Overview
Deep technical overview of FLECS Core – the open-source runtime that enables app-based automation on Linux-based industrial systems.
Last updated
Was this helpful?
General
Deep technical overview of FLECS Core – the open-source runtime that enables app-based automation on Linux-based industrial systems.
Last updated
Was this helpful?
FLECS Core is the open-source runtime that powers the software layer of modern industrial automation.
It transforms any compatible Linux-based device into a flexible, app-capable controller – enabling you to securely install, manage, and update applications across machines, fleets, and use cases.
Built for performance, extensibility, and integration, FLECS Core bridges the gap between your hardware and the digital services of tomorrow.
🔗
FLECS Core provides:
A modular runtime for Docker and other app formats
A local WebApp interface and REST API for administration
Marketplace integration for app discovery and licensing
Full app lifecycle management (install, update, rollback, remove)
Over-the-air (OTA) updates for Core and apps
Secure onboarding and multi-device support
Role-based access control and audit logging
WebApp whitelabeling for CI-compliant branded device interfaces
FLECS Core is completely open source and can be extended to match customer-specific requirements.
The architecture of FLECS Core — built from the Application Layer, Service Mesh, WebApp, and Device Service Layer — is designed to cover every critical need in industrial software deployment:
Together, these components form a powerful, flexible foundation for building and scaling software-defined machines and factories.
The Application Layer manages the lifecycle of apps deployed on the device. It is responsible for:
Installing and removing apps
Starting, stopping, and monitoring container or process states
Managing configurations, user volumes, and environment variables
Performing health checks and triggering recovery actions
Handling updates and version control
By default, apps run in Docker containers – isolated and versioned. However, the runtime is extensible and supports non-Docker formats, such as:
.deb or .rpm packages
Custom shell scripts or binaries
Third-party installers or proprietary formats
App name, version, maintainer
Image location or runtime instructions
Configuration and environment variables
Permissions and exposed interfaces
Optional UI metadata for WebApp integration
The Service Mesh within FLECS Core enables apps and services to communicate securely and in a standardized manner.
Key features:
Service discovery between running apps
Protocol adapters for MQTT, OPC UA, HTTP, WebSockets, etc.
Routing and translation of payloads between services
Support for pub/sub and client/server communication models
Enabling cross-container data exchange with minimal coupling
The FLECS WebApp is the lightweight browser-based interface running locally on the device. It is designed for engineers, integrators, and administrators.
Main capabilities:
View and manage all installed apps
Install new apps from Marketplace or manually
Inspect app logs, runtime status, and metadata
Manage system network, proxy, and device settings
Trigger updates and recovery actions
Secure local or remote access (configurable)
The WebApp is tightly integrated with the Application Layer and provides full control without requiring CLI or external tools.
This includes:
Custom logos, colors, and fonts
Company-specific terminology or language variants
Predefined login flows or tenant restrictions
Custom legal or support links
CI-compliant layout for your product portfolio
💡 This allows OEMs and solution providers to deliver a branded, professional app environment under their own name – without having to build the frontend themselves.
The Device Service Layer connects the device to the broader FLECS ecosystem and enables centralized workflows such as:
App marketplace browsing and installation
Licensing validation and subscription handling
Device provisioning via Device Onboarding Service (DOS)
Telemetry reporting and remote diagnostics
Grouping devices for mass updates or configuration policies
This is the communication bridge between the on-device runtime and cloud or on-prem deployment control systems.
Install via FLECS Installer for Linux Platforms:
Supported on:
Debian, Ubuntu
Yocto-based Linux builds
Custom Linux targets with Docker support
FILiP installs all runtime components, provisions the system, and prepares it for onboarding.
FLECS Core implements security best practices by default:
TLS encryption for all external communications
Role-based access control (RBAC)
App sandboxing (via Docker or runtime isolation)
Audit logging for key system and app events
Signed update verification and rollback protection
User session management for the WebApp
All configurations are editable via CLI, WebApp, or API for flexible integration.
FLECS Core handles over-the-air updates and recovery safely and reliably:
Individual app and Core runtime updates
Rollback to previously working app versions
Health checks and auto-restart mechanisms
Backup and restore of configuration and app states
Update status reporting via WebApp and API
The system is designed for industrial-grade robustness and failsafe operations.
FLECS Core is designed to be extended.
You can:
Add support for additional app formats (beyond Docker)
Whitelabel the WebApp to match your brand's corporate identity
Extend the UI with plugins or integration points for your own services
Integrate third-party CI/CD pipelines
Extend the WebApp with custom plugins
Build runtime extensions for specific device capabilities
Connect to external telemetry or provisioning systems
Being open source, the full runtime is adaptable to your architecture, product vision, or business model.
FLECS Core is the right solution if you want to:
Build smart, app-capable controllers with minimal effort
Introduce software-defined features on your existing machines
Monetize digital services or apps on hardware
Avoid building your own runtime and update infrastructure
Stay fully in control of your software lifecycle
The takes care of secure app execution, update control, and system integration.
The enables seamless communication between apps, protocols, and services.
The makes device and app management accessible to anyone, from anywhere — even with limited training.
The connects your systems to external tools, clouds, and the FLECS Marketplace.
Each app is described using a manifest file. This includes:
This mesh layer abstracts the communication logic away from individual apps and ensures that even third-party applications can interoperate safely and efficiently.
For customers with specific branding or UX requirements, FLECS offers .
➡ ➡ ➡
✳️ Get involved: contribute to FLECS Core on GitHub at
