Our software management and build system e2factory has been optimized for industrial requirements. It supports the whole product life cycle management of embedded software components in a customer‘s product, in particular, but not exclusively, at the board support package level.
Unlike a distribution-based system development, the compilation of the needed software in e2factory follows a bottom-up approach in accordance with the product-specific requirements based on qualified mainline sources. e2factory provides a clear separation between build system, sources, modifications and build recipes.
e2factory is open source software and is available free of charge under the GPLv3.
The following features and additional benefits are essential for industrial use:
e2factory is easy to understand and to use. It offers a high level of transparency of the build process and the corresponding build results. The traceability of changes and the stringent version management simplify the life cycle management significantly.
- simple and transparent use
- low complexity with focused functionality
- extensive documentation (e2factory professional)
- multi-user capability through a client/server architecture
- packages, drivers and libraries from different sources can be used (e.g. upstream, Yocto, hardware manufacturer)
- transparent compilation of Linux board support packages (BSPs) with a low level of complexity
- easy integration of processor- and board-specific changes
- development of tool chains for external use with, for example, Eclipse
- integrated version management; any number of versions of a system can be managed in a project
- a valid traceability of all changes
- configurations are transparent and easy to adjust
e2factory supports the use of mainline sources and a bottom-up process for the compilation of Linux board support packages (BSPs). The reduced set of components has automatically a high level of transparency and a minimum of dependencies. Improvements from the community can be integrated quickly and at minimal expense.
- targeted, quality-assured compilation of a BSP without undesired patches, version conflicts, dependencies etc.
- set up for community-near working methods (mainline compliance)
- integration of components in accordance with the architectural requirements of the system design
- sources can be obtained directly upstream from the community (no distribution lock-in)
- packages, drivers and libraries from different sources (e.g. Yocto) can be used
- open source compliance: e2factory supports a reliable license management
- possibility to update through differential updates of individual packages
e2factory simplifies the standards-compliant development of Linux systems in accordance with, for example, IEC 62304, WELMEC and Common Criteria:
- e2factory is developed in a test suite of its own
- build computer and person independence through a separated, decentralized building process in containers
- automated generation of technical documents and approval documents which contain the information from the build process
- automated system integration in continuous integration systems for nightly builds and automated tests
- continuous traceability of requirements, build results and the corresponding documents (IEC62304)
- requirements (numbers) flow via meta-data into the build result and build ID (images and documents)
- automated creation of documents required for the standards such as a SOUP list and detailed design for IEC62304
- generation of package lists for comparison with the test protocols (see TAF) for determining the test coverage
- validatable integrity and reproducibility of all software versions and their documentation through a checksum test (hash tree) of all input parameters (sources, build scripts, configuration, build environment)
- a unique build ID for every build result (a root checksum of the corresponding hash tree)
The degree of process security and automation of build, integration and test processes (build and software management) of the system has a direct impact on personnel costs and the person independence of maintenance and support. Additional expenses and risks resulting from repeated adjustments, an often missing documentation and the high complexity of a distribution can be excluded.
- high level of transparency of the software and the build process
- efficient and reliable life cycle management with various software versions
- validatable integrity and reproducibility of all software versions and their documentation through a unique build ID
- auditable tracking and tracing of changes
- software package management on host and target (optional)
- build-computer and person independence of the build process
- patches and packages from upstream can be integrated without any limitations and without any delay (mainline compliance)
- packages, drivers, libraries from different sources (e.g. Yocto, hardware manufacturer) can be used
- an integration in CI systems is supported
- license changes can be maintained with minimal effort
- the system software is significantly more transparent and easier to test
Using sources from the community makes it possible to ensure a high IT security for network-integrated products. Security monitoring is only economically feasible after an inherent hardening of the BSP and with traceable documentation.
- fast integration of security patches and package updates from the upstream community
- inherent hardening of board support packages (BSP) through a bottom-up approach
- individual security patches can be integrated and rolled out trackable (complete traceability)
- auditable software change management and integrity checks of the system configuration
- possible dependencies in package updates can be traced and resolved immediately thanks to a transparent, reduced build
- security patches in the maintenance phase are reproducible and traceable
- e2factory makes an efficient security monitoring and patch management possible
The size and complexity of an embedded Linux BSP have a significant effect on the development and maintenance expenses. In addition, the applied development method (distribution-based or mainline-based system development) affects the nature and costs of maintenance strongly as well as the investment security. A low level of complexity and small size have a positive effect on the cost situation.
- build automation management with defined costs
- defined technical processes for an effective release and software change management
- cost-effective open source compliance through the provision of license information and an automated generation of component lists
- secure, distributed working at different sites (e2factory workbench) makes a synchronous use of scarce development capacities possible
- developers working in parallel (multi-user capability) makes a shorter time to market possible
- no distribution lock-in, no expenses due to undesired patches or version conflicts
- supports the cost-effective maintenance of product variants and families
- rapid response to hardware changes thanks to an efficient maintenance of multiple variants of a system on an identical code base (obsolescence management)
- functional extensions of the system at predictable costs through differential updates of individual components
- no uncontrollable expenses due to distribution upgrades
e2factory supports with a mainline and bottom-up approach a development that meets the open source compliance requirements. Information about the source, quality and precise designation as well as the version can be provided for software components in an industrial product. Included open source licenses can be documented and managed in a valid and traceable way, and are part of the unique build ID.
- development and maintenance of a reliable software supply chain
- availability of trustworthy compliance information
- bottom-up approach and minimized dependencies make a comprehensive license management possible
- original sources and make instructions included
- a signature by an authorized person for the build process is possible
- automated generation of a component lists (bill of material) for conformity and supplier’s declarations
- only qualified code is part of the system
- automated generation of license information (OSS Declaration) including an automated compilation of license texts in files
- complete traceability of all changes including licenses
- economical license management throughout the product life cycle
e2factory is an emlix brand and is continuously being maintained and developed by emlix. There are clear paradigms regarding reliability, backward compatibility and validation with a central reviewing. e2factory updates are being planned carefully, thoroughly tested (extensive test suite) and customized for every individual customer.
A reduced Yocto approach with the Yocto build system BitBake as well as the minimal distribution Poky Tiny could be an alternative, provided that the requirements for process security over the life cycle are less strict and there is a necessity to provide anonymous application developers a suitable development environment.