Burkhard Stubert

About:

Burkhard Stubert is a solopreneur specializing in smart HMIs for embedded devices, sharing insights on system architecture and team dynamics.

Website:

burkhardstubert.substack.com

Specializations:

Solopreneur HMI specialist Software Developer

Interests:

System architecture Team topologies Continuous delivery Test-driven development Refactoring Continuous integration FOSS licensing SoM and SoC selection Solo business

Subscribe to RSS:

Link

2025-10-06 • security risk management access control ecu telematics

The post discusses the risk assessment and mitigation strategies for remote access to ECU parameters in harvesters, emphasizing the importance of access control and security measures. It outlines various mitigation strategies, inc...

2025-09-01 • threat modeling cyber resilience act supply chain security lean six sigma

The blog post discusses the process of risk assessment for essential product requirements, particularly focusing on the first step: identifying risks. The author outlines a five-step process for lean risk assessment, emphasizing t...

2025-08-19 • cybersecurity embedded systems manufacturing eu clinical research associate

The blog post discusses the author's preparation for a talk on EU Cyber Resilience Act (CRA) compliance, focusing on the risk assessment of essential product requirements. It emphasizes the importance of manufacturers conducting t...

2025-10-20 • cybersecurity risk management technical writing compliance vulnerability management

The blog post discusses a webinar hosted by Sarah Fluchs on risk assessment in compliance with the CRA (Cybersecurity Risk Assessment). It highlights the top concerns of manufacturers regarding risk assessment, including interpret...

2025-11-19 • cybersecurity risk management embedded systems manufacturing cyber resilience act

The author discusses the implications of the Cyber Resilience Act (CRA) for manufacturers, emphasizing the urgency for compliance to avoid penalties and sales bans starting in 2028. The text outlines the challenges of integrating ...

2025-09-15 • cybersecurity embedded systems eu clinical research associate

The post discusses a special offer for a course on License Compliance for Embedded Linux Systems and outlines the steps for evaluating and prioritizing risks associated with user stories in compliance with EU regulations. It empha...

2025-12-30 • cybersecurity risk management cyber resilience act business practices

The post highlights the struggles of a business owner while critiquing the Cyber Resilience Act's vagueness and the reliance on courts for defining cybersecurity standards.

2025-07-25 • cybersecurity legal matters compliance eu clinical research associate product regulations

The author discusses their understanding and research on the EU Cyber Resilience Act (EU CRA), emphasizing the importance of legal texts, guidelines, and expert resources. They highlight the transitional period for compliance and ...

2025-06-16 • cybersecurity embedded systems software and security updates can bus security eu clinical research associate

The text discusses the importance of secure OTA updates for embedded devices to comply with the EU Cyber Resilience Act. It also highlights the vulnerability of cars to cyber attacks, particularly the Subaru hack and the CAN injec...

2025-05-19 • cybersecurity eu regulations small and medium enterprises vulnerability management properties cybercrime and cyber attacks

The EU Cyber Resilience Act is important for manufacturers to comply with essential requirements related to product properties and vulnerability handling to avoid heavy penalties and damages from cyber attacks. The Act has been in...

2025-04-21 • embedded systems microservices architecture modular monolith

The article discusses the basics of microservices, focusing on extracting microservices from a modular monolith. It provides insights into the benefits and costs of microservices, and the author's personal experiences and opinions...

2025-02-03 •

The article discusses the anti-tivoisation clause for LGPL-2.1 and whether it should already hold for libraries under LGPL-2.1. It provides a detailed analysis of a legal case involving a German router maker and the implications f...

2024-12-23 •

The text discusses the importance of teamwork in the embedded ecosystem, focusing on the Yocto Project Summit 2024.12. It highlights the challenges faced by system integrators in implementing OTA update solutions and secure boot, ...

2024-10-24 •

The text discusses the challenges of building custom embedded Linux systems, focusing on the lack of end-to-end solutions, copy-and-paste programming, and outdated systems. It highlights the need for microservices to simplify OTA ...

2024-09-16 •

The text discusses the issues with the Qt license agreement, highlighting the pitfalls and ambiguities. It advises customers to thoroughly read and evaluate the agreement before signing. It also suggests potential changes to the a...

2024-08-19 •

The text discusses the Crowdstrike update disaster, which caused a massive outage on Windows computers, affecting millions of devices and costing billions of dollars. It highlights the failures of Crowdstrike, Microsoft, and their...

2024-05-20 •

The Embedded Online Conference 2024 took place last month, and the videos and live Q&A sessions are now available for $295. The author summarizes the talks by Jacob Beningo, Steve Branam, and Kate Stewart. The author also contribu...

2024-04-22 •

The text is a round-up of Embedded World 2024 by Burkhard Stubert. It discusses the challenges of OTA updates, the need for secure boot, and the impact of the EU Cyber Resilience Act. It also mentions companies offering OTA update...

2024-03-18 •

The text is a round-up of the Yocto Project Summit 2023.11. It includes information about OTA updates, building Qt applications as part of the Yocto build, setting up a CI pipeline with a self-hosted GitHub Actions Runner, using V...

2024-02-19 •

The text discusses the server side of over-the-air updates for embedded Linux systems. It covers topics such as full, delta, and partial updates, the process of rolling out updates to devices, the importance of staged rollouts, an...

2024-01-15 •

The text discusses the importance of over-the-air (OTA) updates for devices, particularly focusing on the client side. It highlights the challenges faced by VW in updating their cars and the consequences of manual updates. The tex...

2023-12-04 •

The text discusses the implications of using Qt or any other library under LGPL-3.0 for B2C and B2B products. It explains the rights of the owner to install a modified version of the software and the responsibilities of the manufa...

2023-11-06 •

The EU Cyber Resilience Act (CRA) is introduced to address the increasing cyberattacks on hardware and software products. The act defines two main objectives: Manufacturer Perspective and User Perspective. It applies to products w...

2023-10-04 •

McKinsey adds five metrics to the DORA and SPACE metrics to measure the productivity and performance of organisations, teams and developers. The metrics include inner/outer loop time spent, developer velocity index benchmark, cont...