Why does ST care so much about OpenSTLinux? As microprocessors increasingly become the secret weapons of many integrators, an intuitive and powerful Embedded Linux distribution is like a superpower. Too often, decision-makers forget how critical the operating system is to the success of a project. However, developers know all too well how a spotty kernel, poorly written middleware, and unstable builds can slow efforts to a crawl.
That’s why we’ve been expanding OpenSTLinux since its launch in 2019, both in scope and capability. At first glance, there are more packages, new distributions, and myriads of expansions. Let us, therefore, explore the OpenSTLinux ecosystem and why it has been such a strong supporting cast in the STM32 MPU story.
What makes a great BSP?
A secure foundation
At the heart of OpenSTLinux is its Board Support Package (BSP), which has significantly matured since its initial release. To ensure the integrity and security of the system, the ST BSP uses a boot chain based on Trusted Firmware for Cortex-A and U-Boot. It ensures that OpenSTLinux takes advantage of the protection mechanisms available in Cortex-A cores to guarantee the system’s integrity at its lowest level. OpenSTLinux BSP also includes an open portable trusted execution environment (OP-TEE), which isolates secure code from the rest of the system. As a result, developers immediately benefit from extensive protections that guard the system configuration, resource management, and other critical services.
Avid readers of the ST Blog know that we have multiplied the security initiatives from STM32Trust, which provides documentation and code to help with various security implementations, to updating STM32CubeProgrammer to make secret provisioning more accessible on all our microprocessors. The new STM32MP2 even targets SESIP Level 3 certification to help makers provide concrete security guarantees to users. The OpenSTLinux BSP’s focus on ensuring the system’s integrity is thus a natural manifestation of our efforts to make security more accessible and ubiquitous. It’s also why we continue to mainline all our drivers to the Linux kernel. We want the open-source community to audit our work so we can respond rapidly to their feedback.
A close partnership with the open-source community
Indeed, since the launch of OpenSTLinux, ST has adopted the philosophy that upstreaming is in everyone’s best interest. There are security benefits and long-term support opportunities for companies looking to maintain systems over decades. It can also help developers standardize APIs to promote interoperability.
Hence, OpenSTLinux is more than an OS for ST MPUs; it is a desire to lower the barrier to entry to embedded systems by facilitating secure and long-term developments. Put simply, we want to leverage the expansive capabilities of Linux while ensuring compatibility and support for our hardware so developers can release their products to market faster.
It’s also why ST has added support for Buildroot. Initially, we focused our efforts on Yocto, and we still do. It’s often the de facto way to create a Linux-based system for industrial or niche applications. However, over the years, we heard from many in our communities who came from different backgrounds. Hence, we collaborated with Bootlin, a member of the ST Partner Program, to come up with an OpenSTLinux BSP based on OpenWRT. It’s also why we developed new OpenSTLinux-based distributions, such as OpenSTDroid and others based on OpenWRT and OpenBMC. Put simply, as more communities adopt OpenSTLinux and STM32 MPUs, we try to meet developers where they are.
What makes a Great Ecosystem?
Specific packages for all stages of development
The best introduction to OpenSTLinux is with an evaluation board and a Starter package. It’s a pre-built image with all the drivers and modules necessary to run the OS from an SD Card or the embedded flash. It ensures developers can run the OS on their development board in minutes. Users don’t even need an IDE. They just boot up and start testing the operating system, run scripts, connect to the Internet, and more. Our STM32 MPU Wiki even provides a step-by-step guide to run the Starter Package on an STM32MP25 or an STM32MP15 board.
OpenSTLinux also comes in two other packages: Developer and Distribution. As the name suggests, the Developer Package targets ongoing projects. Programmer can use it to start writing and testing their applications. It, therefore, comes with an SDK, the source code for the MPU’s firmware, and more. It sits on top of the Starter Package and will help hasten developments.
Afterwards, when teams approach production, they can download the Distribution package. It’s the most barebones version out of the three and is meant to be the most optimized OpenSTLinux version the system will run in the field. It is also possible to customize the Distribution package to create a unique Developer or Starter kit specific to a project or company.
Moreover, the OpenSTLinux BSP comes with all the services and modules enabling developers to work with STM32Cube Packages meant to run on the Cortex-M co-processor of the STM32MP15 or STM32MP2. Indeed, being able to isolate certain applications or benefit from a real-time operating system alongside the embedded Linux distribution on the Cortex-A meant that developers could transition more easily from their MCU to their MPU, reuse code, and tailor their system to take advantage of both worlds.
By integrating STM32Cube Packages into OpenSTLinux BSP, we ensure developers have the tools they need to optimize their workflow, especially if they are already familiar with our ecosystem on our STM32 MCUs.
Numerous expansion packages to facilitate developments
Finally, ST continues to release new OpenSTLinux expansion packages to accelerate developments further. From X-LINUX-AI, which helps with machine learning applications, to X-LINUX-RT to approximate real-time execution, X-LINUX-PRDMNT for predictive maintenance, X-LINUX-GNSS1 for cellular connections, X-LINUX-AWS to connect to Amazon Web Services, and X-LINUX-NFC6 for contactless systems, there’s a package for a wide range of development needs.