Open Source Summit + AI_dev Japan 2024: Full Schedule

October 28-29, 2024 | Tokyo, Japan
View More Details & Registration
Note: The schedule is subject to change.

The Sched app allows you to build your schedule but is not a substitute for your event registration. You must be registered for Open Source Summit + AI_dev Japan 2024 to participate in the sessions. If you have not registered but would like to join us, please go to the event registration page to purchase a registration.

This schedule is automatically displayed in Japan Standard Time (UTC +9). To see the schedule in your preferred timezone, please select from the drop-down located at the bottom of the menu to the right.

11:15 JST

Democratizing Diffusion Models with Diffusers - Sayak Paul, Hugging Face

Monday October 28, 2024 11:15 - 11:55 JST

Hall B (4)

The talk “Democratizing Diffusion Models with Diffusers” will explore the diverse applications of the open-source Python library Diffusers in the image and video generation space. The talk will showcase how Diffusers, based on diffusion models, enables fast and high-quality image and video generation, making it accessible to a wide range of users. The presentation will cover various use cases, including image inpainting, image editing, and scene composition, demonstrating the capabilities of Diffusers in enabling users to create and edit photo-realistic images with minimum effort. The audience will gain insights into the potential of Diffusers in revolutionizing the way images and videos are generated and edited, making it a must-attend session for anyone interested in the latest advancements in this field.

Speakers

Sayak Paul

Research Engineer, Hugging Face

Sayak works on diffuson models at Hugging Face, focusing on training them, maintaining the diffusers library, and leading some applied research efforts. Off the work, he likes to binge-watch ICML tutorials and Suits.

Monday October 28, 2024 11:15 - 11:55 JST
Hall B (4)

AI_dev

Audience Intermediate

11:15 JST

Safe Systems with Linux - Philipp Ahmann, Etas GmbH (BOSCH) & Kate Stewart, The Linux Foundation

Monday October 28, 2024 11:15 - 11:55 JST

Main Hall

As Linux is increasingly deployed in systems with varying criticality constraints, distro providers are expected to ensure that security fixes in their offerings do not introduce regressions for customer products that have safety considerations. The key question arises: How can they establish consistent linkage between code, tests, and the requirements that the code satisfies? And which open source tools and specifically for Linux exist to support traceability in order to comply with standards such as ASPICE, ISO26262 or ISO21434? This talk addresses critical challenges in requirements tracking, documentation, testing, and artifact sharing within the Linux kernel ecosystem. Functionality has historically been added to the kernel with requirements explained in the email justifications for adding, but not formalized as “requirements” in the kernel documentation. While tests are contributed for the code, the underlying requirement that the tests satisfies is likewise not documented in a consistent manner. This and further topics will be discussed. Additionally, the results from the "Safe Systems with Linux" micro conference at Linux plumbers will be summarized.

Speakers

Philipp Ahmann

Sr. OSS Community Manager, Etas GmbH (BOSCH)

Philipp Ahmann is a senior OSS community manager at Etas GmbH (BOSCH) specializing in safety and automotive grade open source software. He holds the position of technical steering committee chair for the Linux Foundation (LF) ELISA project to Enable Linux in Safety Applications and... Read More →

Kate Stewart

VP Dependable Embedded Systems, Linux Foundation

Kate Stewart works with the safety, security and license compliance communities to advance the adoption of best practices into embedded open source projects. Since joining The Linux Foundation, she has launched the ELISA and Zephyr Projects, as well as supporting other embedded projects... Read More →

Monday October 28, 2024 11:15 - 11:55 JST
Main Hall

Critical Software Summit

Audience Intermediate

11:15 JST

The Kernel Report - Jonathan Corbet, LWN.net

Monday October 28, 2024 11:15 - 11:55 JST

Hall A (4)

The Linux kernel is at the core of any Linux system; the performance and capabilities of the kernel will, in the end, place an upper bound on what the system as a whole can do. This talk will review recent events in the kernel development community, discuss the current state of the kernel and the challenges it faces, and look forward to how the kernel may address those challenges. Attendees of any technical ability should gain a better understanding of how the kernel got to its current state and what can be expected in the near future.

Speakers

Jonathan Corbet

Editor, LWN.net

Jonathan Corbet is the kernel documentation maintainer, co-founder of LWN.net (and the author of its Kernel Page), a member of the Linux Foundation's Technical Advisory Board, and the lead author of Linux Device Drivers, Third Edition. He lives in Boulder, Colorado, USA.

Monday October 28, 2024 11:15 - 11:55 JST
Hall A (4)

LinuxCon

Audience Intermediate

11:15 JST

Building an Active Developer Community to Strengthen Open Source Program Offices (OSPO) - Regina Nkenchor, IKEA

Monday October 28, 2024 11:15 - 11:55 JST

Hall A (2)

OSPO initiatives thrive on the strength and engagement of their developer communities. However, creating and sustaining a vibrant community poses its own set of challenges. The primary goal of this talk is to share the strategies employed by Ingka IKEA’s Open Source Program Office (OSPO) for nurturing a dynamic and engaged developer community while considering the challenges of fostering collaboration within the open source ecosystem. Developers in an open source community often come from varied backgrounds and possess different levels of understanding and experience with open source contributions. Additionally, developers within an organization have varied concerns around their primary work goals, and contributing to open source may not always be a priority. Therefore, what are the strategies that OSPO’s can implement to enhance the appeal of open-source initiatives and encourage participation and contributions? How do they retain and support contributors to ensure consistent engagement? In this talk, I will share strategies from Ingka IKEA’s OSPO for building an active developer community to strengthen OSPO initiatives, empowering contributors in open-source projects.

Speakers

Regina Nkenchor

Software and OSPO Ambassador IKEA IT AB, IKEA

Regina is an OSPO Ambassador at IKEA. Her role also involves collaborating with the OSPO team to shape strategies and initiatives for adopting open source tools, developer community growth, and participation. Additionally, she is a software engineer at IKEA. Previously, Regina served... Read More →

Monday October 28, 2024 11:15 - 11:55 JST
Hall A (2)

OSPOCon

Audience Intermediate

12:05 JST

Data Prep Kit: A Comprehensive Cloud-Native Toolkit for Scalable Data Preparation in GenAI App - Daiki Tsuzuku & Takuya Goto, IBM

Monday October 28, 2024 12:05 - 12:45 JST

Hall B (4)

Every conversation on AI starts with models and ends with data. Data preparation is emerging as a very important phase of the GenAI journey, as high quantity and quality text and code corpora for GenAI model training have shown to play a crucial role in producing high performing Large Language Models (LLMs). The data preparation phase in the Generative AI lifecycle aims to clean, filter, and transform the datasets of text and code that are acquired from various sources into a tokenized form that is suitable for the training of LLMs, be it pre-training, or constructing LLM apps via fine-tuning or instruct tuning. The latter poses unique challenges, as each use case may necessitate tailored data preparation approaches. Given the enduring and evolving demand for data preparation techniques in LLM applications, we are introducing Data Prep Kit as an open-source software asset. This endeavour is geared towards fostering collaborative efforts within the community, enabling collective development and utilization, and ultimately reducing time to value. DPK has been instrumental in powering the IBM open-source Granite models.

Speakers

Takuya Goto

Software Engineer, IBM

Takuya is a software engineer at IBM where he works on software product development, and open-source development. Takuya specializes in NLP, ML, and text-based data processing. In his free time, Takuya likes running, and traveling with my wife and son.

Daiki Tsuzuku

Software Developer, IBM

I have been working in IBM as a software developer for about 7 years. I have been the backend developer, and sometimes frontend developer, of Watson Explorer, Watson Discovery, and watsonx Orchestrate. My field is to develop the application of processing a wide variety and large volume... Read More →

Monday October 28, 2024 12:05 - 12:45 JST
Hall B (4)

AI_dev

Audience Intermediate

12:05 JST

Unlocking Agility with Open Source: A Guide for Modern Businesses - Younes Hairej, Aokumo Inc.

Monday October 28, 2024 12:05 - 12:45 JST

Hall A (1)

For modern businesses navigating today's dynamic tech environment, open source is more than just a platform – it's a game-changer. This session dives deep into the transformative power of open-source software as a key driver of business agility and innovation. Real-world stories from the world of FinTech will showcase how open source empowers Japanese organizations to adapt swiftly to evolving markets and technological advancements. We'll address a common pain point: security concerns during open-source adoption and explore effective strategies to mitigate them. Beyond the technology itself, this session explores the cultural shift required to thrive in an open-source ecosystem. We'll highlight the unique collaborative spirit and community aspects within the Japanese business landscape, empowering you to leverage open source effectively.

Speakers

Younes Hairej

Founder & CEO, Aokumo Inc.

Younes is a senior technologist and business leader with over 10 years of experience in cloud and open source technologies. He is the founder and CEO of Aokumo Inc., a cloud infrastructure company. He is a trusted technology advisor and has won awards for his work, including the FX-Markets... Read More →

Monday October 28, 2024 12:05 - 12:45 JST
Hall A (1)

Open Source Leadership Summit

Audience Intermediate

14:00 JST

Unlocking the Power of OpenTelemetry: Enhancing Design, Development, and Testing - Takaya Ide & Yasuo Nakashima, Hitachi, Ltd.

Monday October 28, 2024 14:00 - 14:40 JST

Hall A (3)

Developers often face the complex challenges of designing, debugging, and testing distributed systems like microservices. Understanding failures, identifying performance issues, and ensuring system reliability from the early stages of design and development can be daunting. Observability technologies provide valuable insights not just in production but also during design and development. In this session, we will explore OpenTelemetry, a cutting-edge observability framework, and its practical applications in the design, debugging, and testing of distributed systems. Key topics include: - Assessing the impact of incorporating a cache server on system behavior during the design phase. - Evaluating how database failures affect both backend and frontend applications during fault testing. - Detecting performance bottlenecks for specific requests during load testing. Participants will gain a clear understanding of how OpenTelemetry can revolutionize their debugging and testing processes, leading to more effective experiments and increased reliability in their distributed systems.

Speakers

Yasuo Nakashima

Researcher, Hitachi, Ltd.

Researcher, Digital Services Platform Innovation Center.

Takaya Ide

Senior Researcher, Hitachi, Ltd.

Takaya is a Senior Researcher in Service Computing at Hitachi, Ltd. With a passion for Cloud Native, DevSecOps, and open-source contributions, he has been instrumental in designing architectures and implementing monitoring and security within the company.

Monday October 28, 2024 14:00 - 14:40 JST
Hall A (3)

CloudOpen

Audience Intermediate

14:00 JST

Enhancing Cyber Resilience and Sustainability in Critical Infrastructure with CIP and IEC-62443-4 - Yoshitake Kobayashi, Civil Infrastructure Platform & Dinesh Kumar, Toshiba Software India

Monday October 28, 2024 14:00 - 14:40 JST

Main Hall

Linux is the foundational infrastructure for mission-critical systems across sectors like energy, transportation, and healthcare. These systems must operate reliably for decades while adapting to evolving Smart City and IoT landscapes. Interconnectivity brings challenges in managing vulnerabilities and upgrades, requiring adherence to standards and maintaining system integrity.

The Civil Infrastructure Platform (CIP) project addresses these challenges by providing an Industrial Grade Linux platform for robust, secure, and sustainable operations. Over 7 years, CIP has demonstrated a commitment to meeting current needs and addressing future threats.

This presentation will explore CIP's pivotal role in strengthening cyber resilience and enhancing system reliability. It will also delve into the CIP Security Working Group's efforts to align the platform with the IEC 62443 standard for industrial control system security.

The key topics covered will include ensuring IEC-62443-4-x compliance, bridging gaps for updates and long-term support, traceability between code, tests, and requirements for standards compliance. The presentation will also discuss CIP's role in building sustainable and cyber-resilient critical infrastructure, integrating security throughout the CIP ecosystem using the IEC 62443 framework, and the benefits of this alignment for improved risk management and threat mitigation.

Attendees will gain insights on how CIP can help build future-ready, cyber-resilient systems

Speakers

Yoshitake Kobayashi

TSC Chair, Civil Infrastructure Platform (Toshiba)

Yoshitake Kobayashi is the Technical Steering Committee Chair for the Civil Infrastructure Platform Project, hosted by The Linux Foundation. He is actively working to leverage open-source software for a secure and sustainable society. Additionally, he leads a software R&D department... Read More →

Dinesh Kumar

Engineering Manager, Toshiba Software India pvt Ltd

Experienced, in developing Embedded linux software , Secure boot, Debian packages, board support packages, development of Android Application & Framework. My research interest includes embedded linux, Linux kernel security, cybersecurity and Cloud technologies. Currently working for... Read More →

Monday October 28, 2024 14:00 - 14:40 JST
Main Hall

Critical Software Summit

Audience Intermediate

14:50 JST

Unlocking Local LLMs with Quantization - Marc Sun, Hugging Face

Monday October 28, 2024 14:50 - 15:30 JST

Hall B (4)

This talk will share the story of quantization, its rise in popularity, and its current status in the open-source community. We'll begin by reviewing key quantization papers, such as QLoRA by Tim Dettmers and GPTQ by Elias Frantar. Next, we'll demonstrate how quantization can be applied at various stages of model development, including pre-training, fine-tuning, and inference. Specifically, we'll share our experience in pre-training a 1.58-bit model, show how fine-tuning is achievable using PEFT + QLoRA, and discuss optimizing inference performance with torch.compile or custom kernels. Finally, we'll highlight efforts within the community to make quantized models more accessible, including how transformers incorporate state-of-the-art quantization schemes and how to run GGUF models from llama.cpp.

Speakers

Marc Sun

Machine Learning Engineer, HuggingFace

Marc is a ML Engineer working on the Open Source team at Hugging Face and he collaborates with researchers and developers to add new exciting features in the HF ecosystem and have contributed to various libraries in the HF ecosystem (transformers, accelerate, PEFT). Marc is also deeply... Read More →

Monday October 28, 2024 14:50 - 15:30 JST
Hall B (4)

AI_dev

Audience Intermediate

14:50 JST

Exploring CXL Memory: Configuration and Emulation - Yasunori Goto, Fsas Technologies Inc.

Monday October 28, 2024 14:50 - 15:30 JST

Hall A (4)

CXL memory offers the promise of increased memory capacity, which addressing the limitations of conventional DDR DRAM, and also features a memory pool that allows users to dynamically adjust memory allocation based on workload needs. The Linux community has been rapidly developing many CXL features. Additionally, users can try a CXL memory environment with QEMU emulation without actual CXL hardware. This allows users to experiment with CXL memory features in an emulated environment. However, there are some difficulties and considerations when using CXL memory. For example, you cannot use CXL (2.0 or later) memory devices without configuring them using the "cxl create-region" command. Moreover, if you want to utilize memory interleave to achieve optimal performance, you need to understand the hardware topology, including the CXL switch, and reconfigure the region for CXL volatile memory at every boot time. While development is ongoing, these features may be improved in the future. However, there are still many difficulties for users at present. This talk will cover how to use CXL memory and its emulation.

Speakers

Yasunori Goto

Senior Software Engineer, Fujitsu Ltd.

Yasunori Goto has been working for the Linux kernel since 2002 and currently leads a Linux kernel development team at Fujitsu. He has much experience in Linux kernel development and difficult kernel troubles for end-users. In recent years, he has taken an interest in Compute Express... Read More →

Monday October 28, 2024 14:50 - 15:30 JST
Hall A (4)

LinuxCon

Audience Intermediate

14:50 JST

Best Practices for Reducing Patent Risk to OSS Projects - Keith Bergelt, Open Invention Network

Monday October 28, 2024 14:50 - 15:30 JST

Main Hall

At Open Source Summit Japan, within the Operation Management Summit, Keith Bergelt, CEO of Open Invention network, will address ways to mitigate risk to open source projects, developers and distributors. Few developers or businesses will show interest in contributing to an open source project if it doesn't address potential bugs, security issues, or feature additions to its repository. This is well understood by the OSS community and spurred its growth into new technological areas such as AI/ML, FinTech and Automotive, among many others. However, many of today’s most popular open source licenses do not adequately address patent risk for open source projects. As patent risk is a challenge that must be addressed, this presentation will discuss the key tenets around patent non-aggression in open source, key patent-related risks, and the best practices that open source projects and their management should consider moving forward to “address the issue.” . Key Takeaways: - An understanding of the patent threat matrix to open source projects - Ways patent litigation risks are rising & ways to reduce these risks - Best practice solutions for management to mitigate these challenges

Speakers

Keith Bergelt

CEO, Open Invention Network

Keith Bergelt is the CEO of Open Invention Network (OIN), the only institution focused on mitigating patent risk in open source software. Funded by Google, IBM, NEC, Philips, Sony, SUSE, and Toyota, OIN has nearly 4,000 community members. In his capacity as CEO, he is directly responsible... Read More →

Monday October 28, 2024 14:50 - 15:30 JST
Main Hall

Operations Management Summit

Audience Intermediate

14:50 JST

Middle-Platform Empowerment: Growing and Sustaining Open Source Projects at Ant Group - Xiaoya Xia & Peggy Dong, Ant Group

Monday October 28, 2024 14:50 - 15:30 JST

Hall A (2)

This session introduces Ant Group OSPO's approach to growing and sustaining open source projects through governance and tooling services. We employ systematic strategies to discover and nurture open source talent, providing comprehensive lifecycle support from project initiation to incubation and maturation. These governance practices ensure that projects are well-managed, leading to sustainable development and long-term success.On the other hand, we leverage digital and tooling-based open source infrastructure to create dynamic ecosystems. This includes digital growth dashboards that offer relational insights and analytics, as well as contribution incentive mechanisms that promote deeper community engagement. Join us to uncover: 1. How our governance service foundation lays the groundwork for robust open source project development. 2. Strategies for effective talent cultivation and project lifecycle management. 3. The utilization of digital tools to track and foster project growth. 4. Mechanisms to encourage and reward community contributions, driving active participation.

Speakers

Xiaoya Xia

Open source program analyst, Ant Group

Xiaoya Xia is a member of the Ant Group OSPO, where she focuses on catalyzing open source success through data-driven insights. Before joining Ant Group, Xiaoya was a PhD at East China Normal University (ECNU), where she concentrated on research into open source ecosystem sustain... Read More →

Peggy Dong

Open Source Governance Expert, Ant Group

I believe Open source represents a force for good. Being attracted by the concepts of open source, collaboration and sharing, I joined Ant Open Source OSPO early last year. Before this, I was mainly engaged in strategic planning, hoping to bring a different perspective to open source... Read More →

Monday October 28, 2024 14:50 - 15:30 JST
Hall A (2)

OSPOCon

Audience Intermediate

15:40 JST

From Design to Launch: Implementing AI Governance at Scale - Nathália Kuromiya & Martin Winkler, Google

Monday October 28, 2024 15:40 - 16:20 JST

Hall B (4)

What does it take to design, implement, and roll out a comprehensive AI governance program? What challenges and opportunities do companies encounter when scaling AI governance across diverse products and AI applications, and how can AI governance programs be designed to stay agile in a dynamic technological and regulatory environment? Insights on scaling AI governance programs progressively across multiple jurisdictions while keeping them agile in a dynamic technological and regulatory landscape. Practical learnings, effective solutions and challenges to watch out for. Topics discussed: - What are the building blocks of your company’s AI Governance program? - What challenges did we face when building an AI Governance program? - The AI Governance landscape is evolving rapidly – both through technical innovation and regulatory advances. How to keep an agile approach to AI governance? - What kinds of risks are front and center when you’re building an AI Governance program? What kinds of opportunities?

Speakers

Martin Winkler

Software Engineer, Google

Martin Winkler is a Software Engineer at Google as part of the Privacy, Safety and Security team. He works as a lead for privacy and governance tooling and tackled cross-company privacy challenges to ensure the safety of users and their data. Additionally, he is establishing company... Read More →

Nathália Kuromiya

Software Engineer, Google

Nathália Harumi Kuromiya is a Software Engineer at Google as part of the Privacy, Safety and Security team. She works as a lead for privacy and governance tooling and had a privacy reviewer role. For the past year, she's been working on AI safety space as one of the technical contributors... Read More →

Monday October 28, 2024 15:40 - 16:20 JST
Hall B (4)

AI_dev

Audience Intermediate

15:40 JST

eBPF-Powered Observability for Sustainable Computing - Paras Mamgain, Anmol Krishan Sachdeva, Samrat Priyadarshi & Miki Katsuragi, Google

Monday October 28, 2024 15:40 - 16:20 JST

Hall A (3)

With the advancements in the fields of Applied AI/ML, computational power, FinOps practices, and cloud services, organizations are increasingly building and deploying AI/ML workloads on Kubernetes. Cloud Computing gives the impression that the underlying resources (like Virtual Machines, CPU, RAM, Storage, etc.) are infinite, and hence many individuals don’t focus on the count of machines and resources when training their AI/ML models and proceed with training fairly large models with millions and billions of parameters. The energy-intensive nature of model training and iterations, coupled with the growing scale of AI/ML deployments, is contributing to a considerable environmental impact in the form of Carbon Emissions.

This talk introduces some key open-source cloud agnostic tools and techniques to build eBPF-powered observability solutions for practicing Sustainable Computing. By analyzing and tuning performance and energy metrics from Kubernetes resources like Pods and Nodes, AI/ML Practitioners and Platform Engineers can optimize workloads, reduce energy consumption, lower costs, and minimize environmental impact while maintaining performance.

Speakers

Miki Katsuragi

AI Consultant, Google Cloud

Miki is an AI Consultant at Google with a background in Data Analysis and Machine Learning. She has experience working at a database vendor, and currently develops cloud-based ML services and implements data analysis solutions. She is also a co-author of "Scalable Data Science" published... Read More →

Paras Mamgain

Software Engineer, Google

I am a passionate programmer and a backend developer with a special taste for information retrieval and using new ideas to collaborate with team members to solve existing challenges and attempting to convert them to Intellectual property.Currently, as a Software Engineer my work is... Read More →

Anmol Krishan Sachdeva

Hybrid Cloud Architect, Google

Anmol is an International Tech Speaker, a Distinguished Guest Lecturer, an active conference organizer, and has published several notable papers. He works at Google and focuses on Emerging Technologies. Anmol has years of rich experience in handling and configuring large-scale K8s... Read More →

Samrat Priyadarshi

Cloud Engineer, Google

Samrat is a Cloud Engineer at Google with 8 years of experience in Cloud Computing focussing mainly on Kubernetes and related landscapes. He has given several talks in Google Developers Group, Google DevFest.

Monday October 28, 2024 15:40 - 16:20 JST
Hall A (3)

CloudOpen

Audience Intermediate

15:40 JST

OS Sustainability in Japan: Open Collaboration Model to Spin up the OSS 3P Cycle - Yuichi Nakamura & Ayumi Watanabe, Hitachi; Shingo Fujimoto, Fujitsu; Masato Endo, Toyota; Munehiro Ikeda, Cybertrust Japan; Moderated by Nori Fukuyasu, The Linux Foundation

Monday October 28, 2024 15:40 - 16:20 JST

Main Hall

To sustain the OS industry, we must assess the efficiency of the open source 3P cycle (Projects, Products, and Profits). Companies build products using open source software and generate revenue. This should incentivize them to reinvest in open source communities, thereby creating better products and increasing profits. However, the 3P cycle is not functioning smoothly. While companies utilize open source technologies, they often do so without collaborating with the community. This lack of interaction reduces their interest in reinvesting in the open source ecosystem. This issue significantly impacts the Japanese industry. Companies miss opportunities to leverage cutting-edge technologies and remain less inclined to invest in talent development within and outside their organizations. The resulting talent shortage poses a serious sustainability challenge for the industry. In this session, LF Japan evangelists will discuss this topic from their respective areas of expertise, including cloud, blockchain, security, compliance, and OSPO. Attendees will learn about the latest trends in open source and business and engage in discussions on how to enhance the 3P cycle in Japan.

Speakers

Yuichi Nakamura

Chief OSS Strategist, Hitachi

Yuichi Nakamura,Ph.D has been engaged with OSS over 20 years, contributed SELinux, gave presentations in many OSS events such as Linux Security Summit, Embedded Linux Conference and KubeCon. He also launched ecosystem of business and OSS contribution model based on Keycloak in Hitachi,Ltd... Read More →

Ayumi Watanabe

SBOM Evangelist, Hitachi Solutions, Ltd.

Ayumi Watanabe is a Senior OSS Specialist of Hitachi Solutions, Ltd.. She is also a core member of OpenChain Japan and known as a SBOM evangelist appointed by the Linux Foundation Japan. Her strong point is a knowledge of many tools for SBOM generation and management, a wide range... Read More →

Shingo Fujimoto

Senior Research Director, Fujitsu

Shingo Fujimoto leads the development of various blockchain technologies in Fujitsu, based on his broad knowledge in the field of internet security and protocol design. He is also involved in several blockchain PoC projects with innovative customers. Shingo is a maintainer of Hyperledger... Read More →

Masato Endo

Manager of OSPO, Toyota Motor Corporation

Masato Endo is a Group Manager of TOYOTA. He focuses also on building the Open Source governance structure within Toyota and developing relationships with the Open Source community, through projects such as AGL and OIN. From 2017, he began to work with the OpenChain Project as a board... Read More →

Munehiro Ikeda

Lead Architect, Cybertrust Japan Co., Ltd.

Ikeda Munehiro is a key engineer in the IoT Technology Division at Cybertrust Japan, working on leading-edge technologies and contributing to the Open Source Security Foundations(OpenSSF) activities on OSS security and supply chain.

Nori Fukuyasu

VP of Japan Operations, The Linux Foundation

VP of Japan Operations at Linux Foundation.

Monday October 28, 2024 15:40 - 16:20 JST
Main Hall

Operations Management Summit

Audience Intermediate

15:45 JST

Recent TPM Security Enhancements to the Linux Kernel - James Bottomley, Microsoft

Monday October 28, 2024 15:45 - 16:25 JST

Hall A (4)

Recent security updates to Linux, such as the new Systemd Unified Kernel Image[1] rely on the discrete or firmware integrated TPM (Trusted Platform Module) to verify boot and release secrets securely. However, there are many known attacks against the TPM chip itself. We will discuss the newly upstreamed Linux Kernel TPM security patches[2], which not only provide a basis for securely communicating with the TPM but also provide a novel defences against a wide variety of TPM based attacks by using a unique (to Linux) null key scheme. This talk will cover what TPM based attacks are (including interposer attacks), how the Trusted Computing Group expects you to tell you're talking to a real TPM and how you can communicate with it securely and use its policy statements to govern key use and release. We will then move on to how the new Linux Kernel patches extend this and can be leveraged to validate the TPM on every boot and continually monitoring it for any TPM interposer substitutions in real time. [1] https://github.com/uapi-group/specifications/blob/main/specs/unified_kernel_image.md [2] https://lore.kernel.org/all/20240429202811.13643-1-James.Bottomley@HansenPartnership.com/

Speakers

James Bottomley

Partner Architect, Microsoft

James Bottomley is a Partner Architect at Microsoft working on Linux. He is also Linux Kernel maintainer of the SCSI subsystem. He started at AT&T Bell labs to work on Lock Manager technology for clustering. In 2000 he helped found SteelEye Technology to bring HA to Linux, becoming... Read More →

Monday October 28, 2024 15:45 - 16:25 JST
Hall A (4)

LinuxCon

Audience Intermediate

16:40 JST

Leveraging Zephyr and ML to Bring Smart Devices to Market, Faster - Kate Stewart, The Linux Foundation

Monday October 28, 2024 16:40 - 17:20 JST

Hall B (4)

End point devices are resource constrained, either in terms of power, memory or communication capabilities - sometimes all three. However, being able to apply machine learning on these end point devices is possible and when applied strategically enables system wide efficiencies to be realized. This talk will explore the requirements and tradeoffs for such system to be considered when using the Zephyr RTOS and Tensorflow Lite for Embedded Microcontrollers projects.

Speakers

Kate Stewart

VP Dependable Embedded Systems, Linux Foundation

Monday October 28, 2024 16:40 - 17:20 JST
Hall B (4)

AI_dev

Audience Intermediate

16:40 JST

Secure and Efficient Data Sharing with Federated Cloud Storage - Masataka Mizukoshi, NTT

Monday October 28, 2024 16:40 - 17:20 JST

Hall A (3)

As the importance of data utilization for AI grows, enterprises aim to securely exchange data with their customers and leverage external data.Many services and open-source software related to data sharing and governance have attracted attention and extensive research and development, such as Snowflake Marketplace and Databricks Delta Sharing, among others. However, sharing data between different companies presents numerous challenges in terms of data security and efficiency, including efficient access to geographically dispersed data and access control for data managed by multiple organizations. To address these challenges, we have developed virtual data lake system that achieves efficient and secure data sharing using federated cloud storage. In this approach, virtual data integration is performed by collecting and managing only metadata without collecting the original data. In this session, we’ll take a look at how to build a safe and efficent data lake system by using existing OSS for data governance and data federation tools, such as LinkedIn DataHub and Alluxio ..etc.

Speakers

Masataka Mizukoshi

Reseacher, NTT

I am a researcher at NTT Labs, focusing on developing a data platform using a variety of open-source software. Previously, I conducted research in distributed computing related to Hadoop/Spark. I have spoken at international conferences such as IEEE Congress on Evolutionary Computation... Read More →

Monday October 28, 2024 16:40 - 17:20 JST
Hall A (3)

CloudOpen

Audience Intermediate

16:40 JST

Improving Bpftrace Reliability - Daniel Xu, Meta

Monday October 28, 2024 16:40 - 17:20 JST

Hall A (4)

bpftrace is a popular and powerful dynamic tracer for Linux systems. In the vast majority of uses cases, bpftrace does its job quickly, efficiently, and accurately. However with the rapid growth of users, use cases, and features, the bpftrace community has started to feel (technical) growing pains. In particular, we've started to uncover various reliability issues. In this talk, we will cover what is already done as well as what is currently broken and how we will systematically fix and prevent these issues from re-occuring. Because bpftrace sits at the intersection of operating systems, compilers, and observability, we have the fortunate advantage of being able to absorb techniques and tricks from these fairly different disciplines. We hope that some of the knowledge we share will be both interesting as well practical to attendees. Audience participation is highly welcome. In particular, we are quite interested in receiving feedback in the form of bug reports, feature requests, complaints, etc.

Speakers

Daniel Xu

Software Engineer, Meta

I mostly work in the eBPF / kernel networking space these days. I contribute to and help maintain bpftrace along with other bits and pieces of software in the Linux world.

Monday October 28, 2024 16:40 - 17:20 JST
Hall A (4)

LinuxCon

Audience Intermediate

16:40 JST

Enhancing Open Source Collaboration: From Incentive Programs to Data-Driven Contribution Metrics - Xiaoya Xia, Ant Group

Monday October 28, 2024 16:40 - 17:20 JST

Hall A (1)

In this session, we will explore, analyze, and compare various existing models of incentivizing open source developers and the effectiveness of these models in promoting sustained contributions. We will cover different types of incentive programs such as: 1. Project-Based Internships: Programs like Google Summer of Code (GSoC), Open Source Promotion Plan (OSPP), and Outreachy. 2. Bounty Models: Platforms like IssueHunt and IssueBounty. 3. Direct Funding Models: Initiatives like GitHub Sponsors and Open Collective. Based on this foundation, this session will introduce a series of validated practices from various open source projects, corporate environments, and academic communities. These practices leverage an algorithm that precisely measures developer contributions within the community through collaborative behaviors. The contributions are quantified and scored, and the results are used to reward developers, thereby promoting better open source collaboration and community engagement. We call this measurement methodology Openrank.

Speakers

Xiaoya Xia

Open source program analyst, Ant Group

Monday October 28, 2024 16:40 - 17:20 JST
Hall A (1)

Open Source Leadership Summit

Audience Intermediate

16:40 JST

A Practical Guide to Using International Standards for Open Source Procurement - Shane Coughlan, OpenChain Project

Monday October 28, 2024 16:40 - 17:20 JST

Main Hall

International standards addressing specific challenges around open source provide organizations significant opportunities for increasing efficiency and reducing risk. This talk will explain practical ways for procurement departments to use these standards to benefit product teams, IP departments, legal departments or OSPOs supporting corporate policy. The focus will be on ISO/IEC 5230 (license compliance), ISO/IEC 18974 (security assurance) and ISO/IEC 5962 (SBOM), all mature standards maintained by Linux Foundation Projects. The audience of this talk will be equipped to immediately improve their supply chain management as either customers or suppliers in any industry sector.

Speakers

Shane Coughlan

General Manager, OpenChain Project

Shane Coughlan is an expert in communication, security and business development. His professional accomplishments include spearheading the licensing team that elevated OIN into the largest patent non-aggression community in history and establishing the first global network for open... Read More →

Monday October 28, 2024 16:40 - 17:20 JST
Main Hall

Operations Management Summit

Audience Intermediate

17:30 JST

GPU Distributed Caching for PyTorch Leveraging NVMe, GDS, and RDMA - Hope Wang, Alluxio

Monday October 28, 2024 17:30 - 18:10 JST

Hall B (4)

As GPUs become increasingly powerful, the separation between compute and storage often results in underutilized GPUs waiting for data. Meanwhile, high-performance components on GPU machines, such as NVMe storage and fast networks leveraging InfiniBand or special NICs, remain idle. Effectively leveraging these hardware resources to address GPU underutilization is a critical challenge. In this talk, we introduce a Kubernetes-native distributed caching layer that leverages NVMe disks and fast networks to optimize PyTorch training data access. Utilizing stateless workers for scalability and ETCD for membership services, this caching layer efficiently manages and serves data. Cached data is rapidly and efficiently fed into GPU memory using NVIDIA's DALI data loader, GPUDirect Storage (GDS), and Remote Direct Memory Access (RDMA), significantly reducing data transfer bottlenecks and improving overall training performance.

Speakers

Hope Wang

Developer Advocate, Alluxio

Hope Wang is a Presto Contributor and a Developer Advocate at Alluxio. She has a decade of experience in Data, AI, and Cloud. An open-source contributor to PrestoDB, Trino, and Alluxio, she currently works at Alluxio as a developer advocate and previously worked in venture capital... Read More →

Monday October 28, 2024 17:30 - 18:10 JST
Hall B (4)

AI_dev

Audience Intermediate

17:30 JST

Bug Hunting in Distributed Systems: Using Robustness Tests to Test Your Code Better - Chun-Hung Tseng, Swisscom & Arka Saha, Broadcom

Monday October 28, 2024 17:30 - 18:10 JST

Hall A (3)

Traditional testing methods like unit and integration tests are great for functional validation in isolation, but are they enough for distributed systems? Distributed systems need to deal with real-world failures such as network issues, hardware errors, and race conditions. One of the proven ways to test these systems is to inject failures during testing and see if the system still works as expected. This is called robustness testing, where you run the system like it would be used in real life. Jespen is one of the first frameworks to test distributed systems by simulating such real-world scenarios and validating the operational history. Inspired by Jespen, etcd, the backbone of Kubernetes, built its own testing framework. This framework is written in Golang and for Golang projects, allowing even more failure types on the fly and verifying if the data stays consistent using Porcupine. As etcd contributors, we will share our challenges in writing tests to force failure via gofail and our journey of developing, leveraging, and debugging issues caught by this ever-evolving framework, so that you can apply the findings to your projects with minimal tweaks.

Speakers

Arka Saha

Software Engineer, Broadcom

Arka Saha, a Broadcom Software Engineer, leads Kubernetes releases & maintenance for Tanzu Extended Support. He manages VMware by Broadcom's Prow infrastructure, ensuring long-term support for k8s, etcd, containers, Golang & related components. Previously he managed Red Hat OpenShift... Read More →

Chun-Hung Tseng

DevOps Engineer, Swisscom

Henry is a CK* certified DevOps Engineer who works in a team building the cloud-native 5G core at Swisscom. He brings a rich background from his prior experience as a software engineer. His passion for automation and problem-solving leads him to contribute to open-source projects... Read More →

Monday October 28, 2024 17:30 - 18:10 JST
Hall A (3)

CloudOpen

Audience Intermediate

17:30 JST

SBOM Implementation Reality: From Crawl to Walk - SPDX Lite Profile for the First Step - Norio Kobota, Sony Group Corporation & Takashi Ninjouji, Toshiba Corporation

Monday October 28, 2024 17:30 - 18:10 JST

Main Hall

This session will introduce the SPDX Lite profile, its background, and what and how it solves with many JSON examples. The Lite profile of SPDX 3.0 is designed to make it quick and easy to start creating a Software Bill of Materials (SBOMs) when a company has limited capacity for introducing new items into its process. Over the past few years, the importance of SBOM has increased. As interest in SBOM from government agencies and industries grows, the SBOM specification extends significantly to meet these various needs. SPDX Lite is a lightweight and compact SBOM specification. The OpenChain Project Japan WG explores and promotes SBOM. The focus is on making the SBOM practical from security assurance and license compliance perspectives and on sharing and transferring SBOM across the global software supply chain in any industry. SPDX Lite is one of the achievements of collaboration between the OpenChain project and the SPDX project. Attendees in this session will learn the first steps to creating an SBOM using the Lite profile of SPDX 3.0 by several examples of SBOM documents that address regulations and requirements.

Speakers

Norio Kobota

Senior Open Source Strategist, Sony Group Corporation

Norio Kobota is a Senior Open Source Strategist in Sony Group Corporation. He is the chair of Open Source Software License Committee in Sony and works to improve OSS compliance and relationships with OSS communities. He represents Sony as a board member of OpenChain Project. And he... Read More →

Takashi Ninjouji

Chief Specialist, Toshiba Corporation

Takashi Ninjouji, Chief Specialist at Toshiba Corporation, works on open source, open standards, and compliance and was the first head of OSPO. He is strongly attracted to open source to collaborate with diverse communities. He is a member of the OpenChain Project's governing board... Read More →

Monday October 28, 2024 17:30 - 18:10 JST
Main Hall

Operations Management Summit

Audience Intermediate

11:10 JST

Desktop Linux War Stories - Anna Aitchison, Callcare

Tuesday October 29, 2024 11:10 - 11:50 JST

Hall A (4)

Linux is incredibly versatile, being a major player in server, mobile and embedded systems, yet your average person can comfortably live their entire life never even seeing a desktop or laptop running Linux. It's hard enough for individual users to overcome this intertia, but it's even harder for organisations. Implementing desktop Linux reaps rewards like digital sovereignty, security, cost reductions and more, but it takes you out of the cozy Windows ecosystem. This talk is an high level overview of what a corporate journey to desktop Linux can look like, the problems that have to be solved along the way, from provisioning to configuration management and most importantly why these migrations fail. It will draw on the speaker's experiences of managing a Linux Desktop estate, and from the wider community.

Speakers

Anna Aitchison

Senior DevOps Engineer, Callcare

Anna is a Senior DevOps Engineer at the British callcentre outsourcer Callcare, working with their Kubernetes private cloud and Linux infra as well as supporting their introduction of AWS into the estate. She is an experienced and passionate speaker, having given 15+ talks, at events... Read More →

Tuesday October 29, 2024 11:10 - 11:50 JST
Hall A (4)

LinuxCon

Audience Intermediate

12:00 JST

Exploring Pillars of Trustworthy AI: Robustness and Fairness - Niharika Shrivastava, Workforce Optimizer

Tuesday October 29, 2024 12:00 - 12:40 JST

Hall B (4)

Due to the ever-increasing adoption of AI into the lives of daily users, trustworthy AI is of utmost priority. Even though advocates of AI globally have started talking about ethical considerations during ML model building, in reality, very few people know how to create robust, privacy-preserving, and fair AI models. In this talk, I'll explore 2 concrete technical concepts of trustworthy AI, namely ensuring robustness and fairness in ML models. Robustness: 1. Attendees will go through an in-depth understanding of critical vulnerabilities of common AI models and how to exploit them to adversarially attack the model (e.g., inference attacks, data poisoning). 2. This will be followed by simple defence strategies to increase robustness (e.g., gradient obfuscation, transformations). 3. This will be further followed by adaptive attacks on previous defence strategies thereby motivating the concept of certified robustness of AI models. Fairness: 1. Attendees will get to know how they can unconsciously encode bias (representational bias, model bias, etc) during training AI models. 2. This is followed by strategies to correct this bias using domain knowledge to create fair AI models.

Speakers

Niharika Shrivastava

Data Scientist, Workforce Optimizer

Niharika's current interests lie in NLP and Applied Data Science. She holds a Master's in AI from the National University of Singapore. She was also an Outreachy fellow for The Fedora Project and has been the recipient of multiple awards such as the Red Hat Women in Open Source Award... Read More →

Tuesday October 29, 2024 12:00 - 12:40 JST
Hall B (4)

AI_dev

Audience Intermediate

12:00 JST

Analyzing Your System with Tracing Libraries - Steven Rostedt, Google

Tuesday October 29, 2024 12:00 - 12:40 JST

Hall A (4)

trace-cmd is a front end tool to the tracefs infrastructure as well as ftrace (the mechanism that supplies function tracing). But like all tools, it's limited in what it can provide by the interface it has. Luckily, the guts of trace-cmd is being extracted into libraries. The libtracefs library is an interface to facilitate any application to access the tracefs kernel interface. This makes it easy for applications enable tracing of various events with various filters. Then there's the libtracecmd library that can be used for creating and reading the trace.dat file (the file that trace-cmd creates). By using this library, you can enable tracing on a system and then do offline analysis. Finally, there's a new library called libtraceeval that is used to help keep track of the interactions of various trace events. This talk will show some simple tools that utilize these libraries (for example, a tool that shows how much tasks are sleeping, blocked, running, and preempted). And also show i bit of the interface of the libraries to demonstrate how simple they really are.

Speakers

Steven Rostedt

Software Engineer, Google

Steven Rostedt currently works for Google on their ChromeOS team. Steven is the main developer and maintainer of ftrace, the official tracer of the Linux kernel, as well as the user space tools trace-cmd, the ftrace tracing libraries and co-maintainer of KernelShark. Steven is one... Read More →

Tuesday October 29, 2024 12:00 - 12:40 JST
Hall A (4)

LinuxCon

Audience Intermediate

12:00 JST

Trials and Tribulations of Updating Dependencies for Vulnerability Remediation - Xueqin Cui & Michael Kedar, Google

Tuesday October 29, 2024 12:00 - 12:40 JST

Main Hall

Developers are often faced with an overwhelming number of vulnerabilities reported against their dependencies. The best way to deal with this is to keep all dependencies up to date, however, this is not possible for everyone. There is a lot of work to get all dependencies up to date for older projects, or to figure out what dependencies and versions to update in response to vulnerabilities. The open source OSV project built a feature called “guided remediation” to automatically update dependencies while minimising breakages. Upgrades with greater number of vulnerabilities fixed at once are prioritised. Mechanisms such as vulnerability dependency depth are also developed to further help prioritise the work. While developing these functionality to tackle these problems, we discovered that this is not as easy as it sounds. There are complexities in every step of the whole process - from scanning project files, to resolving dependencies in ecosystems with complicated rules, to determining possible updates, to writing back to the files. This talk explores the many challenges faced within npm and Maven, their complicated rules, and potential solutions for wider ecosystem support.

Speakers

Xueqin Cui

Software Engineer, Google

Xueqin is a Software Engineer working on Google's Open Source Security team.

Michael Kedar

Software Engineer, Google

Michael is a Software Engineer working on Google's Open Source Security Team.

Tuesday October 29, 2024 12:00 - 12:40 JST
Main Hall

SupplyChainSecurityCon

Audience Intermediate

14:00 JST

Careless Use of Memory-Backed Ephemeral Disks in Kubernetes Can Result in Node Crashes - Shu Muto, NEC Solution Innovators, Ltd.

Tuesday October 29, 2024 14:00 - 14:40 JST

Hall A (3)

Modern applications increasingly require the output of large files such as videos and images, and the generation of more comprehensive logs. As a result, the use of RAM disks - ephemeral disks backed by memory, which are faster than traditional HDDs and SSDs - has become more common. In Kubernetes, RAM disks can be utilized through the abstraction of memory-backed emptyDir, which is based on tmpfs. However, if used carelessly, memory-backed emptyDir can pose significant risks to the stability of the Kubernetes cluster. When used as storage, the use case differs from typical memory usage by applications. Sharing files between different applications can obscure the responsibility for file garbage collection, increasing the risk of files not being deleted. If tmpfs usage excessively consumes node memory, the application containers using this tmpfs may be killed. In some cases, the deletion of tmpfs might not be timely, leading to memory exhaustion and potentially causing node crashes. This talk will share risk mitigation strategies for node crashes from the perspectives of cluster administrators, namespace administrators, and application developers.

Speakers

Shu Muto

Open Source Strategy Professional, NEC Solution Innovators, Ltd.

Shu Muto is a maintainer for the Kubernetes Dashboard since Autumn 2019 and a chair for SIG UI. Previously, he contributed to the OpenStack Dashboard and its plugins as a core developer from 2015. Shu also develops WebRTC applications. He organizes Kubernetes Upstream Training Japan... Read More →

Tuesday October 29, 2024 14:00 - 14:40 JST
Hall A (3)

CloudOpen

Audience Intermediate

14:00 JST

Dynamic Scaling of GPUs for Container Apps with Composable Disaggregated Infrastructure for AI Era - Jin Hase & Lei Zhang, Fsas Technologies Inc.

Tuesday October 29, 2024 14:00 - 14:40 JST

Hall A (2)

As AI and ML become popular in container (K8s) environment, enormous computational resources are required more and more. On the other hand, efforts toward energy efficiency are also required for the realization of a sustainable society. It is expected to achieve the conflicting requirements that providing higher performance and reducing power consumption simultaneously. Recently, a new server architecture called Composable Disaggregated Infrastructure (CDI) is emerged. CDI can provide custom made servers by composing devices such as compute, memory, storage and GPU connected to PCIe or CXL switch fabric as a resource pool on demand. CDI can provide appropriate type and number of devices on demand depending on container workloads, therefore it would be a solution for this requirement. However, there is currently no standard way to control CDI from K8s. In this talk, we show how K8s and CDI could be a solution. We provide CDI operator and its Custom Resource Definition. Also, we introduce advanced vertical and horizontal cluster auto scaler for CDI. We demonstrate how K8s dynamically attach or detach devices to nodes combined with Dynamic Resource Allocation (DRA) function.

Speakers

Jin Hase

Manager, Fsas Technologies Inc.

Jin Hase has been tuning the performance of servers and operating systems, designing and building systems for K8s. In recent years he has led the OSS development teams for K8s and Linux. For a new architecture called Composable Disaggregate Infrastructure, he tries to establish how... Read More →

Lei Zhang

Engineer, Fsas Technologies Inc.

Lei Zhang is an engineer at Fsas Technologies Inc. Core Product Business Unit., where he is involved with system software development for high performance computing. He has been participated in the development of the Fugaku supercomputer, Japan’s latest flagship supercomputer. For... Read More →

Tuesday October 29, 2024 14:00 - 14:40 JST
Hall A (2)

ContainerCon

Audience Intermediate

14:00 JST

Lessons Learned on Following Security Best Practices in Zephyr - Kate Stewart, The Linux Foundation

Tuesday October 29, 2024 14:00 - 14:40 JST

Meeting Room 1

When the Zephyr project(https://zephyrproject.org/) launched in 2016, the lack of standardized security best practices in the IoT market segment was a known problem. It was one of the goals the project wanted to address, and started working on from before day 1. This talk will go through the journey of the last 8 years of applying known best security practices to an open source project, including becoming a CVE Numbering Authority, and forming a PSIRT team from volunteers from different companies. This team has been managing embargo windows, bulk vulnerability reports as well as the occasional vulnerability reported from the community. It is possible for open source projects to follow Security Best Practices and this talk will let others leverage the key lessons that Zephyr has learned over time.

Speakers

Kate Stewart

VP Dependable Embedded Systems, Linux Foundation

Tuesday October 29, 2024 14:00 - 14:40 JST
Meeting Room 1

Embedded IoT Summit

Audience Intermediate

14:00 JST

The Year in Open Source Security - Marta Rybczynska, Ygreky

Tuesday October 29, 2024 14:00 - 14:40 JST

Hall A (4)

This year, we have seen several events related to Open Source security. Marta will inventory the main events and show us what we have learned. - The xz backdoor scandal shed light on sole maintainers and the risks to their projects yet again. - The Linux kernel and several other projects have become CVE Numbering Authorities (CNAs). At the same time, the National Vulnerability Database (NVD) database is facing difficulties. - The SBOM generation is rising, and people are discussing how to actually use that generated data. And SPDX3 has been released. - The European mandatory cyber security regulation Cyber Resilience Act is reaching completion, with similar laws showing up around the world - Without forgetting a list of vulnerabilities, exploited or not

Speakers

Marta Rybczynska

Founder, Ygreky

Marta Rybczynska has a network security background, with 20 years of experience in Open Source. She has worked with embedded operating systems like Linux and various real-time OSes, and with system libraries and frameworks up to user interfaces. She has been involved in various Open... Read More →

Tuesday October 29, 2024 14:00 - 14:40 JST
Hall A (4)

LinuxCon

Audience Intermediate

14:50 JST

Bringing AI on-Device: From Cloud to Edge - Catalin Vasile, Adobe

Tuesday October 29, 2024 14:50 - 15:30 JST

Hall B (4)

Step into the future of AI as we break free from the constraints of cloud-based processing and unlock the immense potential of edge computing. This cutting-edge talk explores the revolutionary shift of AI from centralized data centers to the devices in your pocket, on your wrist, and all around you. Discover how this paradigm shift is not just changing the game – it's rewriting the rules. We'll journey through the landscape of on-device AI, revealing how it's transforming user experiences, supercharging privacy, and pushing the boundaries of what's possible in real-time applications. From smart homes to autonomous vehicles, from augmented reality to personalized healthcare – learn how on-device AI is the key to unlocking a world of intelligent, responsive, and secure applications.

Speakers

Catalin Vasile

Senior Computer Scientist, Adobe

Catalin is a Senior Computer Scientist at Adobe, surfing the clouds in the world of distributed systems and managing resilient high-scale solutions as part of the Cloud Platform team.

Tuesday October 29, 2024 14:50 - 15:30 JST
Hall B (4)

AI_dev

Audience Intermediate

14:50 JST

AGL VSS Proxy and Gateway Demo Walkthrough - Scott Murray, Konsulko Group

Tuesday October 29, 2024 14:50 - 15:30 JST

Hall B (3)

The AGL vehicle to cloud (V2C) expert group has been working for the past year towards the creation of a Vehicle Signal Specification (VSS) to MQTT proxy. This presentation will walk through the architecture and features of the new agl-vss-proxy daemon, as well its integration into the gateway demo that was shown at Embedded World 2024.

Speakers

Scott Murray

Principal Software Engineer, Konsulko Group

Scott has been a Linux user for almost 30 years, and has developed Linux based embedded products for almost 25 years at a variety of companies large and small. Currently, he works for Konsulko Group as a Principal Software Engineer, providing embedded Linux engineering services for... Read More →

Tuesday October 29, 2024 14:50 - 15:30 JST
Hall B (3)

Automotive Linux Summit

Audience Intermediate

15:50 JST

Data Contracts Are Good for AI - Jean-Georges Perrin, Bitol / AbeaData

Tuesday October 29, 2024 15:50 - 16:30 JST

Hall B (4)

Bitol is one of the newest LF AI & Data projects focusing on open standards and open source tools for modern data engineering. Bitol's flagship standard is ODCS (Open Data Contract Standard). In this talk, as the chair of the Bitol TSC, I will first explain what a data contract is, the work of the Bitol project, and focus on the benefits of data contracts for AI & analytics. I will conclude with an end-to-end demo of creating and enforcing data contracts using open-source and free tools.

Speakers

Jean-Georges Perrin

Chair of the TSC / Chied Innovation Officer, Bitol / AbeaData

Jean-Georges “jgp” Perrin is CIO at AbeaData, focusing on building innovative and modern data tooling. He is also chair of the Bitol project at the Linux Foundation, a Lifetime IBM Champion, and author of multiple books, including Implementing Data Mesh (O’Reilly) and Spark... Read More →

Tuesday October 29, 2024 15:50 - 16:30 JST
Hall B (4)

AI_dev

Audience Intermediate

15:50 JST

Meeting Software License Compliance Policies During the Inbound Process: A Practical Approach - Julian Coccia, SCANOSS

Tuesday October 29, 2024 15:50 - 16:30 JST

Hall B (3)

Some of the most common license compliance policies violations in automotive are related to specific black listed OSS licenses. Ideally, code under such licenses should be detected during the inbound process. Commercial SCA solutions are the default option in automotive to address this challenge. We need solutions that can be shared in both, commercial environments and in the open. This tutorial will demonstrate how any organization can build their own knowledge base linked to a specific license compliance policy, such as preventing GPLv3 code from landing onto an in-vehicle platform. Julián will also show how to create license scanning and detection mechanisms against such ad-hoc knowledge base during the inbound process, using OSS only. It will also provide solutions on how companies in the automotive supply chain, including open-source organizations, can share and audit the results using this common toolkit and knowledge base. Additionally, the talk will illustrate how this approach can be generalized for broader use cases, with limited usage intensity, using the OSS KB, from the Software Transparency Foundation. OSS KB: https://www.softwaretransparency.org/osskb

Speakers

Julian Coccia

CTO, SCANOSS

Passionate about Open Source license compliance. Developed global Open Source processes and tools at Ericsson. Co-founded and developed the core technology at FOSSID. Driving the Project Office at the Software Transparency Foundation to drive SBOM adoption. Leading the technology... Read More →

Tuesday October 29, 2024 15:50 - 16:30 JST
Hall B (3)

Automotive Linux Summit

Audience Intermediate

15:50 JST

Security for AI and Multi-Party Collaboration with Confidential Computing (Oh, and Web3!) - Mike Bursell, Confidential Computing Consortium

Tuesday October 29, 2024 15:50 - 16:30 JST

Hall A (3)

Confidential Computing has been around for a while, and is now widely available from most hyperscalers and CSPs, but over the past year, two use cases have raised its visibility enormously: Confidential AI and Secure Multi-party Collaboration. Both of these require the confidentiality and integrity that Confidential Computing provides, but the addition of another property - cryptographic attestation - allows trust in these workloads and their inputs and outputs - to be established in ways that increase their value significantly. Learn about the technology underpinning these developments, how organisations are creating new business models, and how the Confidential Computing Consortium is promoting open source in this area.

Speakers

Mike Bursell

Executive Director, Confidential Computing Consortium

Mike Bursell is the Executive Director of the Confidential Computing Consortium. He is one of the co-founders of the Enarx project. He has previously served on the Governing Boards of the CCC and the Bytecode Alliance and currently holds advisory board roles with various start-ups... Read More →

Tuesday October 29, 2024 15:50 - 16:30 JST
Hall A (3)

CloudOpen

Audience Intermediate

15:50 JST

Build a Container Image from Scratch - Danish Prakash, SUSE

Tuesday October 29, 2024 15:50 - 16:30 JST

Hall A (2)

Container images are ubiquitous nowadays, you've probably used them in one way or another or might have even built one of them. But how are they constructed? What's inside of one? This talk goes through the process of manually creating a Container image without using tools such as docker. Along the way, we'll cover essential components such as layers, metadata, and configuration options that make up an image, and use them to assemble our final Container image. We'll also load it into Docker and run it! By guiding you through the step-by-step assembly of a Docker image, this talk aims to demystify Docker images and strengthen your understanding of their inner workings.

Speakers

Danish Prakash

Container Engine Engineer, SUSE

Danish Prakash is a Container Engine Engineer at SUSE. He is a contributor to upstream projects such as Podman, Buildah, nerdctl, etc, and is the downstream maintainer of these packages for SUSE Linux products.

Tuesday October 29, 2024 15:50 - 16:30 JST
Hall A (2)

ContainerCon

Audience Intermediate

15:50 JST

Secure and Efficient Sensing Applications with Wasm: Sony's Edge Virtualization Platform (EVP) - Dan Mihai Dumitriu, Midokura (Sony Group)

Tuesday October 29, 2024 15:50 - 16:30 JST

Meeting Room 1

In this talk, we will introduce Sony's Edge Virtualization Platform (EVP), a cutting-edge solution that leverages WebAssembly (Wasm) at the edge to ensure the security and safety of sensing applications. The EVP addresses key challenges in the embedded IoT landscape, including resource constraints, cybersecurity, and lifecycle management. Our discussion will cover: WebAssembly at the Edge: How Wasm enhances security and performance for sensing applications. Edge App SDK: A powerful toolkit for developers to create, manage, and deploy edge applications within a Wasm sandbox, ensuring compatibility and efficiency across diverse hardware. Device and Lifecycle Management: Techniques for efficient device management and application lifecycle management within the EVP. By the time of the Open Source Summit Japan, all these components will be open-sourced, aligning with Sony's upstream strategy to foster collaboration and innovation in the IoT community.

Speakers

Dan Mihai Dumitriu

Cto, Midokura

Dan Mihai Dumitriu is CTO of Midokura, a Sony Group company, leading an R&D team for advanced development of edge computing and AI technologies. He has deep technical insight into complex distributed systems, data center networks, and software architecture. Earlier in his career Dan... Read More →

Tuesday October 29, 2024 15:50 - 16:30 JST
Meeting Room 1

Embedded IoT Summit

Audience Intermediate

16:40 JST

From Complexity to Clarity: Addressing Challenges in AI BOMs for Compliance - Gopi Krishnan Rajbahadur, Huawei Technologies Canada & Kate Stewart, The Linux Foundation

Tuesday October 29, 2024 16:40 - 17:20 JST

Hall B (4)

As global regulations on AI software tighten, developers face a complex set of new, ambiguous rules. The AI Software Bill of Materials (AI BOM), especially the new SPDX 3.0 with AI and dataset profiles, offers a promising solution for compliance, providing detailed, machine-readable documentation of AI systems. Despite its benefits, adoption has been slow, hindered by gaps in developer knowledge and the complex nature of AI systems. Many AI BOMs are incomplete or inaccurate, limiting their utility for compliance. Our talk will tackle these issues, drawing on our experience with SPDX 3.0 and AI BOM implementation. We'll share best practices and strategies to improve AI BOM accuracy and utility, equipping professionals with the insights to ensure their AI applications are compliant and prepared for future regulations.

Speakers

Gopi Krishnan Rajbahadur

Senior Staff Researcher, Huawei Technologies Canada

Gopi Krishnan Rajbahadur is a Senior Staff Researcher at Huawei's Centre for Software Excellence in Canada. He is currently working on SE for Large Language Models and the governance of AI datasets. He is the co-lead for the AI and datasets profile in the ISO/IEC 5692 SPDX standard... Read More →

Kate Stewart

VP Dependable Embedded Systems, Linux Foundation

Tuesday October 29, 2024 16:40 - 17:20 JST
Hall B (4)

AI_dev

Audience Intermediate

16:40 JST

The Emulation of AD Sensors in IVI Domain Over PCI Express (Ghost Device) - Kim Rain Woosung & Dongwoo Han, LG Electronics Inc.

Tuesday October 29, 2024 16:40 - 17:20 JST

Hall B (3)

[ How to extend AD Sensors to IVI Domain ] 1. Why we extend AD sensors to IVI Domain Can you image that AD sensors can be safely and securely used for IVI Domain, as well as Autonomous Driving ? 2. 3rd party eco system on AD Vehicle AD vehicle has more sensors then the one of smartphone, using them, we can create the more rich application in AD vehicle. 3. E/E Architecture and HPC for the future The communication between SoCs in HPC needs to have very high performance bus, and, now PCI Express is the best candidate. 4. Sensor Sharing and Functional Safety Ghost Device cannot control the physical sensor directly. So, basically there is no way for the cracker to make the high-level Security System harmful. 5. The concept of Ghost Device When numbers of SoC are weaved, a SoC needs to deal with another SoC as a kind of peripheral, because SoC is generally designed as a host of whole system. So, we need to define another SoC as a kind of peripheral, or abstract and emulate data from another SoC as one from peripherals. 6. How to implement it Using ntb_transport, NTRDMA, and ,Infiniband core, Ghost Device is implemented. 7. The example, Camera Sensor (demonstration is ready)

Speakers

Dongwoo Han

Researcher, LG Electronics Inc.

over 20 years, I has been system s/w engineer. Now, I'm working as IVI developer for LGE.

Woosung Kim

Task Leader, CTO div., LG Electronics

Software architect and task lead of the automotive high-performance computing and consolidation system at the vehicle onboard. Also digital twin and orchestration by cloud and multi-application processor on off-board. Currently, active at advanced technical PoC with SoC vendors and... Read More →

Tuesday October 29, 2024 16:40 - 17:20 JST
Hall B (3)

Automotive Linux Summit

Audience Intermediate

16:40 JST

Kubernetes WG-LTS: Why We Need LTS? - Yuiko Mori, NEC Corporation

Tuesday October 29, 2024 16:40 - 17:20 JST

Hall A (2)

Today, many companies are using Kubernetes in production environments, but there are various challenges in commercial use. One of the challenges is managing the Kubernetes cluster. Many companies are facing challenges related to Kubernetes version upgrades. According to a 2022 survey, most host systems run Kubernetes versions that are 18 months or more out of support. In this situation, the Kubernetes community launched the WG-LTS (Long Term Support Working Group) to promote Kubernetes LTS (Long Term Support). In this session, I will introduce the background, purpose, and activities of the WG-LTS. I will also explain why as a System Integrator, NEC needs Kubernetes LTS. On the other hand, (This is not just in case of Kubernetes, but) there is gap between community developers and users in open source community. I will discuss such gap also. I will also discuss the barriers(human resources, cost, etc…) to advancing LTS in Kubernetes community.

Speakers

Yuiko Mori

Manager, NEC

Yuiko Mori is a software engineer at NEC Solution Innovators, Ltd. on a wide range of software projects, and developing open source software. She's been an active technical contributor to Kubernetes, and also previously she had worked for OpenStack.

Tuesday October 29, 2024 16:40 - 17:20 JST
Hall A (2)

ContainerCon

Audience Intermediate

16:40 JST

Device Management and Delta Update for Embedded Devices with SWUpdate and TUF - Koshiro Onuki, Toshiba Corporation

Tuesday October 29, 2024 16:40 - 17:20 JST

Meeting Room 1

Secure and efficient software updates are crucial in infrastructure. Our research integrates SWUpdate with The Update Framework (TUF), which enhances security by ensuring update integrity and improving resistance to well-known attacks. However, there are challenges in the TUF verification process for embedded devices. It requires downloading the entire target images and verifying its size and hash values. This process may be difficult to execute on devices with limited resources. Therefore, we have developed a device management function that manages unique information such as device version information, in addition to integrating with TUF. This function enables the generation of delta update images considering the target device information. As a result, it is believed that updates can be made even within limited resources by transmitting only delta. Furthermore, it becomes possible to meet specific needs of each device, such as reducing bandwidth and update time, customizing update images, and enhancing image encryption. In this presentation, we will showcase the practical implementation of our function that integrates TUF and delta update.

Speakers

Koshiro Onuki

Engineer, Toshiba Corporation

Koshiro Onuki has been working as a Software Engineer at TOSHIBA Corporation since 2022. His main role is to develop Linux for various industrial embedded products. He is mainly involved in research and development of software updates.

Tuesday October 29, 2024 16:40 - 17:20 JST
Meeting Room 1

Embedded IoT Summit

Audience Intermediate

16:40 JST

Real-Time Scheduling Fault Simulation - Ben Dooks, Codethink

Tuesday October 29, 2024 16:40 - 17:20 JST

Hall A (4)

There is a lot of work around how to achieve good real-time on Linux, but not as much on how to simulate faults such as jitter in the system, deadline misses or other faults. Without this it is difficult to test how your application or entire system copes with these problems. As part of work with a number of clients, especially in the safety sphere, questions have come up on how to test processes which rely on real-time scheduling. If we have a way of injecting faults we can reliably test error handling and other mitigations. Mitigations such as throttling, restarting or some measured shutdown of services. We will go through some methods we evaluated for fault injection via both user and kernel space. How existing kernel features can be used and what needs to be done in the way of either configuring or extending kernel features. There will be discussion about how each method works and the comparative merits where overlaps exist. We hope that this can help to promote thinking and improvements on how the scheduler and particularly real-time scheduling is tested under Linux.

Speakers

Ben Dooks

Senior Engineer, Codethink, Codethink

Senior open source consultant at Codethink and long-time contributor to various projects such as the Linux Kernel.

Tuesday October 29, 2024 16:40 - 17:20 JST
Hall A (4)

LinuxCon

Audience Intermediate

16:40 JST

The Telemetry of Trust, Using Attestations to Secure Your SDLC with Open Source Tools - Jesse Sanford & Jagadish Ramidi, Autodesk

Tuesday October 29, 2024 16:40 - 17:20 JST

Main Hall

Let’s be honest, delivering software can be a dirty business. Especially if you are in the critical path of delivering legacy software, or software born from mergers and acquisitions. How can we secure so many differences at scale? How can we build trust into everything we do so that we can delay evaluation until we have enough trust later? In this talk, Jagadish and Jesse show you how Autodesk is thinking about solving both of these problems simultaneously. Through the use of “attestations”. Simple, cryptographically verifiable bits of telemetry that when combined, equal a whole lot more than the sum of their parts. Get enough of them and they build a story of trust. By weaving a software lifecycle tale through a series of verifiable inputs, actions and outcomes we can decide for example, when to allow a build be deployed. Or better, decide when it’s to be deployed to a secure and compliant location. Autodesk is starting to tell those software lifecycle stories using open source software weaved into our platform, making the software we build safer for all, despite our diversity.

Speakers

Jagadish Ramidi

Software Engineer, Autodesk

Works as a security software engineer at Autodesk focusing on software composition analysis and supply chain security.

Jesse Sanford

Software Architect, Autodesk

Jesse is a lifelong software engineer focused on site reliability and Infosec. Currently architecting the juncture of platform engineering and security/compliance for Autodesk's Developer Enablement team. He regularly contributes to open source and frequently speaks about his work... Read More →

Tuesday October 29, 2024 16:40 - 17:20 JST
Main Hall

SupplyChainSecurityCon

Audience Intermediate