THE LINUX FOUNDATION PROJECTS
Category

Announcement

“Trust in Longevity”: How Cybertrust leverages CIP to Provide Enterprise-Grade Support and Security for Industrial-Grade Linux Distributions.

By Announcement, Blog, In the News

By Hirotaka Motai, Cybertrust Japan.

We develop and provide “EMLinux,” an industrial-grade commercial Embedded Linux, for the Japanese manufacturing industry and critical infrastructure (such as industrial controllers, professional communication equipment, and medical devices). EMLinux is based on the achievements of CIP. To maintain a robust common foundation for industrial Linux, we participate in the CIP project and engage in collaborative development. On the occasion of the 10th anniversary of the CIP project, we would like to share the background of our participation, our gratitude to CIP, and our next 10 years together.

Why We Joined CIP

At that time, while expanding our embedded Linux customization business, we strongly felt the seeds of need for “long-term security support” in the critical infrastructure sector.

Japanese embedded products are characterized by high quality and extremely long product lifespans. On the other hand, because stable operation was the top priority, companies previously hesitated not only to install disruptive OS major version upgrades but also to apply security patches after shipment. However, as security breaches targeting embedded systems and OT systems became real threats around the world, many Japanese companies found it necessary to apply security patches continuously. Especially for critical systems, “Linux that can be securely and continuously used for a long time” was indispensable, rather than Linux that focuses on bleeding-edge technology.

In the face of these realistic challenges in the manufacturing industry, CIP’s activities, which advocate 10 years of super-long-term support, were exactly the answer we were looking for. Supporting the strength of Japanese manufacturing—”high quality and long lifespan”—from the open-source layer was the primary reason why we decided to join CIP.

Gratitude to CIP

CIP realizes the “super-long-term safety and reliability” essential for critical infrastructure in a sustainable way. For us, CIP’s activities for the “super-long term,” such as the Linux kernel and Debian LTS, sustainably supports the Linux ecosystem and its software supply chain. Therefore, these efforts constitute an indispensable core of our products.

In the manufacturing and critical infrastructure sectors, where device lifecycles are long, it is essential to continue cooperating with the open-source community to keep responding to security threats. By participating and working within CIP, we can sustainably provide 10-year-scale vulnerability response and technical support, which would be difficult on our own.

In addition, CIP’s “Upstream First” policy is also important. By minimizing custom changes and returning fixes to the Linux community, our achievements can be widely adapted as global standards. As a result, it helps build a positive cycle that improves the stability and quality of our own products. It is of great value for us to work under the policy of emphasizing continuity with the upstream community. This allows us to reflect our own needs and knowledge back into the upstream.

The Next 10 Years with CIP

Beyond providing the SLTS kernel, we expect CIP to drive a robust software supply chain that ensures Linux can be used stably over the long term.

CIP’s “Upstream First” policy plays an important role in enhancing the sustainability of the entire ecosystem. This is achieved not only through code contributions, but also through checking quality via automated testing and supporting related OSS communities. As part of this role, we have been strongly committed to activities such as participating in the “cip-kernel-sec” activity as a maintainer,  which collects and analyzes vulnerability information, and building a test environment linked with “KernelCI”,  which is an open automated testing foundation for the Linux kernel. These efforts, which support long-term support from both security and quality perspectives, make the community’s achievements even stronger. In the coming years, it will be important for CIP members’ activities to encompass the entire software supply chain and to build and maintain a framework that continuously ensures long-term reliability.

Even 10 years from now, we will continue to develop “Linux that can be used with peace of mind over the long term,” just as we do today. This journey with CIP toward that goal is the very mission of Cybertrust, supporting the foundation of Japan’s digital infrastructure.

Accelerating Industrial Innovation: How CIP Complements TI’s Industrial Processors

By Announcement, Blog, In the News

Enabling Secure and Reliable Edge Computing at the Intersection of Silicon and Open Source Software

Authors: Vignesh Raghavendra and Khasim Syed Mohammed, Texas Instruments

Introduction

The industrial world doesn’t move at the pace of consumer electronics. A smart factory controller, a railway signaling unit, or a power grid edge node may be deployed for 10, 15, or even 20 years — long after the smartphones in engineers’ pockets have been replaced three or four times over. For embedded systems developers working in these environments, the question isn’t just “does it work today?” — it’s “will it still be supported, secure, and maintainable in 2040?”

This is where two industrial-grade commitments intersect: Texas Instruments’ (TI) industrial processor portfolio and the Civil Infrastructure Platform (CIP) Project’s mission to provide a long-term, stable, open-source software foundation for industrial systems. TI as a hardware vendor is an active participant in shaping the future of industrial-grade Linux. Here’s why that matters for designing tomorrow’s industrial-edge computing systems.

The Industrial Long-Term Challenge: It’s Not Just About the Hardware

The industrial sector has long grappled with a paradox: the very stability that makes a proven design trustworthy also makes it vulnerable over time. A product designed around a microprocessor today may ship for years and remain in the field for decades. The hardware remains the same, but the open-source software ecosystem — Linux kernel, User Space, middleware — evolves rapidly, with older versions aging out of active support.

As explored in CIP’s recent reflection, “Ten Years of CIP Project: From a Vision to the Industrial Gold Standard”, the CIP Project was founded precisely to solve this problem. Born from the recognition that industrial companies needed Base Layer support horizons measured in decades, not months, CIP established the CIP Open Source Base Layer — a curated, long-term stable (LTS) Linux kernel backed base layer supported by a coalition of global industry leaders committed to collaborative maintenance.

And as CIP’s own strategic analysis highlights in “The Shift in OSS Strategy Driven by the Challenge of Long-Term Maintenance”, the industry is undergoing a fundamental transformation in how it thinks about open-source software governance. Companies can no longer afford to maintain forked, proprietary BSPs in isolation. The cost — in engineering hours, security exposure, and integration fragility — is simply too high. Shared, community-driven maintenance is no longer a nice-to-have; it’s a strategy.

TI’s Industrial Processor Legacy: Proven in the Field

TI has a great track record in producing industrial-grade SoCs. The AM335x processor family — launched over 15 years ago — remains one of the most widely deployed application processors in industrial automation, building control, medical devices, and smart grid infrastructure due to robust peripherals for industrial I/O, deterministic real-time performance, wide operating temperature ranges, and a rich software ecosystem. But equally important has been the community that grew around it. The BeagleBone platform, built on AM335x and developed in close collaboration with the open-source Beagle community, became a global reference point for Linux-based embedded development including CIP. 

Today, TI’s current generation of industrial processor portfolio extends well beyond AM335x to include the AM62P, AM62L, AM62x, AM64x,  and AM67A — all designed with the industrial-grade peripherals, HMI, Edge AI and with hardware security features, functional safety enablement, and multi-decade product availability commitments. These processors power the next generation of industrial edge nodes, motor drives, PLCs, and smart grid products.

Where CIP and TI Converge: The Secure, Reliable Edge

TI has been a long term supporter of various Linux Foundation initiatives around making the open source SW offering robust and production ready. It’s part of the Real Time Linux foundation enabling PREEMPT_RT Kernels, the KernelCI project enabling robust testing of various Linux Kernel and related products and the Yocto project to enable build and deployment of custom Linux-based systems. A natural extension to this list is to enable Industrial Grade production ready Linux-systems which is what CIP project is all about.

The modern industrial edge node faces requirements which need complex SW stacks:

  • Agile System: OTA update capability, cryptographic chain of trust, vulnerability patching without downtime – supported by CIP Core WG
  • Longevity: Software support aligned with 10–15+ year hardware lifecycles – supported by CIP Kernel and Core WG
  • Compliance: IEC 62443 and emerging EU Cyber Resilience Act obligations – supported by CIP Security WG
  • Reliability: Deterministic behavior, robustness – supported by continuous testing via CIP Testing WG

The investment necessary to meet all of this doesn’t make sense for one company to bear alone, and would be redundant with other companies with the same goals. Hence, the CIP’s software governance model forms a compelling, complementary stack for TI SoCs.

CIP’s Super Long Term Support (SLTS) kernel provides the stable, well-maintained Linux foundation that TI’s industrial processors need to remain viable in the field for their full intended lifespan. CIP’s security working group enables security hardening that TI’s hardware security features (Secure Boot, TrustZone, hardware crypto accelerators) are designed to support. CIP’s testing initiative (ISAR/CIP Testing) ensures that the kernel remains validated across hardware targets — creating a framework in which TI silicon can be continuously regression-tested against a stable software baseline.

For an industrial OEM building on a TI processor today, here is an action plan to achieve the value proposition:

  • Choose a CIP-validated Linux Base Layer and benefit from long-term security patch backporting.
  • Leverage TI’s hardware security features with the confidence that the software layer will keep pace with evolving threat landscapes.
  • Reduce BSP maintenance burden by contributing to and drawing from a shared, industry-wide software pool working on CIP baseline.
  • Align product lifecycle planning with software support timelines that actually match industrial deployment realities.

Looking Ahead: The Edge is Just Getting Started

Industrial digitalization — Industry 4.0, IIoT, smart grid modernization, predictive maintenance — is still in its early innings. The edge computing nodes being designed and deployed today will form the backbone of industrial infrastructure for the next 15–20 years. The software decisions made now — which kernel, which maintenance model, which security framework — will echo through those decades.

CIP’s first ten years established the foundation. TI’s industrial processor heritage provides the proven silicon. Together, they offer industrial engineers something increasingly rare: a long-term bet you can actually make with confidence.

For embedded developers, system architects, and industrial OEMs: pair your hardware with a software strategy that thinks in decades, not release cycles. That’s what CIP was built for.

The Shift in OSS Strategy Driven by the Challenge of Long-Term Maintenance

By Announcement, Blog, In the News

– The Evolution of an Industrial Linux Platform with the CIP Project –

Author: Takehisa Katayama and Chris Paterson, Renesas Electronics

Introduction: The Challenge of Long-Term Maintenance

The use of Linux in embedded systems has advanced significantly over the past decade. However, in industrial equipment and civil infrastructure, simply adopting Linux was not enough to solve every problem. One of the most significant challenges was long-term software maintenance. In industrial domains, where product lifecycles often extend to 10 or even 20 years, operating systems and middleware are likewise expected to be maintained over the long term. This article looks back on how Renesas addressed this challenge and how it achieved a major strategic shift through the CIP (Civil Infrastructure Platform) Project.

The Launch and Positioning of the RZ Family

Among Renesas’s SoC product portfolio, the RZ/G series was created as an initiative to bring R-Car-class performance and advanced functionality into industrial markets. The RZ/G series has been developed and expanded as a member of the RZ family, which targets industrial applications. 

The name “RZ” is derived from “The Zenith of Renesas micro,” reflecting its positioning within the Renesas processor lineup. Within the RZ family, the RZ/G series was designed to provide platform value not only through its hardware capabilities, but also through a Linux-based software foundation built on open-source software.

The Initial Platform Vision and Its Evolution

In the early days of the RZ family’s software strategy, the aim was to provide a comprehensive solution that included not only Linux packages and middleware, but also development environments and the surrounding ecosystem. As our understanding of customer usage patterns and development processes deepened through customer engagement and proposal activities, the value we needed to deliver gradually became more refined. As a result, part of the original concept was eventually streamlined, but this was a part of the process of evolving through trial and error into a more practical and effective form. Through this experience, the importance of a platform centered on a common software foundation became clear, and that way of thinking has since been carried forward into current today’s Common Linux Platform and Inner Source initiatives.

The Distance from OSS: From Use to Participation

Looking back at software development at the time, Linux was indeed being used, but in many cases only at the level of consumption. A development model based on collaboration with the open-source community had not yet been fully established. Yet in embedded Linux, what truly matters is not simply using OSS, but sustaining it over the long term.

An Industry Assumption: The Expected Role of Semiconductor Vendors and its Limits

One important factor here is an implicit assumption in the industry: semiconductor vendors are generally expected to maintain the software for their own devices, especially the Linux kernel. At Renesas, development and contributions to maintain Linux had already continued since the SuperH era, particularly in the automotive domain. In the industrial domain, however, before joining CIP, Linux kernels were maintained in-house, with ongoing work on vulnerability response, backporting, and validation.

However, there was a large gap between product lifecycles and software support periods, and it was  not realistic for a single company to continue maintaining software long term on its own. This structural challenge became a major motivation for seeking a more sustainable solution.

Encountering the CIP Project and a Strategic Shift

It was in this context that Renesas encountered the CIP Project. CIP takes an approach of having multiple companies collaborate to maintain Linux over the long term, and it provides Super Long-Term Support (SLTS) kernels with support periods of more than ten years. In addition, based on the upstream-first principle, CIP has established mechanisms to ensure continuous quality and maintainability in close coordination with the broader community.

These characteristics were exactly aligned with the needs of the industrial sector, and Renesas decided to join the CIP Project early in 2017. This decision marked a major turning point in its software strategy in the industrial domain: a shift from simply using OSS to becoming an active participant in community-driven development.

How CIP Transformed Development and Business

Participation in the CIP Project significantly changed the way software was developed. With long-term maintenance supported by a community, the burden of individual backporting work was reduced, improving both development efficiency and quality. Moreover, being able to provide a platform with long-term support created substantial value in the industrial equipment market and helped build customer trust.

Furthermore, the fact that the OSS community itself supports maintenance is important from another perspective as well: it helps reduce dependence on a specific vendor and has become a major benefit for users.

Contributing to OSS and Influencing the Ecosystem

Within the CIP Project, Renesas has not been merely a user, but an active contributor. It has played an important role in sustaining the ongoing operation of the CIP Project through efforts such as helping launch initiatives in the security domain, building up testing infrastructure through activities in the Testing Working Group, and providing reference boards.

In particular, the Testing Working Group has expanded the scope and effectiveness of the CIP Project’s validation activities through collaboration with the KernelCI project. By working with a broader community focused on automated kernel testing, participating in KernelCI governance and technical development, and contributing support for CIP-specific requirements, Renesas has helped strengthen the overall testing infrastructure. These efforts also demonstrate that long-term maintainability is not achieved through isolated work, but through sustained collaboration across a community, and they have enabled continuous, large-scale validation of CIP kernels across a wide range of platforms and use cases.

These activities have also been fed back into internal development, contributing to the establishment of a common platform and the promotion of automation.

Growing Cybersecurity Requirements and the Role of CIP

In recent years, the emergence of the European Cyber Resilience Act (CRA), long-term software maintenance and security response have increasingly become strong regulatory requirements as well. As vulnerability management across the entire product lifecycle and the continuous delivery of patches have become legal obligations, many companies are now working to address them.

In this context, the long-term model provided by CIP is being re-evaluated as a highly practical solution. What is important is that CIP was not created as a response to regulatory compliance but was originally formed to meet the needs of industrial systems. As a result, it has become a foundation that aligns naturally with today’s regulatory requirements.

Conclusion: Moving to a Stage Where OSS Is Used Strategically

Renesas’ engagement with OSS traces back to its upstream activities in the SuperH era and has developed through different stages of maturity across different domains. In the industrial field, there was a period of stagnation, but through initiatives around the RZ family, particularly the RZ/G series, and participation in the CIP Project, those efforts were reintegrated and have now evolved into a stage where OSS is used strategically.

As discussed in this article, CIP kernels play an important role as the software foundation of the RZ/G series. At the same time, the outcomes and knowledge generated through these efforts have also been extended to some other products within the RZ family, making CIP an important pillar supporting Renesas’ industrial Linux platform as a whole. Going forward, Renesas will continue contributing to the realization and broader adoption of Industrial Grade Linux in the industrial domain through collaboration with the OSS community. This is not simply a matter of technological evolution; it is also a practical answer to the question of how to ensure the reliability and sustainability of systems that support society over the long term.

A Common Linux Base for Civil Infrastructure, Born from a Serendipitous Encounter

By Announcement, Blog, In the News

— Ten Years of CIP: From Shared Questions to a Shared Foundation —

Author: Yoshitake Kobayashi and Kazuhiro Hayashi, Toshiba

The Civil Infrastructure Platform (CIP) marks its tenth anniversary in 2026.
To reflect on this milestone, several partners—including Siemens—have shared their perspectives on why CIP was needed and what it has achieved over the past decade. As highlighted in Siemens’ contribution, CIP was built around a simple but critical idea: establishing a trusted software base for critical infrastructure and industrial systems through sustained upstream collaboration, benefiting both industry and the broader open source community.
Building on those perspectives, this article revisits how CIP came into being—and why its emergence was ultimately inevitable—from the viewpoint of Toshiba.

2014: Different Paths, the Same Question

The origins of CIP go back to before its formal launch in 2016.

In 2014, within the Consumer Electronics (CE) Workgroup of the Linux Foundation, Toshiba proposed addressing a growing challenge: how to establish a Linux-based foundation that could be trusted for long-term use in social (civil) infrastructure systems.

Systems in domains such as energy, transportation, and industrial control are expected to operate reliably over decades. Yet at the time, mainstream Linux distributions and support models struggled to meet key non-functional requirements, including long-term maintenance, reproducibility, and security. These were not abstract concerns—they were recurring issues observed in real products and field deployments.

This proposal, discussed within the Linux Foundation, outlined the need for a shared, long-term supported Linux base for civil infrastructure use cases.
Only later did it become clear that Siemens had independently reached a very similar conclusion and submitted a closely aligned proposal to the same organization during the same period. The two efforts emerged just months apart, in October and December of 2014.

What may appear as coincidence is better understood as convergence.

As civil infrastructure systems continued to digitalize, different organizations were naturally led to the same fundamental question.

2015: Making the Question Shared

These parallel efforts came together in June 2015 at LinuxCon Japan.
At that event, Toshiba and Siemens jointly presented
Applying Linux to the Civil Infrastructure.

While the name “CIP” was not yet widely used, the ideas presented there would later define the project’s direction.

The shared understanding was clear:

  • Civil infrastructure systems serve as vital societal lifelines.
  • While IT-driven technologies are increasingly adopted, critical non-functional requirements—such as functional safety, reliability, long-term support, security, and real-time behavior—remain insufficiently addressed.
  • The operating system and its foundational software should not be treated as a point of competition, but rather as a common base to be developed collaboratively.

This was not a product announcement.
It was an open articulation of shared challenges, intended to invite discussion and cooperation.
That message resonated. Over time, the ideas discussed there evolved into the CIP project.

Why CIP Was Needed: Lessons from the Field

Linux is widely recognized for its robustness. However, in real-world infrastructure systems, teams repeatedly face challenges such as:

  • Issues that occur only rarely and are extremely difficult to reproduce
  • Problems that do not appear in test environments but surface under real operating conditions
  • Accumulated local patches that make long-term maintenance increasingly complex

CIP addressed these challenges by providing a framework in which they are no longer handled in isolation, but shared and resolved collectively in collaboration with upstream communities.

A concrete example illustrates the importance of this approach.

In the CIP 4.4 RT kernel, a rare issue was identified during system startup, occurring only once every 10,000 to 20,000 boots. Although infrequent, the issue could effectively cause a kernel hang. By the time the investigation began, the kernel version had already reached end-of-life, making upstream fixes unlikely. At the same time, migrating to a newer kernel was not straightforward due to constraints related to non-functional requirements and compatibility.

Thanks to CIP’s sustained support framework, it was possible to work closely with maintainers to analyze the issue and implement a fix. The solution was applied by backporting changes from newer kernels, ensuring both technical validity and maintainability.

This case demonstrates that CIP is not simply about extending support timelines.
It provides a practical, working foundation capable of addressing real-world issues throughout the lifecycle of infrastructure systems.

What CIP Represents

CIP is more than a long-term support effort.

Its core principles—industrial-grade quality, sustainability, and security—reflect the requirements of systems that underpin society.

While specific products cannot be disclosed, CIP’s achievements are actively utilized in mission-critical environments, contributing not only to individual systems but to the broader resilience of civil infrastructure.

In recent years, its scope has expanded to include areas such as security, software updates, and Software Bills of Materials (SBOM), reflecting a shared responsibility toward long-term system integrity.

Ten Years That Were Inevitable

CIP did not begin as a fully formed initiative. Questions raised independently in 2014 were shared openly in 2015, and shaped into a collaborative project in 2016.

At its core was a common understanding: this is not an area for competition, but for cooperation.

Ten years later, CIP has become a reference point for industrial-grade open source in the civil infrastructure domain. It represents not only a technical base, but a community built on shared challenges, shared solutions, and shared responsibility.

Looking ahead, CIP will continue to play a key role in enabling safe, sustainable, and trustworthy infrastructure systems worldwide.

A Decade of Industrial Grade Linux: Reflecting on the CIP Journey and the Road Ahead

By Announcement, Blog, In the News

Author: Yoshitake Kobayashi, CIP TSC Chair, Toshiba

In April 2026, the Civil Infrastructure Platform (CIP) project will celebrate its 10th Anniversary. Over the last decade, CIP has worked to solve one of the most critical challenges facing industrial and civil infrastructure systems: the Longevity Gap with Industrial Gradeness.

Our mission has been clear from the start: to establish Industrial Grade Linux (IGL) as an Open Source Base Layer (OSBL), ensuring 10+ years of stability and reliability—an indispensable foundation for the Critical Infrastructure and Industrial Systems that power our world.

The Founding Vision: Collaboration Over Crisis

Around 2015, the industrial sector faced a dilemma. While the IT world moved at high speed with new Linux kernel releases every few months, operational technology (OT) systems—such as power plants, railways, and industrial automation—had lifecycles spanning more than 10 years, sometimes 50 years. This forced companies into expensive, insecure, and unsustainable private “forks” of Linux.

To solve this “Maintenance Crisis,” leaders like Renesas, Siemens, and Toshiba united to create a collaborative, non-competitive base layer. We defined the requirements for Industrial Grade Linux through three primary challenges:

  1. Industrial Gradeness: Ensuring Real-Time capability to provide the deterministic performance required for mission-critical control.
  2. Sustainability: Providing Super Long-Term Support (SLTS) to maintain software for 10+ years.
  3. Security: Implementing continuous vulnerability management and adherence to international industrial standards.

Five Pillars of Stability: CIP’s Core Achievements

Our journey has been built on five technical pillars, each addressing a critical need for civil infrastructure:

1. Kernel Team: The 10+ Year Promise

CIP pioneered the Super Long-Term Support (SLTS) kernel, extending maintenance far beyond standard LTS to meet industrial product lifecycles.

  • Milestone: Our first SLTS kernel, Linux 4.4, is supported from 2016-2027, proving the viability of a consortium-maintained kernel.
  • Current Status: We actively maintain five concurrent SLTS versions (4.4, 4.19, 5.10, 6.1, and 6.12). We have also successfully worked with the Real-Time Linux project to mainline PREEMPT_RT, bringing native real-time capabilities to the core Linux kernel.

2. CIP Core Working Group: Reference and Reproducibility

We strategically chose Debian as our primary reference distribution, contributing to its LTS/ELTS programs to avoid “reinventing the wheel.”

  • Profiles: We provide a Tiny Profile for resource-constrained devices and a Generic Profile for standard industrial use cases, both built using the ISAR build system.
  • Reproducible Builds: We have achieved and continuously verify bit-for-bit reproducible builds using ISAR-CIP-CORE. This is crucial for supply chain security, trusted transparency, and enabling small, efficient delta updates in the field.

3. Testing Working Group: Validation at Scale

Our testing architecture ensures the reliability of our SLTS kernels on real hardware.

  • Upstream Integration: CIP is fully integrated with KernelCI, sharing results publicly and visualizing kernel health over several years.
  • CIP Testing: What began as the “Board at Desk (B@D)” initiative has evolved into a fully distributed and highly reproducible testing environment integrated with KernelCI and LAVA, performing validation at scale.

4. Security Working Group: Conformance to Industrial Standards

Security is baked in by default, with hardening guidelines designed to meet stringent industrial requirements.

  • IEC 62443 Alignment: CIP has achieved historic milestones in industrial security. After becoming the first open-source project to complete the IEC 62443-4-1 conformance assessment in August 2024, we reached another major goal in February 2026 by successfully completing the IEC 62443-4-2 assessment. This dual achievement dramatically reduces the cost of compliance for our users.
  • Vulnerability Management: Our triage process filters the “CVE flood” to assess impact specifically on CIP SLTS kernel configurations, allowing us to focus efforts on truly exploitable risks.

5. Software Update Working Group: Secure & Robust Updates

We provide a sustainable solution for software lifecycle management by integrating SWUpdate and TUF (The Update Framework). This ensures secure delivery with signed artifacts and safe rollbacks (A/B partitioning). We are currently working on WFX integration to automate update workflows for massive device fleets at scale.

The Road Ahead: The Compliance Base

Looking forward, CIP is evolving from a “Technical Base” into a “Compliance Base.” The rise of global regulations, such as the EU Cyber Resilience Act (CRA), mandates security updates throughout a product’s entire lifecycle. CIP’s long-term maintenance approach, reproducible builds, and security artifacts will form a crucial part of the evidence required for regulatory auditing and certification.

Conclusion

Over the past ten years, CIP has successfully built the open-source foundation required by industrial systems. By enhancing sustainability through SLTS and ensuring industrial gradeness through real-time performance, we enable our members to deploy secure, reliable, and future-proof products.

As we look toward the next decade, one thing remains certain: for the civil infrastructure our civilization runs on, collaboration is the key to sustainable living.

Civil Infrastructure Platform Mini Summit 2025

By Announcement, Blog, Events, In the News

We are pleased to announce that the Civil Infrastructure Platform (CIP) will once again hold the CIP Mini Summit (Open TSC Meeting) alongside Open Source Summit Europe 2025.

Event Details

  • Date: Thursday, August 28, 2025, 13:30–17:00 (Local Time)
  • Venue: RAI Amsterdam, Amsterdam, Netherlands
  • Registration Fee: $10 (select as an add-on when registering for Open Source Summit Europe)
  • Registration Page: CIP Mini Summit Registration

Join us to explore the latest achievements and future roadmap of the CIP Project. As cybersecurity resilience becomes increasingly crucial, CIP continues to play a pivotal role in supporting industrial-grade Linux for long-term stability and security, especially in the context of emerging regulations like the Cyber Resilience Act (CRA).

Agenda

1. Opening Session (13:30–13:40)
A concise overview of the CIP project’s mission and strategic goals.

2. Working Group Updates and Future Directions

  • Kernel Team – CIP SLTS Kernel 6.12 Release and New Reference Board Support (13:40–14:20)
    Discover the groundbreaking advancements introduced in the latest CIP Super Long-Term Support (SLTS) Kernel 6.12, including support for new reference boards. Hear directly from the Kernel Team about key enhancements in performance, stability, and extended support tailored for industrial-grade systems.
  • CIP Core WG – Debian 13-Based Reference Environment (14:30–15:10)
    Gain insights into the release of the new Debian 13-based reference environment, which marks a significant milestone in strengthening CIP’s core components. Learn how this update enhances compatibility and long-term stability.
  • Security WG – Advancing IEC 62443-4-2 Compliance (15:10–15:50)
    Explore CIP’s ongoing efforts and successes in aligning with the rigorous IEC 62443-4-2 security standards. Learn about the practical implications of these security enhancements and how they empower industrial systems to meet evolving cybersecurity demands.
  • SW Update WG – TUF (The Update Framework) Integration (16:00–16:30)
    Learn about CIP’s progress in integrating TUF (The Update Framework) to enhance software update security and reliability. Discover how this approach ensures robust protection against software supply chain attacks.
  • CIP Testing WG – Ensuring Quality and Reliability (16:30–17:00)
    Understand the latest advancements in CIP’s comprehensive testing framework designed to ensure the highest standards of software quality and reliability. See how rigorous testing practices contribute directly to the dependability of CIP-supported infrastructure.

Cocktail Time

After the summit, we will host a Cocktail Time, providing an excellent opportunity to network with fellow attendees, exchange ideas, and discuss the future of CIP. Don’t miss this chance to connect!

How to Register

To attend the CIP Mini Summit, you must first register for Open Source Summit Europe 2025. Ensure you select “Civil Infrastructure Platform Mini Summit” during registration.

Visit the registration page for more details and to secure your spot.

The CIP Mini Summit is a unique opportunity for developers, engineers, and project stakeholders interested in industrial-grade Linux, long-term support strategies, and cybersecurity. We look forward to your participation!For reference, last year’s announcement is available here.

CIP Mini Summit at ELC EU – Vienna

By Announcement, Events, In the News

CIP Mini Summit (Open TSC Meeting)

Join Us for the CIP Open TSC Meeting!

We are excited to invite you to the upcoming Civil Infrastructure Platform (CIP) Open Technical Steering Committee (TSC) Meeting. This event is an excellent opportunity for industry experts, contributors, and enthusiasts to come together, share insights, and discuss the future direction of CIP. Whether you are a seasoned participant or new to the community, your presence and input will be invaluable.

Date: 19th of September 

Time: 1:30pm – 5:00pm

Location: Austria Center Vienna, Room 0.96/0.97

Registration: To register follow the instructions on the Open Source Summit website.

The CIP project aims to establish a sustainable and secure software foundation for civil infrastructure and industrial systems. Join us to learn more about our latest achievements, ongoing work, and plans for the future. This is also effective in meeting cybersecurity requirements such as those in the recently significant EU Cyber Resilience Act (CRA).

Agenda

1. Introducing CIP in 10 minutes  (13:30-13:40, 10 minutes)

This introductory session will provide a concise overview of the CIP project. Yoshi will highlight the key goals, achievements, and the importance of the CIP project in creating a robust and secure software infrastructure for civil infrastructure and industrial applications. Attendees will gain a foundational understanding of what CIP is and why it matters.

2. WG Status Update and Future Plan

Each WG leader will present the current status, significant milestones achieved, challenges faced, and the roadmap for the future. Following these updates, we will engage in an in-depth discussion on these topics to further explore and address key issues and opportunities.

2.1 Kernel Team (13:40-14:20, 40 minutes)

The Kernel Team will discuss their efforts in maintaining and advancing the CIP kernel. This includes updates on long-term support kernels, security patches, and integration of new features. The team will also outline their future plans to ensure the CIP kernel remains stable and secure.

Break (14:20-14:30, 10 minutes)

2.2 CIP Core WG (14:30-15:10, 40 minutes)

The CIP Core Working Group will provide an update on the core components of the platform, including essential libraries and tools that form the CIP base layer. This session will cover recent releases, enhancements, and upcoming developments.

2.3 Security WG (15:10-15:50, 40 minutes)

The Security Working Group is focused on ensuring that the combination of long-term supported CIP kernels and CIP Core components comply with IEC 62443 standards. This session will cover their current activities aimed at enhancing the security posture of CIP by aligning with these internationally recognized cybersecurity standards for industrial automation and control systems. Future initiatives to achieve and maintain IEC 62443 compliance will also be discussed.

Break (15:50-16:00, 10 minutes)

2.4 SW Update WG (16:00-16:30, 30 minutes) 

This segment will focus on the software update mechanisms being developed within CIP. The team will talk about current capabilities, the importance of reliable and secure software updates in industrial systems, and future enhancements to the update process.

2.5 CIP Testing WG (16:30-17:00, 30 minutes)

The CIP Testing Working Group will present their latest advancements in testing frameworks designed to ensure the reliability and robustness of CIP components. The discussion will include automated testing strategies, new testing tools, and future testing plans.

3. Cocktail time (TBD)

— 

Please feel free to reach out if you have any questions or need further information. We look forward to your participation and a fruitful discussion at the CIP Open TSC Meeting!

CIP Core supports Debian 11-based reference images

By Announcement, Blog, In the News

Author: Kazuhiro Hayashi,  CIP Core Team Chair, Toshiba

The Civil Infrastructure Platform (CIP) project has five Working Groups – Security, Kernel, Testing, Software Update and CIP Core. The CIP Core Working Group [1], which was launched in 2019, is responsible for developing, testing and maintaining tools to generate CIP Core reference file system images. We are excited to announce that the working group now supports Debian 11-based reference images. 

The CIP Core images consist of CIP kernel and Debian base systems and provide run-time environments that work with CIP reference hardware [2. ] This library of images is the foundation for CIP developers to enhance new features, test existing functions, and maintain them for the long-term. CIP users can evaluate the features with the reference images in relation to their use cases.

The isar-cip-core [3] now supports 5.10 based CIP kernel [4] and Debian 11 bullseye packages. Isar-cip-core is a set of extensions for isar (an image generation tool) to support CIP reference hardware and other features including, but not limited to, security and software updates. Debian 11 bullseye is currently the “stable” version and will be maintained by Debian project and the LTS project until June 2026. After June 2026, the Debian Extended LTS project will inherit its maintenance. The 5.10 CIP kernel is being maintained by the Linux kernel community as a long term release kernel until Dec. 2026. After this, CIP will maintain it until Jan 2031.

By supporting 5.10 CIP kernel + bullseye based CIP Core images, users can use the latest stable versions of CIP kernel and userland with all the CIP reference hardware[2], some of which are only supported by the 5.10 kernel. 

The CIP Security Working Group[5] is targeting version 5.10 CIP kernel and the bullseye based CIP image to achieve IEC-62443-4-x certification. The CIP Software Updates Working Group[6] is actively improving secure software update mechanisms by SWUpdate and secure boot and expanding devices where the features have been supported, with the latest version of CIP Core image as well as the previous.

The CIP Core Working Group plans to continue to introduce more useful features like above to the 5.10 kernel + bullseye based image and maintain them in cooperation with other working groups and related open source software communities. Contact us via the cip-dev mailing list for feedback, questions, or discussions.

[1] https://wiki.linuxfoundation.org/civilinfrastructureplatform/cip-core

[2] https://wiki.linuxfoundation.org/civilinfrastructureplatform/ciptesting/cipreferencehardware

[3] https://gitlab.com/cip-project/cip-core/isar-cip-core

[4] https://www.cip-project.org/blog/2020/12/02/cip-to-embark-on-kernel-5-10-development-for-slts

[5] https://wiki.linuxfoundation.org/civilinfrastructureplatform/cip-security

[6] https://wiki.linuxfoundation.org/civilinfrastructureplatform/cip-sw-updates

CIP Expands Work on SLTS Kernel Maintenance

By Announcement, Blog, In the News

The Civil Infrastructure Platform project (cip-project.org) – released the first 5.10-based version of its super-long-term stable (SLTS) kernel. The 5.10-based release made official the third CIP kernel series available after 4.4-cip and 4.19-cip. It demonstrates how CIP remains committed to maintaining all SLTS versions for a minimum of 10 years after the original release.

With the recent discontinuation of the 4.4 LTS kernel by its maintainer Greg Kroah-Hartman, the CIP project now requires organized backports to one of its kernels for the first time, independently of the LTS project. The CIP kernel team already expanded its capacity last year and is well prepared to handle this task.

The CIP kernel developers will remain  involved in the review process of patches targeting related LTS kernels. CIP is actively engaged in enhancing the test infrastructure for the Linux Kernel, both through its work on the CIP SLTS Kernels and CIP’s participation in the KernelCI project.

About The Civil Infrastructure Platform (“CIP”)

The Civil Infrastructure Platform (“CIP”) is a collaborative, open source project hosted by the Linux Foundation. The CIP project is focused on establishing an open source “base layer” of industrial grade software to enable the use and implementation of software building blocks in civil infrastructure projects. Currently, civil infrastructure systems are built from the ground up, with little re-use of existing software building blocks.

The CIP project intends to create reusable building blocks that meet the safety, reliability and other requirements of industrial and civil infrastructure. By establishing this ‘base layer’, CIP aims to:

  • Speed up implementation of civil infrastructure systems;
  • Build upon existing open source foundations and expertise without reinventing non-domain specific technology;
  • Establish (de facto) standards by providing a base layer reference implementation;
  • Contribute to and influence upstream projects regarding industrial needs;
  • Motivate suppliers to actively support these platform / provide an implementation; 
  • Promote long term stability and maintainability of the base layer of code; and
  • Adopt the security standard IEC 62443

With respect to project governance, a Governing Board is responsible for financial matters while the Technical Steering Committee oversees the technical direction of the project.

For more information, please visit https://www.cip-project.org/

 

 

VES LLC Joins CIP as a Silver Member

By Announcement, Blog, In the News

Leader in custom Government off the Shelf (GOTS) infrastructure solutions becomes the newest member of Civil Infrastructure Platform (CIP)

Today, the Civil Infrastructure Platform (CIP) welcomes VES LLC as its newest member. VES is a small business Headquartered out of Aberdeen Proving Ground, Maryland with a focus on solving the Department of Defense’s (DoD) hardest Software Systems Integration challenges. VES is joining CIP to further their development of custom Government off the Shelf (GOTS) infrastructure solutions, integrating Mission Command systems, and prototyping emerging technologies for use in the Army and Joint tactical architecture.

The Civil Infrastructure Platform strives to create an open source “base layer” of industrial-grade software to enable the use and implementation of software building blocks in civil infrastructure projects. Embedded systems are crucial to civil infrastructure, including within Army operating systems and across the DoD. Given VES’ area of expertise, and CIP’s mission to establish an open source “base layer” of industrial-grade software, there’s strong alignment with both CIP and VES.

“As CIP grows, it is exciting to bring in a broader array of organizations wishing to establish a Linux-based open source base layer for industrial-grade, civil infrastructure.” said Yoshitake Kobayashi, Technical Steering Committee Chair of CIP, “We are excited to have VES on board and welcome all future collaboration within the CIP community.” 

Matthew Vidovich
CEO, VES LLC

“We are very excited to join the CIP and become an integral member of an expansive network focused on open source solutions with other industry leaders.” said VES CEO, Matt Vidovich.  “Each member of our core VES leadership team brings over 17 years of open systems architecture experience across the Department of Defense, commercial, and international markets.  We look forward to expanding our relationships and impact with other stakeholders sharing the same purpose and passion on solving the toughest open source problems with enduring solutions.”

Brad Lilly, VES Chief Technology Officer (CTO) for Systems

Brad Lilly, VES Chief Technology Officer (CTO) for Systems, stated “As a segment leader in custom DoD Linux Distributions, VES is committed to the ongoing security and maintainability for our customer’s systems. CIP has given us a strong base to build on, and we are excited to begin contributing back to help ensure CIP’s long term success.” 

Established in 2014, VES has specialized expertise in building GOTS versions of embedded Linux for Army operating systems needs, and in developing and deploying the Army Mission Command Infrastructure architecture.

Interested in becoming a CIP member, learn more here.