As Linux is increasingly deployed in systems with varying criticality constraints, distro providers are expected to ensure that security fixes in their offerings do not introduce regressions for customer products that have safety considerations. The key question arises:
- How can they establish consistent linkage between code, tests, and the requirements that the code satisfies?
- Which open source tools and specifically for Linux exist to support traceability in order to comply with standards such as ASPICE, ISO26262 or ISO21434?
This video from Open Source Summit Japan – presented by Philipp Ahmann, Sr. OSS Community Manager, Etas GmbH; and Kate Stewart, Vice President of Dependable Embedded Systems at the Linux Foundation – addresses critical challenges in requirements tracking, documentation, testing, and artifact sharing within the Linux kernel ecosystem. Functionality has historically been added to the kernel with requirements explained in the email justifications for adding, but not formalized as “requirements” in the kernel documentation. While tests are contributed for the code, the underlying requirement that the tests satisfies is likewise not documented in a consistent manner. This and further topics will be discussed. Additionally, the results from the “Safe Systems with Linux” micro conference at Linux plumbers will be summarized.
You can watch more ELISA-related talks on the Open Source Summit Japan Playlist on the ELISA Youtube Channel.