Software in embedded systems is no longer just a part number — it's a critical differentiator. This shift has led to enormous complexity in the firmware running in our cars, airplanes, and industrial machines. The number of lines of code in the average car is expected to reach 650 million by the end of 2025, up from 200 million just five years ago. In aerospace systems, the complexity of embedded software has nearly doubled every four years for the last several decades.Traditional embedded development approaches cannot effectively handle the software challenges of modern machines. This shortcoming slows engineers down, in part, by exacerbating challenges such as:Hardware testing bottlenecksInconsistent build environmentsSiloed development practicesManual functional safety compliance processesEmbedded developers need a new approach to deal with the rapid increase in code. In this article, we’ll explain four ways you can use the GitLab AI-native DevSecOps platform to shorten feedback loops, work collaboratively and iteratively, and streamline compliance.Challenge 1: Hardware testing bottlenecksUnlike enterprise software that can run on virtually any cloud server, embedded automotive software must be tested on specialized hardware that precisely matches production environments. Traditional hardware-in-the-loop (HIL) testing processes often follow this pattern:Developers write code for an embedded system (e.g., an electronic control unit)They request access to limited, expensive hardware test benches (costing $500,000-$10M each)They wait days or weeks for their scheduled access windowThey manually deploy and test their code on physical hardware at their desksThey document results, pass the hardware to the next developer, and go to the back of the hardware testing queueThis process is extremely inefficient. Embedded developers may finish writing their code today and wait weeks to test it on a hardware target. By then, they've moved on to other tasks. This context switching drains productivity. Not only that, developers may wait weeks to learn they had a simple math error in their code.Solution: Automated hardware allocation and continuous integrationYou can streamline hardware testing through automation using the GitLab On-Premise Device Cloud, a CI/CD component. This lets you automate the orchestration of scarce hardware resources, turning a manual, time-intensive process into a streamlined, continuous workflow.The On-Premise Device Cloud:Creates pools of shared hardware resourcesAutomatically — and exclusively — allocates hardware to a developer’s hardware testing pipeline tasks based on availabilityDeploys and executes tests without manual interventionCollects and reports results through integrated pipelinesAutomatically deallocates hardware back into the “available” poolAfter submitting code, you’ll receive results in hours instead of days, often without ever physically touching the test hardware.What this video for an introduction to the GitLab On-Premise Device Cloud CI/CD Component to orchestrate the remote allocation of shared hardware for HIL: You can also adopt multi-pronged testing strategies that balance speed and quality. Bring the following embedded test patterns and environments into automated GitLab CI pipelines:Software-in-the-loop (SIL): Testing on virtual hardware simulators for quicker initial feedbackProcessor-in-the-loop (PIL): Testing on representative processor hardware for faster feedback at a lower costHardware-in-the-loop (HIL): Testing on full production-equivalent hardware and test benches for late-stage verificationBy automating the orchestration of these tests within CI pipelines, you’ll be able to identify issues earlier, iterate faster, and accelerate time to market.Challenge 2: Inconsistent build environmentsAnother significant challenge in embedded development is build environment inconsistency. Embedded developers often manually execute builds on their local machines with varying configurations, compiler versions, and dependencies. Then they’ll paste the binaries from their local build to a shared codebase.This approach creates several problems:Inconsistent outputs: Builds for the same source code produce different results on different machines"Works on my machine" syndrome: Code that builds locally fails in shared environmentsPoor traceability: Limited audit trail of who built what and whenKnowledge silos: Build expertise becomes concentrated in a few individualsThis approach can lead to errors, bottlenecks, and costly delays.Solution: Standardized build automationYou can address these challenges by implementing standardized build automation within CI/CD pipelines in GitLab. This approach creates consistent, repeatable, container-based build environments that eliminate machine-specific variations. Through the use of special Embedded Gateway Runner provisioning scripts, containers can interface with hardware for flashing and port monitoring for automated testing.Key elements of this solution include:Lifecycle managed environments: Define complex embedded simulation environments as code; automatically deploy environments for testing and destroy them afterwardContainerization: Use Docker containers to ensure identical build environmentsAutomated dependency management: Control and version all dependenciesCentral build execution: Run builds on shared infrastructure rather than local machinesFollow this tutorial to learn how to automate embedded software builds within a GitLab CI pipeline.By standardizing and automating the build process, you can ensure that every build follows the same steps with the same dependencies, producing consistent outputs regardless of who initiated it. This not only improves quality but also democratizes the build process, enabling more team members to participate without specialized knowledge.Challenge 3: Siloed development practicesEnterprise development teams have widely adopted collaborative practices such as DevOps, underpinned by shared source code management (SCM) and continuous integration/continuous delivery (CI/CD) systems. Embedded developers, on the other hand, have historically worked alone at their desks. There are valid technical reasons for this.For example, consider hardware virtualization, which is a key enabler of DevOps automation. The industry has been slower to virtualize the massive range of specialized processors and boards used in embedded systems. This is due in large part to the difficulties of virtualizing production real-time systems and the associated lack of economic incentives. Compare that to cloud virtualization which has been commoditized and benefited enterprise SaaS development for over a decade.Many providers are now embracing virtualization-first for the sake of speeding up embedded development. If teams fail to adopt virtual testing options, however, their silos will remain and negatively impact the business through:Knowledge fragmentation: Critical insights remain scattered across individuals and teamsRedundant development: Multiple teams solve identical problems, creating inconsistenciesLate-stage discovery during big-bang integrations: Problems are found late in the process when multiple developers integrate their code at once, when errors are more costly to fixStifled innovation: Solutions from one domain rarely influence others, hampering the development of new product ideasSolution: Collaborative engineering through a unified platformAn important step in breaking down these silos is to standardize embedded development around GitLab’s unified DevSecOps platform. In this regard, GitLab is aligned with the shift of embedded systems toward more consolidated, shared platforms on embedded devices. GitLab enables:Shared visibility: Make all code, Issues, and documentation visible across teamsCollaborative workflows: Enable peer review and knowledge sharing through merge requestsCentralized knowledge: Maintain a single source of truth for all development artifactsAsynchronous collaboration: Allow teams to work together across different locations and time zonesHuman-AI agent collaboration is a fundamental ingredient to fueling the customer-facing innovations that digital natives and established embedded brands desire. GitLab enables human-AI collaboration as well. By creating transparency across the development lifecycle, GitLab changes embedded development from an isolated activity to a collaborative practice. Engineers can see each other's work in progress, learn from collective experiences, and build upon shared solutions.Watch this presentation from Embedded World Germany 2025, which explains the power of embedded developers collaborating and sharing “work in progress”. The demo portion from 24:42 to 36:51 shows how to integrate HIL into a GitLab CI pipeline and enable collaborative development. Perhaps most importantly, by achieving greater collaboration through DevSecOps, teams can unlock embedded systems innovations that would otherwise remain hidden. Indeed, collaboration fuels innovation. One study, for example, found that group brainstorming, when properly structured, can lead to more innovative and creative outcomes than individuals working alone. Collaborative development is crucial in the race to develop software-defined products.Challenge 4: Manual functional safety compliance processesEmbedded systems in the automotive and aerospace industries must comply with rigorous functional safety standards, including ISO 26262, MISRA C/C++, DO-178C, and DO-254. Traditional compliance approaches involve manual reviews, extensive documentation, and separate verification activities that occur late in the development cycle. This often creates security review bottlenecks. When specialized embedded security and code quality scanners detect vulnerabilities in a developer’s code, the scan issue gets added to a pile of other issues that haven’t been resolved. Developers can’t integrate their code, and security personnel need to wade through a backlog of code violations. This creates delays and makes compliance more difficult.Some of the challenges can best be summed up as:Late-stage compliance issues: Problems discovered after development is completeDocumentation burden: Extensive manual effort to create and maintain compliance evidenceProcess bottlenecks: Serial compliance activities that block development progressExpertise dependence: Reliance on limited specialists for compliance activitiesAs a result, teams often need to choose between velocity and compliance — a precarious trade-off in safety-critical systems.Solution: Automated functional safety compliance workflow building blocksRather than treating security and compliance as post-development verification activities, you can codify compliance requirements and enforce them automatically through customizable frameworks in GitLab. To do this for functional safety standards, in particular, you can integrate GitLab with specialized embedded tools, which provide the depth of firmware scanning required by functional safety standards. Meanwhile, GitLab provides automated compliance checks, full audit trails, and merge request gating — all features needed to support a robust continuous compliance program.This integrated approach includes:Compliance-as-code: Define compliance requirements as automated checksIntegrated specialized tools: Connect tools like CodeSonar into the DevSecOps platform for automotive-specific complianceContinuous compliance verification: Verify requirements throughout developmentAutomated evidence collection: Gather compliance artifacts as a by-product of developmentWatch this video to learn how to use Custom Compliance Frameworks in GitLab to create your own compliance policies. You can create compliance policies related to any standard (e.g., ISO 26262) and automatically enforce those policies in GitLab. By shifting compliance left and embedding it within normal development workflows, you can maintain safety standards without sacrificing velocity. Automated checks catch issues early when they're easier and less expensive to fix, while continuous evidence collection reduces the documentation burden.Realizing the power of embedded DevOpsEmbedded development is changing fast. Teams that remain stuck in manual processes and isolated workflows will find themselves increasingly left behind, while those that embrace automated, collaborative practices will define the future of software-defined smart systems.Explore our Embedded DevOps Workshop to start automating embedded development workflows with GitLab, or watch this presentation from GitLab's Field Chief Cloud Architect to learn how leading organizations are bringing hardware-in-the-loop testing into continuous integration workflows to accelerate embedded development.Learn moreWhy GitLab Premium with Duo for embedded systems development?Why GitLab Ultimate with Duo for embedded systems development?