Professional Yocto Application Layer for Dynamic Devices Edge Computing Platforms
-purple.svg){kind=icon}
This application layer provides comprehensive middleware and applications for Dynamic Devices Edge Computing platforms, featuring advanced audio processing, environmental sensing, wireless connectivity, and power management capabilities.
Note: This layer depends on separate submodules:
- meta-dynamicdevices-bsp - Hardware-specific Board Support Package (BSP) components
- meta-dynamicdevices-distro - Distribution configurations and policies
Dynamic Devices board platforms, in partnership with Foundries.io, deliver a comprehensive security-first approach to edge computing with professional-grade device lifecycle management.
- Hardware Root of Trust: i.MX8MM/i.MX93 High Assurance Boot (HAB) with secure key storage
- Verified Boot Chain: U-Boot β Linux kernel β Root filesystem integrity validation
- Anti-Rollback Protection: Prevents downgrade attacks through secure version control
- Encrypted Storage: LUKS disk encryption for sensitive data protection
- Zero-Touch Provisioning: Automated device registration and configuration
- Secure Remote Access: VPN-less device connectivity through Foundries.io gateway
- Fleet Monitoring: Real-time device health, performance metrics, and diagnostics
- Role-Based Access Control: Fine-grained permissions for development teams
- Docker Integration: Native container runtime with hardware-accelerated features
- Application Isolation: Secure sandboxing for customer applications
- Resource Management: CPU, memory, and GPU allocation controls
- Multi-Tenant Support: Run multiple isolated customer workloads safely
- Atomic Updates: All-or-nothing deployment prevents bricked devices
- Rollback Capability: Automatic recovery from failed updates
- Delta Updates: Bandwidth-efficient incremental deployments
- Staged Rollouts: Controlled deployment to device groups with A/B testing
- Continuous Delivery: Direct integration with CI/CD pipelines
- π Scalability: Manage thousands of devices from a single dashboard
- π Observability: Comprehensive logging, metrics, and alerting
- π οΈ DevOps Integration: GitOps workflow for configuration and application deployment
- π’ Enterprise Support: Professional SLA with Foundries.io partnership
- π Global Infrastructure: Edge-optimized content delivery network
# Deploy containerized applications securely
fioctl targets update --apps myapp:v1.2.3 production-fleet
# Monitor deployment across device fleet
fioctl devices list --factory mycompany
# Secure remote debugging (development only)
fioctl devices access mydevice-001Learn More: Foundries.io Platform Overview | Security Whitepaper | Getting Started Guide
π Ready to Go: All boards come with pre-built production images and comprehensive programming packages for immediate deployment.
# π EASIEST: One-time setup, then ultra-simple usage
./scripts/fio-program-board.sh --configure # Set factory & machine defaults (auto-installs fioctl if needed)
echo 'factory: dynamic-devices' >> ~/.config/fioctl.yaml # Set fioctl default
./scripts/fio-program-board.sh --machine imx93-jaguar-eink --program # Download + program!
# π¦ Download only (manual programming)
./scripts/fio-program-board.sh --machine imx93-jaguar-eink # Uses latest target automatically
# π― Explicit control (all options)
./scripts/fio-program-board.sh --factory dynamic-devices --machine imx93-jaguar-eink 1975 --force
# πͺ Windows users: Use the batch file version (Work in Progress)
scripts\fio-program-board.bat /configure # Basic features available, latest target detection needs fixing
# Alternative: Manual download from GitHub CI
# Visit: https://github.com/DynamicDevices/meta-dynamicdevices/actions/workflows/kas-build-ci.yml
# Download: programming-package-[your-board-name].zip# 1. Power OFF your board
# 2. Set DIP switches to download/recovery mode (see board manual)
# 3. Connect USB cable between board and your computer
# 4. Power ON your board# π AUTOMATIC: If you used --program flag in Step 1, programming starts immediately!
# No waiting - just make sure board is in download mode before running
# π CONTINUOUS: For multiple boards, use --continuous flag
# Programs boards in sequence with tracking: Board #1, #2, #3...
# π MANUAL: If you downloaded only, program manually:
cd downloads/target-*-imx93-jaguar-eink/ # (or your board)
sudo ./program-imx93-jaguar-eink.sh --flash
# π¦ MANUAL DOWNLOAD: Using GitHub CI packages
unzip programming-package-imx8mm-jaguar-sentai.zip # (or your board)
cd programming-package-imx8mm-jaguar-sentai/
sudo ./program-imx8mm-jaguar-sentai.sh --flash
# βοΈ BOOTLOADER ONLY: For development/recovery
sudo ./program-[your-board-name].sh --bootloader-only
# π PERFORMANCE: Programming takes ~1-3 minutes with timing display
# π§ COMPATIBILITY: Uses included UUU tool version for reliability# 1. Set DIP switches back to normal boot mode
# 2. Power cycle the board
# 3. Board boots to login prompt (user: root, no password)
# 4. Connect Ethernet or setup WiFi
# 5. Start developing immediately!
# Verify everything works
docker --version # Docker ready for containers
iwconfig # WiFi available
systemctl status # All services running- Full Linux System: Yocto-based embedded Linux with all drivers
- Container Runtime: Docker pre-installed for application deployment
- Networking: WiFi, Bluetooth, Ethernet configured and ready
- Development Tools: SSH, package managers, debugging utilities
- Security: Secure boot chain and encrypted storage support
- Remote Management: Foundries.io integration for fleet management
| Board | Machine | Platform | Description |
|---|---|---|---|
| Edge AI | imx8mm-jaguar-sentai |
i.MX8MM | AI audio STT/TTS platform |
| Edge EInk | imx93-jaguar-eink |
i.MX93 | Low-power e-ink controller |
| Edge EV | imx8mm-jaguar-phasora |
i.MX8MM | Energy management |
| Edge GW | imx8mm-jaguar-inst |
i.MX8MM | Communications gateway |
# Set target machine
export KAS_MACHINE=imx8mm-jaguar-sentai
# Build image
./scripts/kas-build-base.sh
# Program board
./scripts/program.sh- Edge AI Board - TAS2563 audio, sensors, pin mappings
- Edge EInk Board - Power management, WoWLAN, hardware specs
- Edge EV Board - Energy metering and control
- Edge GW Board - Communications gateway
| Feature | Description | Example |
|---|---|---|
| π― Auto-Latest Target | Uses latest build automatically | --machine imx93-jaguar-eink |
| π Default Factory | Uses fioctl's default factory | No --factory needed |
| π¦ Auto-Install fioctl | Installs fioctl if not found | Homebrew/snap/manual |
| β‘ Auto-Programming | Download + program in one command | --program flag |
| π Continuous Mode | Program multiple boards in sequence | --continuous flag |
| πΎ Smart Caching | Skips re-downloading existing files | Instant re-runs |
| β±οΈ Performance Timing | Shows download + programming time | Real-time feedback |
| π§ i.MX93 Optimized | Uses correct bootloader size | No "image too large" errors |
| πͺ Windows Support | Native batch file version (WIP) | fio-program-board.bat |
| π Auto-Organization | Creates downloads/target-X-machine/ |
Clean file management |
- Board Programming with Foundries.io Builds - Complete guide to programming boards using Foundries.io CI builds
- Flashing Boards - Programming and recovery procedures
- WiFi Onboarding - BLE-based WiFi configuration
- Security - Security features and configuration
- Troubleshooting - Common issues and solutions
- docs/YOCTO_BSP_BEST_PRACTICES.md - Professional development guidelines
- docs/RECIPE_TEMPLATE.bb - Template for new recipes
- CHANGELOG.md - Version history and changes
- MAINTAINERS - Maintainer contact information
- KAS - Use
kas-containerfor reproducible builds - Docker - Container runtime for isolated build environment
- USB-C Power - Required for proper board operation
- UUU Tool - For board programming and recovery
This BSP layer is available under dual licensing:
- GPL v3 - For open source projects
- Commercial - For proprietary applications
Our automated CI/CD pipeline builds and validates all board variants on every commit:
- π Automated Builds: Active board variants built in parallel using self-hosted runners
- π¦ Programming Packages: Complete board programming artifacts generated automatically
- π§ͺ Multi-Layer Quality: Comprehensive validation across all code layers
- π― Multi-Board Matrix: Simultaneous builds for imx8mm and imx93 platforms
- β‘ Optimized Performance: Persistent cache and CPU-optimized parallel builds
Our CI pipeline includes enterprise-grade validation across all layers:
| Layer | Checks | Tools |
|---|---|---|
| Shell Scripts | Syntax, best practices, security | shellcheck via Docker |
| Yocto Recipes | BB syntax, style, SRC_URI validation | Custom validators |
| Layer Config | Dependencies, priorities, collections | BitBake compatibility |
| Yocto Compatible | Official Yocto Project layer compatibility | yocto-check-layer script |
| Device Trees | DTS syntax, naming, indentation | Custom DT checkers |
| Build System | KAS configs, machine definitions | Multi-environment testing |
| CVE Security | Vulnerable packages, hardcoded secrets | Security scanners |
| SBOM Generation | Software Bill of Materials | SPDX-compliant SBOM |
- 30+ Critical Packages: OpenSSL, glibc, BusyBox, SSH, curl, systemd, kernel, U-Boot
- Version Analysis: Detection of pinned versions that may contain known vulnerabilities
- Security Configuration: Validation of FORTIFY_SOURCE, security CFLAGS/LDFLAGS
- Network Security: Detection of insecure HTTP/FTP downloads and configurations
- Hardcoded Secrets: Scans for passwords, API keys, tokens, certificates in recipes
- Configuration Security: Identifies disabled security features and insecure settings
- License Compliance: Validates LICENSE declarations and identifies proprietary components
- Technical Debt: Tracks security-related TODOs and FIXMEs requiring attention
- Reproducible Builds: Validates SOURCE_DATE_EPOCH configuration
- Security Features: Checks for PAM, systemd, SELinux, SMACK, IMA integration
- Debug Features: Warns about debug-tweaks and development features in production
- Host Contamination: Prevents host system contamination in builds
- SPDX 2.3 Standard: Industry-standard Software Bill of Materials format
- Complete Inventory: All recipes, versions, licenses, and dependencies tracked
- Package Manifests: Runtime package information from Yocto builds
- Build Metadata: Machine type, configuration, commit hash, timestamps
- Artifact Inclusion: SBOM included in every programming package
- Long-term Retention: 90-day artifact retention for compliance auditing
- Multi-Build Coverage: Separate SBOMs for base and manufacturing tool builds
- Traceability: Complete source-to-deployment component tracking
- Regulatory Compliance: Supports software supply chain regulations
- Vendor Management: Clear component sourcing and licensing information
- Security Audits: Detailed vulnerability and component analysis
- Risk Assessment: Enables comprehensive security risk evaluation
- Semantic versioning with detailed changelog
- Comprehensive documentation in wiki
- Professional recipe templates and best practices
- Clear maintainer ownership and contact information
- Review best practices guide
- Use recipe template for new components
- Update documentation and changelog
- Follow professional development standards
- Layer Name: meta-dynamicdevices
- Layer Type: BSP (Board Support Package) + Software Layer
- Maintainer: Dynamic Devices Ltd
- Repository: https://github.com/DynamicDevices/meta-dynamicdevices
- Branch Compatibility: scarthgap, kirkstone
- Yocto Project Compatible: In Progress
- OpenEmbedded Index: Registered
This layer was created by Dynamic Devices Ltd to provide comprehensive board support for our Edge Computing platform family. The layer includes:
- BSP Components: Device trees, kernel configurations, bootloader support
- Hardware Drivers: Audio (TAS2563), power management (STUSB4500), sensors
- Software Stack: Audio processing, connectivity, system services
- Integration: Foundries.io LMP integration for secure OTA updates
Required Layers:
openembedded-core(meta)meta-lmp-base(Foundries.io Linux microPlatform)meta-lmp-bsp(Foundries.io BSP layer)meta-openembedded/meta-oemeta-openembedded/meta-networkingmeta-openembedded/meta-pythonmeta-openembedded/meta-multimedia
Optional Layers:
meta-rust-bin(for Rust-based utilities)meta-security(enhanced security features)
- Yocto Project: 5.0+ (Scarthgap) or 4.0+ (Kirkstone)
- BitBake: 2.0+
- Python: 3.8+
- KAS: 3.0+ (recommended build tool)
- Fork the repository on GitHub
- Create a feature branch from main
- Follow coding standards and use provided templates
- Test changes with
yocto-check-layervalidation - Submit pull request with detailed description
- Address review feedback promptly
- GitHub Issues: https://github.com/DynamicDevices/meta-dynamicdevices/issues
- Security Issues: See SECURITY.md for responsible disclosure
- Feature Requests: Use GitHub Issues with enhancement label
This layer is designed to be compatible with other Yocto Project layers:
- No QA Bypasses: All standard QA checks are enabled
- Network Access: Only during do_fetch using BitBake fetcher APIs
- Non-Invasive: Does not change system behavior without explicit configuration
- Separation: Hardware, distro, and software components are properly separated
- OpenEmbedded Registered: Official layer index entry
- Technical Issues: GitHub Issues
- Security Issues: [email protected]
- Commercial Licensing: [email protected]
- General Inquiries: [email protected]
- Wiki: Comprehensive Documentation
For detailed hardware specifications, software features, and development guides, please refer to the comprehensive wiki documentation.