Why AWS Support for FreeRTOS Is Good for Open Source
Amazon Web Services (AWS) sponsored this post.
FreeRTOS, one of the world’s most popular embedded operating systems (OS), is not on most people’s radar screens. Despite its popularity with embedded developers (consistently ranking first or second in terms of its target OS), most people haven’t heard of it. FreeRTOS also anonymously powers many of the devices we care about, from toy trains to aircraft navigation systems (and everything in between). This is why, at Amazon Web Services (AWS), we felt it was critical to not merely maintain, but to expand the open community around FreeRTOS, while significantly improving its security and connectivity.
With this in mind, in 2017 AWS hired Richard Barry, founder and principal developer of FreeRTOS and assumed stewardship of the FreeRTOS project. Recently I interviewed Barry, a few years after he traded the rain of Bristol, UK, for the rain of Seattle. According to Barry, FreeRTOS development under AWS stewardship has accelerated even as the code has opened up with a highly permissive license (MIT) and he expects this acceleration to continue.
Because helping the open source community build the world’s best embedded operating system makes sense, both for the FreeRTOS community and for Amazon.
At Amazon, we’ve never been shy about our mission for FreeRTOS. The day Amazon FreeRTOS launched, soon after Barry was hired, we said, “Amazon FreeRTOS extends the FreeRTOS kernel, a popular open source operating system for microcontrollers, with software libraries that make it easy to securely connect your small and low-power devices to AWS cloud services like AWS IoT Core or to more powerful edge devices running AWS IoT Greengrass.”
At AWS, we want to make extending the capabilities of resource-constrained embedded devices easier, thereby making the development of common IoT capabilities easier and more powerful. If some subset of developers decides our cloud services can help them in building innovative applications, even better.
One of the first things we did, therefore, was to change FreeRTOS’ license to the more permissive and easily understood MIT license, helping remove friction to contributions.
But before an embedded developer needs AWS cloud services, they first need a highly secure, rock-solid OS, one with a robust open source community behind it. Full stop. There is no AWS benefit until the community benefits.
AWS has actively contributed to the FreeRTOS community, but we also wanted to ensure that others could do so with full confidence in the project’s governance. One aspect of this initiative was licensing.
For years, Barry licensed FreeRTOS under a modified GPL license. As he explains it, he licensed the base OS code under the GPL to require contributions if a developer modified it, unless they were statically linking to other code, in which case an exception kicked in (which allowed the developer to license the complete work however they wanted). Although well-intentioned, this licensing model was also complicated. One of the first things we did, therefore, was to change FreeRTOS’ license to the more permissive and easily understood MIT license, helping remove friction to contributions.
At the same time, Barry says, AWS has added “tons of value with our libraries,” especially in the areas of security and connectivity. While AWS offers a distribution of FreeRTOS (Amazon FreeRTOS), developers don’t have to use it in order to tap into the many contributions we’ve made to FreeRTOS.
More Secure, More Connected
Security is a big deal across the technology landscape, but particularly so for the Internet of Things (IoT). In an Eclipse Foundation IoT developer survey (2019), survey respondents ranked security as their top concern (with 38% citing it), roughly double that of the next concern, connectivity (21%). These top concerns have remained constant over time:
According to this same survey, FreeRTOS is the most widely used OS for constrained devices and one of the top two operating systems across IoT generally. Among other reasons, developers choose FreeRTOS because of its strength in these key areas of security and connectivity, areas that have seen marked improvements since Barry joined AWS.
With regard to security, as Barry noted in our interview, AWS employs some of the world’s leading security experts, who have helped to deliver both memory safety proofs and the tools used to create them as open source so that all can benefit from them. “The security work being done on FreeRTOS by AWS would cost millions,” Barry said.
But the benefits are made available for $0.00 as open source contributions: “AWS is putting all the formal proofs into the GitHub CI pipeline. Anyone that wants to use it can,” Barry said. Additionally, AWS has ported the kernel (as opposed to any connectivity library) to new security-focused microcontrollers, including ARMv8-M and has made those ports available to the entire community whether or not they are creating AWS-connected products.
On connectivity, Barry stresses, AWS has heavily focused on standards-based approaches, such as Public Key Cryptography Standard #11 (PKCS#11), TCP, TLS, MQTT, HTTP and more. With regard to PKCS#11, in particular, we had the opportunity to take a proprietary approach (as others have done), but we expressly decided against this. Similarly, we use POSIX for I/O because we want to reduce the possibility of lock-in. “We give everything back,” Barry said. pointing to our contribution of MQTT libraries as an example.
All of these standard connections are free to use, even if used to connect FreeRTOS devices to another vendor’s cloud services. Yes, we’d love for developers to find our cloud services the most compelling complements for their embedded/IoT workloads and to use our integrated device management and connect to AWS, but we have to earn that.
AWS’ primary focus is always on customers. When a software package is part of a service that we sell to customers, we work hard to ensure the ongoing health of our software supply chain. This has long led us to make significant contributions to a wide range of open source projects such as Linux, Xen, Kubernetes, Redis, Apache Lucene and more — and it’s true of our work with FreeRTOS as well.
According to the Eclipse survey mentioned previously, developers trust AWS with more of their IoT workloads than any other cloud provider. We want to continue to earn that trust by building cloud services that make it easier to build powerful IoT applications. But first, we must help develop an exceptional operating system upon which developers can safely build. “Anything that helps developers connect to the cloud is good for AWS,” Barry said, but it’s first good for those developers.
“Amazon is creating tons of value in FreeRTOS with our libraries,” Barry said. “Even if you’re connecting to a different cloud provider, we’d like for you to do this with our libraries.”
With this in mind, AWS actively contributes to FreeRTOS to make it the world’s most secure, most connected and 100% open source embedded operating system. It’s a smart, good thing for AWS to do, because it’s a smart, good thing for the community.
Feature image via Pixabay.