Proposals

Cyber Resilience Attestations

Thursday, September 18, 2025 - 08:51 by Æva Black

The objective of this project is to propose a means to support the due diligence responsibilities of manufacturers who rely on F/OSS components in a way that, rather than burdening F/OSS maintainers or stewards, helps to sustain F/OSS projects and facilitates interaction with both market surveillance and vulnerability coordination functions at the national and ENISA levels.

Voluntary security attestations offer an opportunity to proactively strengthen the security posture of F/OSS by enabling a wide range of stakeholders, from developers and stewards to integrators and public authorities, to participate in a structured and trustworthy process of security validation.

Eclipse Data Plane Core

Tuesday, August 26, 2025 - 08:46 by James Marino

The Eclipse Data Plane Core project provides:

  • Data plane SDKs for Go, Java, .NET, Rust, and Typescript. Other languages may be added in the future based on community feedback.
  • A Rust-based data plane implementation for transferring data over HTTP compatible with the Data Plane Signaling Specification.

Eclipse SageTea Runtime

Sunday, August 3, 2025 - 12:43 by David Long

Eclipse SageTea Runtime contains:

• Smalltalk based source code for the development of Object-Oriented software written primarily in Squeak Smalltalk

• Smalltalk based source code for the development of Low Code AI Software to be included in other Eclipse Software Projects

• Smalltalk based source code for the SAGETEA Postgresql database (for new RAG implementations)

 

In the scope of the project: 

Adoption of WASM and associated APIs and tools

WASM is the new industry standard portable virtual machine which supports multiple languages with interoperability. It provides a robust security and language neutral component model addressing a major concern with todays browser-based applications . Google, Microsoft, Cloudflare have made significant investments in WASM and WAS.
 

Leveraging AI to Solve Historical Challenges

AI's advancements unlock solutions to challenges previously unsolvable for SageTea. Notably:
1. AI-Based Agents for Actions: The long-standing challenge of implementing Actions within
SageTea can now be addressed through AI-powered Agents. These agents, a burgeoning trend in AI, provide intelligent decision-making and process execution capabilities that complement
SageTea's framework.

2. LLM Integration for Code Generation: Recent experiments demonstrate that Large Language
Models (LLMs) can generate Smalltalk code directly from English statements. This capability
transforms SageTea into a low-code AI platform, making it more accessible and versatile for
developers and end-users alike.

3. SageTea as a RAG Database: The SageTea database's high performance and adaptability make it well-suited for Retrieval-Augmented Generation (RAG) systems. RAG combines traditional database querying with AI-driven reasoning, offering applications in industries such as knowledge management, customer service, and advanced analytics.

Eclipse Automotive Integration for AutoSD

Wednesday, July 30, 2025 - 06:31 by Leonardo Rossetti

Eclipse Automotive Integration for AutoSD uses an AutoSD image, built and tailored for its community, to run and test both Eclipse SDV projects and blueprints.

Eclipse Automotive Integration for AutoSD offers a foundation for projects to build, run and test their stack, components and services, including blueprints.

The image setup will expose projects into thinking how their projects or blueprints would work in an Mixed Critical Orchestration[0]  architecture.

Several upstream tools from the CentOS Automotive SIG can used, from building images[1] to performance testing[2], but this integration project could also provide its own set of specialized tools for Eclipse SDV, to ease the process of deploying blueprints into this reference AutoSD image and so on.

This integration project gets several supported platforms (read boards) for free[3], including virtual ones, such as AWS and Azure, allowing the possibility of running blueprints tests in said cloud providers.

[0] - https://sigs.centos.org/automotive/features-and-concepts/con_mixed-criticality/
[1] - https://gitlab.com/CentOS/automotive/src/automotive-image-builder
[2] - https://sigs.centos.org/automotive/performance_monitoring_with_pcp/#arcaflow-workflow
[3] - https://sigs.centos.org/automotive/provisioning/

Eclipse Open Vehicle API

Friday, July 25, 2025 - 07:13 by Thomas Pfleiderer

The Eclipse Open Vehicle API contains tools and a runtime to create a vehicle abstraction interface for signal- and event-driven functions. 

  • Component-based
  • Transfer existing signal-based ECUs to HPC
  • Implement new signal- and event-based vehicle functions
  • Vehicle independent implementation (vehicle abstraction)
  • Multi-vendor – open for play-store approach
  • Standardized interface for functions
  • Automate as much as possible – reduce coding
  • Allow HIL and SIL
  • Safety aspects for use with chassis and ADAS functions

PoC implementations for demonstration purposes

Eclipse aeriOS

Friday, July 25, 2025 - 03:01 by Ignacio Lacalle

In the ongoing quest to develop a comprehensive Meta-OS for the continuum, the landscape is marked by existing concepts and frameworks aimed at unifying edge, cloud, and IoT resources.

Compatibility with diverse container management frameworks

In a computing world where virtualization of workloads is imperative, some companies still base on Docker management, while others have shifted to cloud-native environments, mostly relying on Kubernetes-only setups. Eclipse aeriOS, however, stands out by leveraging existing concepts to significantly extend the current state-of-the-art architecture. It advances orchestration and management capabilities beyond what is currently available, offering a more flexible, robust, scalable, and efficient solution for the modern Cloud-Edge-IoT landscape. It offers the capacity to execute loads in both environments, and opens up customization for future incorporations (e.g., containerd, Wasm-based).

Seem centralized, act distributed 

Eclipse aeriOS overcomes the impression of vendor-agnosticity. Using a single interface, all resources are presented the same way for the user. They can be monitored and manipulated albeit residing in different networks, be owned by different companies or having disparate characteristics. Nonetheless, Eclipse aeriOS avoids centralization: the access to the information is ubiquitous and the orchestration decisions are taken in a decentralized manner. Thanks to balancing algorithms, the requests for workload commissioning (and other key processes) are handled in different spots avoiding single point of failure effects.

Standard-based communication and data management

The Meta-OS relies on using de-facto standard communication technologies, such as HTTP REST APIs, OpenAPI documentation, solid data formats such as NGSI-LD and tunnelling based on Fully-Qualified-Domain-Names for required networking (employing Wireguard VPNs). Also, due to inheriting from a research project, it aligns with impactful on-going initiatives, such as the TF3 Architecture from EUCEI.

What does Eclipse aeriOS provide?

It provides a series of components that are installed over a baseline infrastructure to be provided by the adopter (typically Kubernetes clusters, virtual machines, native systems or physical machines). 

Federation of domains

Infrastructure Elements (IEs) are the fundamental computing units Eclipse aeriOS, providing a unified runtime environment. A group of IEs forms a domain, the smallest administrative entity, sharing core services. Domains connect to form a Eclipse aeriOS continuum, supporting a federated orchestration model facilitated by the Context Broker Orion-LD which implements NGSI-LD interface. This structure ensures peer-to-peer collaboration among domains, enabling autonomous, decentralized decision-making and fine-grained resource control. 

As the Meta-OS builds on such concepts of Domains and Infrastructure Elements, it presents differences in the components to be installed based on the topology (that is decided by the IT administrator of the adopter entity).

Deployment of containerized workloads

Eclipse aeriOS introduces a two-layer orchestration model separating decision-making from execution. The High-Level Orchestrator (HLO) -a custom Python-based framework that employs Redpanda as messaging bus- acts as the decision engine, using global resource awareness to optimize workload placement across domains. It is formed of various modules, namely HLO Frontend, HLO Data Aggregator, HLO Allocator, HLO engine and HLO Local Allocation Manager. The Low-Level Orchestrator (LLO), which materializes in Go-based Kubernetes operators- handles local enforcement, translating HLO decisions into actionable commands on specific resources. This hierarchical design ensures scalability and adaptability without disrupting other domains.

Continuous observability of computing elements

To unify diverse and distributed resources, Eclipse aeriOS uses a Smart Data Model from project aerOS to abstract and pool them for dynamic workload execution. It gathers real-time data on resource capabilities and availability using Prometheus or customized scripts running on all Infrastructure Elements. This comprehensive view enables the Meta-OS to make efficient placement decisions and support proactive workload migration.

Unified management portal

Eclipse aeriOS is accessed via a web-based modern GUI that connects with the Meta-OS backend. It allows observing the computing resources and the deployed services, as well as to commission workloads (specifying the requirements) but also to compare the performance of such elements against relevant (edge, IoT) benchmarks. 

Move decision and intelligence to the edge

Nodes are no longer passive elements that take orders and push monitoring/logging data. In Eclipse aeriOS, those are (depending on their capacities) able to trigger local orchestration notifications (e.g., to offload if saturated), scale horizontally, detect anomalies on data or on their behaviour, and to adapt the sampling frequency to certain circumstances.

Trustworthiness in the continuum

Eclipse aeriOS integrates cybersecurity services for robust authentication, authorization, and access control, ensuring secure access to domain resources through role-based policies and validated identity registries (using LDAP). Its trust management framework assesses the reliability of Infrastructure Elements via a Trust Agent and Trust Manager, using metrics like behavior, health, and reputation. Trust and reputation are key, with mechanisms to ensure message immutability and trust-based resource selection (via the usage of IOTA Tangle). Security is handled holistically, combining centralized IAM (Keycloak, KrakenD) with encrypted communications (TLS, VPN) and fine-grained data access control. 

In addition, it includes the option of using Shapley weights to reinforce explainability of compatible ML models used over the Meta-OS.

Custom functions definition and deployments

Eclipse aeriOS embeds a customized version of OpenFaaS to allow the execution of one-shot, serverless applications on demand. Once installed (typically, in the most cloud-liked infrastructure of the continuum), the adopter may code and upload their own applications based on pre-defined templates, which could asynchronously trigger process such as ETA, data curation or statistics visualization in natively-equipped Grafana.

Eclipse OSILK

Wednesday, July 2, 2025 - 11:18 by Thierry Fraudet

Eclipse OSILK is an open source project providing modular, high-quality training material about Open Source and InnerSource, from basic to advanced concepts. Eclipse OSILK stands for Sharing OSS Knowledge Resources And Training for Education in Software. It is built with a "training-as-Code" philosophy, using AsciiDoc for ease of maintenance, modularity, and collaboration.

This modular training is provided as a webinar series that aims to foster a strong foundation in open source best practices, legal compliance, security considerations, and community engagement, all within the collaborative spirit of the Eclipse Foundation. Each module includes learning objectives, training materials and comprehensive and extensive speaker notes, so anyone can use the material out-of-the-box to give a training session or record a webinar.

The training modules can be forked by any organisation to tailor them for their particular environment.

Eclipse Intelligent Developer Agent

Monday, June 9, 2025 - 02:32 by Luc Olivier FO…

The Eclipse Intelligent Developer Agent project delivers an open-source suite of three interoperable components designed to support secure, decentralized, and model-driven software development:

- TModeler : a multi-language modeling and ORM engine that allows developers to define, validate, and bind complex data structures across platforms (C++, Java, Python), including spatial and secure fields.
- TSM : a synchronization engine that ensures real-time consistency between client and server model instances, eliminating the need for manually written APIs or bindings.
- THC : a cryptographic layer integrated at the model level, offering encryption, digital signatures, and identity management directly within the development workflow.

In-scope :
- Declarative model-driven development tools
- Automatic synchronization and code binding between frontend and backend
- Field-level cryptographic protection (encryption, signatures)
- Cross-platform compatibility (C++, Java, Python)
- Developer empowerment in under-resourced environments

Out-of-scope :
- Development of a full IDE or general-purpose cloud platform
- Standardization of formal APIs beyond this project’s context
- Proprietary deployment models or integration with closed-source ecosystems

The project complements existing development tools by automating and securing core architectural layers, without seeking to replace them.