Mentor Graphics has updated Mentor Embedded Linux (MEL) with Yocto Project 2.0 code, SMACK security, and support for CANopen, BACNet, and 6LoWPAN.
Mentor Graphics has spun a more secure and industrial IoT-ready version of its commercial Mentor Embedded Linux (MEL) distribution and development platform that moves up to a modern Linux codebase built around Yocto Project 2.0 (“Jethro”). Yocto Project 2.0, which advances to GCC 5.2 and adds Toaster support, among other enhancements, was recently adopted by rival embedded distro Wind River Linux 8.
According to Mentor, the latest, unnumbered version of MEL has been certified by Wurldtech Achilles for Communications Certification Level 1 and Level 2. The company refers to the certifications as “the industry benchmark for securing industrial connected devices” that protect “the critical embedded infrastructure, reducing risks of cyber security threats and attacks.”
Mentor Embedded Linux architecture
(click image to enlarge)
Mentor did not say what new or old features combined to meet these requirements, but it does mention one key new security feature that is likely responsible: the addition of the SMACK (simplified mandatory access control kernel) Linux kernel security module. SMACK debuted back in 2008, and was billed at the time as simpler and less resource-intensive than SELinux, especially for embedded developers. The current MEL architecture diagram (above), which may not be completely up to date, omits SMACK, but does list SELinux as a security profile.
SMACK “protects data and process interactions from malicious manipulation by using a set of custom mandatory access control rules,” says Mentor. In addition to the core security module, SMACK includes a startup script for configuration, and a set of patches to the GNU core utilities package to enable SMACK communications.
MEL is further enhanced with new features, including support for:
- CANopen communication protocol and device profile specification for automation
- IEEE 1588 Precision Time Protocol (PTP) for synchronizing clocks in a computer network.
- BACNet, an ISO data communication protocol for building automation and control networks (BACN)
- Industrial IoT protocols like 6LoWPAN, XMPP, CoAP, and MQTT
- Expanded support for NXP TWR-LS1021A, Xilinx Zynq ZC702ED, ZedBoard, NXP i.MX6 SABRE series, and NXP i.MX6 SoloX
- New Sourcery CodeBench IDE support for kernel and kernel module debug using the ARM DSTREAM JTAG device, and application development support using a Windows host
The new Mentor Embedded Linux release is available now. More information may be found at the Mentor Graphics MEL product page.