Can Embedded and IoT "Just Work"? Standards, SystemReady and Linux

Grant Likely Senior Technical Director, Software Architecture Arm Linaro Virtual Connect Spring 2021 #LVC2021 Confidential © 2021 Arm A Balance of Standardization for Partner Success

Fixed Custom

High SW Maintenance Low Flexibility Enabling Innovation Cost

2 © 2021 Arm Project Cassini for Edge & IoT Infrastructure Ensuring a cloud-native experience across a diverse and secure edge ecosystem

Hardware, firmware specifications Security Certification program Certification program Open API for cross-platform security services

Cloud Native Stacks

Edge Reference Implementations

3 Confidential© 2021 Arm © 2021 Arm SystemReady is built on...

Hardware Requirements Firmware Requirements Architectural Compliance Suites (ACS) (BSA – Base System (BBR – Base Boot Architecture & Supplements Requirements) • Hardware requirements • Firmware requirements for • Testing SiP Reference for generic off-the-shelf OSes/Hypervisors such as Boards and OEM/ODM OSes Microsoft Windows, Red Products for SBSA/SBBR • Arm architecture and Hat, VMware, etc. compliance standards-based system • Focus on interface • The test suites are hosted architecture requirements, not in GitHub and are open implementation source (Apache v2):

4 4 Confidential © 2021 Arm The Embedded Compute Ecosystem has unique characteristics SystemReady IR must complement existing diverse embedded ecosystem

Platform Diversity Diverse software ecosystem U-Boot and Devicetree • Healthy ecosystem with • Multiple OS designs • Large installed base many solutions • Custom builds • Mature Devicetree support • Modified distros • Vendor IP blocks • Preferred by developer • 3rd party supported community • Low standardization • Tailored for application • ACPI not practical • Highly configurable

5 5 Confidential © 2021 Arm SystemReady IR is tailored for Embedded

6 Confidential © 2021 Arm SystemReady IR Elements

UEFI subset

Devicetree provided by platform

Implemented in U-Boot and TF-A

UpdateCapsule()

Compliance Testing

Works with Yocto Project

Tested against Top Tier Distros

7 Confidential © 2021 Arm SystemReady IR Elements: Secure Boot (Optional)

• Security option adds UEFI Secure Boot requirement • Important part of building secure, connected devices • Please look at PSA Certified program for securing IoT devices • https://www.psacertified.org/

8 8 Confidential © 2021 Arm SystemReady bands detail

IR (IoT) ES (Embedded Server) SR (ServerReady) Firmware Spec UEFI + Devicetree UEFI + ACPI + SMBIOS UEFI + ACPI + SMBIOS Platform Hardware 32bit/64bit Arm 64bit Arm 64bit Arm

Can support UEFI SecureBootand Secure Firmware Update via UEFI Capsule Service across (BBSR)

Generic, off-the-shelf OS/Hypervisor Linux, etc. w/ exceptions: RAS, Generic, off-the-shelf virtualization, etc. OS Distro Fedora, openSUSE, Ubuntu, Debian, Windows IoT Enterprise, VMware VMware ESXi, Windows Yocto (examples) ESXi, RHEL, SLES, Ubuntu, CentOS, Client/Server, RHEL, SLES, Ubuntu, Under Investigation: OpenWRT, Fedora, openSUSE, Debian, FreeBS, CentOS, Fedora, openSUSE, Debian, QNX, VxWorks, Integrity, Wind River, NetBSD FreeBSD, NetBSD Mentor Hardware Compliance BSA BSA BSA + SBSA + No BSA requirements for 32-bit + waivers for existing HW Levels 3 through 6 Levels + waivers for existing HW initially initially

BBR Recipe EBBR SBBR SBBR

Arm SystemReady ES Certification Arm SystemReady IR Arm SystemReady SR + System Certification List + System Certification List + System Certification List

9 Confidential © 2021 Arm Generic, off-the-shelf (w/ exceptions: virtualization, RAS, etc.) Arm SystemReady – update CQ1 2021

Band Certified In Progress

10 Confidential © 2021 Arm Current Status of System Ready IR

• Standards documents • BSA v1.0 (released) • BBR v1.0 (released) • EBBR v2 (released in April, draft available on Github) • Certification requirements • Pass IR ACS test suite (To be released in July). UEFI SCT can be used in mean time • Boot two unmodified major Linux distros (Fedora, Debian, Ubuntu or Suse). • Firmware support • Required features already in mainline U-Boot, TF-A, Optee and StMM • Example platforms • Compulab IOT-GATE-IMX8, RockPro64 (rk3399) • Ongoing contractor work to bring up more platforms https://developer.arm.com/arm-systemready • Support documentation • SystemReady IR "How To" documentation in progress

11 Confidential © 2021 Arm SystemReady IR Elements: Certification

Arm is spinning up certification program now

Expect announcements of certified platforms later this year

Join us on the EBBR community project at https://github.com/arm-software/ebbr

Contact us about getting your platform certified [email protected]

12 Confidential © 2021 Arm Additional Sessions at Connect

Tuesday Wednesday

• SystemReady SR and ES: Standards for • Standard Firmware Updates on Arm Servers and the Edge Jose Marinho Samer El-Haj-Mahmoud • Generic Image Approach and • SystemReady-IR in Practice LEDGE Reference Platform Vincent Stehlé Maxim Uvarov • The Case for UEFI Boot on Arm- powered IoT Devices David Tischler

13 Confidential © 2021 Arm Thank You Danke Gracias 谢谢 Grant Likely ありがとう Senior Technical Director, Software Architecture Asante Merci Find out more: 감사합니다 [email protected] धꅍयवाद https://developer.arm.com/arm-systemready Kiitos شك ًرا ধꇍযবাদ

תודה Confidential © 2021 Arm