Skip to main content
All Posts By


Linux in Aerospace: A Personal Journey

By Blog, Working Group

Written by Steven H. VanderLeest, Software Engineering Technical Lead at The Boeing Company and Chair of the ELISA Aerospace Working Group


From the early days of Linux, I was a fan of this innovative, open-source Operating System (OS). I appreciated it as a hobbyist, helping me run Linux at home. I appreciated it as an educator, helping my computer engineering students walk with Linux through OS concepts. However, as a professional working in the safety-critical domain of aerospace, I wondered: could Linux fly?

My Pre-flight Taxi with Linux

My journey with Linux had its roots in the 1980s before Linus Torvalds introduced his new OS to the world in 1991. During my undergraduate degree in the 1980s, my engineering program had some labs equipped with the relatively recent IBM Personal Computer (PC). The machines were amazing, but my ability to command their power was somewhat limited by the OS, which was the Microsoft Disk Operating System (MS-DOS). When I reached my third year, I gained access to a Sun Workstation running SunOS, a variant of Unix. I quickly learned to appreciate the rich menagerie of shell commands, the power of combining them with redirection such as pipes, and the aesthetics of the fledgling X-Windows GUI.

I first heard about Linux in graduate school in the early 1990s at the University of Illinois at Urbana-Champaign. My doctoral thesis was on Input/Output (I/O) performance, especially on multiprocessor systems. My research analyzed and quantified I/O performance on OSs such as SunOS, SGI IRIX, DEC OSF/1, HP-UX, and Linux. One key finding of my research was that I/O performance could be impacted by the interference caused by unrelated transactions contending for shared resources within a multi-processor system. The magnitude of the impact was heavily dependent not only on the computing hardware architecture but also on the architecture of the OS. Interference could even occur on a uni-processor where independent processes had I/O tasks clustered in time.

As an educator, I applied Linux in my teaching. After finishing my Ph.D., I returned to my alma mater, Calvin College (now University), to take a position as a professor of engineering, teaching computer engineering topics. Linux provided a rich learning environment where my students could look under the hood while learning about operating systems. The transparency of open-source code made an ideal environment for learning and innovation. I also wanted to share my love for working at the interface between computer hardware and software. Studying the Linux kernel provided key insights into how the OS manages the hardware on behalf of applications. The overall system’s performance will improve if the OS is reasonably tuned to take advantage of the hardware architecture.

As a hobbyist, I used Linux at home. I set it up on any extra desktop or laptop I could get my hands on. The whole family got involved when I set up MythTV, an open-source streaming media system, and installed it on a spare Linux desktop system along with an expansion card to capture and record live television. We were asynchronously watching programs and never missing an episode well before any of our friends or neighbors followed suit with ReplayTV or TiVo.

As an engineering professional, I found opportunities to bolster my work with Linux. The challenge was that my employers often required MS Windows as the standard a bureaucratic IT department imposed. Nevertheless, I discovered ways to use Linux by dual-booting or a LiveCD approach and eventually run Linux in a virtual machine using hypervisors like VirtualBox. Like its Unix forebears, Linux was much more stable and reliable than Windows. Even if an application program went astray, I got a segmentation fault warning at most, and the other processes continued. Windows was prone to the Blue Screen of Death, bringing the system to a halt much too often. While it might be distressing to lose your work when this happened, losing a few minutes of labor (or hours if you didn’t save often) was a minor albeit annoying inconvenience. I couldn’t expect higher reliability since that wasn’t a use case for office desktop systems. I quickly realized that Windows doesn’t apply to safety-critical systems.

I also would not expect an operating system designed for an office desktop/laptop to work for embedded systems where the available main memory and secondary storage are limited. Embedded computing platforms are all around us but hidden inside our vehicles, more sophisticated consumer electronics, and smart devices. Windows might not work in these use cases, but Linux could! I started using Linux on embedded development boards when chip manufacturers such as Freescale (later NXP), Intel, Texas Instruments, and others began providing a Linux Board Support Package. The chip makers found this approach was the most effective way to get developers up and running quickly on their new hardware.

Taking Flight with Linux

Within safety-critical domains such as aerospace, Linux provides the foundation for multiple software development environments that run on desktops and laptops. As we move toward distributed development, Linux is a ubiquitous cloud guest OS.

For embedded, safety-critical applications, Linux is less common than a Real-Time Operating System (RTOS). However, a group of Linux developers has been slowly improving real-time performance since the 1990s. Attention coalesced into the PREEMPT-RT patch since 2004, with key parts of the patch making their way to the mainline kernel code. Today, almost all PREEMPT-RT functionality is mainlined but must be enabled through kernel configuration parameters. As for the safety-critical need, in the early 2010s, several research groups examined Linux as a foundation for an Integrated Modular Avionics (IMA) system. I led one of these efforts as the Principal Investigator for a Small Business Innovation Research (SBIR) contract with the US Defense Advanced Research Projects Agency (DARPA). We developed a proof-of-concept safety-critical system that combined the Xen hypervisor with Linux as a guest OS, to provide ARINC 653 partitioning, a key standard related to IMA.

Over the past decade, multiple private endeavors have applied Linux in aeronautical and astronautical computing systems, even platforms with modest safety criticality, though only a few of these efforts have been publicized. Demonstrating that software is reliable enough for flight is ambitious. I work for Boeing, one of the aerospace companies tackling that challenge. The next section provides an overview of the four key characteristics necessary to put aircraft using Linux into the air.

Developing Software for Aerospace is Challenging

For use in avionics (an electronic computing platform used on an aircraft), the software must be fast, deterministic, embedded, and assured.


For use in avionics, Linux must be fast. The Linux developer community is already heavily focused on speed, constantly innovating kernel performance improvements.

The aerospace industry can largely leverage the Linux community effort toward high performance. There may be a few specialized devices where drivers must be further optimized. However, those devices will almost always follow the existing design patterns and take advantage of community innovations, such as io_uring. Another example of an area that might need more attention is boot time. For aerospace, certain fault-tolerance techniques require a fast boot-up (or in-air re-boot) time. In these cases, the system must be operational in only a few seconds or even less.


For use in avionics, Linux must be deterministic. Remember the action thriller series 24? Jack Bauer (played by Kiefer Sutherland) would introduce the series with a voice-over claiming “events occur in real-time”. The audience understood that we were watching as if it were airing live. This commonly understood definition of real-time is not quite the same idea as a real-time computing system. For an RTOS, real-time means that the response to critical events will occur within a deterministic amount of time, even in the worst case. Most computing systems- hardware and software- are tuned to optimize the average response time. Most users and actions enjoy a rapid response, but sometimes at the expense of a slow response for certain users or certain actions. A deterministic system is not necessarily fast — it simply means that we can bound, with confidence, the maximum for critical response times. We want a guaranteed maximum response time in a real-time system, even in the worst case. If we were grading responses like students, we don’t care if the best score was an A+ or the average score was a C. We care that the worst score is still a passing grade in real-time systems. Let’s say the system must always respond within 50 milliseconds, or something bad happens. Over a series of tests, perhaps you find that the fastest response is 12 milliseconds, the average is 27 milliseconds, and the worst is 42 milliseconds. For determinism, we only care that the worst response is still under the requirement (in this example, it appears to be meeting our needs).

The aerospace industry can leverage the Linux community’s effort toward determinism. The PREEMPT_RT patches developed over the last 20 years have largely been mainlined, but must still be configured to enable them. Deterministic boot time has received less attention than deterministic response time, but both are important for aerospace applications.


For use in avionics, Linux must be embedded. Embedded use cases are constrained with limited size, weight, and power. The most widely deployed embedded instance of Linux is probably the Android OS, used on the largest number of smartphones around the globe today. The vast majority of the billions of embedded devices that make our digital world run smoothly are not this visible — they are under the hood in your car, behind the panel of your home thermostat, and in many other behind-the-scenes locations.

Many industries, including the aerospace industry, continue to turn to Linux for embedded systems. Chip manufacturers continue to support Linux, often the first OS for which they provide starter software development kits. Developers from across the open-source community continue to develop drivers for new devices.


Regulatory agencies often oversee safety-critical systems to ensure the software is correct to a high confidence level. Because public safety is at stake, the agencies generally have the authority to enforce standards before a product can be released. For use in avionics, Linux must be assured. For avionics software in civilian aircraft, the authority to approve flight certification is specific to a geographic region. For example, in the United States, it is the Federal Aviation Administration (FAA); in most of Europe, it is the European Union Aviation Safety Agency (EASA).

The details of safety standards vary across industries such as nuclear, automotive, medical, aeronautical, rail, and others. However, the same basic concepts are found in all of them, such as expert peer review or formal means of verification and validation to show the software is suited to purpose. Most have two aspects: ensuring the software is reliable (it does the things we want) and safe (it does not do things we do not want).

A key standard for avionics software is DO-178C, which describes software development life cycle processes and objectives that must be met. DO-178C defines five software levels. The lowest is level E, where a software bug has no impact on the safety of the crew or passengers. An example might be the passenger entertainment system. The highest is level A, where a software bug could have catastrophic results. An example might be the flight control software that responds to pilot commands.

The aerospace industry can leverage much less from the Linux community regarding assurance than the other criteria stated earlier. On the one hand, Linux has been extensively field-tested, so it has a strong product history. Due to the crowd-sourcing nature of open source, Linux likely has more expert peer reviews than any other existing software. Assurance of Linux also benefits from the reasonably large number of tests available within several test frameworks. On the other hand, Linux was not designed expressly for aerospace, nor even for safety-critical use cases in general. The design has been much more iterative and ad-hoc, making it more challenging to demonstrate the correct design to software safety regulatory authorities.


Linux is already being used in flight-certified systems at level D. Aerospace companies like Boeing are now poised to use Linux more broadly and at higher levels of assurance, with groups like ELISA leading the effort. ELISA is the Enabling Linux In Safety Applications project under the Linux Foundation. Its mission is to make it easier for companies to build and certify Linux-based safety-critical applications. ELISA recently formed a new working group focused on Aerospace, which will tackle some of the challenges outlined above. We are just getting this group started and welcome new members!

I have crawled, walked, and run with Linux. Now it is time to fly!

For more information

This article previously ran on

Cyber Monday

By Blog, LF Training & Certification, Linux Foundation

With the new year approaching, what better time is there to plan for the future? 

Many technology professionals are looking for ways to level up in their career in 2023. In the spirit of planning for big moves and meeting opportunities well-prepared, the Linux Foundation is once again offering CyberMonday promotions – 30-65% off – on our most popular courses, certifications, bootcamps and bundles. 

Courses, Certifications and Bundles

Linux Foundation Training & Certification courses and certs are among the most well-recognized and respected in the technology industry. 

Right now you can save 50% off any course or certification in our catalog, including our popular CloudNative certs – CKA, CKNA, CKS and KCNA. (While you’re browsing our course catalog, be sure to check out our brand new offering – the Linux Foundation Cloud Certified Technician (LFCT) that was launched just this week!)

Even better, you can save even more – 65% off – when you combine certifications and courses, or purchase multiple certification exams with bundles and power bundles. 

Once purchased you’ll have access to your course and will be able to schedule your exam for up to a year. Our certifications come with verifiable digital badges that are good for up to three years once the exams are passed. 

Bootcamps and In-Person Training

Looking for a deeper-dive into the subject matter? Linux Foundation bootcamps offer incredible value with course materials, online mentorship and instructor feedback, and a learning community to help you master DevOps, Cloud Native Development and Cloud Engineering skills. At 65% off, you won’t find a better deal on a quality bootcamp to help you learn these subjects anywhere.

And, if you’re missing the in-person training experience – good news! The Linux Foundation also offers virtual, instructor-led training. 

Introducing Skillcreds

Finally, this week the Linux Foundation Training & Certification team has launched an entirely new credential series focused on practical, tool-specific technologies. Skillcreds for Vim, Git, Helm, YAML and Bash are available at 30% off now through 12/5/22.

This is your chance to get incredible savings on world-class training and certifications that can boost your earning potential and help you grow in your career. Talk to your employer about whether or not your company will help pay for your training. But act quickly – these incredible savings come only once a year and are good only through December 5, 2022.

Addressing Space Isolation for Enhanced Safety of the Linux Kernel (Video)

By Blog, Technical Update, Working Group

Written by Igor Stoppa, Senior Software Architect at Nvidia

For more than two decades, Linux has made inroad in new fields of applications, from data centres, to embedded. We see now a growing demand for Linux in safety critical applications, ranging from automotive to robotics, to medical appliances.

However, Linux was not designed with these applications in mind, and unsurprisingly it is not an ideal fit, at the moment.In particular, one major pain point is the very limited resilience to spatial interferences originating from within the kernel itself.

Furthermore, the code base if much larger than what can be found in other operating systems traditionally found in safe applications. This is also compounded by the fact that Linux does not follow the processes traditionally in use for Functional Safety.


In the video, I describe my ongoing experiment of modifying the Linux kernel, to introduce a form of Address Space Isolation, meant to provide a mechanism enforcing freedom from interference. The presentation describes the problems, possible means to address it, and the current progress with the implementation. You’ll see a methodology for the safety analysis of a Linux system and mechanism for improving the safety of selected components.

This presentation ties both into the scope of the Linux Features for Safety-Critical Systems Working Group and the Critical SW track at Open Source Summit Europe. Though this work is not formally sponsored nor endorsed by ELISA, it is something I shared with the community for brainstorm and discussion purposes.

If you’d like to learn more about the Linux Features for Safety-Critical Systems Working Group or you’d like to continue this conversation, please join the mailing list or a WG meeting here.

Open Source Automation Development Lab Survey

By Blog, Industry Partners

Written by Philipp Ahmann, an ELISA Ambassador, Chair of the Automotive Working Group, Chair of the Systems Working Group, and Technical Business Development Manager at Bosch 

One of ELISA’s industry partners Open Source Automation Development Lab (OSADL), which is the leading competence network providing services to use Open Source Software in industrial products, is hosting a survey to get a better picture on demands and pain points of industrial use of embedded Linux.

Their mission is to:

  • Support with services and products to use Open Source Software in industrial products sustainably.
  • Provide broad knowledge and a wide network of experts to accompany your product development throughout all stages.
  • Assist in complying with legal requirements, safety and security standards and we certify your products and processes.
  • Defend the interests of our members and those of the Open Source community.

They are independent and invite any interested party to join. Currently, they are asking for help in a survey until the end of September:

The idea behind the survey is simple:

The landscape of Linux distributions currently in use is very heterogeneous. A way forward can be to pick one or more existing distributions that come closest to an ideal industry-grade Linux and enhance them by adding missing components. In this way the current (unsatisfactory) situation of Linux distributions for embedded systems in industry applications can be significantly improved. The survey should help to identify these potential distributions, missing components and key additions needed. 

The results will be published to those who participated in the survey. Fill out the survey today by September 30 here:

Linux Foundation Europe

By Blog, Linux Foundation, News

Live at Open Source Summit Europe today, it was announced that Linux Foundation Europe launches with a dozen founding members that intend to collaborate to form a disruptive inaugural project, and original research offering new insights into the European dynamics of open source. Headquartered in Brussels, Belgium, Linux Foundation Europe is led by Gabriele Columbro as General Manager. Columbro will continue to serve as the Executive Director of the Fintech Open Source Foundation (FINOS). 

Linux Foundation Europe’s mission is to accelerate the growth of thriving open collaborative efforts focused on challenges and opportunities of all European constituencies, from individuals to public and private sectors, while providing an on-ramp for European projects and companies to succeed and collaborate on a global scale.

Gabriele Columbro, general manager, Linux Foundation Europe live at Open Source Summit Europe

“The Linux Foundation has done a phenomenal job bringing together the private sector and individual contributors on a global scale over the last two decades. As a native-born Italian raised in the thriving European open source community of the early 2000s, I am thrilled to focus our attention on long-standing challenges and opportunities we can help unlock in Europe through open collaboration,” said Gabriele Columbro, general manager, Linux Foundation Europe.

Inaugural members of Linux Foundation Europe include at Platinum level: Ericsson; at Gold Level: Accenture; at Silver level: Alliander, Avast, Bosch, BTP, esatus, NXP Semiconductors, RTE, SAP, SUSE, and TomTom; Associate level:  Bank of England, OpenForum Europe, OpenUK and RISE Research Institute of Sweden. Participation in Linux Foundation Europe is open to any organization and free for existing Linux Foundation members.

Learn more about Linux Foundation Europe here:

Gain Skills to Enhance Your Career

By Blog, LF Training & Certification

It’s the time of year that kids around the world are heading back to the classroom. This is great timing to jump on the opportunity to improve your own knowledge and gain the skills to pursue a lucrative career in open source technology. The recently released 10th Annual Open Source Jobs Report from the Linux Foundation and edX found 93% of hiring managers are having difficulty sourcing candidates with open source technology skills, and nearly six in ten are giving open source professionals higher salary increases than other roles.

There are a lot of different open source technologies in high demand, but the skillsets most sought after are cloud computing/containers, DevOps and Linux. This is not surprising as to make the most of a cloud deployment, you need to understand at least basic Linux operations and commands, as well as DevOps practices which are used for developing and operating cloud deployments. In addition to gaining these skills, verifiable certification exams like the popular Certified Kubernetes Administrator (CKA) enable you to demonstrate those skills to employers.

Linux Foundation Training & Certification provides comprehensive training in all of these and many other open source technologies including blockchain, web development, networking, cybersecurity and more. To make this training more accessible to everyone, we’re offering a FREE companion training course with a certification exam purchase through August 30, 2022. This means if you purchase a CKA exam, you will receive access to the Kubernetes Fundamentals training course at no additional cost.

Be sure to use code BACK2SCHOOL at checkout to save.

Join us at ELISA Project September Events

By Blog, Industry Conference, News, Working Group, Workshop

Launched in February 2019, the ELISA (Enabling Linux in Safety Applications) Project works with Linux kernel and safety communities to agree on what should be considered when Linux is used in safety-critical systems. The project has several dedicated working groups that focus on providing resources for system integrators to apply and use to analyze qualitatively and quantitatively on their systems.

If you’re new to the project and would like to learn more about the community, ELISA has several upcoming events in September that you can attend to meet ambassadors or project members, receive updates about technical milestones and goals of each of the working groups and ask questions or get involved. Focused Working Groups include Automotive, Linux Features for Safety-Critical Systems, Medical Devices, Open Source Engineer Processes, Safety Architecture, Systems and Tool Investigation and Code Improvement and they are always looking for more participants.

September events:

  • ELISA Summit – Hosted virtually for participants around the world on September 7-8, this event will feature overview of the project, the mission and goals for each working group and an opportunity for attendees to ask questions and network with ELISA leaders. View the schedule here. Registration is free and open to the public.
  • ELISA Forum – Hosted in-person in Dublin, Ireland, on September 12, this event takes place the day before Open Source Summit Europe begins. It will feature an update on all of the working groups, an interactive System-Theoretic Process Analysis (STPA) use case and an Ask Me Anything session.  Pre-registration is required. To register for ELISA Forum, add it to your Open Source Summit Europe registration.
  • Open Source Summit Europe – Hosted in-person in Dublin, Ireland, and virtually on September 13-16, ELISA will have two dedicated presentations about enabling safety in safety-critical applications and safety and open source software. Learn more.
  • ELISA Workshop – Hosted in-person in Manchester, England, at Codethink offices. This workshop offers an opportunity for active ELISA contributors and members to have interactive discussions on predetermined topics and have side-by-side working sessions. Learn more.

Hazard Analysis Application to Complex Software (Video)

By Blog, Workshop

The Spring ELISA Workshop, which took place on April 5-7 virtually, had more than 130 global registrants that learned more about the various working groups, hot topics related to enabling linux in safety applications and networked with ambassadors. If you missed the workshop, you can check out the materials here or subscribe to the new ELISA Youtube Channel and add these sessions to your watch list.

In April, Raffaele Giannessi, Industrial PhD, and Fabrizio Tronci, Functional Safety Manager and Alessandro Biasci, Project Manager at Huawei, presented a session titled, “Hazard Analysis Application to Complex Software.” In this talk, they showcase the methodology to apply STPA to software non-physical system and application of case study on dynamic memory allocation.

Watch the video below.

If you are interested in learning more about the ELISA Project, please join us at one of the September events:

  • ELISA Summit, a virtual conference happening on September 7-8 . ELISA ambassadors and leaders will offer an introductory overview of the project, more in-depth technical content, emerging trends, and hot topics related to open source software in safety-critical applications. Register to attend at no cost here:
  • ELISA Forum, in-person in Dublin, Ireland on September 12. This is a co-located event with Open Source Summit Europe. ELISA Ambassadors and leaders will offer an overview of the project, the activities of the various working groups (WGs) and how the WGs interact and work together to tackle the challenges in advancing open source in safety-critical systems and bridge the gap between functional safety and Linux kernel development velocity. There will also be in-depth updates for the System-Theoretic Process Analysis (STPA) methodology to a sample use case and a Q&A session. Pre-registration is required. To register for ELISA Forum, add it to your Open Source Summit Europe registration.

Integrity of the Safety Application Address Space (video)

By Blog, Workshop

The Spring ELISA Workshop, which took place on April 5-7 virtually, had more than 130 global registrants that learned more about the various working groups, hot topics related to enabling linux in safety applications and networked with ambassadors. If you missed the workshop, you can check out the materials here or subscribe to the new ELISA Youtube Channel and add these sessions to your watch list.

Red Hat’s Christoffer Hall-Federiksen, Senior Software Engineer, and Gabriele Paoloni, Senior Principal Software Engineer and Chair of the ELISA Project Governing Board, presented a session titled, “Integrity of the Safety Application Address Space.”

In this video, you’ll get an overview  of the address space descriptors and critical Linux Kernel code involved along different scenarios (process creation, memory allocation, context switch, etc.), safety goals and an interactive discussion on the next steps. 

Watch the video below.

Introduction to ELISA (Video)

By Blog, Working Group, Workshop

The Spring ELISA Workshop, which took place on April 5-7 virtually, had more than 130 global registrants that learned more about the various working groups, hot topics related to enabling linux in safety applications and networked with ambassadors. If you missed the workshop, you can check out the materials here or subscribe to the ELISA Youtube Channel and add these sessions to your watch list.

At the workshop, Shuah Khan, Chair of the ELISA Technical Steering Committee (TSC) and Kernel Maintainer and Linux Fellow at the Linux Foundation, joined Kate Stewart, ELISA TSC member and co-chair of the Medical Devices Working Group, to kick off the workshop with an introduction to the ELISA Project.

You can view the video below, which is intended for new community members interested in the project and those who aren’t regular participants in the working groups.

We invite you to join a working group to learn more! Click here to check out the working groups and subscribe to their mailing lists and calendars to join meetings.