User Tools

Site Tools


CIP mini summit 2019

31st October 2019, Lyon

Civil Infrastructure Platform (CIP) mini-summit is a half-day, single-track event on the topic of industrial open source system which based on Linux. The main goal of this event is to provide technical details and overview to develop industrial-grade open source base layer.

CIP mini-summit aims to leverage the opportunity in Open Source Summit Europe to explain overall CIP development happening in various CIP groups. Each CIP group will highlight the status of all activities as well as a future roadmap. Apart from the individual group’s activities, there will be a session on overall achievement and development progress in CIP project. Furthermore, following are the key highlights for CIP mini-summit

  • SLTS (Super Long Term Support) for kernel which will help to leverage the potential of CIP for Industrial use cases where frequent updates are not desired
  • How CIP does follow mainstream first policy when it comes to support mainstream development
  • How CIP encourages Debian community to extend support for long term maintenance of Industrial packages
  • Including new Debian packages in CIP by CIP member companies– How does it work!
  • Benefits of joining CIP project
  • How CIP’s underneath security can help to achieve Industrial grade, safe, robust and reliable solutions
    • CIP integrates Debian packages which help to achieve IEC-62443 certification
    • CIP security team constantly working with IEC certification laboratories to keep CIP up to date to deter latest cyber threats
    • Constantly keep exploring new threats, viruses, malware and integrate solution in CIP as soon as it’s available
    • Track critical CVEs related to security packages and keep updating the patches in CIP repository
    • Regularly publish implementation security guidelines, reference implementation and best practices which will help organizations to mitigate latest cyber threats
    • Start penetration testing in future using reference devices to find out critical attack surfaces
  • How CIP SW update mechanism works where each step is secured by state of the art cryptographic techniques
  • Potential use cases of CIP to unravel industrial use cases
  • How CIP uses LAVA test framework for automated kernel testing


  • State of Civil Infrastructure Platform
  • CIP Super long-term support (SLTS) kernel development (e.g. Patch management for collaboration with stable kernel team)
  • Security in industrial systems and its future
  • Safe software update for IoT devices
  • Use cases of CIP open source base layer

CIP testing activities also will be presented at Automated Testing Summit.

Time table

Time (Length) Title Abstract Speaker Slide
08:00-08:15 (15min) <preparation>
08:15-08:30 (15min) State of CIP project This session will feature an overview of CIP activities and its collaborative efforts. Yoshitake Kobayashi and Urs Gleim Slide
08:30-08:50 (20min) CIP @ Siemens Mobility In this talk we want to show the most important use cases of the Civil Infrastructure Platform for our Rail Automation business. Further we look into the security enhancements for SL-3 according to IEC 62443. Additionally we present our OSS contributions for automatic certificate management based on CMP as well as hardware binding of credentials. Benjamin Schilling / Yasin Demirci Slides
08:50-09:10 (20min) Power Plants run on Linux CIP Power plant systems are required to have a high level of reliability, availability and serviceability (RAS) and over 10 years of continuous monitoring and control. Controllers, remote I/O, turbine control modules, etc. have just started running on Linux.
This talk introduces the history of applying Linux to controllers, problems encountered there, and the progress in applying CIP to solve those problems showing specific examples. Actual experience includes network driver bug fixes, security support, new hardware support, logging enhancements, and more.
Application of CIP will provide us solutions to these issues. Toshiba aims to contribute to CIP by feeding back our experience to CIP.
Yoshiyuki Nitta Slides
09:10-09:30 (20min) Launching CIP-based Linux distribution CIP develops an open source base layer of industrial software commonly used in industrial and control system use cases. Users can develop their own products or systems by adding the required packages and customizing them for their environment.
Cybertrust, based in Japan, has launched a CIP-based Linux distribution for embedded systems called EMLinux. This is intended to facilitate the efforts of customers using the CIP open source base layer and maximize the benefits of CIP.
This talk outlines the activities Cybertrust is working with CIP members to develop and maintain the CIP-based distribution.
Masashi Kudo Slides
09:30-10:05 (35min) Security WG Recently, frameworks, guidelines, and laws related to cybersecurity are being developed around the world. And they define that interoperability from a practical point of view is also an important requirement for cybersecurity. Under such background, IEC62443, an international standard for security for industrial automation and control systems for asset owners, system integrators, product suppliers, and, where appropriate, compliance authorities, is gaining attention as a best practice for cybersecurity measures. CIP, which aims to provide industrial grade Linux, is providing activities to clarify how users develop products that have been applied to IEC62443, especially IEC 62443-4-2, using open source as a common challenge for industrial companies. In this session, introduce the activities and purpose of the security working group and share the goals for future development of security compatible products with you. Kento Yoshida Slides
10:05-10:15 (10min) <break>
10:15-10:50 (35min) Kernel Team Stable kernel maintenance and patches management - Long-term maintenance in the Linux kernel to build robust, secure, and reliable platforms for the civil infrastructure environments is a crucial challenge. Therefore, the stables patches review and the collaboration between CIP and the stable kernel is imperative. In this session, CIP kernel maintainers will share the experiences in stable patch review and patch management in stable kernel v4.4 and v4.19. Iwamatsu, Pavel, and SZ Lin Slides
10:50-11:25 (35min) CIP Core In industrial products, 10+ years maintenance is required, including security fixes, reproducible builds, and continuous system updates. Selecting appropriate base systems and tools is necessary for efficient product development. Debian has been applied to industrial products because of its stability, long-term supports, and powerful tools for packages development. The CIP Project, which provides scalable and customizable base image and BSP layers, is now used in various embedded devices. The speakers introduce the two different approaches to satisfy the requirements above; Deby and ISAR. Both provide simple but effective functions to customize and maintain Debian for embedded products. This talk not only explains preferred use cases of each approach, how to apply to product development, and relation with other open source projects but also how the CIP project supports building a sustainable industrial-grade Linux distribution. Kazuhiro Hayashi and Jan Kiszka Slides
11:25-12:00 (35min) SW update WG You can learn how software updates work with the CIP open-source base layer, what kind of trade-offs we made and learn about our future roadmap. CIP users benefit from having a reference implementation to get started, possibly saving them months of work. Akihiro Suzuki Slides
12:00-12:35 (35min) CIP Testing In order to ensure quality for 10+ years, CIP must have a vigorous test setup that is not only be flexible, but maintainable for years to come. In order to achieve this CIP intends to use (and contribute to) existing projects, rather than reinvent the wheel. This talk seeks to increase discussion and collaboration by providing details on CIP's test infrastructure, both hardware and software, including our gitlab-cloud-ci tool. Chris Paterson, Michael Adler Slides
12:35-12:50 <Wrap up>

Back to the parent page

civilinfrastructureplatform/cipconferences/cipms2019.txt · Last modified: 2020/01/15 04:46 by yoshi