Operations | Monitoring | ITSM | DevOps | Cloud

Beyond safety and security: Why automotive open source demands dependability

In the traditional automotive world, teams often work in silos: the cybersecurity experts lock down the ports, the quality assurance teams hunt for bugs, and the functional safety engineers track the ISO 26262 compliance. At Canonical, we believe this fragmented workflow causes friction rather than collaboration. You cannot have a safe vehicle that isn’t secure, and you cannot have a secure vehicle running on poor quality code. This friction results in a slow and rigid development process.

Building an open source chain of trust: new research uncovers key blockers and ways forward

Canonical is pleased to share its latest research report, “The open source chain of trust.” Based on a survey of 500 DevOps professionals, the report highlights how organizations approach their open source software supply chains. While many companies are moving toward verifiable provenance and automated security workflows, internal misalignment and disjointed approaches remain serious challenges for most teams. Read the report.

Challenges designers face in open source (and how to fix them)

Open source software (OSS) is a cornerstone of modern technology. According to the Linux Foundation, it powers up to 90% of software tools used today. Unlike proprietary software, OSS is developed collaboratively, meaning its code is available for anyone to use, change, and distribute. Because OSS projects have historically been driven by developers, they tend to be highly flexible and functional, but they can lack critical usability considerations.

Canonical announces live kernel patching for Arm64

Canonical Livepatch now officially supports Arm64, further expanding its security patching automation capabilities. For the first time, Ubuntu on an Arm64 machine can apply critical kernel updates, without service interruption or rebooting. Starting with Ubuntu Core 26 for Arm64, and for Ubuntu Core 20 and onwards for AMD64 machines, a wider range of devices and cloud virtual machines can achieve timely vulnerability remediation through Canonical Livepatch.

So you need to add microcontrollers to your fleet: now what?

Your Ubuntu Core fleet is running beautifully. OTA updates roll out in minutes. Every device is strictly confined, cryptographically attested, and carrying a 10 to 15 year long term support (LTS) commitment. The operational team sleeps soundly. Then the product roadmap meeting happens. The industrial floor needs vibration sensors on every motor. The smart building needs temperature nodes in every room. The cold chain system requires dozens of low-power Bluetooth tags. And someone just said the words.

Validating real-world skills through Canonical Academy

In an increasingly volatile job market, standing out from the competition is vital. For many in the open source community, formal recognition for self-taught skills is a significant challenge. These skills are often built through hands-on hobbies, side projects, and deep community contributions. While the market is flooded with certificates and certifications, most fail to reliably measure practical execution, or fall behind the rapid pace of industry changes.

Template: Streamlining open source design contributions

As designers working at Canonical, we’re always thinking about open source. We believe that encouraging more designers to contribute to open source benefits everyone, from the project maintainers to the end users themselves. In the 2025 edition of FOSSBackstage conference, we presented our research findings on why designers don’t get involved in open source projects and found a particular breakdown between designers and project maintainers.

Beyond Mythos: responding to a new threat landscape

Canonical’s security philosophy has always been built on the premise that vulnerabilities exist and will be discovered. Our response relies on defense-in-depth architecture, rapid patch deployment, and strict adherence to Coordinated Vulnerability Disclosure (CVD). AI changes vulnerability discovery volume and speed. We have a robust vulnerability management process that is backed by rigorous compliance certifications.

The next era of telco clouds: get open infrastructure choice with Sylva and Canonical Kubernetes

The telco industry is undergoing a fundamental change. Over the past few years, the increasing maturity of cloud-native infrastructure has accelerated the movement from manually operated and hardware-centric systems to automated, software-defined platforms. Underpinning this change are open source initiatives such as the Sylva project. Sylva is hosted by Linux Foundation Europe and heavily backed by major telecom operators and vendors.

AI at the edge: simplifying infrastructure with Cisco and Canonical

Legacy infrastructure was not designed for the requirements of the AI era. While large-scale model training remains centralized in data centers, test-time inference is rapidly shifting to the edge to reduce latency and bandwidth consumption. This shift creates a new frontier for enterprise AI, but deploying at the edge introduces significant manual complexity, interoperability issues, and security vulnerabilities.