THE LINUX FOUNDATION PROJECTS
Category

Blog

ELISA Aerospace Working Group – ELISA Project - Annual Update (Feb 12, 2026)

Recap – ELISA Aerospace Working Group – ELISA Project – Annual Update (Feb 12, 2026)

By Blog, Working Group

This session, part of the ELISA Project Working Group & SIG Annual Updates, was presented by Matthew Weber (The Boeing Company) and co-led with Dr. Martin Hall. It provides an overview of the Aerospace Working Group’s progress in 2025 and outlines priorities for 2026.

The Aerospace Working Group focuses on advancing the adoption of Linux in safety-critical aerospace and space systems by addressing technical, process, and certification challenges through collaboration and shared best practices.

Key Highlights from 2025

  • Strong and consistent community engagement, with diverse participation from industry, academia, and government
  • Introduction of a weekly technical call to develop reference demos and use cases, leading to increased contributions (code, documentation, and examples)
  • Completion of the cabin lights demo, a foundational reference system demonstrating safety-relevant behavior and validation concepts
  • Extension of the demo using NASA Core Flight System (cFS), incorporating telemetry, monitoring, and auto-generated safety checks
  • Development of a product classification template to characterize aerospace and space systems by safety level and system attributes
  • Collaboration with other ELISA groups (e.g., Systems WG) on reference architectures and cross-domain concepts such as mixed-criticality systems
  • Progress in industry papers and research contributions, including submission to the Digital Avionics Systems Conference

Focus Areas and Priorities for 2026

  • Expanding system and product classification models (including NASA-class systems)
  • Enhancing and scaling reference demos and baseline system studies
  • Strengthening collaboration with the Space Grade Linux initiative
  • Advancing industry papers and formal publications
  • Continuing improvements in tooling, CI environments, and documentation processes

Opportunities for Collaboration

  • Open monthly and weekly meetings covering general topics, demos, and paper development
  • Active contribution areas including demos, documentation, linting, and research
    Engagement via GitHub, mailing lists, and community channels

This session highlighted how the Aerospace Working Group is building practical artifacts, frameworks, and collaborative momentum to enable Linux in safety-critical aerospace environments, while inviting broader participation from the community. To learn more watch the session here.

ELISA Seminar – From Requirements to Code: Managing End-to-End Traceability with BASIL - recap blog

ELISA Seminar – Recap Notes – From Requirements to Code: Managing End-to-End Traceability with BASIL

By Ambassadors, Blog

This seminar explores BASIL, an open source requirements and traceability management tool under the ELISA Project. BASIL enables teams to connect specifications, requirements, test artifacts, documentation and source code using flexible traceability matrices while integrating with existing test infrastructures. In this session, Luigi Pellecchia, BASIL Maintainer and member of the ELISA Project Technical Steering Committee, presents how BASIL supports end-to-end traceability from requirements to code, improves collaboration and governance through role-based permissions, traceability-as-code, and AI-driven workflow guidance, and helps teams manage software quality evidence in a collaborative environment.

The session includes a live demonstration of BASIL, showcasing its web-based architecture, deployment options, and how users can create, map, and manage work items such as requirements, test specifications, and test cases. It also highlights integration with test management tools, external CI systems, and APIs, along with features for importing data, exporting traceability matrices, and automating workflows. The seminar further introduces advanced capabilities such as repository scanning and building traceability from distributed project assets, illustrating how BASIL can support complex, real-world development environments.

Learn more about BASIL.

Safety Critical Software Track

What to expect from the ELISA Project at Open Source Summit 2026 – North America

By Blog, Critical Software Summit, ELISA Summit, Industry Conference, Safety-Critical Software Summit

Open Source Summit is the premier event for open source developers and contributors. It’s where maintainers, technologists, and community leaders come together to share knowledge, collaborate on solutions, and push open source projects forward. It’s the home for code, community, and the people driving the future of open source.

A Cross-Domain Home for the Entire Open Source Ecosystem

Open Source Summit is not a single-focus, niche event—it’s the big tent that unites the full spectrum of open source technologies and communities. Whether you work in cloud infrastructure, Linux kernel development, AI/ML, embedded systems, DevOps, security, or safety-critical systems, Open Source Summit offers a shared space to exchange ideas, make connections, and learn across domains. It’s where technologists who don’t typically land in the same room get a chance to collaborate.

At the same time, Open Source Summit brings in the leaders and practitioners who support the ecosystem from non-technical angles: open source program office (OSPO) staff, legal experts, policy advocates, standards organizations, equity champions, community managers, and foundation leaders. Together, they help shape the frameworks, culture, and strategy that make open source work.

A Strategic Gathering for Open Source’s Future

This event serves as a strategic checkpoint for the open source movement. It’s where conversations happen about not only what’s being built—but how and why. From sustainability and funding models to licensing, AI alignment, security, and governance, Open Source Summit brings clarity and direction to a fast-changing open source landscape.

Whether you’re deep in code or focused on enabling the communities and structures that support it, this is where your work gains momentum and impact.

Safety Critical Software Track:

The ELISA Project will be part of the safety track that explores the intersection of open source and safety standards, covering best practices for regulatory compliance, security updates, and safety engineering. Sessions will delve into requirements traceability, quality assessments, safety analysis methodologies, and technical development for safety-critical systems.

Session Highlights:BoF: Space Grade Linux: From Incubation to Foundation – Ramón Roche & Kate Stewart, The Linux Foundation

Monday May 18, 2026 5:25pm – 6:05pm CDT

SGL is graduating from ELISA incubation and launching as its own foundation. This BoF is a working discussion on three things: the structure of the new Technical Advisory Council, the near-term roadmap emerging from our mailing list, and where attendees want to plug in. New faces and long-time contributors equally welcome. Bring questions, bring priorities, bring pushback.

Software Supply Chain Management With the Yocto Project – Joshua Watt, Garmin

Wednesday May 20, 2026 11:00am – 11:40am CDT

Managing software supply chains is an important part of safety critical software. In this talk, Joshua will describe the technologies, methods and lessons learned that the embedded software space uses to manage software supply chains using the Yocto project.

The Final Phase of Xen Safety: Solving Coverage and Residual Gaps – Stefano Stabellini, AMD

Wednesday May 20, 2026 11:55am – 12:35pm CDT

AMD, in collaboration with the Xen community, continues to advance efforts to make the Xen hypervisor safety-certifiable to ISO 26262 ASIL D and IEC 61508 SIL 3. The project has progressed from Safety Concept Approval toward the final certification phase.

This presentation will share practical lessons learned, including how we structure requirements and architecture specification documents to make them easier to review for Open Source experts. It will describe the tools and processes we use to maintain end-to-end traceability and explain how we leverage GitLab to automate requirements-based testing and verification pipelines.

We will also address the remaining challenges on the path to completion, including code coverage and FMEA. In particular, we will explain why achieving comprehensive code coverage is uniquely challenging for a widely used Open Source project such as Xen and outline the strategies we are applying to meet 100% code coverage targets.

Finally, we will describe our approach to FMEA (Failure Mode and Effects Analysis) and how it evolved to better align with existing upstream Xen failure-handling practices.

From Pull Request To Patient Safety: How Tidepool Built an Open-Source Quality Management System – Tapani Otala, Tidepool

Wednesday May 20, 2026 2:10pm – 2:50pm CDT

When software can directly affect whether someone lives or dies, “move fast and break things” isn’t an option. But does that mean safety-critical software can’t be open source? Tidepool’s experience building Tidepool Loop – an FDA-cleared, open-source automated insulin delivery (AID) system for people with Type 1 diabetes – proves it can.

This talk explores how Tidepool developed an open-source quality management system (QMS) that achieves full requirements traceability and testability while preserving the collaborative, transparent ethos of open-source development. We’ll walk through the real-world challenges of mapping regulatory requirements to code contributions, maintaining traceability across a distributed contributor base, and building test infrastructure that satisfies both FDA expectations and open-source community standards.

Attendees will leave with a practical framework for applying requirements traceability and verification practices to open-source projects operating in regulated or safety-critical domains from medical devices to automotive systems to critical infrastructure.

Standardizing Deterministic Interoperability and Resource-Intelligent Design in Medical Robotics – Lilinoe Harbottle, San Jose State University

Wednesday May 20, 2026 3:05pm – 3:45pm CDT

In medical robotics, innovation can be bottlenecked by vertically integrated architectures that contribute to medical “deserts” due to high costs and limited interoperability. This session explores architectural frameworks for standardizing deterministic interoperability, shifting the safety burden from non-transparent hardware to auditable software logic. By establishing these standards, this work ensures that clinical technology is not restricted by fixed vendor-lock.

Through a methodology of high-precision kinematic verification and deterministic mapping, open-source code becomes the catalyst for hardware autonomy. This approach ensures sub-millisecond reliability in the operating room while promoting lifecycle sustainability through vendor-neutral middleware.

Attendees will learn about the implementation of safety-operated envelopes and clinical validation models that facilitate reproducible research and lower barriers to local manufacturing. By prioritizing architectural transparency over closed-loop frameworks, this session outlines a path toward a more sustainable and accessible future for global healthcare.

Modernizing Software Verification – Craig Christianson, United States Air Force

Wednesday May 20, 2026 4:20pm – 5:00pm CDT

In this session, Craig will discuss the importance of verifying safety-critical software by giving real-world examples of peoples’ lives who were saved or put at risk by software. He will share the compliance challenges faced by software engineers working on safety-critical software. He will give a brief overview of software assurance requirements for safety-critical systems and show how formal methods and automated reasoning are accelerating and improving the assurance process. He will give a brief introduction to automated reasoning tools and semantics, and will share success stories from a handful of open-source projects who are using these methods to reach assurance goals faster. Craig will finish by walking the audience through the design of a simple demonstration project that utilizes these technologies.

Learn more about the sessions and register for the event. Register for $699 with code SPRING and save over 40%.

What to Expect from the ELISA Project at Embedded World Exhibition & Conference 2026

What to Expect from the ELISA Project at Embedded World 2026

By Ambassadors, Blog, Industry Conference

The ELISA Project will be participating in the upcoming Embedded World Exhibition & Conference, taking place March 10–12, 2026 at Messezentrum Nürnberg, Germany.

Established in 2003, Embedded World has become one of the most important annual gatherings for the global embedded systems community. The event combines a large industry exhibition with a world-class conference program that bridges applied research and real-world industrial applications.

For the ELISA Project community, this event offers an opportunity to connect with engineers, researchers, and organizations working to enable safe use of Linux in safety-critical systems.

ELISA at Embedded World 2026

At this year’s event, the ELISA Project will engage with attendees through:

  • A conference session discussing approaches for assessing the safe usage of Linux

  • On-site discussions with ELISA ambassadors and community members

  • Opportunities to connect with companies building Linux-based safety-critical systems

If you are developing systems where safety, reliability, and open source intersect, this is a great chance to learn more about how the ELISA Project is advancing safety practices around Linux.

Conference Session: Assessing Safe Usage of Linux

A key highlight will be a talk by Kate Stewart from the Linux Foundation.

Approaches on Assessing Safe Usage of Linux

📅 March 10, 2026
⏱ 11:30 (30 minutes)

Linux has become one of the most widely used operating systems across industries—from deeply embedded devices in automotive, aerospace, and medical systems to servers powering global financial infrastructure.

While there are established mechanisms for maintaining and distributing security updates, the question remains:

After applying fixes and updates, how can we demonstrate that a Linux-based system is still safe to use in regulated environments?

In this session, Kate Stewart will explore:

  • Current approaches within the ELISA Project to evaluate Linux in the context of functional safety
  • Methods to support analysis and verification of Linux-based systems
  • Opportunities for automation and collaboration across the ecosystem
  • Emerging best practices for organizations building safety-critical Linux systems

The talk will provide insight into how the community is working to make Linux viable for safety-certified environments.

Learn more about the Embedded World Conference here.

Meet the ELISA Community

In addition to the conference session, several ELISA Project ambassadors and contributors will be attending Embedded World, including: Philipp Ahmann — ETAS GmbH, Nicole Pappler – Alektometis, Simone Weiß — Linutronix along with many other members of the ELISA Project ecosystem.

They will be available throughout the event to discuss:

  • The ELISA Project’s mission and roadmap
  • Collaboration opportunities
  • Safety practices for Linux-based systems
  • How organizations can participate in the project

Let’s Connect

If you are attending Embedded World and already working on Linux-based safety-critical applications, or interested in learning more about the ELISA Project and its goals for 2026 we encourage you to connect with the team during the event.

You can:

  • Reach out directly to ELISA ambassadors onsite
  • Or contact the project team (info@elisa.tech) to schedule a meeting

Embedded World is a fantastic opportunity to exchange ideas, learn from industry leaders, and explore how open source and safety engineering can evolve together. See you there!

What Do You Mean When You Say…? - Introducing the ELISA Glossary for Safety-Critical Open Source Blog by Simone Weiss, Linutronix

What do you mean when you say…?

By Ambassadors, Blog

This blog post “What Do You Mean When You Say…?” Introducing the ELISA Glossary for Safety-Critical Open Source” was written by Simone Weiss, Linutronix.

You’re reading a blog post, and three sentences in, you encounter a term and wonder, “What does the author mean when they say that?” You could research it, but you keep reading, telling yourself, “I’ll figure it out later.” We’ve all been there.

The world of embedded and safety-critical open source uses specific terms that can make it hard to understand what’s meant. That’s why we created the ELISA Glossary—a single place for all those terms.

Take a look at the glossary here:
https://directory.elisa.tech/glossary/index.html

What Is the ELISA Glossary?

The ELISA Glossary is a collection of definitions for terms that frequently come up in the ELISA project. Each entry tries to provide not just the theoretical meaning but also the way of how it’s used within ELISA.

You’ll find definitions covering:

  • Safety and certification concepts
  • Embedded and real-time software terms
  • Open-source processes and tools
  • Standards, specifications, and compliance-related language

The glossary is useful for things like:

  • Reading an ELISA blog post and needing a quick refresher
  • Joining a new working group and encountering unfamiliar terms
  • Ensuring consistent language across documents and discussions

The glossary is work in progress. As tools evolve, standards shift, and best practices change, the glossary will continue to grow. We rely on community feedback – if there’s a term you think should be added or a definition that needs refinement, let us know!

Why the Glossary?

The ELISA Project brings together engineers, safety experts, and organizations working on Linux-based safety-critical systems. This diverse mix of industry, standards, and technical backgrounds is one of ELISA’s strengths—but it also means we use a language that’s not always obvious to newcomers, occasional contributors, or even long-time members diving into new topics.

Since ELISA began, we’ve created:

  • Technical documentation
  • Working group deliverables
  • Presentations

Certain terms pop up again and again, which is where the ELISA Glossary comes in—to help make those terms easier to understand, reference, and use consistently.

Explore the ELISA Glossary

https://directory.elisa.tech/glossary/index.html

Clear language may not solve all the challenges in safety-critical software, but it sure makes collaboration easier.

Enabling Linux in Safety Applications (ELISA) Project Expands Premier Membership with NVIDIA

Enabling Linux in Safety Applications (ELISA) Project Expands Premier Membership with NVIDIA

By Announcement, Blog, News

SAN FRANCISCO, February 26, 2026 – Today, the ELISA (Enabling Linux in Safety Applications) Project announced that NVIDIA has joined as a Premier member and will contribute to advancing the use of Linux in safety-critical and regulated systems. Hosted by the Linux Foundation, ELISA is an open source initiative focused on creating a shared set of elements, processes, and tools to help companies develop and certify Linux-based safety-critical applications and systems.

As software-defined and AI-enabled systems become increasingly central to industries such as automotive, robotics, industrial automation and aerospace, ensuring the safety, reliability, and compliance of Linux-based platforms is more important than ever.

“Linux plays a foundational role in modern, software-defined systems, including those that must meet stringent safety requirements,” said Kate Stewart, Vice President of Dependable Embedded Systems at the Linux Foundation. “NVIDIA’s leadership in accelerated computing, AI, and software platforms brings deep technical expertise to the ELISA community. Their engagement will help drive forward scalable, safety-focused approaches to using Linux in increasingly complex systems.”

NVIDIA joins existing premier members Boeing and Redhat.

ELISA Project General Members include AISIN, arm, Bosch, Canonical, Codethink, Elektrobit, EMQ, Honda, Huawei, Linutronix, Lynx Software Technologies, Nissan Motor Corporation and WindRiver. Associate members Automotive Grade Linux, KernelCI, Institute of Aircraft Systems Engineering and The Regensburg University of Applied Sciences. Learn more about membership here.

 Safety-Critical Software

Open Source Summit North America, scheduled for May 18-20 in Minneapolis, Minnesota, will host a Safety-Critical Software track that features technical sessions, case studies, and cross-industry collaboration initiatives presented by ELISA Project members, ambassadors and contributors. Register here for early-bird pricing by March 24.

About the Linux Foundation

The Linux Foundation is the world’s leading home for collaboration on open source software, hardware, standards, and data. Linux Foundation projects are critical to the world’s infrastructure including Linux, Kubernetes, Node.js, ONAP, OpenChain, OpenSSF, PyTorch, RISC-V, SPDX, Zephyr, and more. The Linux Foundation focuses on leveraging best practices and addressing the needs of contributors, users, and solution providers to create sustainable models for open collaboration. For more information, please visit us at linuxfoundation.org. The Linux Foundation has registered trademarks and uses trademarks.

For a list of trademarks of The Linux Foundation, please see its trademark usage page: www.linuxfoundation.org/trademark-usage. Linux is a registered trademark of Linus Torvalds.

For more information:

Maemalynn Meanor

The Linux Foundation

ELISA Working Group and Special Interest Group Annual Updates 2026

Recap of ELISA Working Group and Special Interest Group Annual Updates 2026

By Ambassadors, Blog, Working Group

On February 11–12, the ELISA Project community gathered for the 2026 Working Group (WG) and Special Interest Group (SIG) Annual Updates. Over two focused sessions, group leads shared key milestones from 2025, current technical priorities, and what lies ahead in 2026, along with concrete opportunities for collaboration and contribution.

The annual updates serve as a checkpoint for the project: a moment to reflect on progress, align on priorities, and welcome new contributors into the work of advancing Linux in safety-critical systems.

The first day opened with an ELISA Project overview from Technical Steering Committee Chair Philipp Ahmann (ETAS), highlighting overall progress and reinforcing ELISA’s mission to define and maintain common elements, processes, and tools that support safety certification for Linux-based systems.

The first day highlighted progress across ELISA’s core Working Groups:

Open Source Engineering Process – Paul Albertella (Codethink) shared updates on process alignment and best practices to support safety certification efforts.

Systems and Automotive – Philipp Ahmann discussed advancements in aligning Linux with functional safety requirements for automotive and system-level applications.

Safety Architecture – Gabriele Paoloni (Red Hat) presented ongoing architectural work supporting safety use cases.

Linux Features for Safety-Critical Systems – Alessandro Carminati (NVIDIA) outlined kernel and feature-level progress enabling dependable Linux deployments.

The second day focused on use-case driven Working Groups and SIGs:

Aerospace – Matthew Weber (The Boeing Company) shared updates on Linux in aerospace systems.

Space Grade Linux – Ramon Roche (The Linux Foundation) discussed the evolution of Space Grade Linux and its relationship with ELISA.

BASIL & Tools WG Evolution – Luigi Pellecchia (Red Hat) highlighted progress in tooling and traceability efforts.

Lighthouse SIG – Philipp Ahmann provided insights into cross-domain collaboration and coordination.

The event concluded with closing reflections and a forward-looking discussion on collaboration opportunities in 2026.

Continuing the Work

The WG & SIG Annual Updates are more than a status review, they are a coordination point for the year ahead. As Linux adoption in safety-critical systems continues to expand across automotive, aerospace, industrial, and emerging domains, ELISA remains committed to open collaboration, practical tooling, and shared technical foundations.

Thank you to all speakers, contributors, and attendees who helped make the 2026 updates a success.

We look forward to another year of advancing Linux in safety-critical environments together.

ELISA Project at FOSDEM 2026

ELISA Project at FOSDEM 2026: Advancing Open Source in Safety-Critical Systems

By Ambassadors, Blog, Industry Conference

As open source software continues to move deeper into safety-critical systems, FOSDEM provides a unique space for the conversations that need to happen between developers, safety engineers, maintainers, and industry stakeholders. For the Enabling Linux in Safety Applications (ELISA) project, FOSDEM 2026 is an opportunity to engage directly with the open source community, share practical progress, and collaborate on the challenges of using Linux in systems where failure can have serious consequences.

ELISA’s mission is to make it easier for organizations to build and certify Linux-based safety-critical applications systems whose failure could result in loss of human life, significant property damage, or environmental harm. By bringing these discussions to FOSDEM, ELISA helps connect real-world safety and certification needs with the developers and projects building the software at the core of these systems.

What ELISA Is Working On

ELISA brings together companies, developers, and safety experts to define and maintain a shared set of tools, processes, and best practices that help organizations demonstrate that Linux-based systems can meet functional safety requirements. Rather than positioning Linux as a standalone “safety solution,” ELISA focuses on how Linux can be used as a component within safety-critical systems, supported by appropriate system-level mitigations, documentation, and evidence.

A key part of this work is collaboration with certification authorities and standardization bodies across multiple industries. By engaging early and openly, ELISA helps clarify expectations around certification pathways, safety arguments, and compliance, reducing uncertainty for both developers and assessors. This approach enables reuse, transparency, and consistency across domains such as automotive, aerospace, railways, industrial automation, and medical systems.

ELISA at FOSDEM 2026

FOSDEM 2026 offers an ideal environment to continue these conversations. As a free, community-driven event that brings together thousands of open source developers from around the world, it allows ELISA to connect directly with the people building and maintaining the software used in safety-critical products.

Throughout the weekend, ELISA Project Ambassadors will be actively participating across the event giving talks, joining technical discussions, and engaging with contributors in multiple developer rooms. Attendees can also meet the ELISA team at the Linux Foundation Europe stand (Building K, Level 2, Group A), where they will be available to discuss ongoing work, community activities, and ways to get involved in the project.

Several members of the ELISA Technical Steering Committee (TSC) will be present as well, providing an opportunity for in-depth conversations around safety concepts, certification challenges, and cross-industry collaboration.

Session Highlight:

Code, Compliance, and Confusion: Open Source in Safety-Critical Products

This talk examines the growing use of open source software in functionally safe systems, including platforms such as Linux, Zephyr, Xen, and automotive middleware. It looks at both the progress made in recent years and the persistent barriers to adoption, from certification uncertainty and fragmented governance to common misunderstandings around safety responsibility and system architecture. Learn more.

BOF/Unconference

In addition to talks, ELISA-related topics will be discussed in Birds of a Feather (BoF) sessions, which offer a more informal space for discussion and idea exchange.

One BoF will focus on Linux & Open Source Software for safety applications in Railways, exploring how large-scale reuse and collaborative development can support the sector’s growing software needs while meeting strict safety requirements. The discussion will also consider whether there is sufficient momentum to form a foundation-backed initiative to support OSS adoption in railways.

Another BoF, Safety-Critical Linux: Challenges across industries, will bring together participants from automotive, aerospace, medical devices, robotics, and rail. The session will explore shared challenges such as documentation, tooling, certification, and system design, and identify opportunities where cross-industry collaboration could reduce duplication and improve outcomes.

Join the Conversation at FOSDEM

FOSDEM 2026 is an opportunity to move beyond theory and engage in practical, technical discussions about open source in safety-critical systems. Whether you are building software, assessing safety cases, or defining certification strategies, ELISA invites you to take part in the conversations, meet the community, and help shape how Linux and open source software are used in systems that demand the highest levels of trust and reliability.

We look forward to connecting with you in Brussels.

Recap of ELISA Project at Linux Plumbers Conference: Tokyo, Japan 2025

By Blog, ELISA Summit, Industry Conference

The ELISA Project participated in the Linux Plumbers Conference (LPC) 2025, held December 11–13 at Toranomon Hills Forum in Tokyo (with hybrid remote access). The event brought together developers working in the core areas of Linux for technical discussions and collaboration.

ELISA at the Safe Systems with Linux Microconference

ELISA community members joined kernel developers during the Safe Systems with Linux Microconference to explore how Linux can better support safety-critical and high-integrity systems. The microconference focused on progress around traceability, requirements, testing, and scalable verification to support more dependable kernel development.

Session Highlights:

Aspects of Dependable Linux Systems – Kate Stewart (Linux Foundation), Philipp Ahmann (Etas GmbH (BOSCH))

Kate and Philipp discussed how Linux is increasingly used in safety-critical and regulated industries that rely on dependable and robust software. They explained that these industries follow formal standards for requirements, verification, and change management, but such standards are not well known within the open source kernel community. The session highlighted that while the Linux kernel already contains many good development practices, important artifacts like requirements, tests, and documentation are not yet connected in a structured way. The speakers highlighted the need for shared approaches rather than isolated company efforts to make Linux safer and easier to analyze in complex systems. The speakers encouraged collaboration on improving traceability, clarity, and maintainability to support dependable Linux-based systems.

NVIDIA Approach for Achieving ASIL B Qualified Linux: minimizing expectations from upstream kernel processes -Igor Stoppa (NVIDIA)

In this talk, Igor Stoppa presented NVIDIA’s approach for achieving ASIL-B qualified Linux while minimizing the impact on upstream kernel developers and processes. Unlike traditional safety strategies that require modifying or qualifying large parts of the kernel, NVIDIA proposes mechanisms that isolate and contain safety-relevant components so the wider kernel does not need to be safety-qualified. The approach focuses on reducing dependencies, avoiding burdens on maintainers, and enabling qualification without requiring upstream developers to become safety experts. Igor outlined techniques such as resource partitioning, thread capabilities, and memory pools to ensure verifiable safety behavior without intrusive kernel changes. The goal is to support safety use cases in automotive and robotics while keeping upstream integration feasible and low-friction.

Applying Program Verification to Linux Kernel Code: Challenges, Practices, and Automation – Keisuke Nishimura

In this talk, Keisuke Nishimura presented ongoing work on applying deductive program verification to Linux kernel code, with a focus on the task scheduler. He explained that while the kernel is increasingly gaining specifications, checking that implementations satisfy them still relies heavily on manual effort. Using case studies, he showed how formal verification of scheduler functions can uncover real semantic bugs and increase confidence in functional correctness. The talk also covered practical challenges, such as writing formal specifications, handling loops with invariants, and preparing minimal, verifiable code extracted from large kernel files. Keisuke concluded by outlining automation efforts for code extraction and invariant inference, with the goal of making formal verification a more scalable and practical part of the Linux kernel development process.

Defining and maintaining requirements in the Linux Kernel – Chuck Wolber, Gabriele Paoloni (Red Hat), Kate Stewart (Linux Foundation)

Last year in Vienna the speakers of this talk held a session about “improving kernel design documentation and involving experts”. Following this, the ELISA Architecture working group drafted an initial template for the SW Requirements definition and started documenting the expected behaviour for different functions in the TRACING subsystem.

The work also included reviewing and adopting a framework for formally specifying kernel APIs.

This session aimed to present the latest updates and involve the experts to define the best next steps for having a path to introduce and maintain requirements in the kernel.

The discussion focused on how to document code, show value, address maintainer comments, and link requirements to tests and other verification measures.

KUnit Testing Insufficiencies – Matthew Whitehead (The Boeing Company)

This talk examined the limitations of KUnit when testing small, isolated units of Linux kernel code for high-integrity applications. Matthew Whitehead showed how the current KUnit approach struggles with scalability, system-state dependence, and the lack of built-in mocking or faking needed for low-level testing. Because KUnit tests are built into the kernel, they require full kernel builds, multiple kernels for large test sets, and slow write–execute–observe cycles. He demonstrated how creating isolated tests often requires patches, duplicated code, and extensive setup, which leads to high maintenance costs. The session highlighted the need for unit test capabilities that support out-of-tree compilation, user-space execution, and automatic integration of mocks.

Exploring possibilities for integrating StrictDoc with ELISA’s requirements template approach for the Linux kernel – Tobias Deiminger (Linutronix GmbH)

This talk demonstrated how ELISA’s proposed Linux kernel requirements template could be realized using the StrictDoc model and tooling. Tobias Deiminger showed how StrictDoc can parse requirement templates inlined in Linux source code, merge them with sidecar metadata files, and render traceable documents linking requirements, code, and tests. He highlighted that StrictDoc already fulfills most ELISA needs, including SPDX-REQ tags and structured traceability, while gaps remain around hash-based drift detection. The presentation included a live walkthrough using a demo repository and discussed StrictDoc’s broader model (requirements, design, tests, user stories) compared to ELISA’s current low-level focus. The talk concluded with the proposal that StrictDoc add hash generation and compatibility tweaks, while ELISA could list StrictDoc as a reference tool for kernel developers.

BASIL: Open Source Traceability for Safety-Critical Systems” – Luigi Pellecchia

This talk introduces BASIL – The FuSa Spice, a web-based tool that helps manage traceability for large, fast-evolving projects like the Linux kernel. Luigi Pellecchia explains how safety standards require traceability across requirements, code, tests, documentation, and test results, but these artifacts are spread across many repositories and CI systems (e.g., Linux Test Project, man-pages, CKI, KernelCI). BASIL proposes “traceability as code”: a single configuration file defines which repositories to scan, how to extract work items (requirements, tests, results), and how they relate to each other. From this, BASIL can automatically build and update traceability matrices, integrate data from external test infrastructures, and export results in formats such as SPDX. The session shows how this approach makes traceability and compliance more repeatable, automatable, and sustainable for the Linux kernel ecosystem.

 

The discussions at LPC 2025 made it clear that building safer and more dependable Linux-based systems is a shared challenge and a shared opportunity. Across all sessions, common themes emerged: improving traceability, defining clearer requirements, strengthening testing practices, and exploring scalable approaches to verification. These conversations reflect exactly what ELISA is working toward: enabling the broader community to confidently use Linux in safety-critical and high-integrity environments.

 

If you are interested in these topics, we invite you to learn more about the ELISA Project and get involved. Learn more about the ELISA project and working groups.

Open Source summit - seoul, Korea 2025 - ELISA project

Recap: ELISA Project at Open Source Summit Seoul Korea 2025

By Blog, Critical Software Summit, Industry Conference, Safety-Critical Software Summit

The Open Source Summit 2025, held on November 4–5 in Seoul, South Korea, brought together a global community of developers, engineers, policymakers, and open source leaders to advance collaboration across the ecosystem. As one of the most comprehensive gatherings in open source, the event created space for meaningful dialogue across technical and strategic domains.

The ELISA Project participated as part of the Safety-Critical Software Track, contributing to discussions at the intersection of open source development and safety standards. This track highlighted the growing role of open source in regulated and safety-sensitive environments, where reliability, transparency, and compliance are essential.

Session Highlights:

Driving Safety Forward: Lessons Learned From Deploying OSS in Real-world Automotive – Jaylin Yu, EMQ

Driving Safety Forward: Lessons Learned From Deploying OSS in Real-world Automotive was presented by Jaylin Yu from EMQ and focused on practical experience deploying open source software in mass-production vehicles. The session examined how OSS can meet automotive safety and security expectations when combined with strong community engagement, academic collaboration, and production-driven validation.

Examples included MQTT-based remote diagnostics, actor-based system design, and the use of advanced stateful fuzzing techniques to uncover concurrency, race conditions, and protocol-level issues. Jaylin highlighted how software supply-chain decisions and dependency misuse can escalate into system-wide failures in safety-critical environments.

The talk also explored post-deployment challenges such as suspend-to-RAM behavior, file-descriptor exhaustion, time synchronization, and observability gaps in Linux-based systems. Overall, the session delivered, field-tested guidance for building secure, traceable, and reliable OSS-based software-defined vehicle platforms.

DO-330 Qualification of Enhanced LLVM Structural Coverage Tool – Minji Park & Seojin Kim, The Boeing Company

DO-330 Qualification of Enhanced LLVM Structural Coverage Tool was presented by Minji Park and Seojin Kim from The Boeing Company and focused on qualifying an open source structural coverage tool for use in safety-critical avionics software.

The session explained why structural coverage is mandatory under RTCA DO-178C and how verification tools themselves must be qualified under RTCA DO-330 to produce trusted evidence. The speakers described Boeing’s efforts to qualify an enhanced LLVM coverage (llvm-cov) tool, targeting statement, decision, and modified condition/decision coverage (MC/DC) required for higher software assurance levels. The session covered key details including how line and branch coverage were aligned with DO-178C objectives through source formatting, pipeline instrumentation, and toolchain integration.

The talk also outlined the determination of Tool Qualification Level (TQL 5), required qualification artifacts, and validation and verification activities needed to support certification. The session concluded with challenges of qualifying open source tools such as version changes, object code coverage, and regulatory submission and how Boeing is addressing them to enable compliant use of OSS in avionics systems.

Introduction and Consideration of Temporal Partitioning in Avionics With Open Source Eco-System – Haesun Kim & Gihwan Kwon, The Boeing Company

Introduction and Consideration of Temporal Partitioning in Avionics With an Open Source Ecosystem was presented by Haesun Kim and Gihwan Kwon from The Boeing Company and examined how ARINC 653 enables safe and deterministic operation in integrated modular avionics (IMA) systems.

The session introduced the motivation for adopting ARINC 653, comparing traditional federated avionics architectures with IMA approaches that rely on strict temporal and spatial partitioning. Key technical details covered the ARINC 653 two-tier scheduling model, including module-level scheduling across partitions and rate-monotonic process scheduling within each partition.

The speakers discussed gaps between ARINC 653 requirements and current open-source operating systems, highlighting challenges in scheduling, process management, and health monitoring. The talk concluded with Boeing’s ongoing collaboration with open-source communities and future work to bridge these gaps and enable compliant, safety-critical avionics systems built on open-source technologies

Smarter Code, Sneakier Risks: Supply Chain Security in the Age of AI – Lavakush Biyani, Harness

Smarter Code, Sneakier Risks: Supply Chain Security in the Age of AI was presented by Lavakush Biyani from Harness and examined how AI-powered coding tools are reshaping software development while introducing new supply chain security risks. The session explained how AI-generated code can unknowingly introduce vulnerabilities through insecure patterns, outdated libraries, or hallucinated dependencies that attackers can exploit.

The session covered real-world examples of dependency confusion, AI-suggested non-existent packages, and the reuse of vulnerable dependency versions due to limited model context. The speakers introduced practical detection techniques such as analyzing code changes, generating AI Bills of Materials (AIBOMs), tracking dependency drift, and monitoring build behavior.

The session concluded with guidance on integrating these security checks into CI/CD pipelines, enabling DevSecOps teams to manage AI-driven risks without slowing development velocity.

Detecting Double Free With BPF – Bojun Seo, LG Electronics

Detecting Double Free With BPF was presented by Bojun Seo from LG Electronics and addressed the challenges of detecting double free vulnerabilities in C and C++ programs, particularly in production and embedded environments.

The session explained why traditional tools such as Valgrind and AddressSanitizer often struggle in real-world systems due to high overhead and their tendency to alter memory behavior, leading to hard-to-reproduce Heisenbugs. The session also covered a novel detection approach using BPF and uprobes to trace memory allocation and deallocation events without modifying the target process’s memory footprint.

The tool tracks allocation counters and captures stack traces in BPF maps, reporting double frees with significantly lower runtime and memory overhead. Through live demonstrations and real code examples, the talk showed how this lightweight BPF-based approach improves reliability and practicality for detecting double free errors in performance-sensitive embedded systems.

Telco Supply Chain Security: Implementing ISO 18974 & SBOM – Haksung Jang, SK Telecom

Telco Supply Chain Security: Implementing ISO/IEC 18974 & SBOM was presented by Haksung Jang from SK Telecom and focused on managing growing software supply chain risks in the rapidly evolving telecom industry.

The talk explained how increased reliance on open source in 5G, cloud-native, and software-defined networks has amplified dependency complexity and reduced visibility, creating serious security challenges. Key technical details covered the adoption of ISO/IEC 18974 (Open Source Security Assurance) as a standardized framework for vulnerability management, governance, and third-party assurance across telecom supply chains.

The session highlighted SBOM implementation using standards such as SPDX and CycloneDX, emphasizing automated generation, validation, and integration into CI/CD pipelines to enable rapid vulnerability response and regulatory compliance. Drawing from SK Telecom’s real-world OSPO experience and OpenChain Telco Work Group activities, the talk provided practical guidance on policy design, supplier collaboration, and building a trusted, standards-based telecom software ecosystem.

Key Takeaways:

The ELISA Project’s presence at Open Source Summit Seoul 2025 showed how open source is now essential in safety-critical and regulated systems.

Across automotive, avionics, embedded, AI, and telecom sessions, speakers demonstrated that open source can meet strict safety and security requirements when supported by strong processes and standards. Talks highlighted the importance of verification, deterministic system design, and low-overhead runtime analysis for real-world deployments. Supply chain security emerged as a shared priority, with SBOMs, AIBOMs, and international standards enabling visibility and trust.

Overall, the sessions reinforced that safety, security, and open collaboration must advance together.

What’s Next?

If you are interested in shaping this work, we invite you to join ELISA working groups and contribute to advancing safety practices in open source together.