Ubuntu Core features
A minimal and secure OS for IoT, devices and embedded systems.
Security
Strict confinement ›
12 years LTS with a whole new armoury of Linux security capabilities to ensure strict confinement. Leverage a clean separation between the kernel, OS image and the developers’ applications, providing a secure and immutable OS.
Full disk encryption ›
Disks are locked with private key-based cryptography. Private keys for hardware, TPM and other layers are securely stored. Symmetric key encryption is enabled by the use of specialised software-enabled stores.
Secure boot ›
Each component in the boot sequence cryptographically validates the authenticity of the subsequent component. Every component is measured before it’s loaded in the runtime memory space.
Updates
OTA update control ›
Over-the-air (OTA) updates guarantee secure and stable software in any location. You decide which updates are signed, certified and delivered to your devices. Plus, Ubuntu Core keeps the last working boot so you always have a safety net.
Device management ›
Landscape delivers comprehensive management capabilities across the full scope of your device fleets. Stay in control with features including canary releases, remote device remodelling and system monitoring.
Validations sets ›
Validation sets guarantee the installation of required applications with fine-grained permissions. What’s more, you can update applications consistently and simultaneously, improving out-of-the-box experience for end-users.
Operations
Low-touch recovery ›
Ubuntu Core offers a recovery mode that can be activated manually when booting, or remotely via an API call. It additionally offers a graphical user interface to manage recovery options. Configuration settings are backed up in the recovery system.
Real-time systems ›
The real-time kernel integrates the PREEMPT_RT patchset to reduce kernel latencies as required by the most demanding workloads, guaranteeing a time-predictable task execution.
Device remodelling ›
Ubuntu Core’s remodelling feature enables you to change any of the elements of your device’s model assertion. Brand, model, IoT App Store ID or version can be changed to simplify device rebranding for resellers.
What's under the hood
Ubuntu Core is ideal for embedded devices because it manages itself. Snaps, Snapd and Snapcraft bring security and robustness. Applications are easy to install, easy to maintain, and easy to upgrade.
Ubuntu Core is built from snaps, a secure, confined, dependency-free, cross-platform Linux packaging format. Snaps are entirely self-contained, even to the point of encapsulating their own file system. This means they include everything they need to run in any environment. They're used by Ubuntu Core to both compose the image that's run on a device, and to deliver consistent and reliable software updates, even to low-powered, inaccessible and remotely administered embedded and IoT systems.
Snapd is the background service that manages and maintains installed snaps. Alongside its various service and management functions, snapd:
- Provides an API used to install and remove snaps and interact with snaps
- Implements confinement policies that isolate snaps from the base system and from other snaps
- Governs the interfaces that allow snaps to access specific system resources outside of their container
- Integrates with Landscape for advanced fleet management
Snapcraft is a powerful and easy to use tool for building and publishing snaps. It helps you:
- Build and then publish your snaps to your IoT app store
- Fine version control of updates and releases
- Build and debug snaps within a confined environment
- Update and iterate over new builds without rebuilding the environment
- Test and share your snaps locally
Ubuntu-image is your tool to generate bootable Ubuntu Core images for your application and targeted hardware. With Ubuntu-image, you can:
- Build production-ready images from a model assertion
- Specify sets of snaps, including fixed revisions, that must be installed
- Dynamically customise and modify snap selection at build time
- Optimise image boot speed by pre-installing and initialising specific snaps
Ubuntu-image can be installed on a snap-supporting Linux system as follows:
Tamper-resistant and hardened
Ubuntu Core simplifies your security compliance
You need to know your software is pristine; not just for installation, but for the lifetime of the device. Immutable packages and persistent digital signatures mean Ubuntu Core can verify any software component at any time, to guard against corruption and attack.
Comply with cybersecurity requirements and build a reliable business.
Learn more about Ubuntu Core
-
Webinar
-
Whitepaper
Ready to innovate?
Whether you are a startup bringing your concept to market or already have large fleets of devices deployed in the field, we have the expertise and infrastructure to launch and support you.