Software Vulnerability Monitoring and Remediation

Long Term Support Linux And Zephyr with CVE Monitoring, Reporting, and Remediation

Day after day, Common Vulnerabilities and Exposures (CVEs) threaten your devices deployed in the field. Managing your devices’ boards support package (BSP) for vulnerabilities by yourself is a full-time job: creating custom tools to scan, monitor, and report on the software bill of materials (SBOM) for your device and dedicating engineers to port patches or upgrade software to address never-ending vulnerabilities. It’s time consuming and takes critical resources away from developing your core product. Leverage our Summit Suite Software Vulnerability Monitoring and Remediation solution for BSP security lifecycle management from the start to the end.

How It Works

How It Works

We start with customized BSPs for our 60 Series SOM, Sentrius™ IG60, and Summit SOM 8M Plus. These BSPs are based on Yocto or Buildroot to generate Linux operating systems for application processors and Zephyr for microcontrollers. Our long-term support of these BSPs help your team keep software up to date while stabilizing a product to get to market launch and maintain it in the field with minimal disruptions and retesting.

Next, we onboard your team and your SBOM into a shared workspace with our FAE / engineering teams in Vigiles Prime, a best-in-class vulnerability monitoring and reporting cloud-based software service provided by our partner Timesys. This helps us track what CVEs affect your software before launch as well as later in the field. Using the industry and government standard Common Vulnerability Scoring System (CVSS), we help you prioritize the most severe vulnerabilities. As your development progresses, we work with you to monitor, report, and triage CVEs found in your SBOM.

We work with you to triage and remediate CVEs related to your SBOM before and after your product goes to market, regularly meeting with your team on joint remediation or mitigation strategies. We then move on those strategies to provide an updated BSP release to address CVEs. If a new QA cycle is required on our BSP and hardware platform combination, our QA team will get to work to ensure our product continues to have the feature and functionality your team expects. Your team can continue to focus on adding value through your expertise and outsource the burden of retesting core BSP functionality.

We’re one partner with every needed capability, providing the device hardware, the optimized BSP, BSP vulnerability monitoring, and BSP vulnerability remediation and mitigation under one roof.

Features

Features

  • Long-term support BSPs with flexibility

    New long-term BSPs every two years with four biannual updates to each new long-term BSP. Get longer security support windows or more frequent security updates with Summit Suite.
  • Industry-best CVE alerts, monitoring, and reporting

    New common vulnerabilities are discovered week after week. Keep ahead of the ones affecting your SBOM, with severity highlighting and exportable reports for the rest of your organization.
  • Shared platform for your team and ours

    Vigiles Prime instance allows our teams to connect on identifying CVEs and enacting solutions. Automatically import your SBOM updates and get scans and reports with Vigiles Prime APIs.
  • Focus on what matters most - your core product

    Monitoring for CVE remediation is a full-time job. Let us keep you ahead of the curve with industry-standard continuous monitoring using CVSS scoring and updated BSP releases.
  • Leverage our engineering and GA for BSP updates & testing

    We work with you to identify the remediation strategies you need to preserve feature functionality. Our QA teams can coordinate testing to maintain core BSP compatibility.
  • Industry-leading support

    Our Tier 2 and FAE support bring expert assistance, working with you and our engineering to reduce your time to market.
Long-term Support BSP Roadmap

Long-term Support BSP Roadmap

Every two years, we release new Linux and Zephyr long-term support (LTS) BSPs for partners using our hardware products. We do 4 standard releases on a 6-month cadence from each new Linux and Zephyr LTS BSP. These form the foundation of the long term BSP security lifecycle. After the 4 standard releases from a Linux and Zephyr LTS BSP, it can be maintained for new security releases under the Summit Suite Vulnerability Monitoring and Remediation solution. If more frequent security releases are desired during the 4 standard release cycle, these security release can also be done under the Summit Suite Vulnerability Monitoring and Remediation solution.


Summit Yocto Linux+Zephyr BSP Releases 2022 2023 2024 2025 2026 2027
Q1 Q2 Q3 Q4 Q1 Q2 Q3 Q4 Q1 Q2 Q3 Q4 Q1 Q2 Q3 Q4 Q1 Q2 Q3 Q4 Q1 Q2 Q3 Q4
Future Release
Release 4 – LTS Kernel, LTS Yocto, LTS Zephyr 4 R1 4 R2 4 R3 4 R4 Further Releases Summit Suite Only
Release 2 – 5.15 Kernel, Yocto Kirkstone, Zephyr 2.7 2 R1 2 R2 2 R3 2 R4 Further Releases Summit Suite Only


Summit Buildroot Linux BSP Releases 2022 2023 2024 2025 2026 2027
Q1 Q2 Q3 Q4 Q1 Q2 Q3 Q4 Q1 Q2 Q3 Q4 Q1 Q2 Q3 Q4 Q1 Q2 Q3 Q4 Q1 Q2 Q3 Q4
Future Release
Release 12 - LTS Kernel and LTS Buildroot 12 R1 12 R2 12 R3 12 R4 Further Releases Summit Suite Only
Release 10 – 5.15 Kernel 2022.02 Buildroot 10 R1 10 R2 10 R3 10 R4 Further Releases Summit Suite Only
Industry-leading CVE Monitoring

Industry-leading CVE Monitoring and Reporting

Vigiles Prime provides web-based, easy to digest CVE reports with detailed information for every vulnerability in each software package in your SBOM. It displays the CVSS score, fixed version, and links to patches for fixes. Reports are exportable and shareable, and email alerts can be configured to be sent daily, weekly, or monthly on newly discovered CVEs in your SBOM. If you’re regularly creating updated SBOMs for your product, these can be automatically uploaded into Vigiles Prime from your continuous integration and build process via Vigiles Prime’s APIs.

Getting Started

Getting Started

Schedule a meeting to learn how to leverage our Summit Suite Software Vulnerability Monitoring and Remediation solution for BSP security lifecycle management.

Schedule a Meeting
Product Brief