Our 3-day audit covers all critical parts of your embedded Linux system, including:
- π Hardening posture: exposed ports, services, kernel config, attack surface, secure boot support
- π System resource footprint: boot time, memory usage, disk layout, CPU idling
- π Update & Rollback: A/B partitioning, atomic updates, RAUC, SWUpdate, Mender, OSTree
- π§ Init system: systemd, BusyBox init, custom scripts β service dependencies, boot ordering, watchdogs
- ποΈ Partitioning & Filesystem: overlay strategies, writable rootfs, mount options, persistence model
- π οΈ Toolchain & Build system: Yocto, Buildroot, OpenWRT, Debian-based, or custom Makefile setups
- 𧬠SBOM & License Compliance: analysis of Software Bill of Materials (SBOM), with detailed inspection of open-source license types (GPLv2/v3, LGPL, MIT, BSD, Apache, etc.) and compatibility with proprietary or closed components
- π¦ Package sources & integrity: 3rd-party libraries, static linking, signed packages, patch tracking
- π Rollout mechanisms: factory flashing, first boot provisioning, in-field upgrades, fail-safety
- π§ͺ Automated Testing Environment: presence and coverage of unit tests, hardware-in-the-loop (HIL) tests, CI/CD integration for firmware builds
Applies to any embedded Linux setup: Yocto, Buildroot, OpenWRT, custom minimal stacks, Debian, Ubuntu, and hybrid environments.
