Current requirements from the Cyber Resilience Act (CRA), from other security and safety standards, and also from the updated Product Liability Act, make it necessary to be able to reproduce an embedded Linux system even after many years – and to do so, apart from timestamps and the like, identically to a version in the field. A reliable version management system is equally important for the further development and lifecycle management of embedded Linux-based systems. The emlix Trustable Build Toolchain, together with its associated infrastructures and processes, creates the technical basis for this.

emlix supports you in setting up a suitable infrastructure, tooling and processes, or provides a corresponding structure for your product.

Reproducible Builds Instead of Reverse Engineering

After a few years, many embedded projects face the same challenge: the build environments originally used no longer exist, developers have left the company, and the exact composition of a release is hard to reconstruct. New team members have little chance of getting properly up to speed.

The emlix Trustable Build Toolchain solves this problem and protects against costly reverse engineering and loss of know-how.

Your Benefits at a glance

■  Reproducible embedded Linux systems throughout the entire product lifecycle
■  Full traceability of versions, configurations and patches
■  All sources, versions, build environments, recipes, configurations and patches are „archived“
■  Infrastructure, processes and tools that remain independent of individuals over the years
■  A reliable basis for testing and quality assurance
■  Support with integration into your CI/CD/CT processes
■  Support for regulatory requirements, for example from IEC 62443, CRA, IEC 61508, IEC 62304, …
■  Protection in liability matters through demonstrable software states

Support for IEC 62443 and regulatory requirements

Standards and regulatory requirements such as IEC 62443-4-1 and the Cyber Resilience Act (CRA) call for traceable development processes, secure software supply chains and a controlled handling of security risks.

The Trustable Build Toolchain supports these requirements through:

■  Reproducible builds
■  Documented development states
■  Full traceability of changes
■  Support for SBOM processes
■  Evidence of security patches and hardening measures
■  And long-term maintainable software baselines

It thus forms an important basis for secure software development and the implementation of modern cybersecurity requirements in the embedded Linux environment.

Further links and documents

 

More information and questions

Do you have more detailed questions about our Trustable Build Toolchain?

Feel free to contact us. During an initial consultation, we’ll discuss how we can provide you with tailored support.

Your contact

Our experts from the emlix Solutions team
Tel. +49 551 304460
solutions@~@emlix.com