DOCSLIB.ORG

Automotive Grade Linux)

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
Automotive Grade Linux) Cybersecurity for Connected Vehicle with AGL (Automotive Grade Linux) Paris Dec/2018 Fulup Ar Foll CEO & Lead Architect [email protected] Who Are We ? AGL Lorient South Brittany Cybersecurity for Connected Vehicle with AGL Dec-2018 2 Founded by Toyota over 150 members Cybersecurity for Connected Vehicle with AGL Dec-2018 3 Multi-Profiles Automotive Linux ● Today AGL Linux Profiles: ● IVI ● Telematics ● Custer ● Native Cybersecurity ● Security Foundation Inherited from Tizen ● Fully Transparent to developers ● Baked with the system, not removable ● Micro Architecture ● Open API oriented ● Service Oriented ● Natively Distributed ● Agl to AGL ● AGL to Cloud ● AGL to RTos Cybersecurity for Connected Vehicle with AGL Dec-2018 4 applications upstream services services AGL AGL AGL AGL 6.0 Funky Flounder AGL window-manager supervision/log vehicle 2 cloud 2 vehicle MEDIAPLAYER DASHBOARD homescreen SETTINGS nfc, bluez nfc, identity PHONE virt-io Cybersecurity for Connected Vehicle with AGL with Cybersecurity for Vehicle Connected HOMESCREEN persistence vr/speech signalling audio-4a network unicens RADIO HVAC gpsd POI LINUX KERNEL alsa,gstreamer NAVIGATION LAUNCHER weather geoloc MIXER media radio ... ... ... Dec-2018 SystemD/NameSpace/CGroups AGL Security Framework 5 Vehicle Software Becomes Critical Connected car • Complex A/V • Remote maintenance • Real time navigation Connected user • Streaming music • Social network • Payment Driving help • Self park • Self driving • … SW R&D Raising cost SW vs HW Connectivity side effect • 2015 ~ 35% • HW is a one off • Cyber security • 2020 ~ 50% • SW is an open complexity • Mandatory SW maintenance • SW maintenance ~70-80% of cost • … Cybersecurity for Connected Vehicle with AGL Dec-2018 6 Why Securing Connected Cars? ● Automotive industry ● limited knowledge and return of experience on being connected. ● Attacking cars is complex & expensive ● Hackers have time & money ● Betting on hacker lack of skill is a very risky bet ● One single small security hole might be enough ● Attacking cars is a viable business ● Expensive piece of equipment ● Huge Mass market ● Enough customers with little technical knowledge to steal from Cybersecurity for Connected Vehicle with AGL Dec-2018 7 Security Complexity Mitigation ● Security Mechanism might be short circuit ● Lack of knowledge, Performances ● Time-to-market, Cost concerns ● Embedded Security Expert is a rare animal ● 9M Mobile Developers ● 8M Web Developers ● 0.5M Embedded Developers ● How many Embedded Security Developers ? ● Security cannot be added after the fact ● Must consist in built-in APIs & be transparent to applications ● Developers SHOULD not to be in charge of security ● Baked in from day one: Architecture, Dev, QA, Maintenance,etc. Cybersecurity for Connected Vehicle with AGL Dec-2018 8 Make sure we Run the Right Code ● Trusted Boot : a MUST Have Feature ● Leverage hardware capabilities ● Small series & developer key handling ● Application Installation ● Verify integrity ● Verify origin ● Request User Consent [privacy & permissions] ● Update ● Only signed updates with a trusted origin ● Secured updates on compromised devices are a no-go option ● Factory reset built-in from a trusted zone ● Do not let back doors opened via containers/hypervisor ● Strict control of custom drivers [in kernel mode everything is possible] Cybersecurity for Connected Vehicle with AGL Dec-2018 9 Cyber Resilient Architecture ● Smart Multi Layers Security Architecture ● Breaking an application should not break a full layer ● Breaking a layer should not break the full system ● Compromised ID / keys are lost for good ● Per-device unique ID ● Per-device symmetric keys ● Use HW ID protection ● Non-Reproducibility of breakages ● Breaking in one car should not extend to all cars ● Dev/Debug I/O, Sockets, … should be disabled ● No Root Password & No shared super-user RSA key ● Password, when used, should not be easy to compute Cybersecurity for Connected Vehicle with AGL Dec-2018 10 Data Privacy & Business ● Tag data at collection time ● Segregate data path ● Leverage existing Internet authentication ● Provide control to users ● Per Crypt User Persistent Store ● Lazy Synchronization with Cloud ● Filter data at Edge Cybersecurity for Connected Vehicle with AGL Dec-2018 11 AGL Security Mechanisms Legitimate application BlackHat application G RA NT D ED NIE DE LINUX KERNEL Smack linux security module helps to protect resources and Resource and data data GR NIED The permission ANTED DE database Cynara helps to protect services Protected Service Cybersecurity for Connected Vehicle with AGL Dec-2018 12 No Security Without Monitoring ● Monitor allows a client to debug R and introspect itself E D R N E I D ● B Supervision is the extension IN B that allows to inspect all ER ND binders, APIs and sessions BI ● Binders connect to the SUPER BINDER supervisor VISOR ● BI Access to supervisor are ND ER B restricted I B N I D N E ● D Capabilities of supervisor are R E reduced on cars R Cybersecurity for Connected Vehicle with AGL Dec-2018 13 From Sensors to Infrastructure & Cloud Cybersecurity for Connected Vehicle with AGL Dec-2018 14 Security: a Long Road to Go ● Minimize attack surface area ● Control the code which is run ● Provide a bullet-proof update model ● Apply security patches within days rather than weeks ● Leverage HW security helpers ● Isolate & compartmentalize wherever possible ● Development and QA with security turned on ● Incidents analysis and reports ● Provide adequate tools to develop with security enabled ● Do not rely on humans but on platform for security Real facts and consequences ● Recall 1.4M vehicles to fix vulnerabilities : estimate cost $1B ● Inestimable cost to automotive industry, many people are still afraid to buy connected vehicle ● NHTSA (Nat. Highway Traffic Safety Admin.) 2.8M navigation systems from the same manufacturer are in use in multiple cars Cybersecurity for Connected Vehicle with AGL Dec-2018 15 Further Information ● Documentation: ● http://docs.automotivelinux.org ● Publications: ● https://iot.bzh/en/publications ● White Papers: ● https://iot.bzh/en/publications/17-2016/29-tizen-security- lessons-learnt ● https://iot.bzh/en/publications/17-2016/22-automotive-gr ade-linux-security-white-paper Cybersecurity for Connected Vehicle with AGL Dec-2018 16.
Load more

Recommended publications
  • The Next Big OS War Is in Your Dashboard
    12/4/12 The Next Big OS War Is in Your Dashboard | Autopia | Wired.com Autopia Planes, Trains, Automobiles and the Future of Transportation Infotainment LTikwe ee1t54 297 25 Sharre 39 The Next Big OS War Is in Your Dashboard By Doug Newcomb 12.03.12 6:30 AM Follow @dougnew comb Photo: Jim Merithew/Wired Competition in automotive technology has long been about who’s got the most horsepower, the best towing capacity or the fastest acceleration. These days, though, it’s all about having the slickest infotainment systems and most-connected cars. The shift in focus from what’s under the hood to what’s behind the dashboard has brought a largely covert war to the auto industry over the operating systems that will control these gadgets. As in the smartphone biz, the battle line is between proprietary and open source software. The outcome will determine what these systems look like, how they work and how distinctive they are as automakers embrace walled gardens or open ecosystems. It would be difficult to overstate the importance of getting this right. The amount of software in the average vehicle has grown exponentially — a typical new car has about 100 million lines of code — with the advent of sophisticated, cloud-connected infotainment systems. Software has become a competitive advantage as vital to General Motors or Toyota as it is to Apple or Google. The trouble is, automotive development cycles are measured in years, while the consumer www.wired.com/autopia/2012/12/automotiv e-os-war/all/ 1/11 The Next Big OS War Is in Your Dashboard | Autopia | Wired.com electronics industry works in months.
    [Show full text]
  • Linux Automotive Security “Safer and More Secure”
    Linux Automotive Security “Safer and more secure” Authors Fulup Ar Foll [email protected] José Bollo [email protected] Abstract Cars are expensive pieces of equipment, yet they represent a huge mass market. Adding Internet connectivity to previous elements generates perfect conditions for the growth of a viable business model on attacking “Connected Cars”. It is already well understood that cars will be connected and connected cars will be attacked. While it's still too early to predict with certainty how “Connected Cars” will be impacted by security flaws, making the assumption that a car should be at least as secure as a TV, a set-top-box or a smart phone should make sense to everyone. This white paper focuses on how Linux best practices security mechanisms that could be used today and within the next couple of years to make connected cars safer and more secure. Version 1.0 January 2016 Linux Automotive Security Table of contents 1.Introduction...................................................................................................3 2.Make Sure You Run the Right Code...................................................................4 2.1.Before Booting............................................................................................4 2.2.When Booting.............................................................................................5 2.3.After Booting...............................................................................................5 3.Keeping Secrets Secret...................................................................................6
    [Show full text]
  • Table of Contents
    1 Vol. 32, No. 3 April 2019 Table of Contents AGL Will Be Overtaken by Android Automotive 2 SmartDrive Has Massive Data Trove for AV Developers 6 The Company Profile: NVIDIA 8 Ludwigsburg Automotive Electronics Conference: 16 June 25-26, 2019 Momentum Is Building for a Self-Driving Safety Standard 17 Roland Berger Examines the New Mobility World 18 Roundup: 2018 Financial Results for Hyundai Mobis, 19 Lear, ZF The© Hansen2019 Paul Report Hansen onAssociates, Automotive 150 Pinehurst Electronics, Road, July/August Portsmouth, NH 2016 03801 USA www.hansenreport.comTelephone: 603-431-5859; email: [email protected] All rights reserved. Materials may not be reproduced in any form without written permission. ISSN 1046-1105 2 AGL Will Be Overtaken by Android Automotive The Linux Foundation just picked up another new member to work on its Automotive Grade Linux project, the collaborative open source effort to develop a common platform that can serve as a de facto standard for infotainment, telematics and instrument cluster applications. Volkswagen joined earlier this month. Thus far 130 members have signed onto the project; 30 members signed up in 2018. There is much to recommend AGL. The AGL Unified Code Base platform provides 70% of the starting point for a production project, including operating system, middleware and application framework. “If AGL can establish itself as a true automotive platform, suppliers will have a common set of interfaces their suppliers can write to,” said Tim VanGoethem, vice president of Advanced Mobility Solutions at Harman X, the company’s innovation taskforce. “Instead of paying people to write software on your behalf, you can take advantage of what has been done already and just license it to use in your final product.” Toyota and the Linux Foundation launched AGL in 2012 and thus far only Toyota has gone on record to say that it is committed to the platform.
    [Show full text]
  • Software Defined Vertical Industries: Transformation Through Open Source
    Software-defined vertical industries: transformation through open source How open collaboration enables user-centered innovation, achieving faster development cycles, time to market, and increased interoperability and cost savings. A Publication of The Linux Foundation | September 2020 www.linuxfoundation.org “When I say that innovation is being democratized, I mean that users of products and services-both firms and individual consumers are increasingly able to innovate for themselves. User-centered innovation processes offer great advantages over the manufacturer-centric innovation development systems that have been the mainstay of commerce for hundreds of years. Users that innovate can develop exactly what they want, rather than relying on manufacturers to act as their (often very imperfect) agents.” — Eric von Hippel, Democratizing Innovation The Linux Foundation 2 Overview What do some of the world’s largest, most regulated, Over the last 20 years, the Linux Foundation has expanded complex, centuries-old industries such as banKing, from a single project, the Linux kernel, to hundreds of telecommunications, and energy have in common with distinct project communities. The “foundation-as-a- rapid development, bleeding-edge innovative, creative service” model developed by Linux Foundation supports industries such as the motion pictures industry? communities collaborating on open source across key horizontal technology domains, such as cloud, security, They’re all dependent on open source software. blocKchain, and the web. That would be both a great answer and correct, but it However, many of these project communities align across doesn’t tell the whole story. A complete answer is these vertical industry groupings, such as automotive, motion industries not only depend on open source, but they’re pictures, finance, telecommunications, energy, and public building open source into the fabric of their R&D and health initiatives.
    [Show full text]
  • Op E N So U R C E Yea R B O O K 2 0
    OPEN SOURCE YEARBOOK 2016 ..... ........ .... ... .. .... .. .. ... .. OPENSOURCE.COM Opensource.com publishes stories about creating, adopting, and sharing open source solutions. Visit Opensource.com to learn more about how the open source way is improving technologies, education, business, government, health, law, entertainment, humanitarian efforts, and more. Submit a story idea: https://opensource.com/story Email us: [email protected] Chat with us in Freenode IRC: #opensource.com . OPEN SOURCE YEARBOOK 2016 . OPENSOURCE.COM 3 ...... ........ .. .. .. ... .... AUTOGRAPHS . ... .. .... .. .. ... .. ........ ...... ........ .. .. .. ... .... AUTOGRAPHS . ... .. .... .. .. ... .. ........ OPENSOURCE.COM...... ........ .. .. .. ... .... ........ WRITE FOR US ..... .. .. .. ... .... 7 big reasons to contribute to Opensource.com: Career benefits: “I probably would not have gotten my most recent job if it had not been for my articles on 1 Opensource.com.” Raise awareness: “The platform and publicity that is available through Opensource.com is extremely 2 valuable.” Grow your network: “I met a lot of interesting people after that, boosted my blog stats immediately, and 3 even got some business offers!” Contribute back to open source communities: “Writing for Opensource.com has allowed me to give 4 back to a community of users and developers from whom I have truly benefited for many years.” Receive free, professional editing services: “The team helps me, through feedback, on improving my 5 writing skills.” We’re loveable: “I love the Opensource.com team. I have known some of them for years and they are 6 good people.” 7 Writing for us is easy: “I couldn't have been more pleased with my writing experience.” Email us to learn more or to share your feedback about writing for us: https://opensource.com/story Visit our Participate page to more about joining in the Opensource.com community: https://opensource.com/participate Find our editorial team, moderators, authors, and readers on Freenode IRC at #opensource.com: https://opensource.com/irc .
    [Show full text]
  • Xinxinli Green Polygons
    Automotive Grade Linux on Raspberry Pi: How Does It Work? Leon Anavi Konsulko Group [email protected] [email protected] Embedded Linux Conference North America 2020 Konsulko Group Services company specializing in Embedded Linux and Open Source Software Hardware/software build, design, development, and training services Based in San Jose, CA with an engineering presence worldwide http://konsulko.com/ ELC NA 2020, Leon Anavi, Automotive Grade Linux on Raspberry Pi: How Does It Work? Agenda Automotive Grade Linux Raspberry Pi Building an AGL image for Raspberry Pi Understanding how AGL works on Raspberry Pi Conclusions Q&A ELC NA 2020, Leon Anavi, Automotive Grade Linux on Raspberry Pi: How Does It Work? Automotive Grade Linux (AGL) Project of the Linux Foundation Open source GNU/Linux automotive distribution with In-Vehicle-Infotainment (IVI) Based on the Yocto Project and OpenEmbedded Founded in 2014 ELC NA 2020, Leon Anavi, Automotive Grade Linux on Raspberry Pi: How Does It Work? AGL Members ELC NA 2020, Leon Anavi, Automotive Grade Linux on Raspberry Pi: How Does It Work? AGL Core Technologies Qt/QML HMI HTML5 GStreamer Weston with agl-shell-dekstop Wayland SOTA Updates: OSTree & Aktualizr PipeWire Security systemd AppFW, Cynagora, Linux kernel SMACK ELC NA 2020, Leon Anavi, Automotive Grade Linux on Raspberry Pi: How Does It Work? Yocto/OpenEmbedded Layers in AGL poky meta-security meta-agl meta-virtualization meta-agl-cluster-demo meta-qt5 meta-agl-demo meta-updater meta-agl-devel neta-spdxscanner Meta-agl-extra meta-clang meta-agl-telematics-demo BSP layers: meta-raspberrypi, meta-intel, meta-ti, meta-openembedded meta-renesas-rcar-gen3, meta-sancloud, etc.
    [Show full text]
  • Digitalization of Kernel Diversion from the Upstream to Minimize Local Code Modifications
    Did you care for purity of your Linux BSP Computer aided BSP kernel sanity check Yaminabe2 execution and trial result conclusion Digitalization of Kernel Diversion from the Upstream To minimize local code modifications Hisao Munakata Linux Foundation Consumer Electronics working group April 4th 2016 1 / 52 Hisao Munakata Digitalization of Kernel Diversion from the Upstream Did you care for purity of your Linux BSP Computer aided BSP kernel sanity check Yaminabe2 execution and trial result conclusion Who am I ? From an embedded SoC provider company Renesas Linux Foundation CE1 working Gr. Steering committee and AG member LF/CEWG LTSI2 project initiator member An Advisory Board and major contributor of AGL3 Leads dedicated upstream development team at Renesas And, supports customers who develop automotive IVI products 1CE = Consumer Electronics 2LTSI =Long Term Support Initiative 3AGL =Automotive Grade Linux 2 / 52 Hisao Munakata Digitalization of Kernel Diversion from the Upstream Did you care for purity of your Linux BSP Computer aided BSP kernel sanity check Yaminabe2 execution and trial result conclusion Renesas contributes for kernel upstream development http://lwn.net/Articles/679289/ 3 / 52 Hisao Munakata Digitalization of Kernel Diversion from the Upstream Did you care for purity of your Linux BSP Computer aided BSP kernel sanity check common embedded Linux issues caused by in-house kernel Yaminabe2 execution and trial result Sanity assessment for the vendor kernel conclusion Did you care for purity of your Linux BSP 4 / 52 Hisao
    [Show full text]
  • Best of a Decade on Opensource.Com 2010–2019
    Best of a decade on Opensource.com 2010–2019 In celebration of our 10-year anniversary Opensource.com/yearbook FROM THE EDITOR ............................. FROM THE EDITOR ............................. Dear reader, As we celebrate 10 years of publishing, our focus is on the people from all over the globe, in various roles, from diverse backgrounds, who have helped us explore the multitude of ways in which open source can improve our lives—from technology and programming to farming and design, and so much more. We are celebrating you because we’ve learned that growing this unique storytelling site demands that we do one thing better than all the rest: listen to and talk with our readers and writers. Over the years, we’ve gotten better at it. We regularly hold meetings where we review how articles performed with readers from the week before and discuss why we think that’s so. We brainstorm and pitch new and exciting article ideas to our writer community on a weekly basis. And we build and nurture close relationships with many writers who publish articles for us every month. As an editor, I never would have imagined my biggest responsibility would be community management and relationship building over copy editing and calendar planning. I’m so grateful for this because it’s made being a part of Opensource.com a deeply rewarding experience. In December, we closed out a decade of publishing by reaching a new, all-time record of over 2 million reads and over 1 million readers. For us, this validates and affirms the value we’ve learned to place on relationships with people in a world swirling with metrics and trends.
    [Show full text]
  • Elinux Status
    Status of Embedded Linux Embedded Linux Community Update May 2019 Tim Bird Sr. Staff Software Engineer, Sony Electronics Linux Foundation Technical Advisory Board member 1 110/23/2014 PA1 Confidential Nature of this talk… • Quick overview of lots of embedded topics • A springboard for further research • If you see something interesting, you have a link or something to search for • Not comprehensive! • Just stuff that I saw 2 210/23/2014 PA1 Confidential Outline OSS Areas Linux Kernel Technology Areas Conferences Industry News Resources 3 310/23/2014 PA1 Confidential Outline OSS Areas Linux Kernel Technology Areas Conferences Industry News Resources 4 410/23/2014 PA1 Confidential Open Source Areas • Operating Systems • Including Linux • Technology areas • Audio • Graphics • Kernel Coding • Languages • Networking • Security • Testing 510/23/2014 PA1 Confidential Operating Systems • NuttX • Zephyr • Android • Linux 610/23/2014 PA1 Confidential NuttX • Working on first-ever conference • International NuttX Workshop • Gouda, The Netherlands, July 16-17 • Sponsored by Technolution • Sony and NXP are involved • About 70 attendees • Nuttx YouTube channel: • https://www.youtube.com/channel/UC0QciIlcUnj JkL5yJJBmluw • Has intros and tutorials and descriptions of features 710/23/2014 PA1 Confidential Zephyr • Couldn’t find much recent news • Gains Memory Protection (March 2018) • https://www.electronicdesign.com/embedded- revolution/zephyr-iot-os-gains-memory- protection • Support for POSIX APIs • Docs describes config option: CONFIG_POSIX_APIS
    [Show full text]
  • Automata-Based Formal Analysis and Verification of the Real-Time Linux Kernel
    Universidade Federal de Santa Catarina Scuola Superiore Sant'Anna Red Hat, Inc. Ph.D. in Automation and Systems Engineering Ph.D. in Emerging Digital Technologies - Embedded and Real-Time Systems R&D Platform - Core-Kernel - Real-Time Ph.D. Candidate: Daniel Bristot de Oliveira Ph.D. Supervisors: Tommaso Cucinotta Rômulo Silva de Oliveira Automata-based Formal Analysis and Verification of the Real-Time Linux Kernel Pisa 2020 ACKNOWLEDGEMENTS In the first place, I would like to thank my friends and family for supporting me during the development of this research. In particular, I would like to thank Alessandra de Oliveira for motivating me to pursue a Ph.D. degree since I was a teenager. But also for allowing me to use her computer, which was “my” first computer. I also would like to thank Bianca Cartacci, for the unconditional support in the hardest days of these last years. I would like to thank Red Hat, Inc. for allowing me to continue my academic research in concurrency with my professional life. I would also like to thank the pro- fessionals that motivated me to remain in the academy and supported this research, including Nelson Campaner, Steven Rostedt, Juri Lelli and Arnaldo Carvalho de Mello. In special, I would like to thank Clark Williams, not only for his effort in supporting my research at Red Hat but, mainly, for his adivises and personal support. I would like to thank my Ph.D. colleagues from UFSC and Sant’Anna, in special Karila Palma Silva, Marco Pagani, Paolo Pazzaglia and Daniel Casini, all the members of the Retis Lab, and the administrave staff of the TeCIP institute at Sant’Anna and the PPGEAS at UFSC for the support in the cotutela agreement, in special for Enio Snoeijer.
    [Show full text]
  • Analys Av DIGG:S Policy För Utveckling Av Programvara
    Utfärdare: Björn Lundell Analys av DIGG:s policy för utveckling av programvara Analys av DIGG:s policy för utveckling av programvara Professor Björn Lundell, P !D. "oft#are "ystems $esearch Group %ögskolan i "kövde &jorn.lundell'his!se Förord Denna rapport presenterar en analys av DIGG:s policy för utveckling av programvara1 (Dnr. 2019-136). Den analys som redovisas i rapporten har genomförts av Dr. Björn Lundell, professor i datavetenskap vid %ögskolan i "kövde, inom ramen för ett oberoende uppdrag. Av dessa skäl ska rapportens inne 2ll, med alla eventuella felaktigheter och brister, inte uppfattas som något st1llningstagande från DIGG. Rapporten har utvecklats inom ramen för en analys som genomförts på uppdrag av DIGG utifrån ett av DIGG identifierat behov av att sakkunniggranska den policy för utveckling av programvara som publicerades den 5 maj 2019. Rapportens inne 2ll 1r t1nkt att kunna utgöra ett stöd för &2de DIGG och andra myndigheter som i sin myndighetsutövning, på ett eller annat s1tt, har behov av att förhålla sig till programvara, vilket inkluderar s2väl användning, anskaffning och utveckling (samt vidareutveckling) av programvara. De värderingar, st1llningstaganden oc rekommendationer som redovisas i rapporten tillskrivs författaren och ska inte uppfattas som något beslut av någon myndighet. I sammanhanget ska betonas att författaren har en l2ng bakgrund och erfarenhet av socio-teknisk forskning inom området datavetenskap, med betydande fokus på öppen programvara, öppna standarder och andra former av öppenhet från de senaste decenniernas forskning. 4ven om författaren bedrivit forskning i samverkan med juridisk expertis och från denna publicerat resultat som redovisar en rad juridiska utmaningar som relaterar öppen programvara i vetenskapliga fora, ska denna rapport inte uppfattas som en juridisk vägledning.
    [Show full text]
  • Open Source Development Models in Satellite Communications
    Open Source Development Models in Satellite Communications A report from the OpenSatCom.org activity of the European Space Agency implemented by Libre Space Foundation and inno3 Open Source Development Models in Satellite Communications 1. Intro 3 1.1 Open source models 3 1.2 Main licenses and their differences 3 1.3 Open Standards are not Open Source methodologies 4 1.4 Open Source pervasiveness 4 1.5 Business models in Open Source, a non settled dispute 6 1.6 Open Source Business models are not only vendor-centric 7 Single-vendor centric or open governance 7 Open Source as opposed to proprietary or as opposed to Custom software development 8 1.7 Qualification of success for an Open Source business model 8 Intrinsic limitations of financial gains 8 Distribution of the generated value 8 Creation of value other than direct financial value 9 2. Open Source Development Models 10 2.1 Assessing Open Source models in the context of specific industries/ecosystems 18 2.1.1 A model Open Source ecosystem : the Linux kernel 18 Business models involved 18 Factors allowing the success 19 2.1.2 The Open Source GIS industry 20 Business models and revenue streams 20 Factors allowing the success 21 2.1.3 The automotive industry 21 The Genivi project 22 Factors allowing the success 22 The OpenMDM project 22 Factors allowing the success 23 Automotive Grade Linux 23 Baidu’s Apollo 23 Open Source Vehicles (Open Hardware/Software) 23 Business models and revenue streams 24 2.1.4 Open Source in terrestrial communications industry 24 Asterisk, Open Source PBX 24 Business models and revenue streams 24 Factors allowing the success 25 Network virtualisation 25 Business models and revenue streams 25 Factors allowing the success 26 Virtual Radio Access Networks: example of a different kind of openness 26 2.1.5 Open Hardware in telecom 27 3.
    [Show full text]