There are some general security issues involved with modules. Commonly on embedded systems, everything is statically compiled into the kernel to eliminate the problem of requiring privileges to load modules at runtime. In cases where this is not possible - and RTLinux is one of them - some way to permit usage of dynamically loaded kernel modules in a safe way is needed. For RTLinux a common strategy is to load all RTLinux modules at system startup time (RTLinux core modules + application specific modules), and have the application specific modules in an inactive state (suspended). This way the only thing left to do is to start or stop the rt-threads, which can be done safely via a proc interface.