Proposals

Eclipse KeySealer provides an open source KMS plugin for Kubernetes encryption at rest.

The initial implementation is based on k8s-kms-plugin, a gRPC service that implements the Kubernetes KMS v2 API and connects Kubernetes to a local or remote PKCS #11-capable key store. The plugin enables Kubernetes clusters to protect API data, such as Secrets, by using a key encryption key stored in an HSM, TPM-backed provider, software token, or external key manager exposed through PKCS #11.

Eclipse KeySealer is intended to provide a vendor-neutral home for Kubernetes KMS integrations with hardware-backed and externally managed keys. It helps Kubernetes operators use protected keys without depending on a single cloud provider, hardware vendor, or proprietary key-management integration.

The project is designed for production-oriented Kubernetes deployments where data-at-rest encryption, key isolation, key rotation, auditability, and interoperability with existing cryptographic infrastructure are important requirements.

The Eclipse Dataspace Hub is a community-driven enablement project that lowers the entry barrier for developers and organizations adopting dataspace technologies, such as the Eclipse Dataspace Components (EDC), the Connector Fabric Manager (CFM), or Data Plane implementations.

The project addresses key challenges facing dataspace newcomers: fragmented documentation, scattered repositories, and a lack of hands-on examples. It is structured around three complementary areas: (1) a comprehensive library of sample code and reusable templates provides reference implementations for common EDC extensions and integration examples with external systems; (2) fully functional end-to-end demonstrators illustrate realistic cross-organizational data sharing scenarios; (3) a centralized, community-maintained knowledge base consolidates core concepts, architectural patterns, and operational guidance in one accessible location.

What it is not: The project does not engage in core dataspace specification development or maintain production-grade code. It focuses exclusively on education, enablement, and demonstration. Any enhancements or bug fixes identified during sample development are contributed upstream to the appropriate repositories.

The project builds upon existing Eclipse dataspace technologies and aligns with prominent dataspace initiatives to foster interoperability across data ecosystems.

Eclipse Canon-C is a header-only semantic standard library for C99 targeting safety-critical embedded systems. It provides explicit ownership annotations, Result and Option types, arena allocation, fixed-capacity collections with caller-owned buffers, traceable contracts, and a coherent error-handling model — all designed for formal verification with Frama-C and certification under DO-178C, ISO 26262, IEC 62304, IEC 61508, EN 50128, and ECSS-E-ST-40C.

The library follows a strict dependency hierarchy: core/primitives → core → semantics → data → algo → util. Each layer is complete and independently usable. The core layers are freestanding-safe, with no RTOS, OS, or libc dependencies, allowing Eclipse Canon-C to run on bare metal, on Eclipse ThreadX, or alongside any other RTOS including FreeRTOS and Zephyr.

Eclipse Canon-C's continuous integration pipeline produces certification evidence as a normal part of every commit: 51 test binaries across GCC, Clang, and MSVC on three platforms; AddressSanitizer and UndefinedBehaviorSanitizer in every Debug build; Valgrind memory analysis; libFuzzer fuzzing; clang-tidy and Cppcheck static analysis; MISRA C:2012 advisory checks; and true Modified Condition/Decision Coverage measurement using GCC 14's -fcondition-coverage flag. The verification infrastructure is in place; ACSL annotations and Frama-C proofs are the next planned milestone.

Eclipse PanEval is an open-source large model evaluation platform and framework, designed to establish scientific, impartial, and open evaluation benchmarks, methodologies, and toolsets. It comprehensively assesses foundation model performance across language, multimodal, vision, and speech domains.

Core framework: A three-dimensional evaluation system based on "Capacity – Task – Metrics":
- Capacity: defines the scope of model capabilities ("What to evaluate?")
- Task: the form used to assess model capabilities ("How to evaluate?")
- Metrics: quantitative assessment from multiple perspectives ("How to measure?")

Eclipse PanEval covers 4 major model categories and 40+ evaluation tasks, with Safety & Robustness as a cross-cutting evaluation dimension for all categories.

Eclipse Timpani is a real-time scheduling framework designed for AI-Defined Vehicle (AiDV) applications. As a submodule of the Eclipse Pullpiri orchestrator, Timpani focuses on ensuring deterministic execution of real-time workloads where timing predictability is critical.

Timpani implements Time-Triggered Scheduling based on Time-Triggered Architecture (TTA) principles, proven approaches used in avionics and automotive safety-critical systems, executing tasks based on static schedule tables at predetermined periods with strict timing guarantees. The framework leverages Linux real-time scheduling policies (SCHED_FIFO, SCHED_RR) for priority-based task management, while providing eBPF-based observability for non-intrusive monitoring of scheduler behavior including wakeup latency and execution statistics.

The distributed architecture separates orchestration (Timpani-O) and execution (Timpani-N) components, enabling Pullpiri to manage real-time workloads across multiple nodes through declarative YAML-based configuration.

Key Features:

• Time-Triggered Execution: Deterministic periodic task dispatching
• Distributed Architecture: Separation of global scheduler (O) and node executor (N)
• eBPF Observability: Runtime visibility into scheduling behavior with minimal overhead
• Pullpiri Integration: Seamless orchestrator integration via gRPC services
• Mixed-Criticality Support (Planned): Coexistence of workloads with varying safety levels

Eclipse SDV Hephaestus ensures low efforts for contributors to participate in a Eclipse SDV project, the implementation is based on open source tools. The starting point for this project is the Eclipse S-CORE toolchain, which will be reviewed to determine how it can be made ready for use by other projects within Eclipse SDV Working Group. To ensure an qualification process compliant to ASPICE and ISO 26262, a solution will be developed to release a qualified product. This includes checking existing available approaches, such as those from RedHat.

Core Principles

• DRY (Don't Repeat Yourself): Centralize non-differentiating toolchain components so each project can focus on its domain-specific innovation
• Open Source by Default: Use open-source tools. Closed-source extensions may be integrated via well-defined plugin interfaces, but are never required
• Composable and Overlay Architecture: Projects can adopt the full toolchain or only the parts they need. Partial adoption is a first-class use case

The project will be hosted in one GitHub organization with multiple repositories. It will feature a modular architecture, ensuring that partial usage of the toolchain is possible. It will provide a central starting point for developers and support multiple languages, first including C++ and Rust.

Requirements will be defined through feature requests and issues, then reviewed with Eclipse SDV Working Group projects (e.g. presentation to the TAC).

Technical Details

The project is structured into four architectural layers, with AI integration running as cross-cuttingly across them.

Layer 1 - Build & Dependency Management:

Defines how the software is built and how dependencies are resolved. Built on Bazel as a starting point. 

Layer 2 - Environment Management & Tool Provisioning:

Ensures all required tools and compilers are available in the correct version and configuration. Standardizes Environment Setup with tools like OCI-Container and other tools e.j. Nix, Moon/Proto (to be evaluated).

Layer 3 - Task Runner & Automation:

Provides a uniform command line interface for common workflows e.g. (build, test, lint, format, flash, run, package, simulate). Shields developers from underlying tool complexity. Aligns CI/CD pipelines, build agents, and remote execution with the same conventions used locally.

Layer 4 - Development Environment & Enablement:

Delivers a ready-to-use, pre-configured development environment with no manual setup.

Cross-cutting AI Integration:
Provides intelligent support across all layers: analyzes build/test/tooling outputs, suggests fixes and improvements, assists with configuration and workflow execution. Initial use case: automated dependency tree reasoning explaining why direct and transitive dependencies are included, useful for FOSS analysis.

Pros and Cons of the Proposed Solution

Pros:

• Eliminates redundant toolchain development across SDV projects, freeing resources for domain innovation
• The harmonized Bazel-based build system simplifies multi-project integration significantly
• Modular design allows partial adoption, no all-or-nothing migration required
• Qualification readiness (ASPICE, ISO 26262) reduces compliance effort per project
• Automated SBOM generation and FOSS/SCA scanning reduces security and license review overhead

Cons:

• Governance complexity: cross-project decisions require broader consensus, which may slow iteration
• Migration effort: existing projects face upfront investment to adapt to the unified toolchain
• Dependency risk: adopters become coupled to the project release cadence and maintenance health

Eclipse Docks is a modular, extensible web application framework for building desktop-like applications. It provides:

• Application and extension loader: Dynamic app registration and lifecycle, extension discovery and dependency resolution, and contribution registration.
• Contribution system: Declarative UI contributions (tabs, toolbars, commands, panes) targeting well-defined areas (e.g. sidebars, editor area, bottom panel).
• Command system: Context-aware commands with multiple handlers, key bindings, and exposure as tools for AI agents.
• Core services: Workspace (file system abstraction and persistence), settings, editor registry, task service, event bus, and dependency injection.
• Optional extensions: AI system (multi-provider LLMs, agents, tools), RAG, Monaco editor, notebook, Python terminal, Git, WebDAV, and others, loadable on demand.

The framework is built with TypeScript and Lit (web components standard). It is suitable as the base for desktop-style applications, coding environments, and other tooling that need a consistent UX model and extension story.

CORE-ETSP combines many-core RISC-V-based RTL with MRAM and thus creating a basis for the next generation ET Silicon Platform design. It can be deployed either in a traditional configuration with the host CPU accessing ETSP as an Intelligent RAM (replacing SRAM and Flash) via Hyperbus OR as a self-hosted array of microcontrollers (with or without a host CPU). 

When combined with the development platform (composed of various open upstream components), ETSP platform is a comprehensive solution for fast and low-power AI inference workloads at the edge. Multiple verticals and embedded AI systems in manufacturing, robotics and drones, and security systems may benefit from ETSP.

The Eclipse SDV Landscape project provides a comprehensive, visual, and continuously maintained overview of all Software-Defined Vehicle (SDV)–related projects hosted under the Eclipse Foundation. The project delivers a website that categorizes and presents Eclipse SDV projects in a clear, structured, and easily navigable way, supporting discover-ability, orientation, and communication across the SDV ecosystem.

The project builds on existing information of the Eclipse Foundation PMI and relies on existing official Eclipse Project APIs.

The Eclipse SDV Landscape is the official, community-maintained reference for the SDV Working Group and its stakeholders.

The project is providing 

1. Eclipse SDV Landscape public Website
   • Interactive visual overview of SDV projects
   • Hosted via Eclipse infrastructure or approved hosting
   • Organize projects by functional categories (e.g., tooling, middleware, RTOS, AI, digital twin, orchestration, etc.)
   • Exportable views (e.g., PNG, SVG) for presentations and documentation
   • Allow easy updates as projects are added, retired, or reclassified
2. Open Source Repository
   • Source code for generating and maintaining the landscape
   • Configuration and metadata describing SDV projects
   • Documentation for contributors and maintainers
3. Contribution Guidelines
   • Clear process for adding, updating, or removing projects
   • Alignment with Eclipse Foundation branding and policies

Out of Scope

The project will not:

• Replace official project documentation or websites
• Provide technical integration or dependencies between projects
• Act as a governance or compliance tool
• Host or mirror project artifacts or code beyond the landscape itself

The Eclipse Connector Fabric Manager includes:

- A tenant management and provisioning system that can be extended to support a variety of dataspace-related services.
 - A multi-role user interface that supports operators, B2B resellers, and end users for tenant management and service provisioning.
- A demonstrator sample