All Posts By

Min Yu

Lyon Safety Summit Session Slides Now Available

By Announcement

We had a successful and well-attended Open Source Software in Safety-Critical Systems Summit on October 31, 2019 in Lyon. Here is the list of sessions, abstracts, speakers, and their presentation slides (linked from the session titles). 

9:00 – 9:30 Speaker: Lars Kurth
The Road to Safety Certification: How the Xen Project is Making Progress

Abstract: Safety certification is an essential requirement for software that will be used in highly regulated industries. The Xen Project, a stable and secure hypervisor that is used in many different markets, has been exploring the feasibility of building safety-certified products on Xen for the last year, looking at key aspects of its code base and development practices.

In this session, we will lay out the motivation and challenges of making safety certification achievable with open source and the Xen Project. We will outline the process the project has followed thus far and highlight lessons learned along the way. The talk will cover technical enablers, necessary process and tooling changes, and community challenges. Safety certification for commercial software based on an open-source hypervisor is an exciting and challenging goal.

9:30 – 10:00 Speaker: Anas Nashif
Introduction on Zephyr

Abstract: Open-source software development and how open-source projects are run is often seen as incompatible with functional safety requirements and established processes and standards. Open-source has been used on a regular basis in applications with safety requirements however in most cases the open-source software is forked and developed behind closed doors to comply with safety standards and processes and using existing infrastructure and tools not common or not available in public and in open-source.

This talk will show how the Zephyr project is moving to a new development model and methodology that uses existing and public tools to address many of the requirements and foundations that would help with using Zephyr in applications with functional safety requirements.

10:00 – 10:30 Speaker: Aymeric Rateau
Introduction on ELISA

Abstract: Aymeric will depict the background and challenges of using Linux for safety critical embedded applications : cultural clash of OSS community vs. classical waterfall development, many difficult to access and understand standard specifications, custom and expensive developments, etc.

On this basis, Aymeric will introduce ELISA’s current status, direction and goals. 

11:00-11:30 Speaker: John MacGregor
Walk Before We Run? Nope, Let’s Get Our Heads Up First

Abstract: There is quite a buzz at the moment about safety-certifying open-source software. The initial discussions have centered around which standards to use and which domains/industries/applications should be certified first.  Some of the proposals were for extremely complex state-of-the-art domain applications which have, as yet, not even reached the stage of commercialization.  A pretty common aspect of most of these discussions focus on the end state of the certification approaches and ignore the question of “how do we get there”.  Borrowing from a tired old metaphor, sometimes it’s like we’re talking about climbing Mount Everest when we haven’t even learned to walk.

It’s not like we’re starting from scratch, however.  There are time-honoured principles for going about certifying new products.  Some open source projects have already learned some lessons from their certification efforts while other projects have some good insights about how they want to approach certifying their open source software.  There are possibilities to cooperate and learn from each other.

This talk will present the basic issues facing a project that wants to start a safety-certification initiative and some of the options that they have.  It focuses on incremental and evolutionary approaches that minimize the risk that the initiative will fail.

11:30-12:00 Speaker: Naoto YAMAGUCHI
Functional safety and Quality Management issues in AGL Instrument Cluster Expert Group

Abstract:  AGL Instrument Cluster Expert Group want to create a base platform for Cluster.  There are different system requirements between IVI and Cluster.  Instead of a system based on  the conventional IVI system, it is necessary to consider a new system suitable for Instrument Cluster.

Functional safety and Quality Management is one of the important issues.  Instrument Cluster requires higher quality management than the IVI system.

We want to solve this issue by collaboration with the ELISA project.  In this presentation we share to ELISA members “what we aim” and “our architecture”.

13:30-14:15  Speaker: Chris Temple
SW Safety Elements out of Context – Understanding the Not Understandable

Abstract: The safety element out of context (SEooC) is popular amongst SW developers seeking to develop SW for safety critical systems. The ISO 26262 standard defines a SEooC as a “safety-related element which is not developed in the context of a specific item”. A safety-related SW element is a SW component or SW unit “that has the potential to contribute to the violation of or achievement of a top-level safety requirement”.

According to the Oxford dictionary “context” is “the circumstance that forms the setting for a statement in terms of which it can be fully understood”, and “out of context” as “not fully understandable”.

This presentation looks at the role of context, the implications of developing SW out of context and what this implies when SW is put into context later on by means of an example. It concludes by musing on whether something that is “not fully understandable” can be safe.

14:15-15:15 Speaker: Shaun Mooney
STPA: Developing safety and security requirements of complex systems and STPA Documentation Tooling

Abstract: Systems are becoming increasingly complicated, and current safety techniques which focus on failure rates of individual components are ineffective to handle such complexity. With systems like Linux, it is vital to have a proper tool to derive requirements from which we can build safe software. If the requirements are inadequate, then the software can pass every test while still having fatal flaws. STPA (Systems Theoretic Process Analysis) is a top down, systems approach to safety and security, which allows us to analyse complex systems, identify safety and security issues, and develop requirements.The first part of the talk will give an overview of why we need to incorporate safety and security at a system design level, explain the concepts of STPA, show how to manage complexity using an example of an Autonomous Vehicle and show real world examples of how to develop safety and security requirements.

Codethink have released an open-source tool for documenting STPA, which is hosted on flathub: https://flathub.org/apps/details/io.trustable.stpadocumentationtool The tool facilitates the storage of analysis data and automates the production of analysis documentation. It handles all of the analysis data in a tree structure, automatically managing reference numbers for all items, and data items can be linked and cross-referenced in the structure. Having the tool manage all cross referencing and numbering reduces a lot of effort. Everything is saved in plain text, which means the analysis data can be version-controlled easily. The second part of the talk will give a summary of why better tools are needed for STPA, and explain what the tool does with a live demo. The talk will conclude by pointing out improvements that can be made, next steps, and how the community can get involved in the open source project.

ELISA Workshop, Brussels, January 30-31, 2020

By Announcement

Date: 2019-01-30 and 2019-01-31

Time: 9:00 to 17:00 CET  

Venue:  Toyota Motor Europe Technical Centre B 

Meeting Room: VB1-11 (1st floor)

Address: Hoge Wei 33, 1930 Zaventem, Belgium (Entrance at: Hermesstraat28, 1930 Zaventem)

This workshop will be focused on technical topics to further evolve the discussions from the second workshop held in September.  Initial suggestions currently include AnnexQR, IVI and openAPS use cases, and bridging multiple safety standards and etc. Anyone interested in software quality management around the Linux kernel, software safety management and engineering of pre-existing, tool development for Linux kernel development and investigations of the Linux kernel sources should attend.

The workshop is intended to be considered an open discussion and shall allow groups to start small project work on the topics we identified interesting, based on the different skills and interests of the participants. The exact agenda is open to discussion on the ELISA mailing list and up to the participants to finally decide.

Registration: The workshop is open to everyone, but you would need to register for the workshop to help us with event planning.

Recommended Hotels in Brussels centrum (Note – Toyota has no special rates for guests)

Ibis St Catherine

-rue Joseph Plateau 2, 1000 -BRUSSELS

-Tel :(+32)2/6200426

Ibis Grand Place

-Rue du Marché aux Herbes 100 , 1000 -BRUSSELS

-Tel :(+32)2/6200427

Best Western Carrefour de l’Europe(Grand Place)

-Rue du Marché aux Herbes 110 , 1000 -BRUSSELS

-Tél.+ 32 (0) 2 504 94 00-info@carrefourhotel.be

CrownePlaza Brussels

-Le Palace, Rue Gineste 3, 1210 Bruxelles-Contact: +32 2 203 62 00, info@cpbxl.be 

If you have any further questions, please join and ask them on the ELISA mailing list.