Skip to main content
Category

Seminar Series

Making Linux Fly: Towards Certified Linux Kernel

By Blog, Seminar Series

Although the Linux operating system has been used widely in many industries, adoption in aerospace has been slow due to the rigorous assurance evidence required as part of flight certification. The guidance for commercial flight software in most of the world is RTCA DO-178C, which identifies five progressively more rigorous levels of assurance. Providing the software life cycle data outlined by DO-178C is a daunting task for software as large and complex as Linux. In this project we focus on three objectives from DO-178C related to code coverage — the fraction of the source code that is exercised by testing. The three types of code coverage in DO-178C are statement coverage, decision coverage, and Modified Condition/Decision Coverage (MC/DC). The last of these, MC/DC, is only required for Software Level A, the highest level of assurance.

For operating system kernels like Linux, measuring code coverage is challenging because of the unique execution environment compared to user space. Measuring MC/DC is even harder given the intricacy of the metric and limitations of tools. We share our experience in measuring Linux kernel’s code coverage, with an emphasis on MC/DC. We describe how we have enabled measuring Linux kernel’s MC/DC for the first time, by enhancing both the toolchain and the kernel itself. We also discuss the generalizability of our approach across different kernel versions and opportunities for improving coverage with kernel testing suites like KUnit and kselftest.

As part of the ELISA Seminar series, Wentao Zhang, PhD student at University of Illinois Urbana-Champaign; and Steven H. VanderLeest, Technical Fellow at The Boeing Company; gave a presentation titled, “Making Linux Fly: Towards Certified Linux Kernel.”

The ELISA Seminar Series focuses on hot topics related to ELISA’s mission to define and maintain a common set of elements, processes and tools that can be incorporated into Linux-based, safety-critical systems amenable to safety certification. Speakers are members, contributors and thought leaders from the ELISA Project and surrounding communities. Each seminar comprises a 45-minute presentation and a 15-minute Q&A, and it’s free to attend. You can watch all videos on the ELISA Project Youtube Channel ELISA Seminar Series Playlist here.

For more ELISA Project updates, subscribe to @ProjectElisa or our LinkedIn page or our Youtube Channel.

Ferrocene: Qualifying the Rust compiler out in the open

By Blog, Seminar Series

Ferrocene is a fully open source toolchain to enable the use of the Rust programming language in safety-critical environments. It is a proper downstream of the main Rust compiler – rustc. This includes all documentation.

The mission of Ferrocene is to bring open source practices to safety-critical industries and improve the Rust open source ecosystem through safety-critical practices.

Ferrocene is also fully qualified using only open source tooling.

But what does that mean in practice? In this talk, I’ll walk you through our findings when qualifying the Ferrocene compiler toolchain using fully open source tools. A particular eye will be on the conditions that enabled the Ferrocene project to build a feedback loop with the Rust project and how they may inform your approach towards other FOSS projects.

As part of the ELISA Seminar series, Florian Gilcher, Managing Director at Ferrous Systems, gave a presentation titled, “Ferrocene: Qualifying the Rust compiler out in the open.”

The ELISA Seminar Series focuses on hot topics related to ELISA’s mission to define and maintain a common set of elements, processes and tools that can be incorporated into Linux-based, safety-critical systems amenable to safety certification. Speakers are members, contributors and thought leaders from the ELISA Project and surrounding communities. Each seminar comprises a 45-minute presentation and a 15-minute Q&A, and it’s free to attend. You can watch all videos on the ELISA Project Youtube Channel ELISA Seminar Series Playlist here.

For more ELISA Project updates, subscribe to @ProjectElisa or our LinkedIn page or our Youtube Channel.

Certifying Linux: State of the Art and Lessons Learned after Eight Years

By Blog, Seminar Series

In 2018, in the course of the SIL2LinuxMP project, we summarized the knowledge gained around research questions and suggested potential solutions using Linux in safety-related systems in the paper “Certifying Linux: Lessons Learned in Three Years of SIL2LinuxMP.” Since then, the activities using Linux in safety-related systems has continued to attract more experts and more commercial attention. However, it is still a challenging activity to pursue. In this video, we explain, reflect and comment the areas of work and activities that have been followed the next five years throughout the industry and how they relate, complement initial ideas that were collected in the SIL2LinuxMP project.

As part of the ELISA Seminar series, Lukas Bulwahn, Safety Software Key Expert at Elektrobit, gave a presentation titled, “Certifying Linux: State of the Art and Lessons Learned after 8 Years.

 

The ELISA Seminar Series focuses on hot topics related to ELISA’s mission to define and maintain a common set of elements, processes and tools that can be incorporated into Linux-based, safety-critical systems amenable to safety certification. Speakers are members, contributors and thought leaders from the ELISA Project and surrounding communities. Each seminar comprises a 45-minute presentation and a 15-minute Q&A, and it’s free to attend. You can watch all videos on the ELISA Project Youtube Channel ELISA Seminar Series Playlist here.

For more ELISA Project updates, subscribe to @ProjectElisa or our LinkedIn page or our Youtube Channel.

ISO-PAS 8926 Overview and ISO 26262 3rd ed. Activity Planning (Video)

By Blog, Seminar Series

ISO PAS 8926 “Road vehicles – Functional safety – Use of pre-existing software architectural elements” has been approved by the ISO community. This achievement represents a recognition of the work done in the last 2 years by ISO Sub-Group experts from multiple organizations / delegation to include the evaluation of pre-existing complex software for Functional Safety without losing the original ISO 26262 backbone.

The goal of this talk is to provide an overview of ISO PAS 8926 content and its connection with the current ISO 26262 second edition. Moreover, it will be the opportunity to introduce at a high-level the ISO 26262 initiatives related to the 3d edition and their planning.

As part of the ELISA Seminar series, Roberto Paccapeli, Functional Safety Manager at Red Hat, and Gabriele Paoloni, Sr. PE at Red Hat, gave a presentation titled, “ISO-PAS 8926 Overview and ISO 26262 3rd ed. Activity Planning.

 

The ELISA Seminar Series focuses on hot topics related to ELISA’s mission to define and maintain a common set of elements, processes and tools that can be incorporated into Linux-based, safety-critical systems amenable to safety certification. Speakers are members, contributors and thought leaders from the ELISA Project and surrounding communities. Each seminar comprises a 45-minute presentation and a 15-minute Q&A, and it’s free to attend. You can watch all videos on the ELISA Project Youtube Channel ELISA Seminar Series Playlist here.

For more ELISA Project updates, subscribe to @ProjectElisa or our LinkedIn page or our Youtube Channel.

The Road to Safe Space Exploration (Video)

By Blog, Seminar Series

The current stage of space exploration has brought with it an increase in the complexity of systems deployed, in the number of players involved, and in the need for autonomy. This video describes two efforts taking place at NASA to help on that front. One the one hand, the use of runtime monitoring with Ogma and Copilot makes it possible to assure applications that are otherwise too costly to verify formally or test fully.

On the other hand, the use of Kaiaulu to process information about version control systems and issue trackers facilitates providing evidence of compliance with software engineering requirements, and to minimize deviations from the software plans. We believe that, together, they can enable more complex autonomous systems in space applications and shorten the time to that it takes systems to be put in production.

As part of the ELISA Seminar series, Ivan Perez Dominguez, Senior Research Scientist, KBR Inc at NASA Ames Research Center, gave a presentation titled, “The Road to Safe Space Exploration.

 

 

The ELISA Seminar Series focuses on hot topics related to ELISA’s mission to define and maintain a common set of elements, processes and tools that can be incorporated into Linux-based, safety-critical systems amenable to safety certification. Speakers are members, contributors and thought leaders from the ELISA Project and surrounding communities. Each seminar comprises a 45-minute presentation and a 15-minute Q&A, and it’s free to attend. You can watch all videos on the ELISA Project Youtube Channel ELISA Seminar Series Playlist here.

For more ELISA Project updates, subscribe to @ProjectElisa or our LinkedIn page or our Youtube Channel.

Introducing Basil (video)

By Blog, Seminar Series

Basil is a tool developed to support Software Specification analysis, testable requirements definition and coverage. It comes with a web user interface and also a simplified view of work item relationships. As per the complexity and non uniformity of toolchains used in the automotive field, and in general to support functional safety effort, Basil will also provide a rest web api and SPDX data import/export.

As part of the ELISA Seminar series, Luigi Pellecchia, Senior Software Quality Engineer at Red Hat, introduces “Basil: an open source tool for tracing requirements, code & tests.

The ELISA Seminar Series focuses on hot topics related to ELISA’s mission to define and maintain a common set of elements, processes and tools that can be incorporated into Linux-based, safety-critical systems amenable to safety certification. Speakers are members, contributors and thought leaders from the ELISA Project and surrounding communities. Each seminar comprises a 45-minute presentation and a 15-minute Q&A, and it’s free to attend. You can watch all videos on the ELISA Project Youtube Channel ELISA Seminar Series Playlist here.For more ELISA Project updates, subscribe to @ProjectElisa or our LinkedIn page or our Youtube Channel.

Xen Safety Certification: progress so far and plans for the future (video)

By Blog, Seminar Series

The Xen Project is a static partitioning hypervisor for embedded, from aerospace to industrial and automotive. Xen enforces strong isolation between domains so that one cannot affect the execution of another. Features such as cache coloring reduce interference and improve interrupt latency and determinism. A real-time workload can run alongside a more complex guest. But can it be used in safety-critical environments?

The Xen hypervisor has a microkernel design: services and tools are non-essential and run in unprivileged VMs, while the core is less than 50K LOC. This architecture lends itself well to safety-critical applications as only the hypervisor core is critical and needs to go through the certification process.

As part of the ELISA Seminar Series, Stefano Stabellini, Fellow at AMD and Xen Hypervisor & Linux Kernel Maintainer, presented a video that describes the activities of the Xen FuSa SIG (Special Interest Group) to make Xen easier to safety-certify. It will highlight the most significant improvements introduced in the last 12 months to align Xen with safety standards such as DO-178C and ISO 26262. It will go into detail on MISRA C compliance, its latest status, and the next steps to close all the outstanding MISRA C gaps. It will discuss the role of Gitlab-CI and how to keep the Xen codebase MISRA C compliant without major efforts.

The Xen community has a clear path ahead to achieve the safety certification of the hypervisor. This talk will discuss it focusing on the most impactful changes to the Xen codebase and X en community processes.

 

The ELISA Seminar Series focuses on hot topics related to ELISA’s mission to define and maintain a common set of elements, processes and tools that can be incorporated into Linux-based, safety-critical systems amenable to safety certification. Speakers are members, contributors and thought leaders from the ELISA Project and surrounding communities. Each seminar comprises a 45-minute presentation and a 15-minute Q&A, and it’s free to attend. You can watch all videos on the ELISA Project Youtube Channel ELISA Seminar Series Playlist here.For more ELISA Project updates, subscribe to @ProjectElisa or our LinkedIn page or our Youtube Channel.

Automating Adherence to Safety Profiles After Fixing Vulnerabilities (Video)

By Blog, Seminar Series

Creating a critical safe or secure system generally comes down to two aspects. The system has to be able to meet the technical expectations to handle its criticality and there needs to be evidence these expectations are actually met. With today’s software systems being built by integrating various software components, more often using open source than custom proprietary solutions, it’s obvious that having complete and reliable evidence that the software is created with criticality considerations, such as safety profiles, in mind is key.

Demonstrating the technical capabilities of a system to achieve the safety and security qualities can be done by established analysis methods. However, proving that its process provides the systematic evidence that all has been implemented, tested, built and configured as required, needs evidence of traceability from requirement to tests and release. Typically this evidence is locked within proprietary tools, never 100%, needing manual tasks to prove traceability between items. With continuous changes due to security updates or continuous deploys, managing this systematic evidence gets impossible.

As part of the ELISA Project Seminar Series, Kate Stewart, Vice President of Dependable Embedded Systems at the Linux Foundation, and Nicole Pappler, CTO and Founder of AlectoMetis, presented a webinar titled, “Automating Adherence to Safety Profiles After Fixing Vulnerabilities.” This video will present a model using SPDX, that allows for automated checks for integrity and availability of evidence to prove the systematic capability of software consumed by critical systems. Watch the full video below.

The ELISA Seminar Series focuses on hot topics related to ELISA’s mission to define and maintain a common set of elements, processes and tools that can be incorporated into Linux-based, safety-critical systems amenable to safety certification. Speakers are members, contributors and thought leaders from the ELISA Project and surrounding communities. Each seminar comprises a 45-minute presentation and a 15-minute Q&A, and it’s free to attend. You can watch all videos on the ELISA Project Youtube Channel ELISA Seminar Series Playlist here.

For more ELISA Project updates, subscribe to @ProjectElisa or our LinkedIn page or our Youtube Channel.

A Development Environment for DO-178C Level D Certified Linux

By Blog, Seminar Series

The ELISA Project Seminar Series focuses on hot topics related to ELISA and its mission. Presenters are members, contributors and thought leaders from the ELISA Project and surrounding communities. To view past presentations, click here.

On July 18,  Chuck Wolber, Software Engineer at The Boeing Company presented a seminar titled, “A Development Environment for DO-178C Level D Certified Linux.”

This video features the use of Yocto/OpenEmbedded as a tool for managing a distributed development environment, automated build and test, and ultimately delivering a DO-178C level D certified Linux platform into revenue service. It also touches on generalized aspects of traceability, team dynamics, “day one developer,” and extensibility. Watch the video:

Learn more about linux and aerospace by joining the ELISA Aerospace Working Group.

For all upcoming ELISA Working Group meetings and public seminars, please go to https://lists.elisa.tech/calendar.

ELISA Seminar: PREEMPT_RT – How not to break it (Video)

By Blog, Seminar Series

In March, the ELISA Project launched the Monthly Seminar Series, which focuses on hot topics related to ELISA and its mission. Presenters are members, contributors and thought leaders from the ELISA Project and surrounding communities. You can find all of the seminar videos here.

In October, Sebastian Siewior from Linutronix presented a seminar titled,  PREEMPT_RT – how not to break it.

The PREEMPT_RT patch set has only a handful patches left until it can be enabled on the X86 Architecture at the time of writing. The work has not finished once the patches are fully merged. A new issue is how to not break parts of PREEMPT_RT in future development by making assumption which are not compatible or lead to large latencies. Another problem is how to address limitations on PREEMPT_RT like the big softirq/ bottom halves lock which can lead to high latencies.

A short background of the RTL Collaborative Project: The Real Time Linux collaborative project was established to help coordinate the efforts around mainlining Preempt RT and ensuring that the maintainers have the ability to continue development work, long-term support and future research of RT. In coordination with the broader community, the workgroup aims to encourage broader adoption of RT, improve testing automation and documentation and better prioritize the development roadmap.

Would like to know more on how it’s all started? You can find more details here: https://wiki.linuxfoundation.org/realtime/rtl/start.

Watch the full video here:

Materials from the seminar can be found here.

Learn more about ELISA Project.