THE LINUX FOUNDATION PROJECTS
Category

In the News

May 12 2026

Ten years of CIP project: From a Vision to the Industrial Gold Standard

By Blog, Events, In the News

Author: Pasquale Nieddu, Siemens

Ten years ago, Siemens together with other tech leaders like Toshiba, Hitachi, and Plat’Home decided to establish the Civil Infrastructure Platform (CIP) to overcome the longevity gap between IT and OT. This union of companies wanted to give a rolling 10-year promise of stability and was therefore ready to trade competition for collaboration.

The founders of the CIP project — and later joined by members Renesas Electronics, Texas Instruments, Codethink, and Moxa — aimed to provide an implementation for safety-critical systems based on well-established Linux components and deliver long-term support for the kernel and a base set of packages. Only collaboration between companies with know-how, experts, and the necessary budget can realize such ambitious goals. Therefore, the CIP project contributes directly to upstream projects, giving back to the community it builds on.

At Siemens our experts are actively involved to ensure that the requirements are integrated and bugs are closed in the upstream projects that are crucial – not only for the CIP project, but also to benefit the whole open source community.

But why is it so crucial for Siemens to have such a platform? A bug on a brake control system, a power grid controller, or in industrial automation could cause severe harm to people’s lives. Therefore, the goal is to have a base layer of trusted software that serves as a reliable foundation for a decade or even longer.

The Pillars of Success

To create an Open Source Base Layer (OSBL) that can be labeled ‘industrial grade’, the CIP partners decided to take the existing Long Term Support (LTS) Kernel and extend its maintenance cycles to a breathtaking ten years—the so-called Super Long Term Support (SLTS).

But a Kernel alone is not enough. To build a reproducible and working image, you need a stable set of packages, which are managed and maintained within the CIP Core Layer. This foundation is used inside Siemens as a base to provide secure and robust software update support for many products. It can be built with the amazing tool Isar – a powerful toolset to create Debian-based images from scratch. While Isar as a project stands on its own, Siemens is one of the core contributors and we take care that it keeps pace with the challenges of our time.

Security, Compliance and a Birthday Present

Nowadays, stability is only half the battle. This is where the Security Working Group (SWG), where Siemens also is active, comes into play. Its members provide the tools to meet the IEC 62443-4-2 standard. By providing the right configurations, an image built with CIP is “IEC 62443-4-2 ready.” And just in time for the 10th anniversary – as a birthday present, so to speak – the CIP achieved official certification for the IEC 62443-4-2 standard! One of Siemens Mobility’s very own products, the so called M-COM, was the technical hardware base for this certification. 

Since security is a core part of being resilient, the European Union now requires proof through the Cyber Resilience Act (CRA). The CIP directly helps Siemens fulfill our duty to provide security updates throughout the entire product lifecycle. This allows our members to stay ahead of threats without monitoring thousands of packages individually — shifting the focus from struggling with compliance to leading the market.

Putting Vision into Practice: Siemens Mobility

But where inside Siemens do we use it? One mentionable example is Siemens Mobility, where the CIP project together with Isar serve as the foundation for a hardened, long-supported in-house Linux Operating System. A secure, robust operating system is essential for the challenges of modern railway infrastructure such as the European Train Control System (ETCS), digital interlocking, or future cloud solutions. Thanks to the great cooperation within the CIP project, we can fulfill our customers’ high demands on safety and security standards in Europe and around the world.

For Siemens, this collaboration with the CIP project is a big plus as it significantly reduces the time and costs associated with certification. While the CIP provides the tools for IEC 62443-4-2 at Security Level 2 (SL-2), Siemens Mobility leverages this base to fulfill even more comprehensive requirements, reaching SL-3 for both component (4-2) and system levels (3-3).

Beyond using the platform, Siemens actively contributes to the CIP project’s ecosystem with its own projects. A mentionable example is the debsbom tool, which simplifies the creation and management of Software Bills of Materials (SBOM). By contributing to this and many other tools, Siemens is making it easier to meet the CIP project’s modern requirements.

Nevertheless, we must not forget that all of this was only possible because several market players agreed to work together as equals. They gave their employees the freedom to work on this shared project, and over time, the boundaries blurred: the employees of other companies truly became our colleagues.

Apr 28 2026

A Decade of Industrial Grade Linux: Reflecting on the CIP Journey and the Road Ahead

By Announcement, Blog, In the News

Author: Yoshitake Kobayashi, CIP TSC Chair, Toshiba

In April 2026, the Civil Infrastructure Platform (CIP) project will celebrate its 10th Anniversary. Over the last decade, CIP has worked to solve one of the most critical challenges facing industrial and civil infrastructure systems: the Longevity Gap with Industrial Gradeness.

Our mission has been clear from the start: to establish Industrial Grade Linux (IGL) as an Open Source Base Layer (OSBL), ensuring 10+ years of stability and reliability—an indispensable foundation for the Critical Infrastructure and Industrial Systems that power our world.

The Founding Vision: Collaboration Over Crisis

Around 2015, the industrial sector faced a dilemma. While the IT world moved at high speed with new Linux kernel releases every few months, operational technology (OT) systems—such as power plants, railways, and industrial automation—had lifecycles spanning more than 10 years, sometimes 50 years. This forced companies into expensive, insecure, and unsustainable private “forks” of Linux.

To solve this “Maintenance Crisis,” leaders like Renesas, Siemens, and Toshiba united to create a collaborative, non-competitive base layer. We defined the requirements for Industrial Grade Linux through three primary challenges:

  1. Industrial Gradeness: Ensuring Real-Time capability to provide the deterministic performance required for mission-critical control.
  2. Sustainability: Providing Super Long-Term Support (SLTS) to maintain software for 10+ years.
  3. Security: Implementing continuous vulnerability management and adherence to international industrial standards.

Five Pillars of Stability: CIP’s Core Achievements

Our journey has been built on five technical pillars, each addressing a critical need for civil infrastructure:

1. Kernel Team: The 10+ Year Promise

CIP pioneered the Super Long-Term Support (SLTS) kernel, extending maintenance far beyond standard LTS to meet industrial product lifecycles.

  • Milestone: Our first SLTS kernel, Linux 4.4, is supported from 2016-2027, proving the viability of a consortium-maintained kernel.
  • Current Status: We actively maintain five concurrent SLTS versions (4.4, 4.19, 5.10, 6.1, and 6.12). We have also successfully worked with the Real-Time Linux project to mainline PREEMPT_RT, bringing native real-time capabilities to the core Linux kernel.

2. CIP Core Working Group: Reference and Reproducibility

We strategically chose Debian as our primary reference distribution, contributing to its LTS/ELTS programs to avoid “reinventing the wheel.”

  • Profiles: We provide a Tiny Profile for resource-constrained devices and a Generic Profile for standard industrial use cases, both built using the ISAR build system.
  • Reproducible Builds: We have achieved and continuously verify bit-for-bit reproducible builds using ISAR-CIP-CORE. This is crucial for supply chain security, trusted transparency, and enabling small, efficient delta updates in the field.

3. Testing Working Group: Validation at Scale

Our testing architecture ensures the reliability of our SLTS kernels on real hardware.

  • Upstream Integration: CIP is fully integrated with KernelCI, sharing results publicly and visualizing kernel health over several years.
  • CIP Testing: What began as the “Board at Desk (B@D)” initiative has evolved into a fully distributed and highly reproducible testing environment integrated with KernelCI and LAVA, performing validation at scale.

4. Security Working Group: Conformance to Industrial Standards

Security is baked in by default, with hardening guidelines designed to meet stringent industrial requirements.

  • IEC 62443 Alignment: CIP has achieved historic milestones in industrial security. After becoming the first open-source project to complete the IEC 62443-4-1 conformance assessment in August 2024, we reached another major goal in February 2026 by successfully completing the IEC 62443-4-2 assessment. This dual achievement dramatically reduces the cost of compliance for our users.
  • Vulnerability Management: Our triage process filters the “CVE flood” to assess impact specifically on CIP SLTS kernel configurations, allowing us to focus efforts on truly exploitable risks.

5. Software Update Working Group: Secure & Robust Updates

We provide a sustainable solution for software lifecycle management by integrating SWUpdate and TUF (The Update Framework). This ensures secure delivery with signed artifacts and safe rollbacks (A/B partitioning). We are currently working on WFX integration to automate update workflows for massive device fleets at scale.

The Road Ahead: The Compliance Base

Looking forward, CIP is evolving from a “Technical Base” into a “Compliance Base.” The rise of global regulations, such as the EU Cyber Resilience Act (CRA), mandates security updates throughout a product’s entire lifecycle. CIP’s long-term maintenance approach, reproducible builds, and security artifacts will form a crucial part of the evidence required for regulatory auditing and certification.

Conclusion

Over the past ten years, CIP has successfully built the open-source foundation required by industrial systems. By enhancing sustainability through SLTS and ensuring industrial gradeness through real-time performance, we enable our members to deploy secure, reliable, and future-proof products.

As we look toward the next decade, one thing remains certain: for the civil infrastructure our civilization runs on, collaboration is the key to sustainable living.

Jun 25 2025

Civil Infrastructure Platform Mini Summit 2025

By Announcement, Blog, Events, In the News

We are pleased to announce that the Civil Infrastructure Platform (CIP) will once again hold the CIP Mini Summit (Open TSC Meeting) alongside Open Source Summit Europe 2025.

Event Details

  • Date: Thursday, August 28, 2025, 13:30–17:00 (Local Time)
  • Venue: RAI Amsterdam, Amsterdam, Netherlands
  • Registration Fee: $10 (select as an add-on when registering for Open Source Summit Europe)
  • Registration Page: CIP Mini Summit Registration

Join us to explore the latest achievements and future roadmap of the CIP Project. As cybersecurity resilience becomes increasingly crucial, CIP continues to play a pivotal role in supporting industrial-grade Linux for long-term stability and security, especially in the context of emerging regulations like the Cyber Resilience Act (CRA).

Agenda

1. Opening Session (13:30–13:40)
 A concise overview of the CIP project’s mission and strategic goals.

2. Working Group Updates and Future Directions

  • Kernel Team – CIP SLTS Kernel 6.12 Release and New Reference Board Support (13:40–14:20)
     Discover the groundbreaking advancements introduced in the latest CIP Super Long-Term Support (SLTS) Kernel 6.12, including support for new reference boards. Hear directly from the Kernel Team about key enhancements in performance, stability, and extended support tailored for industrial-grade systems.
  • CIP Core WG – Debian 13-Based Reference Environment (14:30–15:10)
     Gain insights into the release of the new Debian 13-based reference environment, which marks a significant milestone in strengthening CIP’s core components. Learn how this update enhances compatibility and long-term stability.
  • Security WG – Advancing IEC 62443-4-2 Compliance (15:10–15:50)
     Explore CIP’s ongoing efforts and successes in aligning with the rigorous IEC 62443-4-2 security standards. Learn about the practical implications of these security enhancements and how they empower industrial systems to meet evolving cybersecurity demands.
  • SW Update WG – TUF (The Update Framework) Integration (16:00–16:30)
     Learn about CIP’s progress in integrating TUF (The Update Framework) to enhance software update security and reliability. Discover how this approach ensures robust protection against software supply chain attacks.
  • CIP Testing WG – Ensuring Quality and Reliability (16:30–17:00)
     Understand the latest advancements in CIP’s comprehensive testing framework designed to ensure the highest standards of software quality and reliability. See how rigorous testing practices contribute directly to the dependability of CIP-supported infrastructure.

Cocktail Time

After the summit, we will host a Cocktail Time, providing an excellent opportunity to network with fellow attendees, exchange ideas, and discuss the future of CIP. Don’t miss this chance to connect!

How to Register

To attend the CIP Mini Summit, you must first register for Open Source Summit Europe 2025. Ensure you select “Civil Infrastructure Platform Mini Summit” during registration.

Visit the registration page for more details and to secure your spot.

The CIP Mini Summit is a unique opportunity for developers, engineers, and project stakeholders interested in industrial-grade Linux, long-term support strategies, and cybersecurity. We look forward to your participation!For reference, last year’s announcement is available here.

Jun 06 2024

CIP Mini Summit at ELC EU – Vienna

By Announcement, Events, In the News

CIP Mini Summit (Open TSC Meeting)

Join Us for the CIP Open TSC Meeting!

We are excited to invite you to the upcoming Civil Infrastructure Platform (CIP) Open Technical Steering Committee (TSC) Meeting. This event is an excellent opportunity for industry experts, contributors, and enthusiasts to come together, share insights, and discuss the future direction of CIP. Whether you are a seasoned participant or new to the community, your presence and input will be invaluable.

Date: 19th of September 

Time: 1:30pm – 5:00pm

Location: Austria Center Vienna, Room 0.96/0.97

Registration: To register follow the instructions on the Open Source Summit website.

The CIP project aims to establish a sustainable and secure software foundation for civil infrastructure and industrial systems. Join us to learn more about our latest achievements, ongoing work, and plans for the future. This is also effective in meeting cybersecurity requirements such as those in the recently significant EU Cyber Resilience Act (CRA).

Agenda

1. Introducing CIP in 10 minutes  (13:30-13:40, 10 minutes)

This introductory session will provide a concise overview of the CIP project. Yoshi will highlight the key goals, achievements, and the importance of the CIP project in creating a robust and secure software infrastructure for civil infrastructure and industrial applications. Attendees will gain a foundational understanding of what CIP is and why it matters.

2. WG Status Update and Future Plan

Each WG leader will present the current status, significant milestones achieved, challenges faced, and the roadmap for the future. Following these updates, we will engage in an in-depth discussion on these topics to further explore and address key issues and opportunities.

2.1 Kernel Team (13:40-14:20, 40 minutes)

The Kernel Team will discuss their efforts in maintaining and advancing the CIP kernel. This includes updates on long-term support kernels, security patches, and integration of new features. The team will also outline their future plans to ensure the CIP kernel remains stable and secure.

Break (14:20-14:30, 10 minutes)

2.2 CIP Core WG (14:30-15:10, 40 minutes)

The CIP Core Working Group will provide an update on the core components of the platform, including essential libraries and tools that form the CIP base layer. This session will cover recent releases, enhancements, and upcoming developments.

2.3 Security WG (15:10-15:50, 40 minutes)

The Security Working Group is focused on ensuring that the combination of long-term supported CIP kernels and CIP Core components comply with IEC 62443 standards. This session will cover their current activities aimed at enhancing the security posture of CIP by aligning with these internationally recognized cybersecurity standards for industrial automation and control systems. Future initiatives to achieve and maintain IEC 62443 compliance will also be discussed.

Break (15:50-16:00, 10 minutes)

2.4 SW Update WG (16:00-16:30, 30 minutes) 

This segment will focus on the software update mechanisms being developed within CIP. The team will talk about current capabilities, the importance of reliable and secure software updates in industrial systems, and future enhancements to the update process.

2.5 CIP Testing WG (16:30-17:00, 30 minutes)

The CIP Testing Working Group will present their latest advancements in testing frameworks designed to ensure the reliability and robustness of CIP components. The discussion will include automated testing strategies, new testing tools, and future testing plans.

3. Cocktail time (TBD)

— 

Please feel free to reach out if you have any questions or need further information. We look forward to your participation and a fruitful discussion at the CIP Open TSC Meeting!

Aug 11 2022

CIP Core supports Debian 11-based reference images

By Announcement, Blog, In the News

Author: Kazuhiro Hayashi,  CIP Core Team Chair, Toshiba

The Civil Infrastructure Platform (CIP) project has five Working Groups – Security, Kernel, Testing, Software Update and CIP Core. The CIP Core Working Group [1], which was launched in 2019, is responsible for developing, testing and maintaining tools to generate CIP Core reference file system images. We are excited to announce that the working group now supports Debian 11-based reference images. 

The CIP Core images consist of CIP kernel and Debian base systems and provide run-time environments that work with CIP reference hardware [2. ] This library of images is the foundation for CIP developers to enhance new features, test existing functions, and maintain them for the long-term. CIP users can evaluate the features with the reference images in relation to their use cases.

The isar-cip-core [3] now supports 5.10 based CIP kernel [4] and Debian 11 bullseye packages. Isar-cip-core is a set of extensions for isar (an image generation tool) to support CIP reference hardware and other features including, but not limited to, security and software updates. Debian 11 bullseye is currently the “stable” version and will be maintained by Debian project and the LTS project until June 2026. After June 2026, the Debian Extended LTS project will inherit its maintenance. The 5.10 CIP kernel is being maintained by the Linux kernel community as a long term release kernel until Dec. 2026. After this, CIP will maintain it until Jan 2031.

By supporting 5.10 CIP kernel + bullseye based CIP Core images, users can use the latest stable versions of CIP kernel and userland with all the CIP reference hardware[2], some of which are only supported by the 5.10 kernel. 

The CIP Security Working Group[5] is targeting version 5.10 CIP kernel and the bullseye based CIP image to achieve IEC-62443-4-x certification. The CIP Software Updates Working Group[6] is actively improving secure software update mechanisms by SWUpdate and secure boot and expanding devices where the features have been supported, with the latest version of CIP Core image as well as the previous.

The CIP Core Working Group plans to continue to introduce more useful features like above to the 5.10 kernel + bullseye based image and maintain them in cooperation with other working groups and related open source software communities. Contact us via the cip-dev mailing list for feedback, questions, or discussions.

[1] https://wiki.linuxfoundation.org/civilinfrastructureplatform/cip-core

[2] https://wiki.linuxfoundation.org/civilinfrastructureplatform/ciptesting/cipreferencehardware

[3] https://gitlab.com/cip-project/cip-core/isar-cip-core

[4] https://www.cip-project.org/blog/2020/12/02/cip-to-embark-on-kernel-5-10-development-for-slts

[5] https://wiki.linuxfoundation.org/civilinfrastructureplatform/cip-security

[6] https://wiki.linuxfoundation.org/civilinfrastructureplatform/cip-sw-updates

Apr 04 2022

CIP Expands Work on SLTS Kernel Maintenance

By Announcement, Blog, In the News

The Civil Infrastructure Platform project (cip-project.org) – released the first 5.10-based version of its super-long-term stable (SLTS) kernel. The 5.10-based release made official the third CIP kernel series available after 4.4-cip and 4.19-cip. It demonstrates how CIP remains committed to maintaining all SLTS versions for a minimum of 10 years after the original release.

With the recent discontinuation of the 4.4 LTS kernel by its maintainer Greg Kroah-Hartman, the CIP project now requires organized backports to one of its kernels for the first time, independently of the LTS project. The CIP kernel team already expanded its capacity last year and is well prepared to handle this task.

The CIP kernel developers will remain  involved in the review process of patches targeting related LTS kernels. CIP is actively engaged in enhancing the test infrastructure for the Linux Kernel, both through its work on the CIP SLTS Kernels and CIP’s participation in the KernelCI project.

About The Civil Infrastructure Platform (“CIP”)

The Civil Infrastructure Platform (“CIP”) is a collaborative, open source project hosted by the Linux Foundation. The CIP project is focused on establishing an open source “base layer” of industrial grade software to enable the use and implementation of software building blocks in civil infrastructure projects. Currently, civil infrastructure systems are built from the ground up, with little re-use of existing software building blocks.

The CIP project intends to create reusable building blocks that meet the safety, reliability and other requirements of industrial and civil infrastructure. By establishing this ‘base layer’, CIP aims to:

  • Speed up implementation of civil infrastructure systems;
  • Build upon existing open source foundations and expertise without reinventing non-domain specific technology;
  • Establish (de facto) standards by providing a base layer reference implementation;
  • Contribute to and influence upstream projects regarding industrial needs;
  • Motivate suppliers to actively support these platform / provide an implementation; 
  • Promote long term stability and maintainability of the base layer of code; and
  • Adopt the security standard IEC 62443

With respect to project governance, a Governing Board is responsible for financial matters while the Technical Steering Committee oversees the technical direction of the project.

For more information, please visit https://www.cip-project.org/

 

 

Aug 18 2021

VES LLC Joins CIP as a Silver Member

By Announcement, Blog, In the News

Leader in custom Government off the Shelf (GOTS) infrastructure solutions becomes the newest member of Civil Infrastructure Platform (CIP)

Today, the Civil Infrastructure Platform (CIP) welcomes VES LLC as its newest member. VES is a small business Headquartered out of Aberdeen Proving Ground, Maryland with a focus on solving the Department of Defense’s (DoD) hardest Software Systems Integration challenges. VES is joining CIP to further their development of custom Government off the Shelf (GOTS) infrastructure solutions, integrating Mission Command systems, and prototyping emerging technologies for use in the Army and Joint tactical architecture.

The Civil Infrastructure Platform strives to create an open source “base layer” of industrial-grade software to enable the use and implementation of software building blocks in civil infrastructure projects. Embedded systems are crucial to civil infrastructure, including within Army operating systems and across the DoD. Given VES’ area of expertise, and CIP’s mission to establish an open source “base layer” of industrial-grade software, there’s strong alignment with both CIP and VES.

“As CIP grows, it is exciting to bring in a broader array of organizations wishing to establish a Linux-based open source base layer for industrial-grade, civil infrastructure.” said Yoshitake Kobayashi, Technical Steering Committee Chair of CIP, “We are excited to have VES on board and welcome all future collaboration within the CIP community.” 

Matthew Vidovich
CEO, VES LLC

“We are very excited to join the CIP and become an integral member of an expansive network focused on open source solutions with other industry leaders.” said VES CEO, Matt Vidovich.  “Each member of our core VES leadership team brings over 17 years of open systems architecture experience across the Department of Defense, commercial, and international markets.  We look forward to expanding our relationships and impact with other stakeholders sharing the same purpose and passion on solving the toughest open source problems with enduring solutions.”

Brad Lilly, VES Chief Technology Officer (CTO) for Systems

Brad Lilly, VES Chief Technology Officer (CTO) for Systems, stated “As a segment leader in custom DoD Linux Distributions, VES is committed to the ongoing security and maintainability for our customer’s systems. CIP has given us a strong base to build on, and we are excited to begin contributing back to help ensure CIP’s long term success.” 

Established in 2014, VES has specialized expertise in building GOTS versions of embedded Linux for Army operating systems needs, and in developing and deploying the Army Mission Command Infrastructure architecture.

Interested in becoming a CIP member, learn more here. 

Mar 14 2019

Monoist: SLTS kernel supporting 64-bit version of Arm core and enabling sustainable social infrastructure use

By In the News

On February 25, 2019, the Civil Infrastructure Platform Project (CIP) announced that a long-term support edition (SLTS) kernel supporting software updates for more than 10 years will also support the 64-bit Arm Cortex architecture. The SLTS kernel can be used in many fields such as automation, machine learning, and AI (artificial intelligence), enabling sustainable use of social infrastructure systems.

Read more in Monoist. (Japanese publication)