​Ubuntu Core 16: Linux for a secure Internet of Things

The Internet of Things is as secure as an open barn door. But new operating systems like Canonical's Ubuntu Core 16 can close the door before the DDoS attacks get out.
Written by Steven Vaughan-Nichols, Senior Contributing Editor

As I'm sure you've noticed, the Internet of Things (IoT) is being exploited by Mirai botnets to damage the internet. One big reason for this is IoT devices are as secure as a house of cards in a wind storm. But this can be fixed. Secure operating systems, such as Canonical's newly released Ubuntu Core 16, are making it possible to build solid, safe devices.

Ubuntu Core Architecture

Ubuntu Core 16 can work on clouds and virtual machines, but what makes it really important is it gives us an easy-to-use, secure operating system for the Internet of Things.

Ubuntu Core 16 for the Internet of Things does this with regular and reliable security updates and app stores for intelligent connected devices. Ubuntu Core is a tiny, transactional version of Ubuntu for IoT devices and large container deployments. It runs a new breed of highly secure, remotely upgradeable Linux app packages known as snaps. Snaps are securely confined, read-only, tamper-proof application images, digitally signed to the integrity of IoT software.

These images are "atomic", a new way of updating Linux systems that has also been adopted in other Linux distributions such as Red Hat's Atomic Host and CoreOS. This technique is also used in cloud containers and IoT devices.

In Ubuntu Core 16, its Update Control feature enables programmers and manufacturers to validate updates across the ecosystem before they are applied. Snap updates are transactional. This means that failures are automatically rolled back, giving developers the confidence to update their applications regularly.

The operating system and kernel in Ubuntu Core are also delivered as snaps, so the entire platform is transactionally upgradeable. All Ubuntu Core devices, from all manufacturers, will have free, regular, and reliable OS security updates.

This last part is vital to making truly secure IoT devices. Today, IoT vendors often make it impossible to update their gadgets. Even if they do let you do it, the patches vary from one version to another. For example, far too many Android smartphones are not updated consistently. And things are far worse with the thousands of cheaply made devices with their own homebrews of operating systems and application.

Ubuntu Core is already in use in top-of-rack switches, industrial gateways, home gateways, radio access networks, digital signage, robots, and drones. "Ubuntu Core secures the Internet of Things and provides an app store for every device," said Mark Shuttleworth, founder of Ubuntu and Canonical.

Manufacturers have already embraced Ubuntu Core. "Dell has been working with Canonical on Ubuntu Core for over a year, and our Dell Edge Gateways are fully certified for Ubuntu Core 16," said Jason Shepherd, Dell's IoT's Director of Strategy and Partnerships, in a statement. Why? Because "as companies continue to embrace Internet of Things solutions, security and quick, easy system updates are critical".

"The Internet of Things will see billions of devices in all aspects of our lives", said George Grey, Linaro, the ARM Linux distribution, CEO. "Ubuntu Core 16 will help developers get their products to market quickly using snaps, bringing a new generation of Linux based IoT smart devices to the market."

Other major companies, such as Intel and IBM, are also supporting Ubuntu Core 16. Now,we need to get the smaller OEMs on board. As Gartner reported, more than half of new business processes will incorporate some elements of IoT by 2020. We can't afford to have most of the internet being made up of insecure black boxes.

Leaving aside the security concerns, Ubuntu Core 16's device-specific snap app store supports developers throughout the device lifecycle from beta testing to general availability. This will allow independent software vendors (ISVs) to sell IoT software as easily as cloud, enterprise, and mobile software. A white label app store will help device manufacturers build a branded, differentiated device and software experience.

Put it all together and Ubuntu Core 16's over-the-air updates, signed snaps, and security model will help developers and device manufacturers reduce their time to market. Device manufacturers can already choose from a wide range of chipset, SoC, and single board computers. These include the Raspberry Pi 2 and 3, the Qualcomm Dragonboard 410c, and the Intel Joule.

A dozen, faster, better or cheaper alternatives to the Raspberry Pi

Both for short-term profits and long-term security, Ubuntu Core 16, and other security first, atomic operating systems, make a lot of sense. We can only hope they're adopted before IoT-based Distributed Denial-of-Service (DDoS) attacks get even worse.

Related Stories:

Editorial standards