Open Source Summit North America 2025: Full Schedule

June 23 - 25, 2025
Denver, Colorado
View More Details & Registration
Note: The schedule is subject to change.

The Sched app allows you to build your schedule but is not a substitute for your event registration. You must be registered for Open Source Summit North America 2025 to participate in the sessions. If you have not registered but would like to join us, please go to the event registration page to purchase a registration.

This schedule is automatically displayed in Mountain Daylight Time (UTC/GMT -6). To see the schedule in your preferred timezone, please select from the drop-down menu to the right, above "Filter by Date."

IMPORTANT NOTE: Timing of sessions and room locations are subject to change.

arrow_back View All Dates

6:45am MDT

Denver Walking Tour

Wednesday June 25, 2025 6:45am - 8:00am MDT

Blue Bear

Location: Meet by the Blue Bear outside of the Colorado Convention Center

Discover the vibrant heart of Denver on foot with our guided downtown tour! Immerse yourself in the city's rich culture and history as we explore its iconic landmarks, bustling streets, and hidden gems. Enjoy scenic stops and learn fascinating stories about Denver's past and present. Join us for an unforgettable urban adventure that showcases the best of what this dynamic city has to offer!

Registration Cost: Complimentary - We will do our best to accommodate all interested attendees, but please note that participation is on a first-come, first-served basis the morning of.

*Participants must be registered for Open Source Summit North America 2025, and have their event badge.

Wednesday June 25, 2025 6:45am - 8:00am MDT
Blue Bear Colorado Convention Center

Special Events / Exhibits / Breaks

8:00am MDT

Continental Breakfast

Wednesday June 25, 2025 8:00am - 9:00am MDT

Bluebird Ballroom Foyer (Level 1 - Terrace Level)

Wednesday June 25, 2025 8:00am - 9:00am MDT
Bluebird Ballroom Foyer (Level 1 - Terrace Level)

Special Events / Exhibits / Breaks

8:00am MDT

Hacker Space

Wednesday June 25, 2025 8:00am - 5:00pm MDT

Bluebird Ballroom Foyer - Space behind the escalators

Discover a space, where you can collaborate, create, and explore new ideas with fellow attendees. Whether you're here to learn or build, our space is open for everyone to enjoy throughout the conference!

Wednesday June 25, 2025 8:00am - 5:00pm MDT
Bluebird Ballroom Foyer - Space behind the escalators

Special Events / Exhibits / Breaks

8:00am MDT

Registration & Badge Pick-Up

Wednesday June 25, 2025 8:00am - 5:00pm MDT

Bluebird Ballroom Foyer (Level 1 - Terrace Level)

Wednesday June 25, 2025 8:00am - 5:00pm MDT
Bluebird Ballroom Foyer (Level 1 - Terrace Level)

Special Events / Exhibits / Breaks

8:00am MDT

Zen Zone

Wednesday June 25, 2025 8:00am - 5:00pm MDT

712 Meeting Room (Level 3 - Street Level)

All attendees may feel free to use the Zen Zone as needed. It is a physical space where attendees can go if for any reason they can’t interact with other attendees at that time where conversation and interaction are not allowed.

Wednesday June 25, 2025 8:00am - 5:00pm MDT
712 Meeting Room (Level 3 - Street Level)

Special Events / Exhibits / Breaks

8:00am MDT

Coat & Bag Check

Wednesday June 25, 2025 8:00am - 5:30pm MDT

607 Meeting Room (Level 3 - Street Level)

Wednesday June 25, 2025 8:00am - 5:30pm MDT
607 Meeting Room (Level 3 - Street Level)

Special Events / Exhibits / Breaks

9:00am MDT

Keynotes to be Announced

Wednesday June 25, 2025 9:00am - 10:20am MDT

Bluebird Ballroom 1C (Level 1 - Terrace Level)

Wednesday June 25, 2025 9:00am - 10:20am MDT
Bluebird Ballroom 1C (Level 1 - Terrace Level)

Keynote Sessions

10:20am MDT

Coffee Break

Wednesday June 25, 2025 10:20am - 11:00am MDT

Solutions Showcase - Bluebird Ballroom 1AB

Wednesday June 25, 2025 10:20am - 11:00am MDT
Solutions Showcase - Bluebird Ballroom 1AB

Special Events / Exhibits / Breaks

10:20am MDT

Solutions Showcase

Wednesday June 25, 2025 10:20am - 2:10pm MDT

Solutions Showcase - Bluebird Ballroom 1AB

Wednesday June 25, 2025 10:20am - 2:10pm MDT
Solutions Showcase - Bluebird Ballroom 1AB

Special Events / Exhibits / Breaks

11:00am MDT

From CDEvents To Actions: Designing the Workflow Conductor - Dadisi Sanyika & Ben Powell, Apple

Wednesday June 25, 2025 11:00am - 11:20am MDT

Bluebird Ballroom 3B

The CDEvents specification has been around for some time but what are "we" doing with it? This talk peels back the layers of our journey from CDEvents to the engineering design of a "Workflow Conductor". We will examine how specific events can be translated into actionable steps, enabling the Workflow Conductor to manage and coordinate diverse CI/CD tools. The focus will be on how the declaration of intent is tracked across tools, maintaining a consistent and auditable process. Join us to discover the technical underpinnings of this system and learn how it can transform your software delivery pipeline.

Speakers

Dadisi Sanyika

CDF Board Chair, Spinnaker TOC, Engineering Manage, Apple, Inc.

I am Board Chair for the Continuous Delivery Foundation (Linux sub-foundation) and lead a team of engineers at Apple dedicated to improving the Continuous Deployment experience for teams and the community. Our contributions are focused on extending scalability and multi-tenant capabilities... Read More →

Ben Powell

Software Engineer, Apple

Ben is a software engineer at Apple for the Spinnaker team with previous experience at AWS for the AWS SDK and ECS team. He has contributed to various different tools, services, and proposals through the years, governs the Cloud SIG for Spinnaker, and is an active participant for... Read More →

Wednesday June 25, 2025 11:00am - 11:20am MDT
Bluebird Ballroom 3B

cdCon

Audience Experience Level Intermediate

11:00am MDT

Turning Policies, Standards, and Governance Into Enablers for Open-Source Innovation - Mark Paulsen, TD Bank

Wednesday June 25, 2025 11:00am - 11:20am MDT

Bluebird Ballroom 2F

Policies, standards, and governance are often perceived as hurdles for innovation - especially within regulated industries where it may be difficult to leverage and contribute to open-source. But there is a way to reframe these perceived obstacles and turn them into streamlined "guardrails" that can help drive innovation and enable the ability to not only consume, but also contribute to open-source.

Speakers

Mark Paulsen

Head, Open-Source Program Office, TD Bank

Over 20 years of experience in the tech industry working in startup environments as well as global enterprises. Passionate about building open and welcoming communities and helping developers around the world be successful, keep in the flow, and be happy in the job they love.

Wednesday June 25, 2025 11:00am - 11:20am MDT
Bluebird Ballroom 2F

Standards + Specifications

Audience Experience Level Beginner

11:00am MDT

The 5 OSS Observability Resource Killers: What You Don't Know Can Cost You! - Amir Jakoby, Sawmills

Wednesday June 25, 2025 11:00am - 11:40am MDT

Bluebird Ballroom 2G

Our cloud native world has become more than just tooling, it's an entire ecosystem with many add-ons, complementary tools, when it comes to K8s CRDs, and services that provide its powerful capabilities and infinite scale...but at what cost?

In this talk, we'll share first of its kind research that will highlight the 5 most common OSS cloud native tools killing your observability costs. We'll start by exploring how different observability tools structure pricing, the complexities that compound cost calculation, and especially which OSS tools in your stack are the most resource-intensive services.

You'll discover how you can know whether it's KEDA or Karpenter, ArgoCD or Kyverno ballooning budgets. But don't panic! We'll wrap up with good practices for configuring popular tools to be more economical, so you can leverage the powerful K8s ecosystem without breaking the bank.

Speakers

Amir Jakoby

CTO & Co-Founder, Sawmills

Amir Jakoby is a seasoned technology executive with over 18 years of experience in software engineering, leadership, & product innovation. He currently serves as Co-Founder and CTO of Sawmills.ai. Previously, as VP of Engineering at New Relic, Amir led a global team of 85 engineers... Read More →

Wednesday June 25, 2025 11:00am - 11:40am MDT
Bluebird Ballroom 2G

Cloud + Containers

Audience Experience Level Intermediate

11:00am MDT

Test Harness: Continuous Testing on Hardware - Trecia Agoylo & Julia Anjanet Pineda, Analog Devices

Wednesday June 25, 2025 11:00am - 11:40am MDT

Bluebird Ballroom 2A

The test harness (aka board farm) was initially designed to enable automated testing of Linux drivers on actual hardware. This ultimately became a way to implement continuous testing on hardware, every commit or PR, a build and test is run, and results are reflected back to the commit. It is designed to cater a wide range of peripheral devices and platforms mainly for Analog Devices' Kuiper Linux distribution which is built with more than 1000 Linux device drivers compatible with Xilinx and Intel FPGAs, Raspberry Pi boards, and several other platforms.

This talk covers the design and implementation of such a fully automated test harness. The implemented architecture leverages the use of readily available components/technologies such as Jenkins, Docker, NetBox, and JFrog Artifactory and, at the same time, includes custom-built tools that can be tailored and extended to support existing or new devices and platform types.

This talk will also cover how the team handled the challenges encountered while implementing and addressing features such as resource queueing to minimize waiting time of running builds and also how we make use of sdcardmux to handle recovery.

Speakers

Trecia Agoylo

Senior Software QA Engineer, Analog Devices Inc.

I have seven years of software quality assurance testing experience which also enabled me to learn DevOps practices. I value continuous learning, and I am eager in learning new automation tools. I enjoy finding bugs as much I enjoy debugging them.

Julia Anjanet Pineda

Software QA Engineer, Analog Devices

I like to run while waiting for build jobs to finish. I would work for hours to automate a task that should only take seconds to do manually. I develop and maintain a fully automated hardware test harness for system-level testing.

Wednesday June 25, 2025 11:00am - 11:40am MDT
Bluebird Ballroom 2A

Embedded Linux Conference

Audience Experience Level Any

11:00am MDT

Panel Discussion: From First PR To Lifelong Impact: Helping People Thrive in Open Source - Dawn Foster & Ruth Ikegah, CHAOSS; Sandeep Kanabar, Gen; Shuah Khan, The Linux Foundation

Wednesday June 25, 2025 11:00am - 11:40am MDT

Bluebird Ballroom 3H

Open source is the foundation of modern software, yet many projects struggle with sustainability—not just in attracting contributors, but in ensuring they stay, grow, and thrive. The landscape of open source contribution has evolved dramatically, demanding a fresh approach to community building and contributor engagement.

Traditional pathways into open source don’t work for everyone. This panel brings together experts who have successfully expanded contributor pipelines beyond the usual audience—through initiatives like the CNCF Deaf and Hard-of-Hearing WG, CHAOSS Africa, and mentorship programs. We’ll explore best practices for guiding contributors from their first PR (or non-code contribution) to meaningful, long-term engagement.

Beyond code, open source thrives on diverse contributions: marketing, content creation, event planning, automation, governance, and more. By broadening the definition of “contributor,” we lower barriers to entry, strengthen projects, and build a more inclusive, resilient ecosystem.

Join us for a discussion on how we can transform contributor journeys to be more inclusive, fulfilling, and impactful for individuals and the broader open source ecosystem.

Speakers

Dawn Foster

Director of Data Science, CHAOSS

Dr. Dawn Foster works as the Director of Data Science for CHAOSS where she is also a board member / maintainer. She is co-chair of CNCF TAG Contributor Strategy and an OpenUK board member. She has 20+ years of experience at companies like VMware and Intel with expertise in community... Read More →

Sandeep Kanabar

Lead Software Engineer | CHAOSS Asia WG, Gen (formerly NortonLifeLock)

Hailing from India, Sandeep is a passionate software engineer working at Gen (formerly NortonLifeLock), a global leader in CyberSecurity. A frequent meetup speaker, Sandeep enjoys sharing his lessons with the community. He's a staunch advocate for open-source, diversity and inclusion... Read More →

Shuah Khan

Kernel Maintainer & Linux Fellow, The Linux Foundation

Shuah Khan is a Kernel Maintainer & Linux Fellow at The Linux Foundation. She is an experienced Linux Kernel developer, maintainer, and contributor. She authored, A Beginner’s Guide to Linux Kernel Development (LFD103) training course. She designed and leads the Mentorship program... Read More →

Ruth Ikegah

Community Lead, CHAOSS Project

Ruth Ikegah is an Open Source Program Manager, Technical Writer, GitHub Star, and Public Speaker. She serves as the Community Lead at CHAOSS Africa, working to improve the health of Open Source communities on the continent. She also doubles as a maintainer in the Diversity, Equity... Read More →

Wednesday June 25, 2025 11:00am - 11:40am MDT
Bluebird Ballroom 3H

Equity + Inclusion + Accessibility

Audience Experience Level Beginner

11:00am MDT

Self-Driving DAMON/S: Controlled and Automated Access-aware Efficient Systems - SeongJae Park, Meta

Wednesday June 25, 2025 11:00am - 11:40am MDT

Bluebird Ballroom 2B

Data access monitoring and access-aware system operations based on it can be very useful and efficient when it is used wisely. Otherwise, it can be useless or even harmful. Hence, users are often required to do time-consuming and repetitive testing and tuning. It is not only data access monitoring's problem but a common issue at system-level operations.

DAMON is a Linux kernel subsystem for efficient data access monitoring and access-aware system operations. It mitigates the tuning problem by embedding a few automation mechanisms that allows users to run it in an automated for best outputs, but still safely controlled way.

This talk introduces the tuning problem and DAMON's automation mechanisms in detail, with usage guidelines and evaluation results. Audiences will be able to understand how they can use DAMON for more efficient system, and get some ideas about how to solve the tuning problems in general.

Speakers

SeongJae Park

Software Engineer, Meta

SeongJae Park is a Linux kernel programmer who maintains the data access monitoring framework of the Linux kernel called DAMON (https://damonitor.github.io/). His interests include operating system kernels, parallel computing, and memory management.

Wednesday June 25, 2025 11:00am - 11:40am MDT
Bluebird Ballroom 2B

Linux

Audience Experience Level Intermediate

11:00am MDT

Guarding the LLM Galaxy: Security, Privacy, and Guardrails in the AI Era - Jigyasa Grover, BORDO AI & Rishabh Misra, Attentive Mobile Inc

Wednesday June 25, 2025 11:00am - 11:40am MDT

Bluebird Ballroom 3E

The widespread adoption of Large Language Models (LLMs) like GPT-4, Claude, and Gemini has introduced unprecedented capabilities and equally unprecedented risks. Organizations are increasingly deploying LLMs to handle sensitive tasks, from processing medical records to analyzing financial documents. This talk examines the evolving landscape of LLM security and privacy, combining theoretical foundations with a walkthrough of example implementations.

Through real-world case studies of both attacks and defenses and practical implementation guidance using popular security tools, we'll explore critical vulnerabilities and proven defensive techniques. Special attention will be given to securing fine-tuned and domain-specific LLMs, with live examples using NVIDIA’s NeMo Guardrails, LangChain's security tools, and Microsoft's guidance library.

Speakers

Jigyasa Grover

Lead, AI & Research, BORDO AI

10-time award winner in Artificial Intelligence and Open Source and the co-author of the book 'Sculpting Data For ML', Jigyasa Grover is a powerhouse brimming with passion to make a dent in this world of technology and bridge the gaps. AI & Research Lead, she has years of ML engineering... Read More →

Rishabh Misra

Lead Machine Learning Engineer, Attentive Mobile Inc

Author of the book "Sculpting Data for ML", I am a Lead ML Engineer & Researcher recognized by the US Government for outstanding contribution to ML research. I have extensively published and reviewed research at top AI conferences in NLP (LLMs / GenAI), Deep Learning, and Applied... Read More →

Wednesday June 25, 2025 11:00am - 11:40am MDT
Bluebird Ballroom 3E

Open AI + Data

Audience Experience Level Intermediate

11:00am MDT

Triton Inference Server: Supporting Next-Generation AI Workloads - Olga Andreeva & Ryan McCormick, NVIDIA

Wednesday June 25, 2025 11:00am - 11:40am MDT

Bluebird Ballroom 3F

Triton Inference Server has long been a reliable tool for AI model deployment. As Generative AI unfolds its transformative potential, Triton continues to evolve, offering both time-tested features and new capabilities tailored for large language models and more complex agentic workflows.

This session explores how Triton’s core strengths continue to play a crucial role in optimizing generative AI deployments. These include its robust multi-framework support, dynamic batching, concurrent model execution, and the capability to deploy complex inference pipelines through model ensembling and business logic scripting.

We’ll also cover recent enhancements such as OpenAI compatible frontend, allowing easy integration with existing OpenAI-based applications; Python-based backends to standardize the deployment of Python models without writing a custom C++ backend; Triton CLI to simplify model deployment and management; distributed inference enhancements for Data Center scale.

Throughout the presentation, we’ll share practical examples and best practices, equipping our listeners with the knowledge to effectively use Triton Inference Server to optimize AI workloads’ performance and efficiency.

Speakers

Olga Andreeva

Senior Software Engineer, NVIDIA

Olga Andreeva is a senior software engineer, specializing in machine learning inferencing. With a PhD in Computer Science from the University of Massachusetts Boston and experience in both academia and industry, Olga specializes in translating cutting-edge ML research into robust... Read More →

Ryan McCormick

Senior Software Engineer, NVIDIA

Ryan McCormick is a senior software engineer working at the intersection of machine learning, systems software and distributed systems at NVIDIA. He is responsible for developing scalable and performant inference solutions, with a current focus on the Triton Inference Server and Triton... Read More →

Wednesday June 25, 2025 11:00am - 11:40am MDT
Bluebird Ballroom 3F

Open AI + Data

Audience Experience Level Any

11:00am MDT

The Accidental Maintainer: Sideways Stories Into Open Source Leadership - Divya Mohan, SUSE & Natali Vlatko, Cisco

Wednesday June 25, 2025 11:00am - 11:40am MDT

Bluebird Ballroom 3C

Maintainers are responsible for technical oversight and key decisions in open source projects. Contributor ladders, found in projects like OpenTelemetry and Apache, define the journey from contributorship to maintainership. Divya Mohan and Natali Vlatko exemplify this path, having "accidentally" risen to leadership as co-chairs of the Kubernetes Documentation Special Interest Group (SIG).
But how does one stumble into leadership, and how can we make this process intentional? In their talk, Divya and Natali will share their experiences alongside insights from other leaders in the CNCF ecosystem. They will discuss how contributions—like decision-making, completing essential tasks, and sharing knowledge—cultivate a community that fosters leadership. Discover how elevated permissions can be perceived as leadership roles, how contributors who answer questions become mentors, and recognize if you’re already demonstrating these leadership qualities.
Join along to learn about the leadership tasks Divya and Natali perform as SIG co-chairs and how you can leverage your skills to lead in your project.

Speakers

Divya Mohan

Principal Technology Advocate, SUSE

Divya is a Principal Technology Advocate at SUSE, where she contributes to and advocates for its open source projects. She co-chairs the documentation for the Kubernetes & has previously worked extensively in the systems engineering space during her tenure with HSBC & IGate Global... Read More →

Natali Vlatko

Open Source Lead Architect, Cisco

Natali Vlatko (she/her) is an Open Source Lead Architect at Cisco, specializing in open software, policy, and governance. She is a SIG Docs Co-Chair for Kubernetes and a member of the TODO Group Steering Committee. She plays on the fun computer in her spare time. Her academic background... Read More →

Wednesday June 25, 2025 11:00am - 11:40am MDT
Bluebird Ballroom 3C

Open Source Leadership

Audience Experience Level Any

11:00am MDT

Implementing Zero Trust in Government Settings: Strategies, Challenges, and Best Practices - Steve Taylor, DeployHub, Inc

Wednesday June 25, 2025 11:00am - 11:40am MDT

Bluebird Ballroom 3G

With escalating cyber threats and increasing regulatory pressure, government agencies face a critical need to modernize their security strategies. The Zero Trust model—"never trust, always verify"—has emerged as a cornerstone for safeguarding sensitive data and infrastructure. However, implementing Zero Trust in government settings presents unique challenges, including legacy systems, complex compliance requirements, and the need to balance security with operational efficiency. This talk will provide a roadmap for adopting Zero Trust principles in government environments, offering actionable insights to overcome obstacles and ensure mission readiness.

Speakers

Steve Taylor

CTO, DeployHub

Steve Taylor is a visionary and leader in open-source security, DevOps, and securing the software supply chain. Long before “CI/CD” became a buzzword, Steve was designing cutting-edge pipelines for Fortune 1000 companies, redefining how software is built and deployed. His innovative... Read More →

Wednesday June 25, 2025 11:00am - 11:40am MDT
Bluebird Ballroom 3G

OpenGovCon

Audience Experience Level Beginner

11:00am MDT

Finally! A New Trademark Policy - Rebecca Rumbul & Gracie Gregory, The Rust Foundation

Wednesday June 25, 2025 11:00am - 11:40am MDT

Bluebird Ballroom 3D

Refreshing long-standing policies in OSS communities can be a long and difficult process. Last year at OSS Summit NA, we discussed getting to the mid-point in our journey in developing a new trademark policy for the Rust community. Following a lot of further work, consultation, and iteration, and final board approval, we are now able to reflect on the whole process of redeveloping a legal policy with an OSS community, the pitfalls, challenges, and paths to success.

Speakers

Rebecca Rumbul

CEO & Executive Director, Rust Foundation

Rebecca is the Executive Director and CEO of the Rust Foundation. She holds a PhD in Politics and Governance, and has worked as a consultant and researcher with governments, parliaments and development agencies all over the world, advocating for openness and transparency, and developing... Read More →

Gracie Gregory

Director of Communications & Marketing, The Rust Foundation

Wednesday June 25, 2025 11:00am - 11:40am MDT
Bluebird Ballroom 3D

Operations Management

Audience Experience Level Any

11:00am MDT

The Xen Safety Concept, a Major Milestone Toward Certification - Stefano Stabellini, AMD

Wednesday June 25, 2025 11:00am - 11:40am MDT

Bluebird Ballroom 2D

Over the past decade, the Xen community has worked tirelessly to develop key features that now form a top-tier automotive solution. Xen's most important role remains that of an enforcer, ensuring strict isolation between domains so that the execution of one domain remains unaffected by others. As one of the system's most critical components, Xen is well suited for the highest levels of safety certification.

Since 2023, AMD, in collaboration with the Xen community, has been working to make Xen safety-certifiable according to the ISO 26262 and IEC 61508 safety standards. A major milestone was achieved in Q4 2024 when we obtained Safety Concept Approval from the safety assessors. They reviewed Xen and our safety plans and confirmed compliance with the relevant standards. This is a critical milestone on the road to Xen safety, demonstrating that Xen can be safety-certified.

This presentation will provide detailed insights into the Safety Concept, the activities involved in its development, and the review process. Additionally, it will offer an in-depth update on our journey toward achieving Xen safety certification.

Speakers

Stefano Stabellini

Fellow, AMD

Stefano Stabellini is a Fellow at AMD, where he leads system software architecture and the virtualization team. Stefano has been involved in Xen development since 2007. He created libxenlight in November 2009 and started the Xen port to ARM with virtualization extensions in 2011... Read More →

Wednesday June 25, 2025 11:00am - 11:40am MDT
Bluebird Ballroom 2D

Safety-Critical Software

Audience Experience Level Intermediate

11:00am MDT

Building an Open Source System Design Interview Coach With Interactive Simulations - Sriram Panyam, Omlet Inc

Wednesday June 25, 2025 11:00am - 11:40am MDT

Bluebird Ballroom 2E

As a former FAANG engineering leader who's interviewed 100s of candidates, I've seen brilliant engineers crumble under the pressure of system design interviews. In this hands-on workshop, we'll build tools I wish every candidate (including myself) had before walking into interview rooms.

Together, we'll create:

* A system design scenario generator based on real FAANG questions
* Interactive simulators showing how architectures perform under load
* Visual tools demonstrating distributed systems concepts (CAP theorem, consistency models)
* Performance comparison tools for evaluating architectural trade-offs
* Failure scenario simulators revealing resilience thinking

Candidates often fail not from lack of knowledge, but inability to visualize and communicate complex systems under pressure. The market is competitive & rife with layoffs. These tools aren't just about getting hired - they're about ensuring talented engineers find positions where they'll thrive.

We'll use OSS (ONLY) to make abstract concepts concrete, giving you both valuable tools and insider perspective on what FAANG interviewers are really seeking when they ask you to design a system from scratch.

Speakers

Sriram Panyam

Chief Architect and Founding Engineer

As an engineering leader who's conducted 100s of technical interviews, I've seen exceptional talent fail due to the mysterious nature of system design interviews. I've built large-scale distributed systems and mentored engineers through the bewildering interview process at top tech... Read More →

Wednesday June 25, 2025 11:00am - 11:40am MDT
Bluebird Ballroom 2E

Wildcard

Audience Experience Level Any

11:00am MDT

Tutorial: Take Control of Git: Beyond the Basics - Kim Schlesinger, Contentful & Kyle Coberly, Urban Sky

Wednesday June 25, 2025 11:00am - 12:35pm MDT

Bluebird Ballroom 3A

You can commit, pull, and push—but do you truly understand Git? Does it feel more like a fragile system you tiptoe around than a tool that empowers your workflow? If navigating your repository makes you hesitant, it's time to go beyond the basics and build real confidence.

In this hands-on workshop, you’ll learn to:

1. Navigate with confidence: Jump between commits without fear using Reflog, ensuring you never lose your place
2. Refine your workflow: Embrace the safety of version control with patches, diffs, and resets to commit first and edit later
3. Keep your best work: Shape your commit history with checkout file, cherry-pick, and interactive rebase to express your intent clearly

Version control isn’t just a safety net—it’s a tool that amplifies your impact as an engineer. Equip yourself with the professional’s toolkit and make Git work for you!

Speakers

Kim Schlesinger

Technical Learning Experience Designer, Contentful

Kim Schlesinger is a seasoned tech educator specializing in Kubernetes, containers, and curriculum design. With a passion for making complex technical concepts accessible, she has helped many developers and teams build their skills in cloud-native technologies. Kim is currently a... Read More →

Kyle Coberly

Staff Software Engineer, Urban Sky

Kyle Coberly is a software engineer and coach specializing in web product development, quality, and agility. He’s currently a Staff Software Engineer at Urban Sky and an adjunct professor of Information Technology at the University of Denver. He was formerly the Director of Education... Read More →

Wednesday June 25, 2025 11:00am - 12:35pm MDT
Bluebird Ballroom 3A

Open Source 101

Audience Experience Level Intermediate

11:20am MDT

Event Provenance Registry: Continuous Delivery Events for the Electric Sheep - Brett Smith, SAS Institute, Inc.

Wednesday June 25, 2025 11:20am - 11:40am MDT

Bluebird Ballroom 3B

What if you got a second chance to build an Event Driven Provenance service? In this talk I will cover the decision to start over, rewrite, and Open Source the Event Driven system we built in house. In the process of covering the things we changed and the things we kept I tell a few war stories. Add in what needed to be improved and what we left behind. I will talk about our involvement in the CD Foundation and how the new system can leverage CDEvents and help with SBOM storage and retrieval. Demo and Discussion included dependent on time allotment.

Speakers

Brett Smith

Distinguished Software Developer, SAS Institute, Inc.

Software Architect/Engineer/Developer with 25+ years of experience. Specialties: Event Driven Automation, Continuous Integration/Delivery/Testing/Deployment, Supply Chain Security Expertise: Linux, packaging, and tool design. Currently Engineering and Securing the Supply Chain... Read More →

Wednesday June 25, 2025 11:20am - 11:40am MDT
Bluebird Ballroom 3B

cdCon

Audience Experience Level Any

11:20am MDT

Unlocking Telco APIs: How Open Source Is Driving Standardization & Interoperability - Markus Kummerle, Deutsche Telekom

Wednesday June 25, 2025 11:20am - 11:40am MDT

Bluebird Ballroom 2F

In the world of API development, standardization & interoperability are essential for seamless integration across industries. CAMARA Project, in collaboration with GSMA, TM Forum, and the LF, leads the charge in harmonizing telco API standards. Through open collaboration, the project has established a unified, industry-wide framework that simplifies API adoption for telco operators, enabling them to integrate with marketplaces, aggregators, & hyperscalers more efficiently.
This session summarizes the telco API ecosystem, the key organizations shaping it, and how developers can get involved:

How CAMARA defines telco end-user-facing APIs and streamlines adoption for operators; The GSMA Open Gateway Initiative’s role in standardizing API distribution across different channels;
TM Forum’s work in enabling communication between operators, marketplaces, and hyperscalers; and Practical ways developers can contribute—whether by implementing APIs within operators, connecting exposure platforms, integrating their own portals, or adapting products to fit into this growing ecosystem.

Explore how OSS transforms the telco industry and how to be part of this collaborative movement!

Speakers

Markus Kummerle

Program Manager Deutsche Telekom API Exposure, Deutsche Telekom

Markus Kümmerle is responsible for the 5G Network Exposure Program at Deutsche Telekom. Since 2014 Markus has been responsible for Quality for the System Integration / Digital Solutions unit of T-Systems. In parallel, he continues driving large projects and programs. In 2020 he took... Read More →

Wednesday June 25, 2025 11:20am - 11:40am MDT
Bluebird Ballroom 2F

Standards + Specifications

Audience Experience Level Beginner

11:55am MDT

Navigating Compliance: What Developers Can Learn From Driving - Kadi McKean & Charlie Jones, ReversingLabs

Wednesday June 25, 2025 11:55am - 12:15pm MDT

Bluebird Ballroom 3B

When driving on a highway, you have to follow the rules of the road—some apply to everyone, while others only apply to commercial drivers. Open source maintainers and software publishers face a similar divide regarding regulatory compliance.

While software manufacturers must meet extensive legal and security obligations, open source maintainers often assume these regulations do not apply directly to them—but do they? In this talk, we’ll separate fact from fiction by breaking down what rules like the EU Cyber Resilience Act require from maintainers versus software vendors.

We’ll explore the limited enforceable obligations for open source projects, including secure development policies and vulnerability reporting, and discuss when (if ever) these rules impact maintainers. By understanding these distinctions, open source contributors can make informed decisions about risk, responsibility, and collaboration with commercial software teams—without unnecessary compliance burdens.

Speakers

Kadi McKean

Community Manager, ReversingLabs

Kadi is passionate about the DevOps / DevSecOps community since her days of working with COBOL development and Mainframe solutions. At ReversingLabs she collaborates with developers and security researchers to help entities prioritize their open source risk, reduce technical debt... Read More →

Charlie Jones

Director of Product Management, ReversingLabs

Charlie is currently a Director of Product Management and subject matter expert in cybersecurity and digital trust. Charlie has 10 years experience delivering strategic transformation initiatives, specializing in cybersecurity, TPRM, and regulatory compliance for Fortune 100 financial... Read More →

Wednesday June 25, 2025 11:55am - 12:15pm MDT
Bluebird Ballroom 3B

cdCon

Audience Experience Level Any

11:55am MDT

FoundationDB, the Black Knight - Peter Boros, Tigris Data

Wednesday June 25, 2025 11:55am - 12:35pm MDT

Bluebird Ballroom 2G

Monty Python’s Black Knight is the opponent that couldn’t lose. Even after all of his limbs were cut off, he offered a draw: “it’s just a scratch.”

FoundationDB (FDB) is a distributed transactional key-value store that is very difficult to defeat just like the Black Knight. Open-sourced in 2018 after an acquisition by Apple, FDB was designed to be a common layer: almost all databases have a backing key-value store. Many have built on top of it including Snowflake, Adobe, & Datadog.

FDB got it right: transactions, distributed by default, and extreme reliability. Kyle Kingsbury (aphyr) the author of Jepsen series on distributed systems correctness, said: "haven't tested foundation in part because their testing appears to be waaaay more rigorous than mine."

We demo a live FDB cluster and try to disrupt its operations. Our attempts are informed by real world experience supporting a metadata service for billions of objects globally.

When we finally succeed, we show how backups and disaster recovery resurrect FDB. We’ll learn about highly resilient design patterns and operations. We have battle scars, and want to help others!

Speakers

Peter Boros

Founding Engineer, Tigris Data

Peter is a founding engineer at Tigris Data. He has been using and working with open source software from early 2000s. Peter's first and foremost professional interest is performance tuning and large scale automation. Before rejoining Tigris Data, Peter worked on large scale MySQL... Read More →

Wednesday June 25, 2025 11:55am - 12:35pm MDT
Bluebird Ballroom 2G

Cloud + Containers

Audience Experience Level Intermediate

11:55am MDT

Virtio-msg: Making Virtio Work Where It Does Not Today - Bill Mills, Linaro

Wednesday June 25, 2025 11:55am - 12:35pm MDT

Bluebird Ballroom 2A

Virtio-msg is a new virtio transport that allows Virtio to be used on AMP systems between Linux and Zephyr on a co-processor, between the Linux Kernel and Secure World TEEs like Trusty and OP-TESS, and other places where Virtio-mmio and Virtio-pci do not work.

Speakers

Bill Mills

Principal Technical Consultant, Linaro

Bill Mills has been professionally active in embedded systems for over 37 years. He has been the lead developer on debugger/emulator, RTOS kernel, VoIP, and many other projects. He has been focused on Embedded Linux strategy for over 15 years. He is a founding member of the Yocto... Read More →

Wednesday June 25, 2025 11:55am - 12:35pm MDT
Bluebird Ballroom 2A

Embedded Linux Conference

Audience Experience Level Intermediate

11:55am MDT

From Classroom To Cloud: Bridging Academia and the Open Source Ecosystem - Andy Anderson, IBM Research & Professor Corey Leong, Valencia College

Wednesday June 25, 2025 11:55am - 12:35pm MDT

Bluebird Ballroom 3H

This session introduces **Interns for Open Source (IFOS)**, a program that offers undergraduate and graduate Computer and Information Sciences students hands-on experience with open source projects for academic credit. Over 10 weeks, students bridge classroom learning and real-world application by contributing through issue tracking and pull requests. Their fresh perspectives provide open source communities with valuable feedback, usability insights, and rigorous testing. Students sharpen technical skills, learn professional workflows, and build portfolios. Open source projects benefit from innovative ideas and unbiased input. Attendees will learn about the program structure, its benefits for students and open source communities, and how to get involved.

Speakers

Corey Leong

Professor Cloud Computing, Valencia College

Prior to teaching, I worked in the IT industry for 25 years. I currently teach cloud computing courses, oversee open source mentorships and cloud internships.

Andy Anderson

Software Architect, IBM Research

Andy is an experienced software architect with a strong track record of leading research and engineering teams on hybrid cloud and Kubernetes-based platform development. He has a wealth of experience in software development, cloud computing, and data analysis. Andy is particularly... Read More →

Wednesday June 25, 2025 11:55am - 12:35pm MDT
Bluebird Ballroom 3H

Equity + Inclusion + Accessibility

Audience Experience Level Beginner

11:55am MDT

The Big-endian RISC-V Linux Adventure - Ben Dooks, Codethink

Wednesday June 25, 2025 11:55am - 12:35pm MDT

Bluebird Ballroom 2C

The latest RISC-V ISA specification allows for runtime configuration of the data endian between little and big. Since no one had done this before, we decided to investigate how difficult it would be to get a prototype Linux implementation running in big endian on an emulated RISC-V system such as under QEMU.

The talk goes from the description of the new ISA feature, our initial analysis and the modifications to software such as the Linux kernel, QEMU and OpenSBI and an overview of the issues that we found and how to fix them. This includes kvm and how that works with mixed endian kvm instances, and the modifications to kvmtool to make this work.

We conclude with how the project went, what we published and a call to arms to continue testing and fixing outstanding issues.

Speakers

Ben Dooks

Senior Engineer, Fellow, Codethink

Senior open source consultant at Codethink and long-time contributor to various projects such as the Linux Kernel.

Wednesday June 25, 2025 11:55am - 12:35pm MDT
Bluebird Ballroom 2C

Linux

Audience Experience Level Intermediate

11:55am MDT

Fast Inference, Furious Scaling: Leveraging VLLM With KServe - Rafael Vasquez, IBM

Wednesday June 25, 2025 11:55am - 12:35pm MDT

Bluebird Ballroom 3E

In this talk, we will introduce two open-source projects vLLM and KServe and explain how they can be integrated to leverage better performance and scalability for LLMs in production. The session will include a demo showcasing their integration.

vLLM is a high-performance library specifically designed for LLM inference and serving, offering cutting-edge throughput and efficiency through techniques such as PagedAttention, continuous batching, and optimized CUDA kernels, making it ideal for production environments that demand fast, large-scale LLM serving.

KServe is a Kubernetes-based platform designed for scalable model deployment. It provides robust features for managing AI models in production, including autoscaling, monitoring, and model versioning.

By combining vLLM's inference optimizations with KServe's scalability, organizations can deploy LLMs effectively in production environments, ensuring fast, low-latency inference and seamless scaling across cloud platforms.

Speakers

Rafael Vasquez

Open Source Software Developer, IBM

Rafael Vasquez is a software developer on the Open Technology team at IBM. He previously completed an MASc. working on self-driving car research and transitioned from a data scientist role in the retail field to his current role where he continues to grow his passion for MLOps and... Read More →

Wednesday June 25, 2025 11:55am - 12:35pm MDT
Bluebird Ballroom 3E

Open AI + Data

Audience Experience Level Beginner

11:55am MDT

Harnessing Event-Driven and Multi-Agent Architectures for Complex Workflows in Generative AI System - Mary Grygleski, Callibrity

Wednesday June 25, 2025 11:55am - 12:35pm MDT

Bluebird Ballroom 3F

Generative AI applications, in general, excel in zero-shot and one-shot types of specific tasks. However, we live in a complicated world and we are beginning to see that today’s generative AI systems are simply not well equipped to handle the increased complexity that is found especially in business workflows and transactions. Traditional architectures often fall short in handling the dynamic nature and real-time requirements of these systems. We will also need a way to coordinate multiple components to generate coherent and contextually relevant outputs. Event-driven architectures and multi-agent systems offer a promising solution by enabling real-time processing, decentralized decision-making, and enhanced adaptability.

This presentation proposes an in-depth exploration of how event-driven architectures and multi-agent systems can be leveraged to design and implement complex workflows in generative AI. By combining the real-time responsiveness of event-driven systems with the collaborative intelligence of multi-agent architectures, we can create highly adaptive, efficient, and scalable AI systems. This presentation will delve into the theoretical and practical sides.

Speakers

Mary Grygleski

Director, Emerging Technologies, Callibrity

Mary is a Technical Advocate, Java Champion, and the Director of Emerging Technologies at Callibrity. She started as an engineer in Unix/C, then transitioned to Java around 2000 and has never looked back since then. After 20+ years of being a software engineer and technical architect... Read More →

Wednesday June 25, 2025 11:55am - 12:35pm MDT
Bluebird Ballroom 3F

Open AI + Data

Audience Experience Level Intermediate

11:55am MDT

Building InnerSource Community: What Goes Behind the Scenes? - Shanmugapriya Manoharan, IKEA (Ingka Group)

Wednesday June 25, 2025 11:55am - 12:35pm MDT

Bluebird Ballroom 3C

InnerSource involves much more than just opening up the codebase for reuse & contribution. So much nuanced, time sensitive work is done by maintainers behind the scenes to nurture a community around an InnerSource project - answering queries from the community in a timely manner, finding & promoting project to right customers (potential contributors), maintaining regular communication & creating a safe space for community to provide feedback, to name a few. These activities require commitment by the maintainers. It may come naturally for those who are familiar with inclusive, open source ways of working. For teams new to InnerSource and/or not familiar with open source development models, there is a need for a mindset shift to open development models. What can prevent teams within the company from reusing and contributing to an InnerSource project? Will inclusivity matter while building an internal community? What factors in an InnerSource project affect this inclusiveness? Is there a difference in community building strategy between InnerSource and open source projects? In this talk, I will share my learnings on what works and what does not, while building internal communities.

Speakers

Shanmugapriya Manoharan

OSS Engineering Advisor, OSPO, IKEA (Ingka Group)

Shanmugapriya is an Open Source & InnerSource SME, working as Engineering Advisor at OSPO, IKEA IT AB. She has 15+ years of experience in driving initiatives and projects including Open Source and InnerSource projects, while working in organizations like HPE and Dell Technologies... Read More →

Wednesday June 25, 2025 11:55am - 12:35pm MDT
Bluebird Ballroom 3C

Open Source Leadership

Audience Experience Level Intermediate

11:55am MDT

Securing Software Supply Chains for the Public Good - Daniel Moch, Lockheed Martin & William Crum, SpectroCloud

Wednesday June 25, 2025 11:55am - 12:35pm MDT

Bluebird Ballroom 3G

Drawing from our experiences within the public sector, we discuss software supply chain security as it pertains to public sector organizations, including the unique risks and challenges they face and how we can all work together to improve the security of the open source ecosystem.

Speakers

Daniel Moch

Staff Software Engineer, Lockheed Martin

For over 20 years, Daniel has worked as a software engineer in the Defense and Aerospace industry. His experience ranges from embedded device drivers to large logistics and information systems. In recent years, he has focused on helping legacy programs adopt modern DevOps practices... Read More →

William Crum

Defense Success Engineer, SpectroCloud

Sergeant William Crum is a U.S. Marine Corps Reservist and software engineer at Spectro Cloud. He serves with the Marine Innovation Unit, driving software modernization within the Marine Corps. In his civilian role, he is a Docker Captain and Senior Defense Engineer at Spectro Cloud... Read More →

Wednesday June 25, 2025 11:55am - 12:35pm MDT
Bluebird Ballroom 3G

OpenGovCon

Audience Experience Level Intermediate

11:55am MDT

In From the Cold - Open Source as Part of Mainstream Software Asset Management - Shane Coughlan, The Linux Foundation

Wednesday June 25, 2025 11:55am - 12:35pm MDT

Bluebird Ballroom 3D

Software Asset Management (SAM) provides a way to manage software across small, medium and large entities. It is often seen as a way of addressing licensing or for making sure company staff are using permitted software applications and versions.

Open source has traditionally been divorced from SAM, which was focused on proprietary software solutions. Partly this was due to practical matters like different licensing schemes, and partly it was an artifact of separate paths of evolution.

However, in recent years open source has increasingly adopted approaches to licensing, security and other challenges that mirror SAM. Examples include the use of standards like ISO/IEC 5230 for licensing and ISO/IEC 18974 for security, of implementation standards like ISO/IEC 5962 for Software Bill of Materials.

As a consequence, open source is now more closely aligned with SAM. This talk will examine what that means for open source management overhead today, and where it will take us in the future. This talk is intended to equip people in open source strategy, legal and team leadership to navigate changes as smoothly as possible.

Speakers

Shane Coughlan

OpenChain General Manager, The Linux Foundation

Shane Coughlan is an expert in communication, security and business development. His professional accomplishments include spearheading the licensing team that elevated OIN into the largest patent non-aggression community in history and establishing the first global network for open... Read More →

Wednesday June 25, 2025 11:55am - 12:35pm MDT
Bluebird Ballroom 3D

Operations Management

Audience Experience Level Intermediate

11:55am MDT

Verifying the Rust Standard Library - Rahul Kumar, Amazon Web Services

Wednesday June 25, 2025 11:55am - 12:35pm MDT

Bluebird Ballroom 2D

The Rust programming language is experiencing rapid adoption in critical infrastructure and systems programming, propelled by its memory safety guarantees and developer productivity advantages. Significant technology policies, such as the US National Cyber Strategy, explicitly endorse Rust as a pathway to memory-safe software. Unsafe code blocks, however, can circumvent Rust’s compile-time guarantees. To address this disparity, AWS has collaborated with the Rust Foundation on the Rust Standard Library Verification project, whose objective is to formally verify the safety of the Rust standard library. We are actively integrating automated verification into the Rust Library release process, thereby ensuring continuous safety validation across releases.

Our presentation will elucidate the structural framework and rationale underpinning our verification contest. We will demonstrate our current progress, showcasing successful verification examples and discussing the diverse open-source tools employed in the verification process. We will conclude with our prioritized areas for 2025 and practical ways for the Rust community to actively participate in this pivotal security initiative.

Speakers

Rahul Kumar

Senior Manager Applied Science, Amazon Web Services

Rahul Kumar completed his PhD from Brigham Young University. He has worked on formal verification and static analysis at Microsoft, Microsoft research, NSA JPL. He also worked on combining empirical software engineering and static analysis techniques for creating machine learning... Read More →

Wednesday June 25, 2025 11:55am - 12:35pm MDT
Bluebird Ballroom 2D

Safety-Critical Software

Audience Experience Level Intermediate

11:55am MDT

Developing a Community-Driven Standard for Open Source Software Quality - Philipp Ahmann, Etas GmbH (BOSCH) & Gabriele Paoloni, Red Hat

Wednesday June 25, 2025 11:55am - 12:35pm MDT

Bluebird Ballroom 2F

Established quality standards, designed for traditional V-Model ( requirements driven) development, are inadequate for evaluating and supporting code-driven, CI/CD-based nature of modern (open source) software. This hinders OSS adoption in regulated industries, particularly for safety-critical systems. This session introduces a novel standard proposal specifically designed to assess OSS process capabilities by documenting open source best practices and providing a practical assessment guide. It aims to bridge the gap between OSS development practices and the needs of regulated industries, fostering greater trust and enabling wider adoption.

This session outlines the three phases from research to execution for establishing the standard, drawing on relevant academic research and showcasing exemplary open source projects with established best practices. The authors will also explore existing scoring initiatives and some quality metrics. The session concludes with a roadmap for collaborative development of the standard and a call to action for community participation.

Speakers

Philipp Ahmann

Sr. OSS Commumity Manager, Etas GmbH (BOSCH)

Philipp Ahmann is a Senior OSS Community Manager at ETAS (a Bosch subsidiary), specializing in safety-critical automotive open source software. With 15+ years' experience in Linux automotive platforms, he has held roles from software engineer to project & line manager. He currently... Read More →

Gabriele Paoloni

Sr SW Principal Engineer, Red Hat

Gabriele Paoloni is an Open Source Community Technical Leader at Red Hat. He is a passionate technologist and has strong experience in both functional safety and Linux Kernel development, including previous roles leading FuSa software architecture for Intel platforms, CCIX vice... Read More →

Wednesday June 25, 2025 11:55am - 12:35pm MDT
Bluebird Ballroom 2F

Standards + Specifications

Audience Experience Level Intermediate

11:55am MDT

Open Source Software: Hollywood’s Secret Sauce for Visual Effects and Animation - David Morin, Academy Software Foundation

Wednesday June 25, 2025 11:55am - 12:35pm MDT

Bluebird Ballroom 2E

Open source software is the basis for the tools used to create almost all visual effects and animation used in the motion picture industry today, providing the backbone for creating blockbuster films like The Wild Robot, Moana 2, Dune, Oppenheimer, the Star Wars movies and all of the Marvel Cinematic Universe films.

The most important open source projects that are used on almost every film production today are housed at the Academy Software Foundation (ASWF), which provides a neutral forum for open source software developers in the motion picture and broader media industries to share resources and collaborate on technologies for image creation, visual effects, animation and sound.

The Foundation has flourished since its launch in 2018, hosting 14 projects and supporting a growing ecosystem of open source engineers. During this session, David Morin, Executive Director of the Academy Software Foundation, will share more about the Foundation’s growth over the last six years, including new open source projects, engineering events such as Dev Days, and D&I initiatives including the Summer Learning Program.

Speakers

David Morin

Executive Director, Academy Software Foundation, Academy Software Foundation

David Morin is Executive Director of the Academy Software Foundation. He has participated in the development of motion capture and 3D software since “Jurassic Park” at companies such as Softimage, Microsoft, Avid Technology, Autodesk and Epic Games. David is also chair of the... Read More →

Wednesday June 25, 2025 11:55am - 12:35pm MDT
Bluebird Ballroom 2E

Wildcard

Audience Experience Level Beginner

12:25pm MDT

Lightning Talk: It's Friday! - Alon Nisser, Zencity

Wednesday June 25, 2025 12:25pm - 12:35pm MDT

Bluebird Ballroom 3B

It's Friday afternoon, and you've got plans for this evening. You've just finished the feature. you push to master, and click deploy. OR DO YOU? let's talk about Friday deployments and what they can teach us. A candid talk about CI/CD as an unfinished journey.

Speakers

Alon Nisser

Principal engineer Zencity, Zencity

Software developer. currently in Zencity.io. Writing software as a hobby and as a profession. Strong opinions on things. Open source aficionado. Trying to make a difference.Sometimes software makes we wonder if I'd be better off being a farmer

Wednesday June 25, 2025 12:25pm - 12:35pm MDT
Bluebird Ballroom 3B

cdCon

Audience Experience Level Intermediate

12:35pm MDT

Lunch (Provided Onsite for All Attendees)

Wednesday June 25, 2025 12:35pm - 2:10pm MDT

Solutions Showcase - Bluebird Ballroom 1AB

Wednesday June 25, 2025 12:35pm - 2:10pm MDT
Solutions Showcase - Bluebird Ballroom 1AB

Special Events / Exhibits / Breaks

2:10pm MDT

Managing Resources To Lower Costs - Mark Waite, CloudBees & Melissa McKay, JFrog

Wednesday June 25, 2025 2:10pm - 2:30pm MDT

Bluebird Ballroom 3B

Do you have a closet that’s overflowing? In order to accommodate your favorite latest wardrobe styles (and to avoid a closet clutter disaster), you might need to let go of those jeans two sizes too small or… gasp! … prune your conference t-shirt collection to a reasonable number.

In the CI/CD world, cleaning out your closet translates in part to activities like pruning artifact repos and limiting bandwidth usage appropriately. Businesses are incessantly looking for ways to trim the fat for leaner, healthier bottom lines, and DevOps operational infrastructure can be a clutter hotspot when it comes to resource expense.

Learn how the Jenkins project has reduced costs with more effective management of its operational resources. We’ll share techniques that we’ve used to identify costs, reallocate resources to reduce those costs, and adapt to changing environments. The Jenkins closet is looking better than ever!

Speakers

Mark Waite

Manager, CloudBees

Mark is a member of the Jenkins governance board, maintainer of the Jenkins git plugin, and a long-time contributor to continuous integration and continuous delivery topics.

Melissa McKay

Head of Developer Relations, JFrog

Melissa is passionate about Java, DevOps and Continuous Delivery. She is currently Head of Developer Relations for JFrog and a member of the Technical Steering Committee of the Open Platform for Enterprise AI (OPEA). Melissa has been recognized as a Java Champion and a Docker Captain... Read More →

Wednesday June 25, 2025 2:10pm - 2:30pm MDT
Bluebird Ballroom 3B

cdCon

Audience Experience Level Intermediate

2:10pm MDT

Traefik V4: What We’re Cooking for You - Nicolas Mengin & Emile Vauge, Traefik Labs

Wednesday June 25, 2025 2:10pm - 2:50pm MDT

Bluebird Ballroom 2G

Traefik is one of the most popular open-source projects in the world, with over 3 billion downloads and a top 15 spot on DockerHub. As a powerful Ingress and Gateway Controller, Traefik simplifies exposing, securing, and managing services and APIs dynamically and at scale—whether in simple setups or complex cloud-native environments.

Just one year after the release of Traefik v3, we're already taking things to the next level! In this session, Emile Vauge (Traefik Creator) and Nicolas Mengin (Traefik Maintainer) will unveil the exciting new features coming in Traefik v4, including:
- A new plugin system for even greater extensibility
- Pre-routing operations to optimize traffic handling
- Enhanced TLS certificate management for better security and automation
- Improved configuration management for a smoother experience
- … and much more!

Join us to get a sneak peek at what’s next for Traefik and see how these innovations will make your cloud-native journey even easier.

Speakers

Nicolas Mengin

Head of Development, Traefik Labs

Developer and DevOps - Maintainer of Traefik. Head of Development at Traefik Labs, the company behind Traefik, the popular cloud-native Gateway Controller, and Traefik Hub, a comprehensive API Management solution for Kubernetes. Responsible for overseeing the implementation of... Read More →

Emile Vauge

CTO, Traefik Labs

Emile is a Developer. He created Traefik in 2015 and is now the CTO of Traefik Labs, the company sponsoring the open source project.

Wednesday June 25, 2025 2:10pm - 2:50pm MDT
Bluebird Ballroom 2G

Cloud + Containers

Audience Experience Level Intermediate

2:10pm MDT

V4L2 Media Controller Request API - Karthik Poduval, Amazon Lab126

Wednesday June 25, 2025 2:10pm - 2:50pm MDT

Bluebird Ballroom 2A

Media Request API was designed to allow V4L2 devices like memory to memory video processing or codec devices and complex camera pipelines to support per frame settings and per frame metadata. In this talk we will deep dive on the details of this API with example use cases such as memory to memory video processing devices and complex ISP pipelines using this API for per frame settings and per frame metadata.

Speakers

Karthik Poduval

Principal Software Development Engineer, Amazon Lab126

Karthik Poduval is a Principal Software Development Engineer at Amazon Lab126. In this role, he develops Embedded Linux device drivers and middleware stack for camera/ISP and other imaging devices.

Wednesday June 25, 2025 2:10pm - 2:50pm MDT
Bluebird Ballroom 2A

Embedded Linux Conference

Audience Experience Level Intermediate

2:10pm MDT

Contributor Catalyst: New Contributor Perspectives From an HBCU Mentorship Program - Emily Lovell, UC Santa Cruz OSPO & Silas Morgan, Norfolk State University

Wednesday June 25, 2025 2:10pm - 2:50pm MDT

Bluebird Ballroom 3H

Open source is woven into nearly all modern technology, making it more important than ever to support new contributors – but entering the world of open source contribution can be a daunting experience. There are unspoken norms to understand, new tools and best practices to learn, and a whole lot of code to navigate.

In 2023, the UC Santa Cruz OSPO launched a summer mentorship program to support students from Historically Black Colleges and Universities (HBCUs) contributing to open source. Over the course of eight weeks, each tight-knit cohort learns how to productively contribute to a project of their choosing, while working together both in-person and remotely. Program alumni have returned as peer mentors, spoken at conferences, been interviewed for podcasts, and accepted paid work in open source.

This session will showcase the perspective of both current participants and program alumni, offering insight into how we can all work together to make open source more welcoming and inclusive. Whether you're looking to engage diverse new contributors, or you're just curious about the novice experience, you'll be sure to learn something new!

Speakers

Emily Lovell

Postdoctoral Fellow, UC Santa Cruz OSPO

Dr. Emily Lovell is an OSPO Incubator Fellow at UC Santa Cruz. Her research and teaching use novel domains to invite broader participation in computing, with her postdoctoral work focusing on newcomers to open source. Emily previously served on faculty at Berea College, where she... Read More →

Silas Morgan

Graduate Student and past Contributor Catalyst Mentor, Norfolk State University

Silas Morgan is a Graduate student and Alumni of Norfolk state university. He's majored in computer science, and participated in UCSC's Contributor Catalyst program both as a learner/participant, and as an alumni mentor helping students become engaged with open source. As a participant... Read More →

Wednesday June 25, 2025 2:10pm - 2:50pm MDT
Bluebird Ballroom 3H

Equity + Inclusion + Accessibility

Audience Experience Level Any

2:10pm MDT

Can File Systems Survive in Data-centric World? - Viacheslav Dubeyko, IBM

Wednesday June 25, 2025 2:10pm - 2:50pm MDT

Bluebird Ballroom 2B

The volume of processing data is growing exponentially. AI/ML algorithms, financial transactions, social networks, cloud computing represent modern trends that latency, performance sensitive, and data hungry. File systems represent crucial and fundamental technology that builds foundation of data storage stack. However, pressure of data-centric and data-intensive nature of modern applications revealed significant overhead that file systems introduce in data storage stack. Moreover, massive amount of hardware accelerator and kernel bypassing technologies, dis-aggregated architecture, ultra-fast storage devices create “illusion” or “impression” that file systems could be a redundant item of data storage stack. Can file systems survive in data-centric world?

Speakers

Viacheslav Dubeyko

Linux kernel developer, IBM

Acquired a Ph.D degree in 2002 (X-ray spectroscopy) and served as a researcher in Samsung Electronics, Huawei, HGST, and Western Digital. As a Linux kernel developer contributed in HFS+ and NILFS2 file system drivers and designed a SSDFS open-source file system. Research interests... Read More →

Wednesday June 25, 2025 2:10pm - 2:50pm MDT
Bluebird Ballroom 2B

Linux

Audience Experience Level Intermediate

2:10pm MDT

COSMIC DE - The First Modular, Composable Desktop Environment - Carl Richell, System76

Wednesday June 25, 2025 2:10pm - 2:50pm MDT

Bluebird Ballroom 2C

COSMIC DE is a new, full-featured desktop environment (like GNOME and KDE) written from scratch in the Rust programming language. It does not rely on GTK or Qt. Instead COSMIC uses a new Rust GUI toolkit called iced and the system76 developed libcosmic toolkit for building interfaces and applications with advanced theming and customization features.

COSMIC DE includes a suite of first-party applications including a file browser, text editor, application store, settings, and terminal. There is also a growing community of third-party apps. COSMIC includes a custom compositor that features variable refresh rate, Xwayland support, animations, fractional scaling, modern hybrid graphics features, window snapping and auto-tiling.

What makes COSMIC truly unique is that it's the first modular, composable desktop environment. For a user that means they can easily adapt COSMIC to their preferred workflow. Linux distributions can create wholly unique user experiences.
And companies can develop unique products using COSMIC.

Carl will discuss why system76 built COSMIC DE, show its features, and demonstrate how unique experiences can be composed with COSMIC DE.

Speakers

Carl Richell

CEO, System76

System76 proudly engineers and manufactures premium Linux computers and keyboards at our factory in Denver, Colorado. Our user-driven products, alongside Pop!_OS and COSMIC DE, give creators, makers, and builders the means to bring forth the future.

Wednesday June 25, 2025 2:10pm - 2:50pm MDT
Bluebird Ballroom 2C

Linux

Audience Experience Level Any

2:10pm MDT

Building Your (Local) LLM Second Brain - Olivia Buzek, IBM

Wednesday June 25, 2025 2:10pm - 2:50pm MDT

Bluebird Ballroom 3E

LLMs are hotter than ever, but most LLM-based solutions available to us require you to use models trained on data with unknown provenance, send your most important data off to corporate-controlled servers, and use prodigious amounts of energy every time you write an email.

What if you could design a “second brain” assistant with OSS technologies, that lives on your laptop?

We’ll walk through the OSS landscape, discussing the nuts and bolts of combining Ollama, LangChain, OpenWebUI, Autogen and Granite models to build a fully local LLM assistant. We’ll also discuss some of the particular complexities involved when your solution involves a local quantized model vs one that’s cloud-hosted.

In this talk, we'll build on the lightning talk to include complexities like:
* how much latency are you dealing with when you're running on a laptop?
* does degradation from working with a 7-8b model reduce effectiveness?
* how do reasoning + multimodal abilities help the assistant task?

Speakers

Olivia Buzek

STSM watsonx.ai - IBM Research, IBM

Olivia has been building machine learning and natural language processing models since before it was cool. She's spent several years at IBM working on opening up Watson tech, around the country and around the world.

Wednesday June 25, 2025 2:10pm - 2:50pm MDT
Bluebird Ballroom 3E

Open AI + Data

Audience Experience Level Intermediate

2:10pm MDT

Billy and Eddie's Declassified Git Survival Guide - Billy Lynch, Chainguard & Eddie Zaneski, Defense Unicorns

Wednesday June 25, 2025 2:10pm - 2:50pm MDT

Bluebird Ballroom 3A

Have you ever botched your git repo so badly that you needed to delete it and reclone it? You're not alone!

This talk dives into the dark side of Git - exploring common disasters like accidental force-pushes, tangled merge conflicts, unrelenting rebases, and the dreaded detached HEAD. We'll look at how and why these situations arise, exploring the underlying Git mechanics that got us into the situation and how we can undo or resolve these problems.

You'll come away from this talk with a greater understanding of Git internals, and the knowledge and tools necessary to rescue yourself from any Git workflow gone awry!

Speakers

Billy Lynch

Staff Software Engineer, Chainguard

Billy is a staff software engineer at Chainguard, working on developer tools and securing software supply chains for everyone! He is a contributor and maintainer to the Sigstore, Tekton, and gittuf projects, and is the creator of gitsign. Prior to working at Chainguard, Billy worked... Read More →

Eddie Zaneski

Technical Advisor to the CTO, Defense Unicorns

Eddie lives in Denver, CO with his wife and dog. He loves open source and works on the Kubernetes project. When not hacking on random things you'll most likely find him climbing rocks somewhere.

Wednesday June 25, 2025 2:10pm - 2:50pm MDT
Bluebird Ballroom 3A

Open Source 101

Audience Experience Level Beginner

2:10pm MDT

The Work No One Notices—Until It’s Missing: Scaling Open Source Community Teams - Elizabeth Barron, CHAOSS

Wednesday June 25, 2025 2:10pm - 2:50pm MDT

Bluebird Ballroom 3C

Community management in open source is often a catch-all role, with one person juggling contributor engagement, content, events, and growth. But no single individual can—or should—do it all. As projects scale, a structured, team-based approach becomes essential.

This talk introduces a four-part framework for building an effective community team:

- Community Caretakers – Foster an inclusive, welcoming space, ensuring contributors feel heard, valued, and engaged.
- Content Creators – Develop documentation, blogs, and educational materials.
- Growth Drivers – Expand the community through outreach and advocacy.
- Organizers – Handle logistics, events, and data to keep things running smoothly.

We’ll explore why many projects struggle with community management, the pitfalls of prioritizing outreach over engagement, and how a scalable team structure prevents burnout, improves retention, and ensures long-term sustainability.

Whether you're launching or scaling a project, this session provides a practical roadmap for turning fragmented community efforts into a high-impact, sustainable team.

Speakers

Elizabeth Barron

Community Manager, CHAOSS

Elizabeth Barron is a self-employed open source consultant working on projects such as CHAOSS and GitHub's GitSkilled. She is a long-time open source contributor and advocate with over 20 years of experience at companies like GitHub, Pivotal/VMWare, and Sourceforge.She is also an... Read More →

Wednesday June 25, 2025 2:10pm - 2:50pm MDT
Bluebird Ballroom 3C

Open Source Leadership

Audience Experience Level Any

2:10pm MDT

From Wait Times To Real-Time: Empowering DPI for Seamless Citizen Engagements With GenAI Agents - Alex Coqueiro, AWS

Wednesday June 25, 2025 2:10pm - 2:50pm MDT

Bluebird Ballroom 3G

In this session, I will explore how Generative AI agents are becoming a cornerstone of Digital Public Infrastructure (DPI) using open source, reshaping citizen services and empowering governments to deliver more efficient, responsive, and accessible public services. Learn how Generative AI Agents are revolutionizing government websites, offering 24/7 citizen support, and providing real-time assistance across a wide range of public services. With the ability to handle inquiries, process data, and generate personalized responses, these AI agents significantly reduce wait times and streamline interactions, ensuring faster and more seamless communication between citizens and government agencies. We’ll dive into practical applications, from simplifying bureaucracy to enhancing transparency and accountability, and discuss the transformative potential of Generative AI in creating smarter, more inclusive government channels.

Speakers

Alex Coqueiro

Head of Solutions Architecture at AWS, AWS

I oversee the Solutions Architects Team. My responsibilities encompass serving as the technical strategist, effectively guiding and influencing customers in Government, Education, Healthcare, and Non-profit sectors on a day-to-day basis through direct and indirect interactions. I... Read More →

Wednesday June 25, 2025 2:10pm - 2:50pm MDT
Bluebird Ballroom 3G

OpenGovCon

Audience Experience Level Beginner

2:10pm MDT

Using SBOMs for Linux Foundation Projects - Jeff Shapiro, The Linux Foundation & Gary O'Neall, Source Auditor Inc.

Wednesday June 25, 2025 2:10pm - 2:50pm MDT

Bluebird Ballroom 3D

Last year we introduced the LF-SBOM, which we are now generating for many projects. Today we will provide an update on this important effort to provide SBOMs for most critical LF projects. We will review the work done to date, and go into more detail on how to use the LF-SBOM specification. We will give real world concrete examples on how to use our SBOM to generate a Security Vulnerability report, and how to generate a report of open source licenses. We will also discuss how to use our SBOMs to meet new regulations (e.g. US CISA and EU CRA) when delivering software to the government sector, and how to use our SBOM as an example when you create one for your own project.

Speakers

Jeff Shapiro

Director of License Scanning, The Linux Foundation

Jeff Shapiro is the Director of License Scanning for The Linux Foundation. He has 30 years of experience in the software industry, including 10 years in software auditing, open source scanning, and training developers in OSS license compliance.

Gary O'Neall

Founder and Principal Consultant, Source Auditor Inc.

Gary is a contributor to the Software Package Data Exchange® (SPDX™) - an open standard for communicating software bill of material information, including components, licenses, copyrights, and security references. Gary has contributed several open source tools.Gary O’Neall is... Read More →

Wednesday June 25, 2025 2:10pm - 2:50pm MDT
Bluebird Ballroom 3D

Operations Management

Audience Experience Level Intermediate

2:10pm MDT

Building a Safe and Open Vehicle Core With Open Source - Philipp Ahmann, Etas GmbH (BOSCH)

Wednesday June 25, 2025 2:10pm - 2:50pm MDT

Bluebird Ballroom 2D

Recently the Safe Open Vehicle Core (S-Core) project was started as a collaborative code-first project between automotive OEMs and Tier suppliers developing a safety-certifiable middleware stack for high-performance ECUs in software-defined vehicles. Targeting the non-differentiating core functionality, S-Core middleware software sits between the hardware abstraction layer and the platform API accessed by vehicle function applications. Compatible with POSIX-based OSes like Automotive Grade Linux and complementary to the ELISA project, S-Core focuses on achieving ISO 26262, ASPICE, and ISO 21434 compliance.

This presentation details S-Core's development process, scope, status, and timeline, highlighting its integration within the broader automotive safety and SDV landscape. The author further showcases the project's work towards robust and automated development through a docs-as-code approach utilizing open-source tools such as ReStructuredText, Sphinx-Needs, Bazel, and PlantUML.

Speakers

Philipp Ahmann

Sr. OSS Commumity Manager, Etas GmbH (BOSCH)

Wednesday June 25, 2025 2:10pm - 2:50pm MDT
Bluebird Ballroom 2D

Safety-Critical Software

Audience Experience Level Intermediate

2:10pm MDT

We Need a Standard for Open Source Package Requirements - Elitsa Bankova & Eve Martin-Jones, Google

Wednesday June 25, 2025 2:10pm - 2:50pm MDT

Bluebird Ballroom 2F

What does a version specification look like? Most would say that one looks something like “1.2.3”.

But what does a requirement look like? That is a more complicated question and answers vary and depend on which packaging ecosystem —Maven, Cargo, PyPI and so on— is involved.

While Semver 2.0 offers a generally agreed upon syntax for versions, there is no standard for requirements.

Understanding how requirements work is required for addressing issues such as vulnerabilities and license conflicts. The absence of an agreed-upon requirement specification limits the ability to understand the problem and limits the sharing of tooling across ecosystems.

Deps.dev has looked at the way requirements are specified in five ecosystems and translated them into a single set representation that enables unified tooling. We’ve discovered many ecosystem-specific quirks, but also discovered much commonality we can build upon.

This talk will define the essence of requirements, demonstrate how they are incompletely met by various existing systems, and most importantly we will argue that a well-defined, well-supported requirement specification is vital to the industry.

Speakers

Eve Martin-Jones

Senior Software Engineer, Google

Eve is an engineer working on open source software security at Google. She lives in Australia, with her cat Mochi, who is surprisingly proficient at JavaScript. Between D&D campaigns, she can be found deciphering the Cargo dependency-resolution algorithm bug-for-bug, advocating for... Read More →

Elitsa Bankova

Software Engineer, Google

Elitsa is a Software engineer at Google, Australia and is working on Open Source security. She has lived in over 4 countries: born in Bulgaria, she graduated from the University of Edinburgh and worked in Google Switzerland before moving down under. Outside of work, you can find her... Read More →

Wednesday June 25, 2025 2:10pm - 2:50pm MDT
Bluebird Ballroom 2F

Standards + Specifications

Audience Experience Level Beginner

2:10pm MDT

Thriving in Open Source: Finding Joy, Avoiding Burnout, and Carving Your Own Path - Sandeep Kanabar, Gen

Wednesday June 25, 2025 2:10pm - 2:50pm MDT

Bluebird Ballroom 2E

Open source contribution is often portrayed as a straightforward journey starting with "good first issues," but the reality is far more nuanced and personal. In this heartfelt talk, I'll share my transformative journey from an overwhelmed beginner to a purposeful contributor, highlighting how I discovered sustainable joy in open source development. Through personal stories and lessons learned, I'll discuss navigating common pitfalls like contributor fatigue, the "what's in it for me" mindset, and the good-first-issue trap. I'll share how local meet-ups, in-person conferences, and finding my passion in accessibility—particularly through my work with the Deaf and hard-of-hearing working group—helped me carve a meaningful path. This talk will provide practical insights for contributors seeking to build a fulfilling, long-term relationship with open source while maintaining their well-being and making a genuine impact on the community.

Note: I'm deaf and this talk reflects my own journey in open source. I'm okay to present this as lightning talk as well.

Speakers

Sandeep Kanabar

Lead Software Engineer | CHAOSS Asia WG, Gen (formerly NortonLifeLock)

Wednesday June 25, 2025 2:10pm - 2:50pm MDT
Bluebird Ballroom 2E

Wildcard, Open Source Leadership

Audience Experience Level Any

2:10pm MDT

Tutorial: Understanding the Carbon Impact of Your Machine Learning Applications - Neeraj Pandey, Vivid Climate & Priyanshi Arora

Wednesday June 25, 2025 2:10pm - 3:45pm MDT

Bluebird Ballroom 3F

This session will guide attendees through the process of understanding and mitigating the carbon emissions of machine learning models and AI systems. We'll delve into methods for measuring the environmental impact of these technologies and discuss the pivotal role developers play in pioneering eco-conscious computing. Participants will gain insights into optimizing algorithms, adopting sustainable coding practices, and choosing energy-efficient tools to minimize the carbon footprint of their machine learning projects.

Additionally, we'll examine the environmental considerations of deploying AI systems in the cloud. As cloud computing becomes integral to deploying AI solutions, understanding its ecological impacts is crucial. We'll cover strategies for making environmentally responsible decisions when selecting and utilizing cloud services, aiming to maintain the eco-friendliness of AI applications.

Together, we'll explore how to balance the demands of advanced computational technologies with the urgent need for sustainability.

Speakers

Neeraj Pandey

Co-Founder, Vivid Climate

Neeraj is the co-founder of Vivid Climate, a climate management and accounting platform. Neeraj is a polyglot. Over the years, he has worked on a variety of full-stack software and data-science applications, as well as computational arts, and likes the challenge of creating new tools... Read More →

Priyanshi Arora

Brand Data Analyst

Priyanshi is a brand data analyst and creative artist.

Wednesday June 25, 2025 2:10pm - 3:45pm MDT
Bluebird Ballroom 3F

Open AI + Data

Audience Experience Level Beginner

2:30pm MDT

"The Missing Role: Why Platform Teams Need Design Leadership” - Luis Queral, The New York Times

Wednesday June 25, 2025 2:30pm - 2:50pm MDT

Bluebird Ballroom 3B

When you think about the role of "design" on an infrastructure team, it's common to think about slicker interfaces or nicer branding. While that might be true, the impact of design-thinking can go far deeper.

In this talk, we'll walk through an unlikely collaboration between our platform engineers and product designers and how this partnership has enabled deep, strategic change from the bottom up.

We'll talk about how we went from "building a technology" to "building a product", allowing us to both increase adoption to our platform and improve our overall product across a balanced mix of developer needs and business asks -- all without sacrificing platform reliability or quality.

We’ll also share tips on how to bring this kind of thinking to your platform team, with or without dedicated designers.

Speakers

Luis Queral

Senior Product Designer, The New York Times

Luis Queral is a software designer and artist based in Baltimore, MD. He works for the New York Times helping lead design efforts on their infrastructure team. He is frequently, and deliberately out of his element and enjoys driving the design strategy of complex software projects... Read More →

Wednesday June 25, 2025 2:30pm - 2:50pm MDT
Bluebird Ballroom 3B

cdCon

Audience Experience Level Any

3:05pm MDT

Session to be Announced

Wednesday June 25, 2025 3:05pm - 3:45pm MDT

Bluebird Ballroom 3B

Wednesday June 25, 2025 3:05pm - 3:45pm MDT
Bluebird Ballroom 3B

cdCon

3:05pm MDT

How To Put Swift in a Box: Container Images From Scratch With Swift Container Plugin - Euan Harris, Apple, Inc.

Wednesday June 25, 2025 3:05pm - 3:45pm MDT

Bluebird Ballroom 2G

Containers have changed how we build and run services. The days of FTPing a binary up to a server are gone, because our platforms expect to run containers. We build container images at every stage of development, whenever we want to test our services, and when we deploy them.

If container images are what we need, could our development tools help us build them? Yes, they can! In this talk, we'll take a container image apart, see what makes it tick, then put it back together again from first principles - all using Swift!

Swift is a high performance, memory-safe language which is ideal for server-side development. We will:

* download a container image, take it apart by hand and explore what’s inside;
* cross-compile a Swift service effortlessly to different Linux distributions, on x86 or ARM, statically or dynamically linked, from development environments on macOS or Linux;
* use Swift's pluggable build system to produce container images efficiently and automatically for every build;
* test the image.

Containers are a universal building block of modern services. Even if you're not yet using Swift, these ideas and principles also underpin your current build and deployment workflow.

Speakers

Euan Harris

Software Engineer, Apple, Inc.

Euan builds cloud services and infrastructure using Swift at Apple. He enjoys working with containers, virtual machines, networks and interesting programming languages. Previously, Euan helped maintain Docker Swarm's overlay networking and HTTP ingress, and contributed to XenServer's... Read More →

Wednesday June 25, 2025 3:05pm - 3:45pm MDT
Bluebird Ballroom 2G

Cloud + Containers

Audience Experience Level Intermediate

3:05pm MDT

Overlay Images To the Rescue - Frank Vasquez, Packt

Wednesday June 25, 2025 3:05pm - 3:45pm MDT

Bluebird Ballroom 2A

The Yocto project offers unparalleled flexbility in how you structure your embedded Linux image builds. Yocto's multilayered approach enables us to build different images for different purposes (e.g. development, production, etc). This flexibility extends beyond the image build process out to runtime.

What if you could load debug symbols onto an edge device? Restart your application with gdbserver? Start bpftrace sessions? Connect to a VPN? All at the press of a button? You can through the magic of systemd and overlayfs. systemd-sysext activates and deactivates system extension images merging them together to compose the contents of your /usr/ and /opt/ directories.

By separating your root filesystem into individual layers that each do one thing and one thing only, you can respond to trouble by reconfiguring your system at runtime. I will show you how to leverage system extension images and btrfs subvolumes to build Yocto images that can be reassembled on demand.

Speakers

Frank Vasquez

Technical Author and Independent Consultant, Packt

Frank Vasquez is a software engineer and published author with over a decade of experience designing and building embedded Linux systems. During that time, he has shipped numerous products including a rackmount DSP audio server, a diver-held sonar camcorder, a consumer IoT hotspot... Read More →

Wednesday June 25, 2025 3:05pm - 3:45pm MDT
Bluebird Ballroom 2A

Embedded Linux Conference

Audience Experience Level Intermediate

3:05pm MDT

Newcomer… but Not New - Emily Shaffer & Ivan Frade, Google

Wednesday June 25, 2025 3:05pm - 3:45pm MDT

Bluebird Ballroom 3H

Most of the advice around new contributor experience is oriented towards developers at the beginning of their career - students or those breaking into the tech industry. This time, though, we want to talk about the basics of contribution for senior developers who already have plenty of industry experience. These potential contributors have more than enough technical expertise, but still struggle to participate in open source. For them the barriers tend to be more social and “communicational” than technical, as their previous incentives, goals, and development cultures are fairly different from those present in most open source communities.

As open source contributors working in a big company, we watch our colleagues face these issues. We want to share our experience and what we learned while trying to help these colleagues participate in open source development for the first time.

Speakers

Emily Shaffer

Staff Software Engineer, Google

Emily Shaffer is a staff software engineer at Google working on Git and other source-control-related open source projects; once upon a time, she comaintained OpenBMC's IPMI stack. She's passionate about software best practices, regular expressions, and her dog, Crash Override.

Ivan Frade

Software Engineer, Google

Long time ago, I installed linux out of curiosity. That led to hobby contributions, which grew into work in the GNOME desktop (via maemo, nokia's flavor for mobile devices), which eventually, after a few other adventures, brought me to Google. Here I work on the git hosting, contributing... Read More →

Wednesday June 25, 2025 3:05pm - 3:45pm MDT
Bluebird Ballroom 3H

Equity + Inclusion + Accessibility

Audience Experience Level Beginner

3:05pm MDT

Enhancing Data Integrity in Linux - Anuj Gupta & Kanchan Joshi, Samsung Semiconductor

Wednesday June 25, 2025 3:05pm - 3:45pm MDT

Bluebird Ballroom 2C

Achieving end-to-end data integrity is essential for modern storage systems, yet Linux still faces challenges in providing full-stack protection. This session explores recent improvements in Linux’s data integrity framework. Specifically this presentation shares detail about:

1. A new io_uring interface that enables applications to attach metadata with I/O requests, ensuring robust data protection.

2. Optimizations to existing integrity mechanisms that improve performance, reduce overhead, and enhance flexibility, all of which have been merged into the mainline kernel.

3. Lastly, we highlight a novel mechanism that allows filesystems to fully utilize device integrity features and helps optimizing host and device resource utilization.

This presentation will deliver in-depth technical insights into these advancements and their role in strengthening Linux storage reliability.

Speakers

Kanchan Joshi

Staff Engineer, Samsung Semiconductor

Kanchan is an upstream kernel developer, and his current work revolves around adding advancements in the Linux I/O stack. He has presented at OSS, LPC, LSF/MM, and SDC. He has engaged in system-software development across operating systems and published papers at USENIX conferences... Read More →

Anuj Gupta

Linux kernel developer, Samsung Semiconductor India

Anuj Gupta is a Linux kernel developer in Global Open Source Team at Samsung. His contributions focus on kernel I/O stack improvements across io_uring, block layer, and NVMe driver. Speaker at Open Source Summit and SNIA SDC. He has also published a paper at USENIX FAST. Contributes... Read More →

Wednesday June 25, 2025 3:05pm - 3:45pm MDT
Bluebird Ballroom 2C

Linux

Audience Experience Level Any

3:05pm MDT

AI Pipelines With OPEA: Best Practices for Cloud Native ML Operations - Ezequiel Lanza, Intel & Melissa McKay, JFrog

Wednesday June 25, 2025 3:05pm - 3:45pm MDT

Bluebird Ballroom 3E

The Open Platform for Enterprise AI (OPEA) is an open source project intended to assist organizations with the realities of enterprise-grade deployments of GenAI apps. Beginning from scratch is a costly endeavor, and the ability to quickly iterate on a solution and determine its viability for your organization is essential to ensure you are making the best moves forward.

During this session, Ezequiel and Melissa will introduce you to the OPEA platform and how to empower your team to build, deploy, and manage AI pipelines more effectively. Attendees will gain insights into best practices for handling complex AI/ML workloads, automating dependency management, and integrating Kubernetes for efficient resource utilization. With a focus on real-world applications, this talk not only showcases the transformative potential of these tools but also encourages attendees to explore new ways to contribute, innovate, and collaborate in driving the future of AI adoption in enterprise environments.

Speakers

Ezequiel Lanza

Open Source AI Evangelist, Intel

Passionate about helping people discover the exciting world of artificial intelligence, Ezequiel is a frequent AI conference presenter and the creator of use cases, tutorials, and guides that help developers adopt open source AI tools.

Melissa McKay

Head of Developer Relations, JFrog

Wednesday June 25, 2025 3:05pm - 3:45pm MDT
Bluebird Ballroom 3E

Open AI + Data

Audience Experience Level Intermediate

3:05pm MDT

Open Collaboration in Action: How We Build RISC-V - Rafael Sene, The Linux Foundation | RISC-V International

Wednesday June 25, 2025 3:05pm - 3:45pm MDT

Bluebird Ballroom 3A

Discover the power of open collaboration with this behind-the-scenes journey into the creation of RISC-V. This session unveils how a global community of engineers, researchers, and innovators work together to design and refine the RISC-V instruction set architecture, bringing open-source principles to silicon. From the challenges of aligning diverse contributions to the triumphs of groundbreaking breakthroughs, you'll learn how the RISC-V ecosystem fosters creativity, accelerates innovation, and democratizes hardware development. Whether you're a seasoned developer or new to hardware design, this talk will inspire you to join the movement redefining the future of computing. Don’t miss this opportunity to see open collaboration in action and learn how you can contribute to shaping the RISC-V revolution!

Speakers

Rafael Sene

Technical Program Manager, The Linux Foundation | RISC-V International

Rafael Peria de Sene is a Technical Program Manager at the Linux Foundation and RISC-V International with over 15 years of experience in software engineering and technical leadership. He has played a key role in expanding the RISC-V ecosystem globally, particularly in Latin America... Read More →

Wednesday June 25, 2025 3:05pm - 3:45pm MDT
Bluebird Ballroom 3A

Open Source 101

Audience Experience Level Beginner

3:05pm MDT

Panel Discussion: Build a Great Business on Open Source Without Selling Your Soul - Robert Hodges, Altinity; Ann Schlemmer, Percona; Tatiana Krupenya, DBeaver

Wednesday June 25, 2025 3:05pm - 3:45pm MDT

Bluebird Ballroom 3C

A profitable business is one of the best protections for commercial open source projects and communities that depend on them. This talk draws on the experience of companies that pulled it off to explain how to do it for your own projects. We’ll discuss commercial models that actually work, giving back to the community, and gracefully collecting money for free software. We'll also touch on topics for larger projects like foundations and taking VC funding. It is possible to balance a strong belief in open source communities with making payroll every two weeks. We've done it and will share our secrets.

Speakers

Ann Schlemmer

CEO, Percona

Ann is a seasoned leader & advocate for open source with over 15 years experience in open source. CEO of Percona, a world-class open source database software firm, she is driven by passion for people & belief in open source's power to create an inclusive tech industry. Her authenticity... Read More →

Tatiana Krupenya

CEO, DBeaver

CEO of DBeaver, universal database management tool

Robert Hodges

CEO, Altinity

Robert Hodges serves as CEO at Altinity, a leading software and services provider for ClickHouse. Robert has more than 30 years of experience with database systems and applications including pre-relational databases such as M204, online SQL transaction processing, Hadoop, and analytics... Read More →

Wednesday June 25, 2025 3:05pm - 3:45pm MDT
Bluebird Ballroom 3C

Open Source Leadership

Audience Experience Level Intermediate

3:05pm MDT

Building Trust Through Proactive Security - Key Parts of the Trusted Software Supply Chain - Przemyslaw Roguski & Ralph Bean, Red Hat

Wednesday June 25, 2025 3:05pm - 3:45pm MDT

Bluebird Ballroom 3G

As security concerns continue to grow in the software industry, customers seek assurance that the software they rely on is built securely. While applying security patches is essential, it is equally important to understand the proactive measures taken throughout the development process to ensure that our software is built securely.

Red Hat follows a comprehensive Secure Software Development Lifecycle (SDLC) framework to improve software security during the entire software lifecycle. We use an open source end-to-end build and release environment, which uses SLSA framework as a guide for reinforcing and gating the build process to secure and fortify your software supply chain against various threats.

This session will include:
- The key difference between proactive and reactive security measures.
- SDLC objectives and how Red Hat achieves them to meet high security standards.
- Overview of how automated testing and open-source solutions enhance SDLC.
- Proactive vulnerability management during the build lifecycle phase.
- Secure software building with attestation data production, including CSAF/VEX and SBOM.
- Future of AI testing within the software supply chain security.

Speakers

Przemyslaw Roguski

Principal Product Security Engineer, Red Hat

Przemysław “Rogue” Roguski is a Security Architect at Red Hat who specializes in shift-left security initiatives included in build and release processes. He is focused on the security data improvements, especially security data usability in the vulnerability management and production... Read More →

Ralph Bean

Senior Principal Software Engineer, Red Hat

Ralph is an engineer at Red Hat and member of the Konflux Governance Committee. He's happiest when learning new things, the open source way.

Wednesday June 25, 2025 3:05pm - 3:45pm MDT
Bluebird Ballroom 3G

OpenGovCon

Audience Experience Level Beginner

3:05pm MDT

Let's Play AI Supply Chain Candyland! - Sarah Evans, Dell Technologies & Christopher Robinson, OpenSSF - The Linux Foundation

Wednesday June 25, 2025 3:05pm - 3:45pm MDT

Bluebird Ballroom 3D

Picture the WHOLE software supply chain, beginning to end; it's a little like that olde tyme classic, "Candyland".

Designed NOT with preschoolers in mind, AI Supply Chain Candy Land is for everyone interested in learning about the software supply chain for AI/ML. Travel through exotic locations like The Peppermint Forest of swirly-twirly dependencies, The Fudgy Swamp of Compliance, and much more!

AI/ML is a fast-moving space within technology. However, everything we've learned in software engineering of the last few decades ALSO applies to this "new" world of AI/ML. We'll apply traditional software supply chain security techniques and, wherever able, tools to help developers and consumers win AI Supply Chain Candyland.

Through an enjoyable and colorful game, with useful examples taken from standards and frameworks, the audience will have a better appreciation and ability to apply supply chain security concepts and tools to the development and support of AI/ML-based solutions.

Speakers

Christopher "CRob" Robinson

Security Lorax, OpenSSF

Christopher Robinson (aka CRob) is the Chief Security Architect for the Open Source Security Foundation. With over 25 years of Enterprise-class engineering, architectural, operational and leadership experience, CRob has worked at several Fortune 500 companies with experience in the... Read More →

Sarah Evans

Distinguished Engineer, Dell Technologies

Sarah is a security innovation researcher, leveraging diverse experiences as an IT and security practitioner to improve security by design in emerging technologies. Prior to Dell, Sarah has had roles at in the finance, defense, manufacturing and education industries. Sarah also contributes... Read More →

Wednesday June 25, 2025 3:05pm - 3:45pm MDT
Bluebird Ballroom 3D

Operations Management

Audience Experience Level Intermediate

3:05pm MDT

Software Supply Chain for the SDV Future — Logistics, Cybersecurity and Compliance - Hasan Yasar, Software Engineering Institute | Carnegie Mellon University

Wednesday June 25, 2025 3:05pm - 3:45pm MDT

Bluebird Ballroom 2D

The shift towards software-defined vehicles (SDVs) is set to profoundly impact Original Equipment Manufacturers (OEMs) and their supply chains. As vehicles become increasingly defined by software and connectivity, OEMs face a new era of software supply chain logistics that emphasizes agility, cybersecurity, and regulatory compliance. This presentation examines how SDV technology affects each stage of the OEM supply chain, from sourcing and logistics to manufacturing and data-driven optimization. Critical to this transformation is the secure management of software and data flows across the supply chain, with a focus on cybersecurity strategies to counter software-based vulnerabilities. Additionally, the presentation explores how data analytics can be leveraged to streamline logistics and ensure compliance with rapidly evolving regulations

Speakers

Hasan Yasar

Technical Director, Software Engineering Institute | Carnegie Mellon University

Hasan Yasar is the Technical Director of Continuous Deployment of Capability group in Software Engineering Institute, CMU. Hasan leads an engineering group to enable, accelerate and assure Transformation at the speed of relevance by leveraging, DevSecOps, Agile, Lean AI/ML and other... Read More →

Wednesday June 25, 2025 3:05pm - 3:45pm MDT
Bluebird Ballroom 2D

Safety-Critical Software

Audience Experience Level Advanced

3:05pm MDT

Panel Discussion: Strengthening Software Supply Chains: Harmonizing SLSA Provenance and SPDX SBOM for Better Adoption - Gopi Krishnan Rajbahadur & Elyas Rashno, Queen's University; Mihai Maruseac, Google; Karen Bennet, Responsible AI Solutions

Wednesday June 25, 2025 3:05pm - 3:45pm MDT

Bluebird Ballroom 2F

The Software Bill of Materials (SBOM) and Supply-chain Levels for Software Artifacts (SLSA) are key frameworks for securing modern software supply chains. SPDX SBOM provides a detailed inventory of software components, dependencies, and metadata, while SLSA ensures these components are built through verifiable, tamper-resistant processes with clear provenance.

This talk will examine the synergies and differences between SLSA and SPDX SBOM, focusing on how SLSA’s provenance and authentication mechanisms can enhance the trustworthiness of SBOMs. We will explore overlapping fields captured by both standards, emphasizing the importance of interoperability and a shared roadmap to reduce duplication while leveraging their respective strengths.

A clear separation of concerns, with SLSA handling provenance and verification, and SPDX SBOM capturing comprehensive component metadata, can reduce redundancy and promote more efficient adoption. This session will outline how aligning these standards can improve software supply chain security and reliability, while fostering collaboration for cohesive evolution within the open-source community.

Speakers

Gopi Krishnan Rajbahadur

Research Fellow, Queen's University

Gopi Krishnan Rajbahadur is a Research Fellow at Queen's University, Canada. He is currently working on SE for Large Language Models and the governance of AI datasets. He is the co-lead for the AI and datasets profile in the ISO/IEC 5692 SPDX standard and co-founder of the open-source... Read More →

Mihai Maruseac

Staff SWE, Google

Mihai Maruseac is a member of Google Open Source Security team (GOSST), working on Supply Chain Security, specifically for ML, but also a GUAC maintainer. Before joining GOSST, Mihai created the TensorFlow Security team after joining Google, moving from a startup to incorporate Differential... Read More →

Elyas Rashno

Research Assistant, Queen’s University

I am a PhD student at Queen’s University with a background in Artificial Intelligence, specializing in transformer-based models and multimodal data fusion. My current work focuses on software engineering and the governance of dataset profiles. Additionally, I contribute to the development... Read More →

Karen Bennet

Executive Director, AI Expert for ISO and IEEE, Responsible AI Solutions

Executive Director, Responsible AI Solutions, former executive of IBM, Yahoo, Red Hat and multiple AI startups, Co-Chair of Linux Foundation SPDX AI and Dataset Groups, IEEE Vice Chair Technology Society Impact Committee, Canadian expert of ISO/IEC JTC 1/SC 42 Participant in US CISA... Read More →

Wednesday June 25, 2025 3:05pm - 3:45pm MDT
Bluebird Ballroom 2F

Standards + Specifications

Audience Experience Level Intermediate

3:05pm MDT

Towards a Better Adoption Model - Nigel Brown, AWS

Wednesday June 25, 2025 3:05pm - 3:45pm MDT

Bluebird Ballroom 2E

The Linux Foundation has hundreds of projects under its auspices all working to gain adoption — especially in the case of forks like OpenBao and Valkey. In this struggle for adoption, projects could be doing more in support of our common goal. This talk proposes a system by which projects can work together, integrate each other, and increase cohesion between projects under a common foundation. This talk will serve as the opening of a discussion meant to engage both the participants and maintainers of projects and Linux Foundation community members.

Speakers

Nigel Brown

Senior OSS Developer Advocate, Valkey, AWS

Nigel is a Senior Developer Advocate based in Austin, Texas. He was drawn to the craft of software engineering because of the agency it provides people to build and interact with worlds of their own creation. He focuses on Cloud Native technologies and his passions in technology are... Read More →

Wednesday June 25, 2025 3:05pm - 3:45pm MDT
Bluebird Ballroom 2E

Wildcard, Open Source Leadership

Audience Experience Level Beginner

3:45pm MDT

Coffee Break

Wednesday June 25, 2025 3:45pm - 4:20pm MDT

Bluebird Ballroom Foyer (Level 1 - Terrace Level)

Wednesday June 25, 2025 3:45pm - 4:20pm MDT
Bluebird Ballroom Foyer (Level 1 - Terrace Level)

Special Events / Exhibits / Breaks

3:45pm MDT

Pet Pawlooza

Wednesday June 25, 2025 3:45pm - 4:20pm MDT

Bluebird Ballroom Foyer (Level 1 - Terrace Level)

Pet Pawlooza is back by popular demand! Come and enjoy a fun-filled afternoon with the cutest critters around. From cuddly chicks to hopping bunnies, there's plenty of fuzzy fun for all. Don't miss out on this charming celebration!

Wednesday June 25, 2025 3:45pm - 4:20pm MDT
Bluebird Ballroom Foyer (Level 1 - Terrace Level)

Special Events / Exhibits / Breaks

4:20pm MDT

SBOMs in the Real World: Practical Guidance for Managing Three Common SBOM Scenarios - Cortez Frazier Jr., FOSSA

Wednesday June 25, 2025 4:20pm - 4:40pm MDT

Bluebird Ballroom 2F

The last 12-18 months have been a landmark period for SBOM (software bill of materials) adoption. Although a fair number of organizations have been producing SBOMs for multiple years (often for specific regulatory compliance purposes), a much larger group has recently implemented broader SBOM management programs that cover a wider range of use cases.

This presentation — “SBOMs in the Real World: Practical Guidance for Three Common SBOM Scenarios” — will focus on three of these emerging areas:

SBOM generation and distribution to meet customer requests and new regulatory requirements
SBOM aggregation from internal teams and product units to facilitate centralized vulnerability management and response
SBOM ingestion from external software supplier networks to facilitate first- and third-party vulnerability management and response

Each section of this talk — which is based on extensive firsthand experience directly supporting numerous SBOM programs (from organizations in multiple regions, industries, and stages of maturity) — will include specific guidance to help attendees understand how SBOM programs within their organizations can more effectively manage these scenarios.

Speakers

Cortez Frazier Jr.

Principal Product Manager, FOSSA

Cortez Frazier Jr. is the product lead for FOSSA. FOSSA is a developer software composition analysis tool for managing open source license compliance and security vulnerabilities. Before joining FOSSA, Cortez served as product lead for all of Puppet’s SaaS-based products Earlier... Read More →

Wednesday June 25, 2025 4:20pm - 4:40pm MDT
Bluebird Ballroom 2F

Standards + Specifications

Audience Experience Level Intermediate

4:20pm MDT

cdCon Closing & Award Ceremony

Wednesday June 25, 2025 4:20pm - 5:00pm MDT

Bluebird Ballroom 3B

Wednesday June 25, 2025 4:20pm - 5:00pm MDT
Bluebird Ballroom 3B

cdCon

4:20pm MDT

Beyond Parent-Child: Enhancing Context Propagation With Span Links in Complex Distributed Systems - Haardik Dharma, NYU & Ekansh Gupta, SigNoz

Wednesday June 25, 2025 4:20pm - 5:00pm MDT

Bluebird Ballroom 2G

Context propagation is the cornerstone of observability in distributed systems, but traditional approaches often falter in non-linear workflows like message queues, event-driven architectures, state transitions, or shared resources. Span links powered by OpenTelemetry, bridge this gap by enabling connections between spans across unrelated execution contexts.

This session explores a practical use case where span links augment context propagation in an event-driven microservices system. We'll demonstrate how to track a single user's transaction across services that communicate asynchronously. Using tools like OpenTelemetry and compatible backends, we'll show how span links resolve visibility challenges, uncover hidden latencies, and maintain trace continuity even when the standard parent-child relationships break.

Speakers

Haardik Dharma

Developer, NYU

Haardik is passionate about building scalable backend systems with real-world impact. With extensive experience in cloud services, Kubernetes, and backend development, he has developed solutions that improve efficiency and reduce costs. Currently pursuing a Master’s in Computer... Read More →

Ekansh Gupta

Software Engineer, SigNoz

Ekansh is a Software Development Engineer, with active involvement in various open-source and cloud native communities for upwards two years now. He was previously an SDE Intern at SteamLabs. He is also a speaker for a couple of talks at PyCon, KubeCon and MozFests. Ekansh is a Google... Read More →

Wednesday June 25, 2025 4:20pm - 5:00pm MDT
Bluebird Ballroom 2G

Cloud + Containers

Audience Experience Level Any

4:20pm MDT

Rusty OP-TEE Trusted Applications - Sumit Garg, Qualcomm Inc.

Wednesday June 25, 2025 4:20pm - 5:00pm MDT

Bluebird Ballroom 2A

OP-TEE is an open source Trusted Execution Environment (TEE) designed as a companion to the rich Linux operating system environment. Memory safety is critical to OP-TEE because its applications provide secure interfaces that can be used by the (potentially compromised) rich OS to manipulate user's/system credentials, keys and confidential data. In particular Rust's memory-safety guarantees can be a huge step forward to harden the OP-TEE environment against any memory based exploits.

This session will focus on the evolution of Rust within the OP-TEE ecosystem, the story to make Rust a first class citizen for writing OP-TEE Trusted Applications (TAs) and how we can build Rust TAs at performance parity with their C counterparts. As well as reviewing the work to date, we'll also look at some options for leveraging Rust's memory- and thread-safety features within OP-TEE core itself: should we start with enabling pseudo trusted applications to be written in Rust?

Speakers

Sumit Garg

Senior Staff Engineer, Qualcomm Inc.

Sumit works as a Senior Staff Engineer in Qualcomm Inc. He has contributed to various FOSS projects like Linux (maintainer/reviewer for different sub-systems/drivers), U-Boot, OP-TEE, Trusted Firmware (TF-A) and more. Sumit's other areas of interest includes toolchains and embedded... Read More →

Wednesday June 25, 2025 4:20pm - 5:00pm MDT
Bluebird Ballroom 2A

Embedded Linux Conference

Audience Experience Level Intermediate

4:20pm MDT

The Business Case for Full-Cycle DEI Integration - Wambui Gatheru, Attentive

Wednesday June 25, 2025 4:20pm - 5:00pm MDT

Bluebird Ballroom 3H

The open source world thrives on collaboration, transparency, and the creativity of its diverse contributors. However, recent divestment from DEI initiatives poses challenges to sustaining these values. Many organizations have focused on cultural performativity rather than embedding DEI into their core strategies, missing opportunities for long-term impact.

This session redefines DEI in open source, exploring what it means to embrace diversity, provide equitable opportunities for underrepresented contributors, and foster inclusion in a global, decentralized ecosystem. Attendees will gain actionable strategies to integrate DEI into projects and organizations, from fostering equitable collaboration to building inclusive governance structures and promoting diverse leadership.

With real-world examples and practical tools, this session offers a roadmap for healthier, more innovative, and sustainable open source communities. Together, we’ll uncover how a full-cycle DEI approach strengthens the ecosystem, ensuring environments where everyone can thrive.

Speakers

Wambui Gatheru

Senior DEIB Business Partner, Attentive

Wambui Gatheru (she/her) is a dynamic DEI leader with over a decade of experience driving cultural transformation and creating equitable workplaces. With expertise across non-profit and for-profit sectors—including democracy reform, sustainability, and tech—she blends community... Read More →

Wednesday June 25, 2025 4:20pm - 5:00pm MDT
Bluebird Ballroom 3H

Equity + Inclusion + Accessibility

Audience Experience Level Any

4:20pm MDT

An Investigation of Patch Porting Practices of the Linux Kernel Ecosystem - Xingyu Li, UC Riverside

Wednesday June 25, 2025 4:20pm - 5:00pm MDT

Bluebird Ballroom 2B

The Linux ecosystem—spanning upstream mainline, stable and LTS branches, and downstream distributions like Ubuntu and Android—relies on patch porting to ensure stability and security. However, concerns persist about delayed or incomplete patch propagation. By mining software repositories across 28 Linux branches (e.g., Android,Ubuntu,Debian,OpenSLE and etc) and 584K patches., we uncover diverse patch porting strategies and their trade-offs, measured through patch delay, patch rate, and bug inheritance ratio. We also analyze the factors influcing the patch porting practices and offer actionable insights to enhance patch flow efficiency and strengthen the Linux ecosystem.

Speakers

Xingyu Li

PhD candidate; Research assistant, UC Riverside

I am a final year PhD student in UC Riverside in computer science. I am working on improving Linux kernel security by investigating Linux patch porting strategy, identifying silent serious patches and improving fuzzing efficiency.

Wednesday June 25, 2025 4:20pm - 5:00pm MDT
Bluebird Ballroom 2B

Linux

Audience Experience Level Any

4:20pm MDT

Rex: Safe and Usable Kernel Extensions in Rust - Jinghao Jia, University of Illinois Urbana-Champaign

Wednesday June 25, 2025 4:20pm - 5:00pm MDT

Bluebird Ballroom 2C

We present the Rex project (https://github.com/rex-rs/rex). Rex is a Linux kernel extension framework that allows extension programs to be written in safe Rust. Rex offers similar safety guarantees to eBPF. Unlike eBPF-based tools like Aya, Rex extensions are not compiled into eBPF bytecode. Rex eliminates the in-kernel verifier – the safety of Rex extensions is built atop language-based safety plus runtime protection. Specifically, the Rex compiler enforces Rex extensions to be written in a subset of safe Rust, and emits native code directly. Rex implements its kernel crate with a safe interface that wraps existing eBPF interface. Rex also employs a lightweight runtime that implements graceful Rust panic handling with resource cleanups, kernel stack checks, and program termination.

Rex provides a more usable and arguably safer alternative to eBPF. The usability advantage comes from the elimination of in-kernel verifiers that are known to reject safe extension programs with cryptic feedback. We also show that Rex’s runtime protection provides stronger safety than eBPF in a few aspects, e.g., protecting kernel stacks from overflowing.

More details: https://tinyurl.com/y8uj8ypp

Speakers

Jinghao Jia

Ph.D., University of Illinois Urbana-Champaign

Jinghao Jia is a fourth year Ph.D. student at UIUC. His research focus on operating system kernel extensions (e.g. eBPF). Specifically, he works on building safe and reliable kernel extensions as well as the applications of these kernel extensions in practice.

Wednesday June 25, 2025 4:20pm - 5:00pm MDT
Bluebird Ballroom 2C

Linux

Audience Experience Level Any

4:20pm MDT

Accelerating GenAI Innovation: Lessons From Intuit's Agents and Tools Framework - Shradha Ambekar & Conrad De Peuter, Intuit

Wednesday June 25, 2025 4:20pm - 5:00pm MDT

Bluebird Ballroom 3F

Join us to discover how Intuit's GenAI framework is reshaping AI development, enabling swift integration of AI functions across varied business units. We'll focus on a robust framework of reusable agents and tools derived from open-source technologies like LangChain/LangGraph, facilitating diverse functionalities from simple data retrieval to complex processes such as query generation, optimization, pipeline creation and debugging. This framework dramatically reduces the time required for data workers to operationalize data pipelines and supports diverse customer interactions through notebooks, no-code approaches, REST integrations, and Python libraries, catering to a wide range of needs including agent developers and teams in pre-production settings. Our meticulous evaluation process ensures that each tool and agent is rigorously tested against high-performance benchmarks to guarantee reliability and consistency before deployment. By centralizing these AI components, Intuit has not only accelerated development timelines but also upheld a high standard of quality, establishing a benchmark for crafting scalable, effective AI solutions in the dynamically evolving tech landscape.

Speakers

Conrad De Peuter

Senior Staff AI Scientist, Intuit

Conrad De Peuter is a Senior Staff AI Scientist and Manager at Intuit. He has worked on deep learning models in the document understanding space, delivering reusable AI services from a central platform, and most recently as the lead for a portfolio of product-focused R&D projects... Read More →

Shradha Ambekar

Senior Staff Software Engineer, Intuit

Shradha Ambekar is a senior staff software engineer with the Data Platform Group at Intuit. She is an experienced technologist and has led projects working with GENAI, Spark, Kafka, Presto, Athena, Cassandra and Vertica. She has made numerous open-source contributions to presto, calcite... Read More →

Wednesday June 25, 2025 4:20pm - 5:00pm MDT
Bluebird Ballroom 3F

Open AI + Data

Audience Experience Level Beginner

4:20pm MDT

Scalable and Efficient LLM Serving With the VLLM Production Stack - Junchen Jiang, University of Chicago & Yue Zhu, IBM Research

Wednesday June 25, 2025 4:20pm - 5:00pm MDT

Bluebird Ballroom 3E

Large Language Models (LLMs) are reshaping how we build applications; however, efficiently serving them at scale remains a major challenge.

The vLLM serving engine, historically focused on single-node deployments, is now being extended into a full-stack inference system through our open-source project, **vLLM Production Stack**. This extension enables any organization to deploy vLLM at scale with high reliability, high throughput, and low latency.
Code: https://github.com/vllm-project/production-stack

At a high level, the vLLM Production Stack project allows users to easily deploy to their Kubernetes cluster through a single command. vLLM Production Stack's optimizations include KV cache sharing to speed up inference (https://github.com/LMCache/LMCache), prefix-aware routing that directs inference queries to vLLM instances holding the corresponding KV caches, and robust observability features for monitoring engine status and autoscaling.

Attendees will discover best practices and see real-time demonstrations of how these optimizations work together to enhance LLM inference performance.

Speakers

Junchen Jiang

Assistant Professor, University of Chicago

Junchen Jiang is an Assistant Professor of CS at the University of Chicago. His research pioneers new approaches to LLM inference systems (https://github.com/vllm-project/production-stack and https://github.com/LMCache/LMCache). He received his Ph.D. from CMU in 2017 and his bachelor’s... Read More →

Yue Zhu

Staff Research Scientist, IBM Research

Yue Zhu is a Staff Research Scientist specializing in foundation model systems and distributed storage systems. Yue obtained a Ph.D. in Computer Science from Florida State University in 2021 and has consistently contribute to sustainability for foundation models and scalable and efficient... Read More →

Wednesday June 25, 2025 4:20pm - 5:00pm MDT
Bluebird Ballroom 3E

Open AI + Data

Audience Experience Level Intermediate

4:20pm MDT

Open Source and CVE's: A Love Story? - Marcus Tenorio, ControlPlane

Wednesday June 25, 2025 4:20pm - 5:00pm MDT

Bluebird Ballroom 3A

When we think of Open Source and CVEs, only bad things come to mind—problems and headaches.

But what if I told you that’s not the case? That, in fact, OSS and CVEs form one of the greatest love stories humanity has ever known. Forget Romeo and Juliet; think Log4J and other "love tales" .

In this talk, we’ll explore how, like every beautiful love story, there are villains, triumphs, and a vibrant community behind it all.

Join us for this fairy tale where we uncover why OSS and CVEs have always been in love with each other.

Speakers

Marcus Tenorio

Engineering Manager, ControlPlane

Mart is an engineering manager at ControlPlane, where he enjoys managing various consultants who teach him every day how to break things and become a better manager and engineer. Mart began his journey in cybersecurity trying to understand why so many people liked prime numbers... Read More →

Wednesday June 25, 2025 4:20pm - 5:00pm MDT
Bluebird Ballroom 3A

Open Source 101

Audience Experience Level Beginner

4:20pm MDT

Removing the Walls Around the Garden: Why the Time Has Come To Disrupt Mobile Application Developmen - Hilary Carter, The Linux Foundation

Wednesday June 25, 2025 4:20pm - 5:00pm MDT

Bluebird Ballroom 3C

Open Mobile Hub and LF Research partnered this year to explore the state of mobile application development in the face of a fragmented and monopolistic market with growing numbers of new devices to integrate. In this session, a panel of research team members from the Linux Foundation and Open Mobile Hub will discuss the findings of their research, examining the insights generated from interviews with mobile application experts across the community. Discussion topics will include hindrances to market entry, current pain points from integration with diverse services, and the APIs that developers care most about. Panelists will deliberate on, from a cross-platform perspective, the preferred frameworks to build mobile applications and the importance of open source in this context. An important use case in this discussion will be the development of wallets and payments ecosystems, with OpenWallet Foundation represented in the conversation. Grounded in the findings from this study, audience members will shift their thinking around accommodating a walled-garden approach to a more open, streamlined, and standardized application ecosystem.

Speakers

Hilary Carter

SVP of Research, The Linux Foundation

Hilary Carter is SVP of Research at the Linux Foundation, supporting the development of open source research projects and publications at the Linux Foundation. As a writer, researcher, and program leader, Hilary produces engaging, decision-useful insights that broaden the understanding... Read More →

Wednesday June 25, 2025 4:20pm - 5:00pm MDT
Bluebird Ballroom 3C

Open Source Leadership

Audience Experience Level Any

4:20pm MDT

Trust but Verify: Uncovering the Hidden Risks of Inaccurate SBOMs With JBomAudit - Yue Xiao, Jiyong Jang, Douglas Schales & Dhilung Kirat, IBM Research

Wednesday June 25, 2025 4:20pm - 5:00pm MDT

Bluebird Ballroom 3G

Software supply chain attacks have surged in recent years, posing significant threats to organizations. In response, Software Bill of Materials (SBOMs)—structured inventories that document software components—have been proposed to enhance supply chain transparency, track dependencies, and manage vulnerabilities. Despite increasing adoption, their correctness and completeness in real-world open-source ecosystems remain largely unexamined. Incomplete SBOMs can result in overlooked vulnerabilities while incorrect dependency may waste resources on non-existent issues.

This talk introduces JBomAudit, an open-source tool to automatically verify Java SBOMs by systematically assessing their correctness and completeness against NTIA minimum requirements. We will cover technical details of JBomAudit, demonstrate how it examines missing and incorrect dependencies, and present findings from our large-scale analysis of over 25,000 Java SBOMs, highlighting the prevalence of non-compliant SBOMs and security implications. We will also discuss common pitfalls in SBOM generation, analyze the root causes of non-compliance, and provide actionable recommendations to improve SBOM quality.

Speakers

Douglas Schales

Senior Technical Staff Member, IBM

Doug Schales is a Senior Technical Staff Member at IBM Research. He has been involved in security research for over 30 years. His interests are in the areas of using generative AI for security, as well as the application of sketch and probabilistic algorithms in security.

Dhilung Kirat

Senior Research Scientist, IBM Research

Dhilung Kirat is a Research Scientist in the AI Supply Chain Security group of the Security Research department at IBM T.J. Watson Research Center. Dhilung received his PhD in Computer Science from University of California, Santa Barbara in 2015. His research interests revolve around... Read More →

Jiyong Jang

Principal Research Scientist, IBM Research

Jiyong Jang is a Principal Research Scientist at IBM Research. His research interests include most areas of computer security, with an emphasis on software and network security. His current research focuses on security analytics to detect advanced threats in complex networking systems... Read More →

Yue Xiao

Research Scientist, IBM Research

Dr. Yue Xiao is a Research Scientist at IBM Watson Research. She earned her Ph.D. from Indiana University Bloomington, focusing on GenAI security, privacy compliance, vulnerability assessment, and supply chain security. She has published in top venues (CCS, Usenix Security, NDSS... Read More →

Wednesday June 25, 2025 4:20pm - 5:00pm MDT
Bluebird Ballroom 3G

OpenGovCon

Audience Experience Level Any

4:20pm MDT

How To Stay Compliant With and Take Benefits From the EU CRA (Cyber Resilience Act) - Roman Zhukov, Red Hat

Wednesday June 25, 2025 4:20pm - 5:00pm MDT

Bluebird Ballroom 3D

The EU Cyber Resilience Act (CRA) aims to safeguard European consumers and at first glance it targets only the EU market. But in fact the entire OSS ecosystem falls under its scope as CRA creates mandatory cybersecurity requirements for vendors, distributors, integrators, even enterprise consumers and, in fact, the entire open-source ecosystem by introducing terms like “Manufacturer”, “Steward”, “Individual developer” among others. So, how to ensure **you** stay compliant?

I’ll cover what we, as part of the various working and regulatory expert groups, are doing to help the entire open-source community navigate the actual requirements. We’ll explore how these roles are played together by the leading industry players (yes, revealing some non-trivial scenarios) and what best practices and tools can be used right away for your organization or by you as an individual contributor. Finally, let’s discuss how we together should turn CRA into an opportunity to make open-source better for all.

Speakers

Roman Zhukov

Principal Security Community Architect, Red Hat

Practicing Cybersecurity expert, engineer and manager (15+ years), (ISC)2 CC (Certified in Cybersecurity). Currently - Principal Security & Community Architect at Red Hat. Ex. - Head of Product Security & Privacy for Data Center & AI SW at Intel. Roman has broad experience from security... Read More →

Wednesday June 25, 2025 4:20pm - 5:00pm MDT
Bluebird Ballroom 3D

Operations Management

Audience Experience Level Beginner

4:20pm MDT

Continuous Compliance in Open Source: Safety Assurance Through SBOM-Driven Traceability in ELISA - Rinat Shagisultanov & Troy Sabin, InfoMagnus, LLC

Wednesday June 25, 2025 4:20pm - 5:00pm MDT

Bluebird Ballroom 2D

As open-source adoption expands into safety-critical domains, ensuring continuous compliance is a growing challenge. This session, grounded in the ELISA (Enabling Linux in Safety Applications) project, explores how SBOM-driven traceability can bridge the gap between open-source development and regulatory safety requirements. We’ll cover how SPDX 3.x, automated CI/CD workflows, and tools like ELISA’s BASIL enable traceability between compliance requirements, validation tests, and software components. Attendees will gain insights into best practices for managing SBOM evolution, mitigating risks in change impact analysis, and integrating compliance automation into modern DevOps pipelines. Whether you’re in open-source governance or safety-critical software engineering, this session provides actionable strategies to align compliance with innovation.

Speakers

Rinat Shagisultanov

VP of Technology, InfoMagnus

Creative and Innovative technology strategy advisor with 25+ years of experience envisioning, implementing, and communicating products, services and processes to business and IT stakeholders while leading, inspiring and building trust. Rinat is holding degrees in MS Computer Science... Read More →

Troy Sabin

Chief Architect, InfoMagnus, LLC

Troy is a digital strategist and software architect focused on building innovative products with web, mobile, cloud, and AI technologies. He works at the intersection of business, tech, and design—helping cross-functional teams turn ideas into real-world solutions. Troy has launched... Read More →

Wednesday June 25, 2025 4:20pm - 5:00pm MDT
Bluebird Ballroom 2D

Safety-Critical Software

Audience Experience Level Intermediate

4:20pm MDT

If I Could Turn Back Time - What Open Source and Tech History Tells Us About the Future - Melissa Evers, Intel

Wednesday June 25, 2025 4:20pm - 5:00pm MDT

Bluebird Ballroom 2E

In this session, we will examine critical moments in Open Source history, from the early days of the kernel and birth of the Linux Foundation, to Software defined networking, to Containerization and Cloud Native, to Web, to AI; examine what can be distilled as transcendent truths, and what that tells us about our future? How should it inform the ways we build our software strategies? Attendees will leave inspired, curious and wanting to learn more.

Speakers

Melissa Evers

Vice President - Office of the CTO, GM of Software and Ecosystem Enablement, Intel

Melissa Evers is Vice President in the Office of the CTO and General Manager of the Software Ecosystem Enablement organization at Intel Corporation where she is responsible Software ecosystem and developer programs. Melissa holds a bachelor’s degree in engineering and an MBA from... Read More →

Wednesday June 25, 2025 4:20pm - 5:00pm MDT
Bluebird Ballroom 2E

Wildcard, Operations Management

Audience Experience Level Any

4:40pm MDT

Expanding the OpenChain Standards Portfolio - More Sister Standards? - Shane Coughlan, The Linux Foundation

Wednesday June 25, 2025 4:40pm - 5:00pm MDT

Bluebird Ballroom 2F

A discussion has opened inside the OpenChain community regarding what future standards may join the existing portfolio of ISO/IEC 5230 for license compliance and ISO/IEC 18974 for security assurance.

The focus of the OpenChain Project is on building trust in the supply chain, and on doing this from the perspective of compliance matters. In the last year, the project has begun to prepare guides for SBOM Quality Management and AI Bill of Material Compliance in the Supply Chain. Both of these read against the project charter and mission.

This talk will explore how these two guides could potentially grown into future ISO standards via the existing practices of the OpenChain Project and lessons learned in making ISO/IEC 18974 in the 2023/2024 period. Rather than announcing new standards, the talk is sharing the processes involved in consideration, to illustrated how open projects address ideas and proposals from all parties in a genuinely inclusive manner.

Speakers

Shane Coughlan

OpenChain General Manager, The Linux Foundation

Wednesday June 25, 2025 4:40pm - 5:00pm MDT
Bluebird Ballroom 2F

Standards + Specifications

Audience Experience Level Intermediate

6:00pm MDT

Attendee Reception

Wednesday June 25, 2025 6:00pm - 9:00pm MDT

Meow Wolf

Explore mind-bending exhibits and interactive installations while networking with fellow open source enthusiasts. As you wander through the venue’s four levels, you’ll stumble upon delicious food and drinks spread out throughout the space, immersing you in a vibrant, creative atmosphere perfect for unwinding after a day of insightful sessions.

Feel free to return to the Perplexiplex on floor 1 as your home base if you need help with wayfinding. Don’t miss this unique opportunity to combine art, technology, and community in one of Denver’s most exciting venues.

Transportation will be provided.

Wednesday June 25, 2025 6:00pm - 9:00pm MDT
Meow Wolf 1338 1st St, Denver, CO 80204

Special Events / Exhibits / Breaks