A minimal and secure OS for IoT, devices and embedded systems.
12 years LTS with a whole new armoury of Linux security capabilities to ensure strict confinement. Leverage a clean separation between the kernel, OS image and the developers’ applications, providing a secure and immutable OS.
Disks are locked with private key-based cryptography. Private keys for hardware, TPM and other layers are securely stored. Symmetric key encryption is enabled by the use of specialised software-enabled stores.
Each component in the boot sequence cryptographically validates the authenticity of the subsequent component. Every component is measured before it’s loaded in the runtime memory space.
Over-the-air (OTA) updates guarantee secure and stable software in any location. You decide which updates are signed, certified and delivered to your devices. Plus, Ubuntu Core keeps the last working boot so you always have a safety net.
Landscape delivers comprehensive management capabilities across the full scope of your device fleets. Stay in control with features including canary releases, remote device remodelling and system monitoring.
Validation sets guarantee the installation of required applications with fine-grained permissions. What’s more, you can update applications consistently and simultaneously, improving out-of-the-box experience for end-users.
Ubuntu Core offers a recovery mode that can be activated manually when booting, or remotely via an API call. It additionally offers a graphical user interface to manage recovery options. Configuration settings are backed up in the recovery system.
The real-time kernel integrates the PREEMPT_RT patchset to reduce kernel latencies as required by the most demanding workloads, guaranteeing a time-predictable task execution.
Ubuntu Core’s remodelling feature enables you to change any of the elements of your device’s model assertion. Brand, model, IoT App Store ID or version can be changed to simplify device rebranding for resellers.
Ubuntu Core is ideal for embedded devices because it manages itself. Snaps, Snapd and Snapcraft bring security and robustness. Applications are easy to install, easy to maintain, and easy to upgrade.
Ubuntu Core is built from snaps, a secure, confined, dependency-free, cross-platform Linux packaging format. Snaps are entirely self-contained, even to the point of encapsulating their own file system. This means they include everything they need to run in any environment. They're used by Ubuntu Core to both compose the image that's run on a device, and to deliver consistent and reliable software updates, even to low-powered, inaccessible and remotely administered embedded and IoT systems.
Snapd is the background service that manages and maintains installed snaps. Alongside its various service and management functions, snapd:
Snapcraft is a powerful and easy to use tool for building and publishing snaps. It helps you:
Ubuntu-image is your tool to generate bootable Ubuntu Core images for your application and targeted hardware. With Ubuntu-image, you can:
Ubuntu-image can be installed on a snap-supporting Linux system as follows:
Ubuntu Core simplifies your security compliance
You need to know your software is pristine; not just for installation, but for the lifetime of the device. Immutable packages and persistent digital signatures mean Ubuntu Core can verify any software component at any time, to guard against corruption and attack.
Comply with cybersecurity requirements and build a reliable business.
Whether you are a startup bringing your concept to market or already have large fleets of devices deployed in the field, we have the expertise and infrastructure to launch and support you.