Articles
Short, practical notes on Embedded (Real-Time) Linux, IoT security, and running Linux in production. New material added regularly.
Embedded (Real-Time) Linux
- Yocto image vs full distro for edge devices Shipping an edge device on a custom Yocto image or on Debian/Ubuntu is a decision you live with for years. Here are the real trade-offs — size, security, updates, and maintenance.
- Real-time Linux options compared: PREEMPT_RT, Xenomai, RTAI, and commercial Standard Linux is not real-time. Here are the practical ways to make it deterministic — the single-kernel PREEMPT_RT approach, the co-kernel route (Xenomai, RTAI), and commercial distributions — with the honest trade-offs of each.
- How Linux talks to a real-time core: remoteproc and RPMsg Modern SoCs pair a Linux-capable application core with a small real-time core. Here's how the two are wired together in mainline Linux — and where the latency actually comes from.
EN 18031 & IoT Security
- RED cybersecurity: can you self-assess, or do you need a Notified Body? The difference between self-declaration and a Notified Body assessment is money and months. Here's what decides which route your product takes under the RED cybersecurity rules.
- EN 18031 explained: the EU's cybersecurity rules for connected devices Since 1 August 2025, wireless connected products need to meet EN 18031 to keep their CE marking. Here is what the standard actually requires — in plain terms.
Linux Administration
- Securing an edge gateway: firewall, SSH, TLS, and updates The edge gateway is the most exposed and most forgotten box in a lot of deployments. Here's how to secure the Linux system that sits between your field devices and the cloud.
- Hardening a Linux server for an IoT backend The server behind your fleet holds device credentials, telemetry, and the keys to OTA updates. Here's a practical, no-nonsense hardening baseline for an IoT backend.