control in CPUFreq subsystem, so we still have a long way to continue optimizing the new driver on all AMD recent CPU and APU platforms and adding more feature support including EPP (Energy-Performance Preference), Preferred Core, etc. in future. In this session, Ray will give the introduction of new fine grain frequency control mechanism and explain the details that cover the design, implementation, usage, existing issues, and future work for all AMD CPU users.

Speakers
avatar for Ray Huang

Ray Huang

SMTS Software Engineer, AMD
Ray Huang (Huang Rui) is a kernel developer and leads AMD Linux platform solution team that works on AMD CPU, APU, and GPU kernel enabling. He focuses on multiple components in the Linux kernel including CPU power management and GPU kernel DRM graphic and compute support. And Ray... Read More →



Thursday September 15, 2022 16:10 - 16:50 IST
Auditorium (Level 3)
  LinuxCon, Power Management

16:10 IST

Truly Open Lineage - Mandy Chessell, Pragmatic Data Research Ltd
One of the most requested metadata use cases is lineage. This is is the ability to understand the origin of your data and the processing (reformatting, enrichment, merging, ...) it has gone through between the data's origin and your AI model. Lineage helps to build trust in your model since it shows you have used appropriate data. Many individual technologies provide some lineage support that covers its own processing. Some data catalogs provide proprietary ways to gather lineage from many sources. However this is expensive to implement and only makes the lineage information available through the data catalog. Now three open source projects from LF AI and Data have come together to create a truely open ecosystem for lineage. Egeria provides open metadata that describes the data sources, data structures, data profiling results and the data pipelines. OpenLinege provides the event mechanism that records each time a data pipeline runs. Marquez provides visualization for lineage. In this talk you will learn about: * What is lineage and how it is used * What makes lineage difficult to collect and maintain * How the open ecosystem for lineage works * How you can use lineage in your data science tools (using Jupyter Notebooks as an example)

Speakers
avatar for Mandy Chessell

Mandy Chessell

Founder, Pragmatic Data Research Ltd
Mandy Chessell CBE FREng CEng FBCS honFIED is a trusted advisor to executives from large organisations, working with them to develop their strategy and architecture relating to the governance, integration and management of information. Mandy worked for IBM for 35 years, the last 15... Read More →



Thursday September 15, 2022 16:10 - 16:50 IST
Wicklow Meeting Room 2 (Level 2)

16:10 IST

Safe and Signed Git Commits with PGP - Thomas Qvidahl, Tietoevry
Working with any software project, chances are you need to be familiar with Git. And open source projects in particular, are open to contribution from anyone - even individuals with less honorable intentions. How do you know that the name and email address on a commit is legitimate? Sadly, it's easy to fake, and a momentary lapse of attention can allow an ill-intended contribution to slip through the barriers. Enter Pretty Good Privacy (PGP), and it's implementation Gnu Privacy Guard (GPG)! This is a public key cryptography protocol and software package that can help you ensure those commits are from the right person. And by cross-signing each other's keys, you can build a "web of trust" among your fellow contributors to further strengthen the bond. Git supports signing commits with PGP! In this talk we will explore a little bit of background in public key encryption and set up your very own PGP public key. Then we will look at the integration between PGP and Git in the context of signing our Git commits, and even configuring Git to know which repositories to sign and which should be unsigned.

Speakers
avatar for Thomas Qvidahl

Thomas Qvidahl

Senior Software Engineer, Tietoevry
Thomas is fast approaching three decades of experience in IT meaning he's also fast becoming a Grumpy Old Man (tm). He loves anything new and shiny that runs on electricity, and is deeply fascinated by mysterious topics such as cryptography and quantum computing. With a burning love... Read More →



Thursday September 15, 2022 16:10 - 16:50 IST
Liffey B Part 2 (Level 1)

16:10 IST

OSPO Issues in a Conglomerate Company - Kazumi Sato & Hiroyuki Fukuchi, Sony Group Corporation
Sony Group is a company with business units in a wide variety of categories, including electronics, semiconductors, gaming, film, music and finance. Much of Sony‘s early work with Open Source was focused on its electronics business (which efforts was talked at OSPOCon 2021). In this talk Sato&Fukuchi would like to discuss the challenges that we faced spreading our Open Source program throughout Sony's other business units. Each business category has different products, technology, culture, and a unique approach to Open Source. While it is efficient to have some things in common, it is unreasonable for the entire group to have exactly the same programs. The electronics business, which develops consumer electronics products with embedded Linux, focuses on both contribution and compliance, while the film business focuses on contribution and interoperation of software assets, including open sourcing 3D animation tools and formats. The approach is to have an OSPO central hub around community experts for Open Source program and communications, and to share policies, education, and best practices within the group. In this talk, Sato&Fukuchi will describe how we are responding to the challenges by modifying our Open Source program and support for the different business categories.

Speakers
avatar for Hiroyuki Fukuchi

Hiroyuki Fukuchi

Senior Alliance Manager, Sony Group Corporation
Hiro Fukuchi is Senior Alliance Manager in Sony. He is working on OSS compliance and relationship with OSS communities. He is the leader of the planning subgroup of the OpenChain Japan workgroup. He is a speaker at Open Source Summit Europe 2019, regarding building a reginal community... Read More →
avatar for Kazumi Sato

Kazumi Sato

Distinguished Engineer, Sony Group Corporation
Kazumi SATO is a Distinguished Engineer in Sony. He is working on Linux-based system software for various Sony products. He is also working on OSS compliance and relationship with communities in Sony. Since 2002, when Sony started to use Linux, he leads system software development... Read More →



Thursday September 15, 2022 16:10 - 16:50 IST
EcoCem Room (Level 2)
  OSPOCon, OSPO Lessons Learned

16:10 IST

Defining the Limits of Risk - Daniel Izquierdo, Bitergia
Supply chain discussions usually focus on source code related aspects. Even this call brings into context some of the well known issues such as "Countering Build Threats", "Source Code Level Problems", or "Dependency Threats". Although this is not specifically detailed in the call, there is discussion on the communities that maintain that software or what we can call sustainability of those open source projects, and there are initiatives either at the Linux Foundation or other Foundations willing to mitigate this issue. However, there is little evidence and discussion on community-metrics-related risk. This talk aims to hopefully open this discussion by presenting existing threats when measuring communities, and we could call as "Countering Community Threats" to any of the dependencies that may appear in your SBoM.

Speakers
avatar for Daniel Izquierdo

Daniel Izquierdo

CEO, Bitergia
Daniel Izquierdo Cortazar is a researcher and one of the founders of Bitergia, a company that provides software analytics for open and inner source ecosystems. Currently holding the position of Chief Executive Officer, he is focused on the quality of the data, research of new metrics... Read More →


Thursday September 15, 2022 16:10 - 16:50 IST
Liffey Meeting Room 3 (Level 1)

17:05 IST

Encore Presentation: To RTOS, or not RTOS: That is the Question - Frédéric Desbiens, Eclipse Foundation
Real-Time Operating Systems (RTOS) have been a fixture of embedded computing for a long time and, more recently, IoT. Popular open-source options such as FreeRTOS and Zephyr support a wide range of hardware and provide features such as storage and networking. However, many open source projects aim to deliver many of the same features in a "bare metal" approach. In other words: they deliver frameworks that enable your applications to run directly on the hardware. Given this, which approach is right for your project? In this presentation, Frédéric Desbiens will explain the pros and cons of RTOSes and the bare metal approach. You will learn about the architecture and feature set of FreeRTOS and Zephyr in the process. You will also discover contrasting os-less frameworks such as Arduino, Espressif IDF, and Drogue IoT, which uses the Rust programming language.

Speakers
avatar for Frédéric Desbiens

Frédéric Desbiens

Program Manager — IoT and Edge Computing, Eclipse Foundation
Frédéric Desbiens manages IoT and Edge Computing programs at the Eclipse Foundation. His job is to help the community innovate by bringing devices and software together. He is a strong supporter of open source. He worked as a product manager, solutions architect, and developer for... Read More →



Thursday September 15, 2022 17:05 - 17:35 IST
Liffey Meeting Room 1 (Level 1)
  Embedded IoT, RTOSes vs baremetal approaches

17:05 IST

Two Roads Diverged in the Observability Woods: I Took the E2E One - Prashansa Kulshrestha, Postman Inc.
In the past few years, we have seen rapid development in system designing where multiple services coordinate with each other to form a whole end-to-end architecture. Along with this, our testing methodologies have also improved by using end-to-end tests. What about observability though? End-to-end observability is still a dream for many organizations. How do we know which application is underperforming? What causes it to underperform? Is it taking other applications down with it? Which users are getting affected? It’s high time that we stop tailing logs or worse, deriving metrics out of these logs to understand our system’s bottlenecks. Application Performance Monitoring (APM) can help us here. It can not only provide you with the necessary metrics but also other benefits like understanding your application’s transactional behaviour via traces, visualising how your application communicates with external entities, etc. Do you want to know how your users are reacting to your application’s performance? Yes, that’s possible. In Prashansa’s experience of working with APM for the past year, she has done enough mistakes so that you don’t have to repeat them. With this talk, she wants to share how APM along with OpenTelemetry can help to debug problems before they occur.

Speakers
avatar for Prashansa Kulshrestha

Prashansa Kulshrestha

Software Engineer II, Postman Inc.
Prashansa Kulshrestha has worked at Postman for about two years as a software engineer in the Engineering Foundation team. Her journey started with working on platform and infrastructure, CI/CD and then gradually moving to reliability initiatives where she worked on setting up the... Read More →


Thursday September 15, 2022 17:05 - 17:45 IST
Wicklow Hall 2A (Level 2)

17:05 IST

Encore Presentation: Drive Your Business With Open Source Sponsorship - Wolfgang Gehring, Mercedes-Benz Tech Innovation
In 2014, the Heartbleed Bug sent shockwaves across the internet and lead to news headlines like: “The Internet Is Being Protected By Two Guys Named Steve”. Although this headline is somewhat humorous, it revealed a crucial vulnerability of FOSS altogether: Oftentimes, important Open Source Software is maintained by a few engaged, but tired and overworked, underpaid individuals. Recent examples include the Log4Shell vulnerability whose consequences aren’t even fully clear yet.

There are a few ways to remedy this situation: By active participation through community engagement, high-quality contributions, becoming a maintainer, or through membership in Open Source foundations. Another great option is through financial sponsorship – which goes beyond just money, but also gives the software we depend on the recognition their creators deserve. Let’s explore why sponsoring is a great way to drive FOSS forward altogether, how it can be done in practice, and what our experience with Open Source sponsorship is at Mercedes-Benz. In particular, we’ll also discuss how to overcome challenges in implementing such a sponsorship program at corporate level.

Speakers
avatar for Wolfgang Gehring

Wolfgang Gehring

FOSS Ambassador, Mercedes-Benz Tech Innovation
Inspired by the Inner Source movement more than five years ago, Dr. Wolfgang Gehring turned into an ambassador for Inner and Open Source and has been working on enabling and spreading the idea within Mercedes-Benz and its IT-subsidiary Mercedes-Benz Tech Innovation. A software engineer... Read More →


Thursday September 15, 2022 17:05 - 17:45 IST
Liffey B Part 2 (Level 1)

17:05 IST