Ayoub Zaki
Embedded System Engineer with 20 years of experience across various industries, I'm helping customers to design and develop secure and reliable embedded systems. Committed to deliver innovative and robust solutions that meet the highest standards of safety, security and performance:
Website : https://embetrix.com
LinkedIn : https://www.linkedin.com/in/ayoub-zaki-embetrix
Session
This talk presents meta-raspberrypi-secure, an open-source Yocto layer that turns a Raspberry Pi 4/5 into a production-grade security-hardened platform.
We walk through a defense-in-depth architecture built entirely with OpenEmbedded tooling covering secure boot with signed boot images, LUKS2 full-disk encryption with hardware-bound key derivation, IMA/EVM file integrity enforcement, dm-verity, kernel module signing, A/B atomic updates and kernel hardening options all with a single kas build command.