The Linux Foundation Projects
Skip to main content
All Posts By

elisaproject

Working Group Spotlight: Aerospace

By Blog, Working Group

To kickoff 2024, ELISA hosted an annual Working Group Update where all of the leads shared a quick overview, milestones achieved and plans for the new year. The update meetings, which was hosted online for a few hours over two days, was open to the public. If you missed the meeting, the videos can be found on-demand on a new Working Group playlist on the ELISA Youtube Channel.

Each week, we’ll feature a new Working Group video and details for how to get involved in meetings and join the discussions. Today, we shine a spotlight on the Aerospace Working Group, led by Steven H. VanderLeest, Chair of the ELISA Aerospace Working Group and Chief Technologist at Boeing. Watch the video below or check out the PPT here.

 

Engage with the Aerospace Working Group: 

Attend a meeting: 

Join the Mailing List:

Participate in GitHub:

ELISA is open to everyone. Anyone can develop and contribute code, get elected to the Technical Steering Committee, or help steer the project forward in any number of ways.

Learn more about the ELISA Project by:

Using Linux in Safety Scenarios

By Blog, Working Group

Written by Igor Stoppa, Senior Software Architect at NVIDIA and ELISA Project contributor

The ELISA Project’s Open-Source Engineering Process (OSEP) Working Group examines how software engineering processes can be used to facilitate the certification of safety-critical systems incorporating Linux and other FOSS. They aim to consider the roles that a Linux-based OS might have in such systems, and identify how FOSS developers, system integrators and product creators can specify these, and provide evidence to support associated safety arguments.

These documents below, which were contributed to the ELISA PROJECT OSEP WG are intended to help functional safety professionals, linux kernel developers, assessors and oems find a common ground:

1. Checklist of FuSa woes associated to Linux in a safety context
2. Contextualizing safety requirements in the scope of a Linux system
3. Analyzing interference within a Linux System based on arm

Although they are not written in the formal language typical of Functional Safety, they cover important technical aspects that might not be obvious to those who are not familiar with Linux.

They can also help with introducing FuSa concepts to Linux engineers and can be a supporting tool to anyone trying to reach safety goals on a system based on Linux.

Ideally, they can help both assessors and OEMs who are either transitioning or considering the transition to a Linux based system, in evaluating the offerings and FuSa solutions that they have available.

Check out the contributions and learn more about the OSEP WG here.

Working Group Spotlight: Safety Architecture

By Blog, Working Group

To kickoff 2024, ELISA hosted an annual Working Group Update where all of the leads shared a quick overview, milestones achieved and plans for the new year. The update meetings, which was hosted online for a few hours over two days, was open to the public. If you missed the meeting, the videos can be found on-demand on a new Working Group playlist on the ELISA Youtube Channel.

Each week, we’ll feature a new Working Group video and details for how to get involved in meetings and join the discussions. Today, we shine a spotlight on the Safety Architecture Working Group, led by Gabriele Paoloni, Chair of the ELISA Project Governing Board and Open Source Community Technical Leader at Red Hat. Watch the video below or check out the PPT here.

 

 

Engage with the Safety Architecture Working Group: 

Attend a meeting: 

Join the Mailing List:

Participate in GitHub:

ELISA is open to everyone. Anyone can develop and contribute code, get elected to the Technical Steering Committee, or help steer the project forward in any number of ways.

Learn more about the ELISA Project by:

Safety-Critical Software Summit Schedule Now Live

By Announcement, Blog, Safety-Critical Software Summit

Last week, the Linux Foundation announced the full schedule for Open Source Summit North America, the premier event for open source code and community contributors. The leading gathering for the global open source community offers 200+ sessions presented through 16 microconferences, exploring the most crucial and innovative topics driving open source advancements today.

Embedded Open Source Summit is also being held April 16-18 in Seattle, Washington, alongside Open Source Summit North America. The Safety-Critical Software Summit, sponsored by the ELISA Project, will be under the EOSS umbrella and aims to gather safety experts and open source developers to enable and advance the use of open source in safety-critical applications.

The Safety-Critical Software Summit will take place on Thursday, April 18. Check out the schedule below, which is in PST:

Check out the complete schedule here. Register here by February 24 for an early bird discount. Those who register for Open Source Summit can add on registration for Embedded Open Source Summit for free.

Learn more about the ELISA Project by:

Working Group Spotlight: Open Source Engineering Process

By Blog, Working Group

To kickoff 2024, ELISA hosted an annual Working Group Update where all of the leads shared a quick overview, milestones achieved and plans for the new year. The update meetings, which was hosted online for a few hours over two days, was open to the public. If you missed the meeting, the videos can be found on-demand on a new Working Group playlist on the ELISA Youtube Channel.

Each week, we’ll feature a new Working Group video and details for how to get involved in meetings and join the discussions. Today, we’ll feature the Open Source Engineering Process Working Group update by Paul Albertella, Consultant at Codethink. Watch the video below or check out the PPT here.

 

;

 

Engage with the Open Source Engineering Process Working Group: 

Attend a meeting: 

Join the Mailing List:

Participate in GitHub:

ELISA is open to everyone. Anyone can develop and contribute code, get elected to the Technical Steering Committee, or help steer the project forward in any number of ways.

Learn more about the ELISA Project by:

Working Group Spotlight: Tools

By Blog, Working Group

To kickoff 2024, ELISA hosted an annual Working Group Update where all of the leads share a quick overview, milestones achieved and plans for the new year. The update meetings, which was hosted online for a few hours over two days, was open to the public. If you missed the meeting, the videos can be found on-demand on a new Working Group playlist on the ELISA Youtube Channel.

Each week, we’ll feature a new Working Group video and details for how to get involved in meetings and join the discussions. Today, we’ll feature the Tools Working Group update by Matt Kelly, Software Team Lead at The Boeing Company. Watch the video below or check out the PPT here

 

Engage with the Tools Working Group:

Attend a meeting:

  • 2nd Tuesday of the month @ 9:30 AM EST / 2:30 PM UTC
  • 4th Thursday of the month @ 11:00 AM EST / 4:00 PM UTC

Join the Mailing List:

Participate in GitHub:

  •  Tools WG: https://github.com/elisa-tech/wg-tools
  • BASIL: https://github.com/elisa-tech/BASIL
  • ks-nav: https://github.com/elisa-tech/ks-nav

ELISA is open to everyone. Anyone can develop and contribute code, get elected to the Technical Steering Committee, or help steer the project forward in any number of ways.

Learn more about the ELISA Project by:

ELISA Project: Working Groups, Deliverables & More!

By Blog, Working Group

Linux is used in all major industries because it can enable faster time to market for new features and take advantage of the quality of the code development processes. Launched in February 2019, the Enabling Linux In Safety Application (ELISA) Project works with Linux kernel and safety communities to agree on what should be considered when Linux is used in safety-critical systems. The project has several dedicated working groups that focus on providing resources for system integrators to apply and use to analyze qualitatively and quantitatively on their systems.

The Working Groups have two main focuses – the horizontal Working Groups include Safety Architecture, Linux Features, Tool Investigation, Open Source Engineering Process, and Systems as well as vertical use case based Working Groups in Aerospace, Automotive, and Medical Devices domains.These Working Groups collaborate to produce an exemplary reference system. Linux Features, Architecture and Code Improvements should be integrated into the reference system directly. Tools and Engineering Process should serve the reproducible product creation. Medical, Automotive, Aerospace and additional future WG use cases should be able to strip down the reference system to their use case demands.The Project’s Technical Steering Committee (TSC) oversees the Working Group activities and coordinates cross Working Group collaboration to drive the technical direction of the Project. You can interact with the TSC by subscribing to its public forum and attend its biweekly meeting that’s open to the public by default.

To kickoff 2024, ELISA hosted an annual Working Group Update where all of the leads share a quick overview, milestones achieved and plans for the new year. The update meetings, which was hosted online for a few hours over two days, was open to the public. If you missed the meeting, the videos can be found on-demand on a new Working Group playlist on the ELISA Youtube Channel.

Each week, we’ll feature a new Working Group video and details for how to get involved in meetings and join the discussions. Today, we’ll kick off the blog series with a 10-minute project overview by Philipp Ahmann, Chair of the ELISA Project Technical Steering Committee and Technical Business Development Manager at Robert Bosch GmbH.

ELISA is open to everyone. Anyone can develop and contribute code, get elected to the Technical Steering Committee, or help steer the project forward in any number of ways.

Learn more about the ELISA Project by:

 

How to Navigate the Complexity of Open Source License Compliance

By Blog, Linux Foundation Reserch

Written by Anna Hermansen, Researcher and Ecosystem Manager for Linux Foundation Research

In the ever-evolving landscape of software development, the integration of open source software (OSS) has become ubiquitous, fostering innovation, efficiency, and collaboration. However, this adoption comes with its own challenges, particularly when it comes to complying with open source licenses. A recent report by the Linux Foundation’s Ibrahim Haddad, titled Open Source License Compliance: Challenges Ahead, sheds light on the intricacies involved in navigating this complex terrain. Below are a few key insights from this report: 

  1. The cornerstone of open source license compliance lies in adhering to copyright notices and fulfilling license obligations when incorporating OSS into products or services. This is no small feat, considering the diverse range of licenses, varying terms and conditions, and the rapid pace of software development.

    OpenSourceLicenseComplianceReport_Infographic_Mentorship Infographic-1
  2.  Compliance with OSS licenses is a multifaceted process that begins with identifying all OSS integrated into a product or service. This necessitates a meticulous plan to fulfill the myriad of license obligations associated with each component. The complexity intensifies as organizations grapple with the diverse licensing landscape and the dynamic nature of software development.

    OpenSourceLicenseComplianceReport_Infographic_Mentorship Infographic-2
  3. To effectively manage OSS license compliance, organizations need robust tools. An advanced Software Composition Analysis (SCA) tool proves indispensable in this regard. These tools boast comprehensive features, aiding organizations in accurately identifying incorporated OSS, understanding licensing requirements, and ensuring adherence to obligations.

    OpenSourceLicenseComplianceReport_Infographic_Mentorship Infographic-4
  4. Promoting a culture of openness and accountability is key. Beyond tools, organizations can instill a culture of openness, accountability, and collaboration by providing users with visibility into their compliance processes. This transparency not only fosters a sense of responsibility but also enables the organization to address compliance issues or inquiries efficiently.

    OpenSourceLicenseComplianceReport_Infographic_Mentorship Infographic-5
  5. Organizations can be proactive by integrating compliance into the development process itself. By doing so, organizations reduce the risk of non-compliance while cultivating a healthy internal open source governance culture. This proactive stance ensures that compliance is not an afterthought but an integral part of the software development lifecycle.

    OpenSourceLicenseComplianceReport_Infographic_Mentorship Infographic-6
  6. Managing OSS license compliance at scale requires leveraging appropriate tools and garnering internal support. This strategic combination helps in mitigating compliance risks and ensures that adherence to license obligations becomes an integral aspect of the development workflow.

    OpenSourceLicenseComplianceReport_Infographic_Mentorship Infographic-7
  7. The efficacy of SCA tools hinges on their accuracy, consistency, and integration. These tools must navigate complexities, identify all OSS components, and stay updated with the ever-evolving OSS licensing landscape. Achieving this balance is critical for organizations relying on SCA tools to facilitate compliance. To maximize their effectiveness, these tools must seamlessly integrate with the software development lifecycle, which requires automating the scanning of code for open source components and licensing requirements. The integration ensures that compliance is an inherent part of the development process.

    OpenSourceLicenseComplianceReport_Infographic_Mentorship Infographic-8
  8. Another important tool for compliance is the Software Bill of Materials (SBOM). The adoption of SBOMs is increasing as a means of providing transparency into a software product or service. SBOMs offer insight into component usage, open source licenses, and potential vulnerabilities in the open source components in use, and when standardized in a common format – such as the Linux Foundation’s SPDX project – reduce the workload of collating this information. Despite these advantages, challenges arise when origin and license information of the AI system’s source code is absent, hindering downstream users from generating accurate SBOMs. This gap raises a critical concern, as the inability to trace security vulnerabilities poses a significant red flag in maintaining comprehensive cybersecurity measures.
  9. Auditability is a central challenge for organizations aiming to maintain transparent and comprehensive audit trails of all OSS and license compliance-related activities. The ability to demonstrate adherence to license obligations becomes paramount, especially in the face ofOpenSourceLicenseComplianceReport_Infographic_Mentorship Infographic-9
  10. The rise of artificial intelligence (AI)-generated code introduces new challenges to the compliance landscape. Organizations can initially address these challenges by implementing policy options and providing guidance to developers. As AI becomes more prevalent, refining compliance strategies for AI-generated code will be imperative.

    OpenSourceLicenseComplianceReport_Infographic_Mentorship Infographic-11
  11. As the prevalence of OSS continues to grow, establishing a robust and automated compliance process becomes critical. This not only safeguards organizations from legal repercussions but also shields them from reputational risks associated with non-compliance.

    OpenSourceLicenseComplianceReport_Infographic_Mentorship Infographic-12

Software developers and business leaders stand to gain invaluable insights from the report, Open Source License Compliance: Challenges Ahead. It offers a comprehensive roadmap, emphasizing the complexities of compliance and the need for advanced Software Composition Analysis (SCA) tools, SBOMs, and integrating compliance into the development process. Following this roadmap reduces non-compliance risks and helps foster a culture of transparency and collaboration.

Moreover, the report tackles emerging challenges, including those posed by artificial intelligence-generated code, and advocates for robust, automated compliance processes. By delving into the intricacies of OSS license compliance, this report equips professionals with the knowledge to harness the benefits of open source innovation confidently while safeguarding against legal and reputational risks. It serves as an indispensable guide, ensuring that both developers and business leaders are well-prepared to navigate the complex terrain of open source software integration.

Unveiling the 2023 World of Open Source: Japan Spotlight

By Blog, Linux Foundation

The 2023 World of Open Source: Japan Spotlight report, featuring a foreword by Noriaki Fukuyasu, VP of Operations for the Linux Foundation in Japan, offers a thorough and insightful analysis of the current state and trends of open source software (OSS) in Japan. Authored by Adrienn Lawson and Stephen Hendrick of Linux Foundation Research, this report is pivotal in understanding the dynamics of Japan’s involvement in the OSS arena.

Fukuyasu-san, in his foreword, sheds light on Japan’s distinctive role within the global OSS framework. He emphasizes the importance of comprehending how Japanese organizations and the wider community engage with OSS regarding usage and development and their leadership roles within this space. He provides a relevant backdrop to the report, highlighting Japan’s unique contributions and challenges in OSS.

This report is an invaluable resource for anyone keen to grasp the depth and breadth of Japan’s OSS landscape. It highlights the country’s evolving role in the global OSS community, offering a rich, survey-based exploration into how Japan contributes to, consumes, and leads in the world of open source software. Whether you are a developer, an executive, a policy maker, or simply an OSS enthusiast, this report is a must-read to understand the multifaceted nature of OSS in Japan and its implications for the global technology ecosystem.

Download the Japanese Version of the Report here: World of Open Source Japan Spotlight 2023 – Japanese

 

The uniqueness of Japan in the OSS landscape

This analysis reveals a dichotomy of findings, juxtaposing Japan’s alignment with global trends against its unique challenges and opportunities within the OSS ecosystem. The report offers a dual perspective on Japan’s OSS journey, shedding light on its achievements and highlighting areas for improvement.

Adoption rates and security perceptions vs. regulatory and knowledge barriers

WoOS_Japan_2023_Infographic-1

  • High OSS adoption: Japan’s OSS adoption rate at 82% closely aligns with the global average, indicating robust engagement with OSS.
  • Contrast with challenges: Despite this high adoption rate, Japanese organizations grapple with regulatory compliance and a lack of understanding of OSS nuances. Concerns about quality, security, and intellectual property further complicate this landscape.

Trust in security vs. contribution challenges

WoOS_Japan_2023_Infographic-2

  • Security confidence: 62% of Japanese organizations trust OSS to be more secure than proprietary alternatives, reflecting strong confidence in OSS security.
  • Hesitation in contributions: This trust contrasts with the challenges in contributing to OSS, shaped by cultural and organizational factors and a lack of incentives for contribution.

Diverse contributions vs. legal and IP hurdles

WoOS_Japan_2023_Infographic-5

  • Broad engagement: Japan’s OSS community actively contributes beyond coding, including issue reporting and documentation.
  • Legal barriers: Intellectual property, legal concerns, and complex licensing issues are significant barriers to deeper OSS engagement.

Recognizing OSS benefits vs. underappreciation of non-technical benefits

WoOS_Japan_2023_Infographic-8

  • Strategic advantages acknowledged: Japanese organizations recognize the strategic benefits of OSS, such as improved productivity and innovation.
  • Non-technical benefits overlooked: There remains an underappreciation of the non-technical benefits of OSS, like community building and cultural improvement.

Policy and training shortcomings: an area for growth

  • Lack of structured policies: The absence of structured policies and comprehensive training programs in Japan highlights a critical area for development.

Actionable insights for a thriving OSS ecosystem in Japan

Establishing Open Source Program Offices

WoOS_Japan_2023_Infographic-9

  • Role of OSPOs: Establishing Open Source Program Offices (OSPOs) can provide clear guidelines, ensure compliance, and foster a culture of open source contribution within organizations.
  • Strategic implementation: OSPOs can act as organizational strategic centers to streamline OSS adoption, contribution, and policy development.

Enhancing security in OSS

  • Prioritizing secure development: Enhancing security practices within OSS projects can alleviate concerns and encourage broader adoption.
  • Collaborative security efforts: Organizations can collaborate on shared security initiatives, benefiting the wider OSS community.

Expanding educational initiatives

  • Bridging the knowledge gap: Expanding OSS education and training programs can bridge the understanding gap and illuminate the full spectrum of OSS advantages.
  • Community and academic partnerships: Collaborations with academic institutions and community groups can further enhance OSS knowledge and skills.

Promoting OSS contributions

  • Boosting the ecosystem: Encouraging the open-sourcing of internal tools and company products can significantly contribute to the health of the OSS ecosystem.
  • Recognition and rewards: Implementing recognition systems for OSS contributions within organizations can incentivize active participation.

Tackling legal and licensing challenges

WoOS_Japan_2023_Infographic-4

  • Legal and licensing support: Addressing legal and licensing issues can empower more organizations to engage in OSS projects confidently.
  • Educational programs on licensing: Providing detailed educational resources on OSS licensing can demystify legal complexities for organizations.

Call to action

We hope this report encourages stakeholders across Japan to realize the full value of open source software and the communities supporting it. Whether you are a developer, an IT professional, a policy maker, or simply an enthusiast of technology and open source culture, this report offers a first-of-its-kind perspective into how OSS is shaping the technological landscape in Japan and how it compares and contributes to the global context.

To get involved, consider the following steps:

  • Educate yourself: Start by reading the full report to understand the current state of OSS in Japan. Knowledge is power, and understanding the landscape is the first step to making a difference.
  • Engage with the community: Join local and online OSS communities. This week, Open Source Summit Japan is taking place in Tokyo, which is the forum of choice for engagement. Participating in forums, attending meetups, and contributing to discussions can provide practical insights and networking opportunities.
  • Contribute to projects: Whether you’re a coder, a documentation specialist, or a tester, your skills can contribute significantly to various OSS projects. Find a project that aligns with your interests and skills, and start contributing.
  • Advocate for OSS in your organization: If you’re in a position to influence your organization’s software choices, advocate for adopting OSS and supporting OSS policies and training.
  • Educational and professional development: Continuously seek opportunities to learn more about OSS, whether through formal education, workshops, or self-guided learning. LF Research is a great place to start! 

ISO-PAS 8926 Overview and ISO 26262 3rd ed. Activity Planning (Video)

By Blog, Seminar Series

ISO PAS 8926 “Road vehicles – Functional safety – Use of pre-existing software architectural elements” has been approved by the ISO community. This achievement represents a recognition of the work done in the last 2 years by ISO Sub-Group experts from multiple organizations / delegation to include the evaluation of pre-existing complex software for Functional Safety without losing the original ISO 26262 backbone.

The goal of this talk is to provide an overview of ISO PAS 8926 content and its connection with the current ISO 26262 second edition. Moreover, it will be the opportunity to introduce at a high-level the ISO 26262 initiatives related to the 3d edition and their planning.

As part of the ELISA Seminar series, Roberto Paccapeli, Functional Safety Manager at Red Hat, and Gabriele Paoloni, Sr. PE at Red Hat, gave a presentation titled, “ISO-PAS 8926 Overview and ISO 26262 3rd ed. Activity Planning.

 

The ELISA Seminar Series focuses on hot topics related to ELISA’s mission to define and maintain a common set of elements, processes and tools that can be incorporated into Linux-based, safety-critical systems amenable to safety certification. Speakers are members, contributors and thought leaders from the ELISA Project and surrounding communities. Each seminar comprises a 45-minute presentation and a 15-minute Q&A, and it’s free to attend. You can watch all videos on the ELISA Project Youtube Channel ELISA Seminar Series Playlist here.

For more ELISA Project updates, subscribe to @ProjectElisa or our LinkedIn page or our Youtube Channel.