Jim Hirsch, VP IoT Sales, North America and EMEA, QNX weighs up the pros and cons of using open-source operating systems versus proprietary
Embedded systems have become the technological backbone of our modern world, driving innovation across a vast array of applications; from the advanced control systems in autonomous vehicles and life-saving medical devices to the complex machinery underpinning industrial automation. Given their pivotal role in critical infrastructure and daily life, the operating systems (OS) that power these embedded platforms must meet exceptionally high standards for safety, reliability, and security.
This high-stakes environment has sparked a fierce debate: open-source OS or proprietary? As we plunge deeper into the age of ‘software-defined everything’, this question is more urgent and consequential than ever.
When speed trumps safety
A recent global survey conducted by QNX, polling 1,000 embedded software developers and engineers revealed a troubling truth: a striking 75% of respondents admitted that the relentless pressure of project urgency often forces them to compromise on crucial safety requirements. While open-source operating systems are the preferred foundational platform for nearly half (44%) of these developers, their adoption is frequently driven by widespread familiarity and ready availability. Critically, these platforms often lack the rigorous safety certifications that many Commercial Off the Shelf Solutions (COTS) options possess.
Today, safety and security aren’t just nice-to-haves, they’re non-negotiable. As devices and infrastructure become ever more software-driven, functional safety and robust security are paramount. Yet developers are squeezed by tight timelines and shrinking budgets. This is where pre-certified software becomes a game-changer, letting organisations hit their targets without sacrificing critical safeguards.
Open-source OS: flexibility vs. risk
The allure of open-source operating systems, with their collaborative development models and transparent codebases, is understandable. However, in highly regulated, mission-critical environments, their inherent characteristics can pose significant risks. Unlike COTS which are typically designed with safety and security from the ground up, open-source OS, by their very nature, are general-purpose and lack the auditable processes required for certifications like ISO 26262 (automotive functional safety) or IEC 61508 (functional safety of electrical/electronic/programmable electronic safety-related systems).
Certifiability and security: the new baseline
For applications where failure is not an option, such as in autonomous vehicles, where a software glitch could have catastrophic consequences, or in medical devices, where patient safety is paramount – certification is non-negotiable. Proprietary embedded OSs, like QNX, are engineered with a clear path to certification, undergoing rigorous testing and validation processes to demonstrate compliance with international safety standards.
Security, too, must be baked in from the start. As embedded systems become more connected, they become juicier targets for cyberattacks. Proprietary OS often feature robust security at every layer, from secure boot to memory protection, helping to keep threats at bay.
When open-source systems fall short
When open-source systems fall short in mission-critical applications, the consequences can range from costly delays and extensive re-engineering to, in the worst-case scenarios, product recalls, financial penalties, and even loss of life. The lack of pre-certification means that organisations using open-source solutions for safety-critical components must undertake the arduous and expensive task of proving compliance themselves – a process that demands significant resources, expertise, and time, often pushing projects past deadlines and over budget. The absence of a single, accountable entity for support and liability also adds a layer of risk that many regulated industries are unwilling to bear.
Engineered to meet safety standards
Proprietary embedded OS are purpose-built to meet the most stringent safety and security standards. Companies like QNX invest heavily in engineering processes that are specifically tailored for functional safety and security. This includes rigorous development methodologies, and the adherence to highly structured development processes, including formal verification, static code analysis, and extensive dynamic testing.
Traceability and documentation are also key aspects of achieving this, with meticulous documentation linking every requirement to design, implementation, and test cases, providing a complete audit trail for certification bodies. The combination of these approaches makes it possible to enable built-in safety features, which are designed with security in mind from the ground up.
The collaborative robot example: a case study in OS importance
The success of collaborative robots (cobots) in manufacturing provides a further illustration of the operating system’s pivotal role. Cobots are designed to work safely alongside humans, demanding an OS that can deliver seamless integration, real-time data processing, and precise control. A robust and adaptable OS forms the foundation for capabilities such as machine learning, sensor fusion, and AI-driven decision-making, allowing cobots to respond dynamically to changes in their environment and learn from interactions.
Furthermore, a well-designed OS ensures compatibility with diverse hardware and software platforms, facilitating scalability and flexibility in deployment. By leveraging an optimised OS, manufacturers can unlock the full potential of collaborative robots, significantly enhancing productivity, safety, and operational efficiency on the production floor.
While open-source operating systems offer benefits in terms of flexibility and community engagement, the unique demands of safety and security-critical embedded systems necessitate a deeper consideration of the underlying OS. As industries navigate the complexities of the ‘software-defined everything’ era, the certification, and secure-by-design architecture offered by many COTS embedded OSs are not just advantageous – they are essential for building the trustworthy and reliable systems that our future depends on.
Jim is VP of IoT, North America and EMEA at QNX with over 25 years of software sales and business development experience across federal, aerospace & defence, industrial automation, medical device, telecommunications, and automotive markets. He has led teams at both startups and Fortune 100 companies, building executive relationships and strategic partnerships across a range of verticals.
There’s plenty of other editorial on our sister site, Electronic Specifier! Or you can always join in the conversation by visiting our LinkedIn page.