On Wed, Feb 16, 2022 at 2:49 PM Smith, Jason <Jason.Smith@...> wrote:

A quick reply to Lukas prior to our meeting (I apologize, didn't have time to prioritize):

We should revisit the work I/we started to do two years ago that never really materialized into anything, which is partially if not completely my own fault; conclusions from the third draft of the white paper I was working on:

Just a quick assessment:

- Manual, including general information pertaining to the Linux distribution like the version/revision and descriptions of APIs, etc.

"Easy"(TM, final last words...) --- let us try to present you something here.

- Fault Analysis, identifying general risks associated with the use of Linux and how those risks have been (or should be) addressed

Difficult. What is a general risk? What is the system? Who needs to
address? (I do not know what to do...) --- let us postpone.

- Design Guide, providing recommendations for appropriate hardware and software architectures to use for safety applications

Difficult. Again, needs an assumption on a system --- let us postpone.

- Verification and Validation Report, describing the procedures, methods, and criteria used to develop and test that Linux distribution prior to its release, and the results of those tests

"Easy"(TM, final last words...) --- let us try to present you something here.

- Release Notes, describing any known issues or bugs in that particular Linux distribution

"Easy"(TM, final last words...) --- let us try to present you something here.

Would you see some priority on the easy-marked ones and would you
accept to postpone the two difficult ones?

Then, I could present some "examples" for the easy results, and see
where we go from there.

Lukas

Jason

-----Original Message-----
From: Lukas Bulwahn <lukas.bulwahn@...>
Sent: Wednesday, February 16, 2022 7:38 AM
To: Smith, Jason <Jason.Smith@...>
Cc: elana.copperman@...; Shuah Khan <skhan@...>; devel@...
Subject: Re: [ELISA Technical Community] TSC Meeting Agenda - February 16 2022

On Thu, Feb 10, 2022 at 4:29 AM Smith, Jason via lists.elisa.tech <jason.smith=ul.com@...> wrote:

My goals are quick wins. There are safety applications using Linux that either don’t need safety certification or whose standards allow Linux to be treated as-is, i.e. software of unknown pedigree. Just small improvements to Linux or relatively small additional pieces of information provided with Linux could offer a lot of value to these developers, allowing them to build safer products. Examples: code improvements, new modules that add or support software safety measures, white papers, manuals, design guides, fault analyses, reports (verification, validation, review, etc.), release notes including known issues, etc. In a way, this is perhaps a scaled-down version of Elana’s (3).

Jason, could you elaborate on your expectation of the small additional pieces of information you see needed as quick wins?

Can you put those pieces into a prioritized list?

Then, we could start at the top of that list and present an example of such pieces of information and discuss them with you to determine the potential effort of providing such information regularly (e.g., for every version) and completely (not just as some incomplete example for the purpose of having a discussion).

I would like to contribute to creating that you see as quick wins. For me, there is nothing to lose here.


Lukas

That being said… I don’t know if this is exactly what the community needs.



I think (if we haven’t done so already) we should go out far and wide across not only ELISA but Linux developers in general to find out what they really need.



Are there enough developers of safety applications using Linux that are okay with treating Linux as-is, making it worthwhile to pursue my stated goal?



Or are most folks trying to develop systems for self-driving cars using Linux and ultimately need compliance with ISO 26262?



If the latter is true, start with Elana’s (1). It’s going to be a lot of work.



Jason



From: devel@... <devel@...> On Behalf Of
elana.copperman via lists.elisa.tech
Sent: Wednesday, February 09, 2022 9:37 AM
To: Shuah Khan <skhan@...>; devel@...
Subject: Re: [ELISA Technical Community] TSC Meeting Agenda - February
16 2022



Thanks, Shuah. Some goals/ideas from my side:

To establish a framework for communication and collaboration between Linux kernel developers/maintainers, safety experts and designers/developers of Linux based safety critical systems. Without broader representation and communication, the work products of ELISA cannot have a context for deployment and acceptance.
ELISA is a project of the Linux Foundation. To leverage this umbrella, learn from its strong points, and help to improve the weaker points towards the long-term goal of integrating Linux successfully in safety critical systems.
Work products (actual kernel patches) which will support the original ELISA mission statement: to define and maintain a common set of elements, processes and tools that can be incorporated into Linux-based, safety-critical systems amenable to safety certification.

Regards

Elana

________________________________

From: devel@... <devel@...> on behalf of
Shuah Khan <skhan@...>
Sent: Wednesday, February 9, 2022 5:20 PM
To: devel@... <devel@...>
Cc: Shuah Khan <skhan@...>
Subject: [ELISA Technical Community] TSC Meeting Agenda - February 16
2022



EXTERNAL EMAIL: Do not click any links or open any attachments unless you trust the sender and know the content is safe.

All,

Let's meet next week to discuss alignment on goals and what success
looks like. Please respond to this thread to add you 1 or 2 items you
consider important to achieve ELISA goals and make the project
successful.

I will compile the items and share the consolidated list before the
meeting.

thanks,
-- Shuah






This e-mail may contain privileged or confidential information. If you are not the intended recipient: (1) you may not disclose, use, distribute, copy or rely upon this message or attachment(s); and (2) please notify the sender by reply e-mail, and then delete this message and its attachment(s). Underwriters Laboratories Inc. and its affiliates disclaim all liability for any errors, omissions, corruption or virus in this message or any attachments.

This e-mail may contain privileged or confidential information. If you are not the intended recipient: (1) you may not disclose, use, distribute, copy or rely upon this message or attachment(s); and (2) please notify the sender by reply e-mail, and then delete this message and its attachment(s). Underwriters Laboratories Inc. and its affiliates disclaim all liability for any errors, omissions, corruption or virus in this message or any attachments.