Yocto Project Security Tools
ToolThe Yocto Project provides tools for creating custom Linux distributions for embedded systems. Its CVE checking, license compliance, and reproducible build features are critical for IoT supply chain security.
Key Features
Resources
Videos
Security Hardening with Yocto Project by Scott Murray
Scott Murray's official Yocto Project talk covers the security hardening options most embedded developers overlook: disabling non-secure defaults, creating device-specific credentials, implementing read-only filesystems, running services without root privileges, and applying security compilation flags. It's the embedded security checklist that turns "it works on the bench" into "it's safe in the field."
Yocto Project Dev Day: Security Hardening with OpenEmbedded
The companion conference presentation from Yocto Project Dev Day 2020, this talk expands on OpenEmbedded security hardening with ten structured chapters covering everything from the basics to advanced implementation details. It's the deep-dive version for embedded engineers who want to understand not just the "what" of security hardening, but the "why this matters when your device ships to 10,000 customers."
More in Linux IoT & Edge
- Yocto Project Security Tools
- Linux IoT Hardening Service
- Embedded Linux Supply Chain Guide