Long-Term Software Maintenance for the NXP i.MX Family

Homepage Long-Term Software Maintenance for the NXP i.MX Family

You have selected cutting-edge NXP hardware, and developed a device brimming with value for your end-user, but is it secure? What about a year from now?

Unforeseen vulnerabilities in the device’s ecosystem could pose threats to your long-term success and more importantly, brick the device you’ve worked so hard to get to market.


So how can you prepare for the unexpected? What do you need to do?

To help answer these questions, and more, we teamed up with NXP for a webinar detailing the secrets of long-term software maintenance for the i.MX series.

Watch the full thing 👉or read our highlights 👇

Need i.MX software maintenance support?

The Next-Gen application processors are here

Thomas Aubin, Regional Lead, EMEA for NXP, introduced the highly anticipated i.MX 93 and i.MX 95 processors. The i.MX 93 is designed for ultra-low-power applications with an energy-flex architecture, while the i.MX 95 is positioned as NXP’s new flagship processor, capable of handling a wide range of compute-intensive applications.

Both processors are part of NXP’s long-term product support program, ensuring a minimum availability of 15 years.

“NXP is designing and investing in a lot of different solutions that will allow our customers to address the booming IoT market”.

Key features we are most excited about include:

  • Enhanced secure boot with Edgelock Secure Enclave
  • Improved ultra-low power support with Energy Flex Architecture
  • Integrated machine-learning accelerators
  • Enhanced connectivity support
  • Multi-sensory capabilities

CVE: What You Need to Know

CVE scanning is a cornerstone of any proper long-term software maintenance plan.

Common Vulnerabilities and Exposures (CVE) are publicly available lists of known weaknesses and exploits.

These lists are updated regularly, but the public lists won’t be specific to your i.MX device or configuration. It is also important to note that anyone can access these public CVE lists.

CVE analysis and maintenance is really mandatory for everyone now that hackers have access to these lists and exploits,” says Pierre Gal, Solutions Director for Witekio.

How do I know what CVEs to worry about?

An accurate Software Bill of Materials (SBoM) is key to understanding which CVEs you need to worry about, and what to do about them.

Your device’s SBoM guides the identification and management of relevant CVEs. Much like a medical history for a patient, an SBOM provides crucial insights into your device’s composition.

Generating a precise SBoM can be complex, as each device has a unique profile and can even involve elements from the broader connected ecosystem.

You can see more about SBoMs in our Yocto Masterclass series 👉


Witekio's Long-Term Software Support?

We offer a Linux Long-term Maintenance service that is designed to give you everything you need to keep your device in the market, securely, for longer.

It includes:

  • Instant vulnerability alerts ​
  • Urgent fix process (including backporting) ​
  • Daily monitoring and impact analysis​
  • Monthly CVE reports​
  • Quarterly Linux maintenance release​
  • Yearly major LTS update
  • As well as engineering support to set up and run the above.

To help streamline this process without sacrificing accuracy, we use the CVE scan tool from The Embedded Kit (TEK). This tool was devised in response to the high level of false positives the Witekio team encountered when using standard CVE monitoring tools. CVE Scan can also generate a highly accurate SBOM for your i.MX device, even including details of your kernel configuration, leading to precise and trustworthy CVE monitoring.

What if your Kernel needs support?

Developing a connected device involves a lot of difficult choices, especially when it comes to selecting the right kernel. With so many hardware interactions and software requirements, getting this right is often a balancing act. Your kernel may perform perfectly for the first six months, but what about later down the line?

You may also find that the community support for that kernel dwindles over time. The level of community support behind Linux is truly fantastic. Still, with so many kernels it’s just not possible for a commercial product to rely on community support in the long-term. Sometimes, you need professional help updating, or migrating your Linux kernel.

Fortunately, Witekio can help guide you through this intricate dance, ensuring your device stays in the market for the long run.

Get in touch to find out how Witekio can support your long-term maintenance needs

On-Page Form
Patrick HADDAD - Copywriter
28 November 2023