The test harness (aka board farm) was initially designed to enable automated testing of Linux drivers on actual hardware. This ultimately became a way to implement continuous testing on hardware, every commit or PR, a build and test is run, and results are reflected back to the commit. It is designed to cater a wide range of peripheral devices and platforms mainly for Analog Devices' Kuiper Linux distribution which is built with more than 1000 Linux device drivers compatible with Xilinx and Intel FPGAs, Raspberry Pi boards, and several other platforms.

This talk covers the design and implementation of such a fully automated test harness. The implemented architecture leverages the use of readily available components/technologies such as Jenkins, Docker, NetBox, and JFrog Artifactory and, at the same time, includes custom-built tools that can be tailored and extended to support existing or new devices and platform types.

This talk will also cover how the team handled the challenges encountered while implementing and addressing features such as resource queueing to minimize waiting time of running builds and also how we make use of sdcardmux to handle recovery.

Triton Inference Server has long been a reliable tool for AI model deployment. As Generative AI unfolds its transformative potential, Triton continues to evolve, offering both time-tested features and new capabilities tailored for large language models and more complex agentic workflows.

This session explores how Triton’s core strengths continue to play a crucial role in optimizing generative AI deployments. These include its robust multi-framework support, dynamic batching, concurrent model execution, and the capability to deploy complex inference pipelines through model ensembling and business logic scripting.

We’ll also cover recent enhancements such as OpenAI compatible frontend, allowing easy integration with existing OpenAI-based applications; Python-based backends to standardize the deployment of Python models without writing a custom C++ backend; Triton CLI to simplify model deployment and management; distributed inference enhancements for Data Center scale.

Throughout the presentation, we’ll share practical examples and best practices, equipping our listeners with the knowledge to effectively use Triton Inference Server to optimize AI workloads’ performance and efficiency.

Maintainers are responsible for technical oversight and key decisions in open source projects. Contributor ladders, found in projects like OpenTelemetry and Apache, define the journey from contributorship to maintainership. Divya Mohan and Natali Vlatko exemplify this path, having "accidentally" risen to leadership as co-chairs of the Kubernetes Documentation Special Interest Group (SIG).
But how does one stumble into leadership, and how can we make this process intentional? In their talk, Divya and Natali will share their experiences alongside insights from other leaders in the CNCF ecosystem. They will discuss how contributions—like decision-making, completing essential tasks, and sharing knowledge—cultivate a community that fosters leadership. Discover how elevated permissions can be perceived as leadership roles, how contributors who answer questions become mentors, and recognize if you’re already demonstrating these leadership qualities.
Join along to learn about the leadership tasks Divya and Natali perform as SIG co-chairs and how you can leverage your skills to lead in your project.

Refreshing long-standing policies in OSS communities can be a long and difficult process. Last year at OSS Summit NA, we discussed getting to the mid-point in our journey in developing a new trademark policy for the Rust community. Following a lot of further work, consultation, and iteration, and final board approval, we are now able to reflect on the whole process of redeveloping a legal policy with an OSS community, the pitfalls, challenges, and paths to success.

As a former FAANG engineering leader who's interviewed 100s of candidates, I've seen brilliant engineers crumble under the pressure of system design interviews. In this hands-on workshop, we'll build tools I wish every candidate (including myself) had before walking into interview rooms.

Together, we'll create:

* A system design scenario generator based on real FAANG questions
* Interactive simulators showing how architectures perform under load
* Visual tools demonstrating distributed systems concepts (CAP theorem, consistency models)
* Performance comparison tools for evaluating architectural trade-offs
* Failure scenario simulators revealing resilience thinking

Candidates often fail not from lack of knowledge, but inability to visualize and communicate complex systems under pressure. The market is competitive & rife with layoffs. These tools aren't just about getting hired - they're about ensuring talented engineers find positions where they'll thrive.

We'll use OSS (ONLY) to make abstract concepts concrete, giving you both valuable tools and insider perspective on what FAANG interviewers are really seeking when they ask you to design a system from scratch.

What if you got a second chance to build an Event Driven Provenance service? In this talk I will cover the decision to start over, rewrite, and Open Source the Event Driven system we built in house. In the process of covering the things we changed and the things we kept I tell a few war stories. Add in what needed to be improved and what we left behind. I will talk about our involvement in the CD Foundation and how the new system can leverage CDEvents and help with SBOM storage and retrieval. Demo and Discussion included dependent on time allotment.

When driving on a highway, you have to follow the rules of the road—some apply to everyone, while others only apply to commercial drivers. Open source maintainers and software publishers face a similar divide regarding regulatory compliance.

While software manufacturers must meet extensive legal and security obligations, open source maintainers often assume these regulations do not apply directly to them—but do they? In this talk, we’ll separate fact from fiction by breaking down what rules like the EU Cyber Resilience Act require from maintainers versus software vendors.

We’ll explore the limited enforceable obligations for open source projects, including secure development policies and vulnerability reporting, and discuss when (if ever) these rules impact maintainers. By understanding these distinctions, open source contributors can make informed decisions about risk, responsibility, and collaboration with commercial software teams—without unnecessary compliance burdens.

Open source is woven into nearly all modern technology, making it more important than ever to support new contributors – but entering the world of open source contribution can be a daunting experience. There are unspoken norms to understand, new tools and best practices to learn, and a whole lot of code to navigate.

In 2023, the UC Santa Cruz OSPO launched a summer mentorship program to support students from Historically Black Colleges and Universities (HBCUs) contributing to open source. Over the course of eight weeks, each tight-knit cohort learns how to productively contribute to a project of their choosing, while working together both in-person and remotely. Program alumni have returned as peer mentors, spoken at conferences, been interviewed for podcasts, and accepted paid work in open source.

This session will showcase the perspective of both current participants and program alumni, offering insight into how we can all work together to make open source more welcoming and inclusive. Whether you're looking to engage diverse new contributors, or you're just curious about the novice experience, you'll be sure to learn something new!

Community management in open source is often a catch-all role, with one person juggling contributor engagement, content, events, and growth. But no single individual can—or should—do it all. As projects scale, a structured, team-based approach becomes essential.

This talk introduces a four-part framework for building an effective community team:

- Community Caretakers – Foster an inclusive, welcoming space, ensuring contributors feel heard, valued, and engaged.
- Content Creators – Develop documentation, blogs, and educational materials.
- Growth Drivers – Expand the community through outreach and advocacy.
- Organizers – Handle logistics, events, and data to keep things running smoothly.

We’ll explore why many projects struggle with community management, the pitfalls of prioritizing outreach over engagement, and how a scalable team structure prevents burnout, improves retention, and ensures long-term sustainability.

Whether you're launching or scaling a project, this session provides a practical roadmap for turning fragmented community efforts into a high-impact, sustainable team.

Open source contribution is often portrayed as a straightforward journey starting with "good first issues," but the reality is far more nuanced and personal. In this heartfelt talk, I'll share my transformative journey from an overwhelmed beginner to a purposeful contributor, highlighting how I discovered sustainable joy in open source development. Through personal stories and lessons learned, I'll discuss navigating common pitfalls like contributor fatigue, the "what's in it for me" mindset, and the good-first-issue trap. I'll share how local meet-ups, in-person conferences, and finding my passion in accessibility—particularly through my work with the Deaf and hard-of-hearing working group—helped me carve a meaningful path. This talk will provide practical insights for contributors seeking to build a fulfilling, long-term relationship with open source while maintaining their well-being and making a genuine impact on the community.

Note: I'm deaf and this talk reflects my own journey in open source. I'm okay to present this as lightning talk as well.

When you think about the role of "design" on an infrastructure team, it's common to think about slicker interfaces or nicer branding. While that might be true, the impact of design-thinking can go far deeper.

In this talk, we'll walk through an unlikely collaboration between our platform engineers and product designers and how this partnership has enabled deep, strategic change from the bottom up.

We'll talk about how we went from "building a technology" to "building a product", allowing us to both increase adoption to our platform and improve our overall product across a balanced mix of developer needs and business asks -- all without sacrificing platform reliability or quality.

We’ll also share tips on how to bring this kind of thinking to your platform team, with or without dedicated designers.

Achieving end-to-end data integrity is essential for modern storage systems, yet Linux still faces challenges in providing full-stack protection. This session explores recent improvements in Linux’s data integrity framework. Specifically this presentation shares detail about:

1. A new io_uring interface that enables applications to attach metadata with I/O requests, ensuring robust data protection.

2. Optimizations to existing integrity mechanisms that improve performance, reduce overhead, and enhance flexibility, all of which have been merged into the mainline kernel.

3. Lastly, we highlight a novel mechanism that allows filesystems to fully utilize device integrity features and helps optimizing host and device resource utilization.

This presentation will deliver in-depth technical insights into these advancements and their role in strengthening Linux storage reliability.

Context propagation is the cornerstone of observability in distributed systems, but traditional approaches often falter in non-linear workflows like message queues, event-driven architectures, state transitions, or shared resources. Span links powered by OpenTelemetry, bridge this gap by enabling connections between spans across unrelated execution contexts.

This session explores a practical use case where span links augment context propagation in an event-driven microservices system. We'll demonstrate how to track a single user's transaction across services that communicate asynchronously. Using tools like OpenTelemetry and compatible backends, we'll show how span links resolve visibility challenges, uncover hidden latencies, and maintain trace continuity even when the standard parent-child relationships break.

The Linux ecosystem—spanning upstream mainline, stable and LTS branches, and downstream distributions like Ubuntu and Android—relies on patch porting to ensure stability and security. However, concerns persist about delayed or incomplete patch propagation. By mining software repositories across 28 Linux branches (e.g., Android,Ubuntu,Debian,OpenSLE and etc) and 584K patches., we uncover diverse patch porting strategies and their trade-offs, measured through patch delay, patch rate, and bug inheritance ratio. We also analyze the factors influcing the patch porting practices and offer actionable insights to enhance patch flow efficiency and strengthen the Linux ecosystem.

Open Mobile Hub and LF Research partnered this year to explore the state of mobile application development in the face of a fragmented and monopolistic market with growing numbers of new devices to integrate. In this session, a panel of research team members from the Linux Foundation and Open Mobile Hub will discuss the findings of their research, examining the insights generated from interviews with mobile application experts across the community. Discussion topics will include hindrances to market entry, current pain points from integration with diverse services, and the APIs that developers care most about. Panelists will deliberate on, from a cross-platform perspective, the preferred frameworks to build mobile applications and the importance of open source in this context. An important use case in this discussion will be the development of wallets and payments ecosystems, with OpenWallet Foundation represented in the conversation. Grounded in the findings from this study, audience members will shift their thinking around accommodating a walled-garden approach to a more open, streamlined, and standardized application ecosystem.

Additional Authors: Jiyong Jang & Douglas Schales, IBM Research

Software supply chain attacks have surged in recent years, posing significant threats to organizations. In response, Software Bill of Materials (SBOMs)—structured inventories that document software components—have been proposed to enhance supply chain transparency, track dependencies, and manage vulnerabilities. Despite increasing adoption, their correctness and completeness in real-world open-source ecosystems remain largely unexamined. Incomplete SBOMs can result in overlooked vulnerabilities while incorrect dependency may waste resources on non-existent issues.

This talk introduces JBomAudit, an open-source tool to automatically verify Java SBOMs by systematically assessing their correctness and completeness against NTIA minimum requirements. We will cover technical details of JBomAudit, demonstrate how it examines missing and incorrect dependencies, and present findings from our large-scale analysis of over 25,000 Java SBOMs, highlighting the prevalence of non-compliant SBOMs and security implications. We will also discuss common pitfalls in SBOM generation, analyze the root causes of non-compliance, and provide actionable recommendations to improve SBOM quality.

In this session, we will examine critical moments in Open Source history, from the early days of the kernel and birth of the Linux Foundation, to Software defined networking, to Containerization and Cloud Native, to Web, to AI; examine what can be distilled as transcendent truths, and what that tells us about our future? How should it inform the ways we build our software strategies? Attendees will leave inspired, curious and wanting to learn more.