Leveraging WebAssembly and Zephyr, Ocre supports OCI-like application containers in a footprint up to 2000x lighter than Linux-based container runtimes such as Docker and Podman.
Ocre extends cloud-native principles past the “Linux barrier”, which we believe is well-aligned with where the market is headed as traditionally-embedded devices such as sensors, smart cameras, controllers, robots, drones and cars continue to get more complex to develop and maintain, increasingly leverage onboard AI, and are faced with growing security challenges.
The sweet spot for the Ocre runtime is edge devices with 1MB to 1GB of available memory.
MISSION STATEMENT
Our mission is to revolutionize how applications are developed, deployed, and managed for the billions of resource-constrained edge devices in the field. Developing applications for constrained edge devices with Ocre should be as easy as building cloud-native applications. Project Ocre is led by a vendor-neutral community and all code is licensed as Apache 2.0.
THE OCRE ADVANTAGE
Compared to traditional monolithic embedded firmware and software, Ocre abstracts the hardware and enables functions to be broken out into containerized applications that are developed and managed independently. This brings benefits that we take for granted today in the cloud such as code reusability, portability across different hardware platforms, better IP protection when collaborating with partners, fractional field updates, improved security and compliance, and more.
Ocre Containerization vs. Traditional Embedded Software
KEY FEATURES
- Average deployment footprint of 256KB of memory and flash
- Application containers can be as small as 300 Bytes.
- Support for any programming language (e.g. C, C++, Go, Rust)
- Full management API for use with CLI or choice of 3rd-party console
- Hardware abstraction enables silicon swaps can be done in weeks instead of months
- Baseline support for hundreds of boards through the use of Zephyr as the reference RTOS
- Containerized applications/modules sandboxed from host and others by default
- Access between apps only possible based on permissions
- Apps can only access specified device memory, preventing callstack jumps and buffer overruns
- Individual containers can be terminated if abnormal behavior is detected
NOT JUST FOR MCUs
With a memory footprint of just 256KB, Ocre makes it possible to run containerized apps on microcontroller-powered devices. However, it can also be an attractive alternative to using Linux with Docker for lightweight IoT gateways and networking gear because it will free up 256-512MB of memory for applications, or enable an OEM to reduce their BOM cost for RAM. As such, the sweet spot for Ocre is devices with 1MB to 1GB of memory, powered by M3 to A9 class Arm, RISC-V, ESP32, and entry-level x86 silicon.