PX4 Dev Call: Jan 14, 2026 (Team sync, and Community Q&A)

farhang · January 13, 2026, 10:27pm

PX4 Sync / Q&A - 2026-01-14T16:00:00Z

Agenda

Announcements
Future Events
Flight Testing Update
Release Discussion
Bug Report / Q&A

Announcements

Docker Hub Account
Docker Hub Account is now Sponsored by Docker giving us full access to paid features. https://www.docker.com/community/open-source/

Future Events

Flight Testing Update

About the Test TeamThe team at Ascend Engineering (Chicago). are running flight testing for the community.

How to reach out to the team

GitHub: Tag user @PX4PX4PX4PX4**/testflights**

Discord: Flight Testing & Log Analysis

Weekly on the PX4 Dev Call

How to Request Testing (GitHub)

Write down the steps to te@PX4PX4t your issue/pull request

Make sure to note the risk involved in flying

Write down things to look out for / anticipate - eg: “we are looking for no yaw jumps”

Add issue/pull request to the Flight Testing project board

Make sure to specify any hardware/software requirements as much as possible

Updates:

Release Discussion

v1.16.1

New release tag is cut

v1.17.0-alpha1

Community Q&A / PRs for Review

Q&A:

PRs:

Tests needed: dshot: Extended Telemetry and EEPROM support by dakejahl · Pull Request #26263 · PX4/PX4-Autopilot · GitHub

Issues:

NXP Secure Element in Pixhawk

github.com/PX4/PX4-Autopilot

NXP Secure Element PX4 driver support as a green path for hardware based Root of Trust and PX4 security best practices

opened 04:03PM - 13 Jan 26 UTC

methodmissing

### Describe problem solved by the proposed feature The Pixhawk `5X`, `6X` and …`6X-RT` specifications all support the [NXP SE05x Secure Element](https://www.nxp.com/products/SE050), but using it is non-trivial. We initially built support for interacting with the Secure Element into `PX4-Autopilot` but then backed it out to an external module but now reconsidering this stance as the security posture on deployments with hardware Secure Elements can greatly benefit from standard interfaces that provide access to use these vaults already present on 5X+ compliant boards. **A software based unlock.** Our background at [Bear Metal OÜ](https://bearmetal.eu/) is large scale fleet management, security, mesh technology, edge computing and related infrastructure and we're investing in improving that posture and compliance in the Unmanned Systems area. We focus on thin standards based integration points and lightweight shims as narrow waists and are proposing a similar contribution here. ### Describe your preferred solution We do not intend for this narrow waist to be opinionated about PKI, crypto etc. but rather provide a standard thin integration point for use case specific security requirements like provisioning, signing, attestation, encryption or all of them. **Just the railway and basic APIs - users/implementers can build on top.** We have the NXP [nano-package](https://github.com/NXPPlugNTrust/nano-package) driver with PX4 specific HAL integration layer as an external module layered as: * Vendored [nano-package](https://github.com/NXPPlugNTrust/nano-package) as the lowest tier close to the metal driver acting as middleware to the card applet * A PX4 HAL added to https://github.com/NXPPlugNTrust/nano-package/tree/master/lib/platform * A higher level PX4 driver that handles common operations like generating signing and encryption key pairs (private keys never leave the Secure Element), encryption, decryption etc. * For now, a system command building on the PX4 driver to inspect the model info, demonstrate the crypto operations and capabilities and initiate [SCP03](https://www.cardlogix.com/glossary/scp03-secure-channel-protocol-3/) secure sessions * **To be discussed further:** [Mbed TLS ALT](https://github.com/ARM-software/CMSIS-mbedTLS/blob/development/docs/architecture/alternative-implementations.md#function-alternative-implementations) implementation of some common operations - references objects in the Secure Element without exposing key material to the MCU. Newer Secure Element versions also support hardware based key derivation redirected to objects in the Secure Element, without exposure to the larger high risk MCU surface. * **To be discussed further:** Appetite for security / provisioning specific MAVLink message sets to drive (de)provisioning, hardware root of trust, attestation etc. Note that we also tested the driver with a newer Secure Element ([SE052F](https://www.nxp.com/products/SE052F), in addition to [SE050](https://www.nxp.com/products/SE050) and [SE051](https://www.nxp.com/products/SE051)) in an EU designed Fight Controller built against the 6X-RT spec, with Secure Element and a few other upgrades. **What is PX4 Core stance on a pull request to support this?** Or would exposing this capability as an external PX4 module be preferred for evaluation and feedback? I will add this as a PX4 dev call agenda item for January 14th if that's 🆗 ### Describe possible alternatives I know NXP helped contribute [this driver](https://nuttx.apache.org/docs/latest/components/drivers/character/crypto/se05x.html) to NuttX and there's a [NuttX uprade](https://github.com/PX4/PX4-Autopilot/pull/26215) in progress - @PetervdPerk is likely high context on both ### Additional context Couple of examples of the System Command, built with `make px4_fmu-v6xrt_default CONFIG_SYSTEMCMDS_SE05X=y CONFIG_CRYPTO=y CONFIG_MBEDTLS_VERSION=3.4.0 CONFIG_CRYPTO_MBEDTLS=y CONFIG_CLOCK_GETTIME=y CONFIG_GETTIMEOFDAY=y CONFIG_SE05X_DEBUG_LOGS=y EXTERNAL_MODULES_LOCATION=/Users/methodmissing/src/px4-se05x upload` and using a more recent Mbed TLS version **System commands implemented** (this is over specified in context of this proposal, we will remove what isn't strictly railways): ``` methodmissing@Mac PX4-Autopilot % ./Tools/mavlink_shell.py Connecting to MAVLINK... NuttShell (NSH) NuttX-12.10.0 nsh> nsh> se05x Usage: se05x <command> [arguments...] Commands: init Initialize SE05x driver and load SCP03 keys model_info Display SE05x model, version, and configuration provision Provision trust root: generate signing key, encryption key pair, and AES key with attestation crypto_test Test cryptographic operations (key generation, signing, verification) mbedtls_info Display mbedTLS build information, version, and configuration list_ids List all object IDs on the secure element with their types and sizes runtime_session Establish Runtime SCP03 session for secure operations close_session Close the current SCP03 session platform_session Open session with platform SCP03 keys (for provisioning) stop Stop the SE05x driver status Show driver status and session information stop status print status info ``` **Initializing the driver** ``` nsh> se05x init INFO [se05x] ENC key pointer: 0x202636e4, length: 16 INFO [se05x] MAC key pointer: 0x202636f4, length: 16 INFO [se05x] DEK key pointer: 0, length: 0 INFO [se05x] Constructor: ENC key first 4 bytes: 85 2b 59 62 INFO [se05x] Constructor: MAC key first 4 bytes: db 0a a3 19 INFO [se05x] Constructor: DEK key first 4 bytes: ff ff ff ff INFO [se05x] SE05xDriver::init() - initializing driver (no authentication) INFO [se05x] SE05x driver: I2C bus 3, address 0x48 INFO [se05x] SE05x driver initialized (plaintext mode) INFO [se05x] Use 'se05x runtime_session' to establish Runtime SCP03 session INFO [se05x] SE05x driver initialized successfully ``` **Establishing a secure SCP03 session** A bit verbose, but to demonstrate the integration from MAVLink shell all the way through the NXP nano-package with a custom PX4 HAL and the APDU commands to the Secure Element Applet. With debug mode at the low level driver enabled. The standard default SCP03 Platform keys for this model is used in dev mode, pending rotation. ``` nsh> se05x runtime_session INFO [se05x] SCP03 keys set - ENC: 85 2B 59 62..., MAC: DB 0A A3 19..., DEK: 4C 2F 75 C6... Plug and Trust nano package - version: 1.5.4 Initializing SE05x on I2C bus 3, addr 0x48... I2C bus 3 initialized (attempt 1) APDU Tx> :00 a4 04 00 10 a0 00 00 03 96 54 53 00 00 00 01 03 00 00 00 00 00 APDU Rx< :03 01 01 6f ff 01 0b 90 00 Establish Secure Channel to SE05x ! hostChallenge ==> :11 22 33 44 55 66 77 88 Sending GP Initialize Update Command !!! APDU Tx> :80 50 0b 00 08 11 22 33 44 55 66 77 88 APDU Rx< :90 03 30 26 13 78 04 20 53 76 0b 03 00 bf 24 35 86 ee 2c 90 fe d0 fc 1d eb e9 50 56 25 90 00 Output: keyDivData :90 03 30 26 13 78 04 20 53 76 Output: keyInfo :0b 03 00 Output: cardChallenge :bf 24 35 86 ee 2c 90 fe Output: cardCryptoGram :d0 fc 1d eb e9 50 56 25 Set the Derviation data to generate Session ENC key Output:scp03_session_enc_Key ==> :e4 79 8d c0 2b 11 d8 3c f0 c1 2d 5f f0 dc 7e fa Set the Derviation data to generate Session MAC key Output:scp03_session_mac_Key ==> :72 39 28 2c c4 a6 6f d9 0a 1f 24 e3 36 5b 10 11 Set the Derviation data to generate Session RMAC key Output:scp03_session_rmac_Key ==> :8b 7e e4 a0 6f 66 a2 7c 3b ea 69 02 8e ac 97 c0 Output:cardCryptogram ==> :d0 fc 1d eb e9 50 56 25 0b ba c1 38 07 ee f3 88 cardCryptoGram ==> :d0 fc 1d eb e9 50 56 25 CardCryptogram verified successfully...Calculate HostCryptogram Output:hostCryptogram ==> :14 98 3b 26 27 4a ef c1 61 7d 59 93 d7 4a a9 f4 hostCryptogram ==> :14 98 3b 26 27 4a ef c1 Output: Calculated MAC ==> :37 c6 7d 56 ec 73 5e 83 5e b8 ba f6 d8 58 02 1b Add calculated MAC Value to cmd DataSending GP External Authenticate Command !!!APDU Tx> :84 82 33 00 10 14 98 3b 26 27 4a ef c1 37 c6 7d 56 ec 73 5e 83 APDU Rx< :90 00 Authentication Successful!!! Created scp03 Session INFO [se05x] Session scp03_session flag: 1 INFO [se05x] SCP03 authentication successful ```

rroche · January 13, 2026, 10:57pm

NuttX update to 12.12.0

github.com/PX4/PX4-Autopilot

Upgrade NuttX to 12.12.0

main ← pr-nuttx-12-12-0

opened 02:00PM - 05 Jan 26 UTC

PetervdPerk-NXP

+2163 -3304

Continuation of #26198 but now the NuttX repo's are on the PX4 repositories. So…me reasons why to upgrade NuttX - Last upgrade was more then 3 years ago Aug 10, 2022 - I3C Support has been added - RPmsg support for heterogenous MCU's - GDBStub support (for debugging over Serial/Ethernet) - C/C++ atomic support has been improved - Network stack got improved - Optional run-time stackchecking on IRQ/Context switch (useful for debugging) - CMake support (not the focus on this PR, but allows us to cleanup the build system). - Better RISC-V/Xtensa support. # PX4 Test Plan | **Category** | **Boot & Flash** | **SD Card** | **CAN/UAVCAN** | **Radio** | **Modes** | **Parameters** | **Ethernet** | **XRCE-DDS** | **USB/QGC** | **Hardfault Logging** | **CPU Load** | **Publication Rates** | **Mavlink** | |-------------------|------------------------------------|-----------------------------------------|-----------------------------------------|---------------------------|-----------------------------------------|-----------------------------------------|----------------------------------------------|-----------------------------------------------|--------------------------------------------|--------------------------------------|----------------------------------------------------------------------|---------------------------------------------------------------------------------------------------|----------------------------------------------------------------------------------------------------------------------------| | **Description** | Flash PX4 firmware and verify boot | Run `sd_bench` and measure write speed | Check UAVCAN node and CAN1 status | Bind and verify RC input | Arm in Stabilized mode, verify leveling | Change parameters and reset to defaults | Verify Ethernet connectivity | Receive visual odometry messages via XRCE-DDS | Verify USB connection and QGC link | Trigger and verify hardfault logging | Run `top` when the system is armed | Run `uorb top` when the system is armed | Run `mavlink status` | | **Expectation** | PX4 boots without errors | Check Avg ≥ 400 KB/s, max write ≤ 50 ms | No HW/IO errors, RX/TX frames increment | RC channels update in QGC | Craft attempts to level (bench OK) | Changes persist, reset works | PX4 responds to pings, MAVLink over Ethernet | VO messages visible in PX4 logs | QGC connects and parameters sync correctly | Hardfault log saved and retrievable | CPU load is similar | Publication rates | TX/RX rate and latency for all MAVLink instances | | **CUAV V6X** | Okay | Okay | Okay | Okay | Okay | Okay | Okay | Okay | | | | | | | **Pixhawk 6X** | | | | | | | | | | | | | | | **Pixhawk 6X-RT** | | | | | | | | | | | | | |

New Feature, Firmware and Build manifests

github.com/PX4/PX4-Autopilot

tools: create firmware manifest

main ← mrpollo/manifest

opened 04:38PM - 12 Aug 25 UTC

mrpollo

+739 -8

This PR adds comprehensive firmware manifest metadata to PX4 builds, enabling be…tter firmware discovery and management for tools like QGroundControl. ## Changes ### 1. Board-level manifest generation **Files:** `Tools/manifest/gen_board_manifest_from_defconfig.py`, `platforms/nuttx/CMakeLists.txt` - Generates per-board manifest JSON with hardware metadata - Extracts architecture, USB vendor/product IDs, chip type, manufacturer from defconfig - Integrated into CMake build system ### 2. Manifest bundled into *.px4 files **Files:** `Tools/px_mkfw.py` - Each `.px4` file now contains a `manifest` object with board metadata - Adds `manifest_version` and `sha256sum` fields - Backward compatible - tested with QGC 4.4.5 and daily builds ### 3. Per-release manifest generation **Files:** `Tools/manifest/gen_release_manifest.py` - Scans all `*.px4` files and generates consolidated `release_manifest.json` - Includes download URLs, checksums, and hardware metadata for each build - Supports all board types (PX4FWv1, PX4FWv2, ARKFWv1, etc.) ### 4. Top-level firmware index **Files:** `Tools/manifest/update_firmware_index.py` - Maintains `index.json` at S3 root with list of all releases - Auto-detects release channels (stable, beta, dev) from version string - Tracks latest version per channel - Backs up existing index before updates (90-day artifact retention) ### 5. CI integration **Files:** `.github/workflows/build_all_targets.yml` On version tag releases: 1. Generates `release_manifest.json` with all firmware metadata 2. Uploads to S3 and GitHub releases 3. Backs up existing firmware index 4. Updates `index.json` with new release entry ## Architecture ``` s3://px4-travis/Firmware/ ├── index.json # Top-level release index (~2KB) ├── v1.15.0/ │ ├── release_manifest.json # All builds for v1.15.0 │ ├── px4_fmu-v6x_default.px4 │ └── ... ├── v1.14.3/ │ ├── release_manifest.json │ └── ... └── stable/ # Symlink to latest stable ``` ## Example Index ```json { "format_version": 1, "latest_stable": "v1.15.0", "latest_beta": "v1.16.0-beta1", "releases": [ { "version": "v1.15.0", "channel": "stable", "build_count": 150, "manifest_url": "https://github.com/.../v1.15.0/release_manifest.json", "s3_manifest_url": "https://px4-travis.s3.../v1.15.0/release_manifest.json" } ] }

Changes to CI in 2026, new waterfall approach

github.com/PX4/PX4-Autopilot

ci: Orchestration by Tiers

main ← mrpollo/ci_orchestration

opened 09:07PM - 12 Jan 26 UTC

mrpollo

+1572 -1063

## Summary This PR consolidates **18 separate CI workflow files** into a sing…le **tiered orchestration workflow** that reduces costs, improves execution speed, and provides better failure visibility through intelligent early-exit strategies. ## CI Pipeline Architecture ```mermaid graph TD Start([Push/PR Event]) --> T1 subgraph Tier1["🚪 Tier 1: Gate Checks (2-5 min, GitHub runners)"] T1A[Gate Checks Format, Style, Pre-commit] T1B[Shellcheck Shell Script Validation] T1C[MAVSDK Python Python Code Quality] end Start --> T1A & T1B & T1C T1A & T1B & T1C --> T1Pass{All Pass?} T1Pass -->|No| Fail1[❌ Stop - Save ~55 min] T1Pass -->|Yes| T2 subgraph Tier2["🔨 Tier 2: Basic Builds (5-8 min, AWS 4cpu)"] T2A[Build SITL px4_sitl_default + ccache] T2B[Basic Tests ~2000 unit tests] T2C[EKF Functional EKF validation] end T2 --> T2A & T2B & T2C T2A & T2B & T2C --> T2Pass{All Pass?} T2Pass -->|No| Fail2[❌ Stop - Save ~40 min] T2Pass -->|Yes| T3 subgraph Tier3["🏗️ Tier 3: Platform Builds (15-25 min, AWS 4cpu/8cpu)"] T3A[Ubuntu Builds Install Scripts + SITL + FMUv5] T3B[macOS Build Install Scripts + SITL + FMUv5] T3C[ITCM Check Memory Validation] T3D[Flash Analysis Binary Size Check] T3E[Failsafe Sim Web Simulator] end T3 --> T3A & T3B & T3C & T3D & T3E T3A & T3B & T3C & T3D & T3E --> T3Pass{All Pass?} T3Pass -->|No| Fail3[❌ Stop - Save ~20 min] T3Pass -->|Yes| T4 subgraph Tier4["🧪 Tier 4: Integration Tests (15-30 min, AWS 4cpu)"] T4A[SITL Tests Gazebo + MAVSDK] T4B[ROS Integration ROS2 Galactic] T4C[MAVROS Tests Mission + Offboard] T4D[ROS Translation Humble + Jazzy] end T4 --> T4A & T4B & T4C & T4D T4A & T4B & T4C & T4D --> T4Pass{All Pass?} T4Pass -->|No| Fail4[❌ Stop - Save ~30-60 min] T4Pass -->|Yes| Summary Summary[📊 CI Summary All Tiers Passed] --> T5 subgraph Tier5["🎯 Tier 5: Full Build Matrix (30-60 min, AWS 8cpu)"] T5A[Build All Targets 100+ Board Configs] end T5 --> T5A --> T5Pass{Pass?} T5Pass -->|No| Fail5[❌ Board Build Failed] T5Pass -->|Yes| UploadCheck{Protected Branch or Tag?} UploadCheck -->|Yes| Upload[📦 Upload Artifacts S3 + GitHub Release] UploadCheck -->|No| SuccessPR[✅ PR CI Complete] Upload --> SuccessFull[✅ Full CI Complete] style Tier1 fill:#e1f5e1 style Tier2 fill:#e3f2fd style Tier3 fill:#fff3e0 style Tier4 fill:#f3e5f5 style Tier5 fill:#fce4ec style Fail1 fill:#ffcdd2 style Fail2 fill:#ffcdd2 style Fail3 fill:#ffcdd2 style Fail4 fill:#ffcdd2 style Fail5 fill:#ffcdd2 style SuccessPR fill:#c8e6c9 style SuccessFull fill:#c8e6c9 ``` ## Problem with the Old Approach Previously, PX4's CI ran **18+ independent workflow files** on every push/PR: - `checks.yml`, `clang-tidy.yml`, `python_checks.yml` - `compile_ubuntu.yml`, `compile_macos.yml` - `sitl_tests.yml`, `ros_integration_tests.yml`, `mavros_mission_tests.yml`, `mavros_offboard_tests.yml`, `ros_translation_node.yml` - `ekf_functional_change_indicator.yml`, `itcm_check.yml`, `flash_analysis.yml`, `failsafe_sim.yml` - And more... **Issues:** 1. **Wasteful execution** - All jobs ran in parallel regardless of early failures. If basic checks failed, expensive platform builds and integration tests still consumed CI resources. 2. **Poor cost efficiency** - No way to stop expensive jobs (macOS builds, full platform matrix, ROS tests) when fast checks failed. 3. **Slow feedback** - Developers had to wait for all workflows to complete to see overall status, even when basic linting failed. 4. **Maintenance burden** - Each workflow duplicated setup steps, cache configuration, and dependency declarations. 5. **No visibility into stages** - Hard to understand which phase of CI failed without checking multiple workflow runs. ## New Tiered Orchestration Approach The new `ci-orchestrator.yml` implements a **5-tier waterfall pipeline** with intelligent early-exit at each stage: ### Tier 1: Gate Checks (2-5 min, GitHub runners) **Fast quality gates that prevent bad code from consuming expensive resources** - Code style checks (shellcheck, python formatting, MAVSDK validation) - Static analysis - Pre-commit hooks validation **Exit strategy:** If any check fails, **stop immediately** - saves 30-60 minutes of expensive builds. ### Tier 2: Basic Builds (5-8 min, AWS 4cpu) **Verify code compiles for primary SITL target** - Build `px4_sitl_default` with ccache (250M cache, ~99% hit rate) - Run basic unit tests (~2000 test cases) - EKF functional validation **Exit strategy:** If SITL doesn't build or basic tests fail, **stop before platform matrix** - saves 20-40 minutes of multi-platform builds. ### Tier 3: Platform Builds (15-25 min, AWS 4cpu + 8cpu) **Build for all supported platforms** - Ubuntu: Tests Install Scripts, and then Builds SITL and FMUv5 - macOS: Tests Install Scripts, and then Builds SITL and FMUv5 with Apple toolchain - ITCM size validation - Flash memory analysis - Failsafe web simulator **Exit strategy:** If any platform fails, **stop before integration tests** - saves 15-30 minutes of ROS/MAVROS/simulation tests. ### Tier 4: Integration Tests (15-30 min, AWS 4cpu) **End-to-end testing with simulators and ROS** - SITL integration tests (Gazebo, MAVSDK scenarios) - ROS 2 integration (Galactic builds) - MAVROS tests (Mission planning, Offboard control) - ROS Translation Node (Humble, Jazzy compatibility) **Exit strategy:** If integration tests fail, **stop before full board matrix** - saves 30-60 minutes of expensive board builds. ### Tier 5: Full Build Matrix (30-60 min, AWS 8cpu) **Runs on all PRs and protected branches after Tiers 1-4 pass** - Builds **all** hardware targets (100+ NuttX board configurations) - Only executes after all previous tiers succeed - Catches board-specific compilation issues before merge - Uploads artifacts to S3 and GitHub releases only on protected branches/tags **Why run on PRs?** Board-specific breakages need to be caught before merge. Running this only after 4 tiers pass ensures we don't waste resources on PRs that would fail earlier checks. ## Benefits ### 💰 Cost Reduction - **Early exit saves 50-90% of CI costs on failing PRs** - Gate failure: Save ~85 min (stops after 2-5 min, skips all expensive jobs) - Build failure: Save ~70 min (stops after 8 min, skips platforms + tests + boards) - Platform failure: Save ~50 min (stops after 25 min, skips integration + boards) - Integration failure: Save ~30-60 min (stops after 40 min, skips board matrix) - **Smart caching reduces redundant builds** - Dedicated cache keys per job type (no race conditions) - Optimized cache sizes based on usage analysis (250M for SITL, 500M for EKF) - ~99% cache hit rates on SITL builds - **Single workflow execution** - No duplicate runs on protected branches ### ⚡ Speed Improvements - **Parallel execution within tiers** - Jobs at the same tier run concurrently on AWS infrastructure - **Optimized runner allocation** - Fast checks on GitHub runners, builds on AWS 4cpu/8cpu instances - **Reduced queue time** - Single workflow = single queue entry vs. 18+ separate queues ### 🔍 Better Visibility - **Tier-based status reporting** - See exactly which phase failed - **Consolidated summary job** - Single point to check overall CI status - **Reduced noise** - No need to check 18+ workflow tabs ### 🛠️ Easier Maintenance - **Single source of truth** - All CI logic in one file - **Consistent caching strategy** - Shared cache configuration patterns - **Easier to modify** - Add/remove jobs without managing separate files - **Better dependency tracking** - Explicit `needs:` declarations show job relationships ## Workflow Trigger Strategy ### CI Orchestrator (`ci-orchestrator.yml`) **Triggers on:** - All pull requests - Pushes to `main`, `stable`, `beta`, `release/**` **Does NOT trigger on:** - Release tags (build-all-targets handles these directly) ### Build All Targets (`build_all_targets.yml`) **Triggers on:** - `workflow_run` - After CI orchestrator completes successfully (all branches/PRs) - `push` - **Only** on release tags `v*` (orchestrator doesn't run on tags) - `workflow_dispatch` - Manual trigger for debugging **Key benefit:** No duplicate runs. Protected branches get orchestrator → build-all-targets sequencing. Release tags trigger build-all-targets directly for artifact uploads. ## Migration Details ### Consolidated Workflows Merged these workflows into tiers: - **Tier 1:** `checks.yml`, `python_checks.yml`, MAVSDK validation - **Tier 2:** `compile_ubuntu.yml` (SITL only), basic tests, `ekf_functional_change_indicator.yml` - **Tier 3:** `compile_ubuntu.yml` (install scripts + targeted builds), `compile_macos.yml` (install scripts + targeted builds), `itcm_check.yml`, `flash_analysis.yml`, `failsafe_sim.yml` - **Tier 4:** `sitl_tests.yml`, `ros_integration_tests.yml`, `mavros_mission_tests.yml`, `mavros_offboard_tests.yml`, `ros_translation_node.yml` - **Tier 5:** `build_all_targets.yml` (now triggered via `workflow_run`) ### Job Consolidations - **MAVROS tests** - Merged mission and offboard tests into single matrix job - **Basic tests** - Combined unit tests and formatting checks ### Optimizations Applied - **Cache tuning:** - SITL cache: 120M → 250M (eliminated thrashing, 284 cleanups → ~0) - EKF tests: Dedicated cache key + 500M (resolved race condition with SITL) - Cache hit rates: 48% → 99%+ on SITL builds - **Shell compatibility:** Fixed bash/sh issues in ROS and emscripten steps - **Container alignment:** Matched MAVSDK versions to container GLIBC versions - **Dependency fixes:** Corrected job dependencies for proper waterfall execution - **Trigger optimization:** Eliminated duplicate workflow runs on protected branches ## Testing This orchestration has been tested through multiple iterations: - ✅ All tiers execute in proper order - ✅ Early exit works at each tier - ✅ Cache performance optimized (99%+ hit rates) - ✅ All tests pass equivalently to old workflows - ✅ Job consolidations maintain same test coverage - ✅ No duplicate workflow runs on protected branches - ✅ Single artifact upload per release tag ## Future Improvements Potential next steps (out of scope for this PR): - Container upgrades (Ubuntu 22.04/24.04 for newer GLIBC) - Further job consolidations where appropriate - Dynamic tier sizing based on PR scope - Cost tracking and reporting per tier --- **Breaking Change:** This replaces 18+ workflow files with a single orchestrator. Old workflows will be removed in a follow-up PR after validation period.

methodmissing · January 14, 2026, 8:54am

Issue to discuss (time permitting): NXP Secure Element PX4 driver support as a green path for hardware based Root of Trust and PX4 security best practices · Issue #26261 · PX4/PX4-Autopilot · GitHub

rroche · January 14, 2026, 4:24pm

Proposed discussion by @Jaeyoung-Lim

We agreed to merge as soon as conflicts are resolved

github.com/PX4/PX4-Autopilot

Integrating the RAPTOR foundation policy

main ← jonas-eschmann:rebase2

opened 01:30AM - 11 Dec 25 UTC

jonas-eschmann

+2269 -126

As requested by @mrpollo [here](https://github.com/rl-tools/px4/issues/5) I move…d the Raptor implementation from an out-of-tree module into a proper in-tree module. It uses the external mode registration. Raptor is an end-to-end foundation policy that takes position, orientation, linear velocity and angular velocity as inputs and outputs motor commands (`actuator_motors`). The policy is adaptive and can control virtually any quadrotor, zero-shot. We tested it on 10 different real quadrotors (from 30g to 2.4kg). More info can be found here: [https://raptor.rl.tools/](https://raptor.rl.tools/). The goal of this integration is to provide a baseline for reinforcement learning-based quadrotor control research. This module is a robust baseline as well as a starting point for researchers and practitioners to train and deploy their own end-to-end control policies. A highlight feature of this new implementation is that the neural network weights can be loaded from the SD card and (unlike the `nn_mc_control` module) do not need to be compiled into the firmware. This drastically reduces the flash usage and allows testing new neural networks without re-flashing the flight controller and remotely by transferring the checkpoint via Mavlink FTP. The policy is trained for position control (controlling the position error to zero) but as we show in the paper also performs well for trajectory tracking (by offsetting position and linear velocity with the desired values from the trajectory). Hence, this module supports receiving `trajectory_setpoint`. The problem is that the forwarding of the trajectory setpoint from Mavlink [is hardcoded to require the offboard mode in `mavlink_receiver.cpp`](https://github.com/PX4/PX4-Autopilot/blob/aadb83a220c4df67a4f50a99484ffe03a79912fd/src/modules/mavlink/mavlink_receiver.cpp#L1134). Because of this we propose to add a `request_offboard_setpoints` into the mode registration request. In combination with minimal adjustments in the commander and mode management, this allows to forward the setpoint in a configurable way. The neural networks are trained and run using RLtools, a pure C++, dependency-free, header-only library. It was created with a major focus on stability and is maintained by me. Compared to e.g. Tensorflow Lite I expect it to cause less issues going forward due to its simplicity. We tested the previous implementation (OOT module) extensively on three different real platforms. This implementation shares major parts of the code with that but has not been tested on a real platform, yet (I will hopefully be able to test it next week). But I tested it in the SITL and SIH. These are the steps I use to run it: ## SITL #### Standalone Usage (Without External Trajectory Setpoint) Build PX4 SITL with Raptor, disable QGC requirement, and adjust the `IMU_GYRO_RATEMAX` to match the simulation IMU rate ``` make px4_sitl_raptor gz_x500 param set NAV_DLL_ACT 0 param set COM_DISARM_LAND -1 # When taking off in offboard the landing detector can cause mid-air disarms param set IMU_GYRO_RATEMAX 250 # Just for SITL. Tested with IMU_GYRO_RATEMAX=400 on real FCUs param set MC_RAPTOR_ENABLE 1 param set MC_RAPTOR_OFFB 0 ``` Upload the RAPTOR checkpoint to the "SD card": Separate terminal ``` mavproxy.py --master udp:127.0.0.1:14540 ftp mkdir /raptor # for the real FMU use: /fs/microsd/raptor ftp put src/modules/mc_raptor/blob/policy.tar /raptor/policy.tar ``` restart (ctrl+c) ``` make px4_sitl_raptor gz_x500 commander takeoff commander status ``` Note the external mode ID of `RAPTOR` in the status report ``` commander mode ext{RAPTOR_MODE_ID} ``` #### Usage with External Trajectory Setpoint Send Lissajous setpoints via Mavlink: ``` pip install px4 px4 udp:localhost:14540 track lissajous --A 2.0 --B 1.0 --duration 10 --ramp-duration 5 --takeoff 10.0 --iterations 2 ``` ## SIH ``` make px4_fmu-v6c_raptor upload ``` In QGroundControl: - Airframes => SIH Quadrotor X - Settings => Comm Links => Disable Pixhawk (disable automatic USB serial connection) ``` mavproxy.py --master /dev/serial/by-id/usb-Auterion_PX4_FMU_v6C.x_0-if00 --out udp:localhost:14550 --out udp:localhost:13337 --out udp:localhost:13338 ``` New terminal (optional): ``` ./Tools/mavlink_shell.py udp:localhost:13338 ``` ``` param set SIH_IXX 0.005 param set SIH_IYY 0.005 param set SIH_IZZ 0.010 param set IMU_GYRO_RATEMAX 400 param save reboot ``` New terminal: ``` ./Tools/simulation/jmavsim/jmavsim_run.sh -u -p 13337 -o ```

Topic		Replies	Views
PX4 Dev Call: March 04, 2020 PX4 Autopilot	0	688	February 26, 2020
PX4 Dev Call: March 11, 2020 PX4 Autopilot	0	888	March 4, 2020
PX4 Dev Call: December 02, 2020 PX4 Autopilot	1	813	December 2, 2020
PX4 Dev Call: February 26, 2020 PX4 Autopilot	0	511	February 19, 2020
PX4 Dev Call: September 02, 2020 PX4 Autopilot	0	534	August 26, 2020

PX4 Sync / Q&A - 2026-01-14T16:00:00Z

Release Discussion

Community Q&A / PRs for Review

Related topics