AB Open is proud to confirm its sponsorship of ORConf 2018, the open-source digital design conference, to be held this year at the Gdansk University of Technology in Poland.

Officially announced by the Free and Open Source Silicon (FOSSi) Foundation today, AB Open’s sponsorship follows our commitment in the fields of free and open source software, hardware, and – thanks to projects including RISC-V, which have begun to enter their maturity with off-the-shelf product launches – silicon.

This year’s ORConf is to be held from the 21st to the 23rd of September at the Gdansk University of Technology, Poland, with a detailed schedule now available from the official website and covering topics from the RISC-V ecosystem to the Project Trellis Lattice ECP5 bitstream documentation efforts, along with a talk from Wilson Snyder on the release of the multi-threaded Verilator 4.0 Verilog simulator.

Those interested in the topics of previous years’ ORConfs should view the Open Source Digital Design Insights (OSDDI) series, a selection of video interviews many of which were recording during ORConf events.

More information on ORConf itself is available from the official website.

The Zephyr Project, which maintains an eponymous open-source real-time operating system (RTOS) for the Internet of Things (IoT) under The Linux Foundation, has announced partnerships with SiFive and Antmicro to add RISC-V support to the platform.

“RISC-V is about creating open source platforms for the entire world to collaborate on, but hardware doesn’t exist without software,” explains SiFive’s Jack Kang of the partnership that sees his company becoming a Zephyr Project member. “Given SiFive’s leadership role in the RISC-V ecosystem, joining the Zephyr Project is a natural step, as the vision of a well-supported, robust open-source RTOS is important to the RISC-V revolution.”

“Antmicro is joining the Zephyr Project to confirm its long-term commitment to this community-driven and security-oriented RTOS, which we see as a de-facto standard for the next generation IoT systems,” adds Antmicro’s Michael Gielda. “Zephyr is an especially good choice for devices based on new open architectures such as RISC-V, and developed with new methodologies using tools such as Renode, Antmicro’s multi-node simulation framework for IoT security, quality and interoperability testing, which is already a recommended Zephyr tool in use by our Zephyr customers worldwide.”

The addition of support for the RISC-V based SiFive HiFive development boards brings the total number of boards supported by Zephyr over the 100 mark, a far cry from its 2016 launch with just four boards supported: the Arduino 101 and Due, the Intel Galileo Gen. 2, and the NXP Semiconductor Freedom FRDM-K64F.

More information is available from the Zephyr Project announcement.

Elsewhere in the Zephyr ecosystem, Foundries.io, a start-up emerging from a two-year stealth period, has announced the release of what it claims to be “the world’s first commercially available, continuously updated Linux and Zephyr real-time operating system (RTOS) microPlatform distributions for the embedded, IoT, edge and automotive markets.”

“Over the past two years we have used open source software to build a unifying, open, secure, continuously updated product platform for the fragmented IoT and embedded markets,” explains George Grey, Foundries.io chief executive, of his company’s offering. “We started Foundries.io to fundamentally change the industry. Today’s connected devices require modern software and secure update techniques. Rather than legacy software builds being maintained for product lifetimes that can reach 10 years or more, the microPlatforms are built from the ground up to enable product manufacturers to always and immediately deploy the latest security updates, bug fixes and new features to their customers, ensuring the safety of the Internet of Things and the security of data throughout the network.”

“Foundries.io has been the leader in making Zephyr available as a continuously updated microPlatform distribution,” said Kate Stewart, Senior Director of Strategic Programs at the Linux Foundation. “In the embedded and IoT markets, being able to deploy security fixes efficiently and effectively is key, and the Zephyr ecosystem is much stronger with this capability available and commercially supported.”

Foundries.io has confirmed initial support for Arm, x86, and RISC-V processor architectures, including the new SiFive Unleashed development board. More information, including source code and binaries for both the Linux and Zephyr microPlatform distributions, can be found on the official website.

RISC-V pioneer SiFive has announced a partnership with graphics and Arm-based processor giant Nvidia to integrate the former’s RISC-V core intellectual property with the latter’s deep-learning acceleration IP in a single high-performance system-on-chip (SoC) design.

“Nvidia open sourced its NVDLA [Nvidia Deep Learning Architecture] architecture to drive the adoption of AI,” explains Deepu Talla, vice president and general manager of autonomous Machines at Nvidia, of his company’s contribution to the project. “Our collaboration with SiFive enables customised AI [Artificial Intelligence] silicon solutions for emerging applications and markets where the combination of RISC-V and NVDLA will be very attractive.”

“It is great to see open-source collaborations, where leading technologies such as NVDLA can make the way for more custom silicon to enhance the applications that require inference engines and accelerators,” adds Yunsup Lee, co-founder and chief technical officer at SiFive. “This is exactly how companies can extend the reach of their platforms.”

The first demonstration of the partnership, which connects a field-programmable gate array (FPGA) running Nvidia’s NVDLA IP to a SiFive HiFive Unleashed development board’s Freedom U540 RISC-V processor via ChipLink, will take place at the Hot Chips conference this week, the companies have confirmed. Performance details have not yet been provided, though SiFive claims the resulting creation suitable for “intelligence at the edge, where high-performance with improved power and area profiles are crucial.”

Massachusetts-based Bluespec, a founding member of the RISC-V Foundation, has released the first entry in its open-source RISC-V processor family: the 32-bit three-stage Piccolo.

Designed, the company explains, for Internet of Things (IoT) and other embedded uses, the small-footprint Piccolo design uses the 32-bit RV32IM variant of the open RISC-V instruction set architecture. The company’s initial release includes a synthesisable Verilog core for deployment on a field-programmable gate array (FPGA) or as an ASIC, made available under the permissive Apache Licence v2.0. Additional source code, meanwhile, is published in Bluespec’s proprietary BSV format, which requires the company’s bsc compiler – licences for which are available free of charge to academic and non-profit research users.

“Embedded system developers want freedom to innovate and simplification of their development cycle,” explains Bluespec chief executive Charlie Hauck of his company’s decision to release the design. “The answer is easy access to reliable open-source RISC-V cores that are portable across all technology platforms. Companies need to make product and business decisions free from the constraining license and royalty terms of proprietary IP business models.”

“The process of licensing traditional processors is time consuming and expensive,” adds Jim Hogan of Vista Ventures. “Expensive processors present a formidable barrier to innovation in the embedded systems market. Developers have been waiting for a viable choice and it is exciting to see that a truly viable option in RISC-V is finally coming of age. Bluespec’s release of verified and easy to integrate processors is yet another indication of the RISC-V turning point.”

The Piccolo, which is available to download now on the company’s GitHub repository, is to be joined by a five-stage RV32I/RV64I with optional extensions for integer multiply-divide, atomic memory operations, single- and double-precision floating-point, and privileges U, M, and S, in the near future, after the company missed its original June 2018 release date.

Linus Torvalds has officially released Linux 4.18, the latest version of the popular open-source kernel, following a week-long delay to fix networking and driver issues – including a problem with cryptographic operations on Arm architecture processors.

Announced via the Linux Kernel Mailing List over the weekend, Linux 4.18 brings with it a range of improvements and enhancements many of which are of particular interest to embedded developers, not least of which is a patch which fixes a bug in cryptographic operations on 64-bit Arm architecture processors to boost performance. Other improvements include the completion of support for unprivileged file-system mounting, restartable sequences for improved performance and pre-emption protection, active state management for system-on-chip (SoC) power domains, and a zero-copy receive interface for TCP networking.

Embedded development specialist Bootlin has detailed its own contributions to the kernel, at 190 patches, which include enhancements for Marvell, Microsemi Ocelot, Allwinner, and Cadence hardware platforms, as well as enhancements for the MTD and RTC subsystems and fixes for the OV5640 image sensor.

The latest kernel release is available now from the Linux Kernel Archives, while the merge window for Linux 4.19 has been opened to developers.

Security specialist Avast has warned of misconfiguration in ‘smart home’ products that are leaving thousands of users vulnerable to attack, thanks to accidental exposure of Message Queuing Telemetry Transport (MQTT) servers.

“Both MQTT and [popular broker software] Mosquitto have broad security capabilities — for example, to provide fine-grained access control by user and topic. As with many things, the problems are created in the implementation and configuration,” Avast’s Martin Hron explains in his article, which looks at real-world scenarios where user data is exposed and unauthorised remote access possible even while using a supposedly-secure MQTT implementation.

“What if the MQTT server does not have a secure configuration? As with a lot of vulnerabilities, the main issues are insecure and default configurations. What makes the misconfiguration of MQTT worse is that by getting access to the MQTT server, you get access to all the messages flowing through it. How? Remember # as a wildcard? You can subscribe to just # and nothing else. In such cases, every time someone publishes something on any topic, you’ll get that data.

“More concerning is that many poorly configured MQTT servers are also publicly available on the internet without any password, allowing a cybercriminal to spy on any house that uses it. The ‘advantage’ for the cybercriminal is that if the server is publicly available, he or she can connect to it from anywhere. Further, as most users don’t set up access controls— in the form of Access Control Lists (ACLs)—when they configure a Mosquitto while setting up their smart home hub, cybercriminals can not only subscribe to the server, but can also publish to it, thus seizing control of all devices in a smart home.”

Martin’s full piece, which includes evidence of nearly 49,000 publicly-exposed MQTT servers visible to the Shodan security-focused search engine of which around 32,000 have no password protection, is available on the Avast blog.

Devices with M.2 Next-Generation Form Factor (NGFF) slots, typically used for storage devices, can now become LoRaWAN clients thanks to an open-source add-on board from China’s Dragino: The LoRaST.

Designed to fit into the M.2 NGFF slots on modern desktop, laptop, and embedded systems, the Dragino LoRaST is based on the STMicroelectronics STM32L0xx low-power microcontroller with Arm Cortex-M0+ 32-bit processing core. While previous PCI Express-based M.2 LoRa boards, primarily aimed at the creation of gateway nodes, have been released, the Dragino is focused on creating client devices using either an internal and bundled wire antenna or an external antenna.

A write-up on the board by CNX Software, which brought the design to our attention, confirms that the device is available for $19 plus shipping from Tindie and other outlets.

The board design and firmware themselves, though, are stated as being open source, with full details available on the Dragino wiki and GitHub repository. However, no licence has been specified.

Finally, Budapest-based Karoly Pados has launched an isolated USB to UART-TTL adapter, the μArt, which claims it “tolerates common user mistakes without being damaged or causing damage to other hardware” and has already raised more than its required funding on Crowd Supply.

“It is no secret that there are many UART adapters on the market. So, you might ask, what’s the point of creating yet another one? The unfortunate reality is that despite the general usefulness of such devices, none of them seem able to solve the associated problems in a general and reliable way,” explains Karoly of the project. “This is where the μArt comes in, covering all use cases with a single device, and offering a reliable and robust solution that you can just trust to work right. The μArt has all the pins and features to enable various applications, protections to withstand or even prevent faults, means to preserve signal integrity, and measures to improve usability.

“The μArt is based on the principle that a UART adapter is your tool, and you should be able trust your tools to get the job done.”

The μArt’s features include a wide voltage range of 1.8V to 5.4V, support for non-standard baud rates, up to 3Mbaud transfer rates, complete galvanic isolation even up to mains voltage levels, over-current and reverse-polarity protection, and general-purpose input/output (GPIO) pins which operate in parallel to the UART lines.

More information is available on the Crowd Supply campaign page, which had raised more than 168 percent of its funding goal at the time of writing.