Given the ongoing investment in expensive kernel engineers, manufacturers often opt to go to production with a Yocto-based system but soon realise they are on their own regarding security and upgrades. The maintenance effort and management of variants prove to be unexpected pain points they hadn’t factored in. Manually maintaining a Yocto-based image for an embedded device is arguably a frustrating, ongoing activity distracting enterprises from their core business objectives.
Also, as different Yocto vendors are not compatible and every image needs to be independently maintained, companies require substantial expertise and skilled kernel engineers in-house for the management of variants and maintenance efforts not to turn into a failed product.
On the other hand, Canonical supports and provides security updates to the base OS, critical software packages and the infrastructure components of Ubuntu Core. The kernel team carefully maintains all Ubuntu kernels and their variants. Via rigorous management of all Linux kernel CVE lists, review and application of all relevant patches for critical kernel defects in the mailing lists, and rigorously testing newly updated kernels end-to-end each SRU cycle, your embedded Linux project is now as secure as your servers.
Ubuntu Core achieves high kernel reliability through a thoughtful design process, a skilled engineering team, and volume of use in production. While most are familiar with design and engineering, volume and diversity of implementation are perhaps even more noteworthy. The more enterprises and developers rely on it, the more the Ubuntu Linux kernel is rigorously tested, refined, and improved. As most production workloads run on Ubuntu, the Ubuntu kernel is arguably the most production tested kernel in the Linux landscape.