Security of industrial Open Source software starts at establishing trustworthy sources from the outset - this small effort will not provide 100% security but, nevertheless, a clear increase. The Stuxnet virus incident should remind us that we need to know what is going on inside the software that we trust not only our economic livelihood on but also our safety. Open Source is not exempted in any way from use with malicious intent.
It is your responsibility as developer to take precocious steps to minimize the likelihood of a malicious use of your industrial GNU/Linux system. Following are a few notes pertaining to securing the Linux kernel sources for your projects.