[AGENDA] RE: Invitation: ELISA Safety-Architecture Weekly Meeting @ Weekly from 5am to 6am on Tuesday (PST) (gabriele.paoloni@intel.com)


Paoloni, Gabriele <gabriele.paoloni@...>
 

Hi all

 

For ww10 I propose the following agenda:

 

[ 0 to 10m]: OPENS

[max 10 min]: Quick Recap on the latest chenges to the Safety Arch WG Strategy - slides 7 of https://drive.google.com/open?id=1Ps5paK2IUNcoFsgM1sCiBuYCO8__I9JL

[max 10 min]: Reference HW Architecture Definition – next steps

[rest of the time]: Telltale system diagram (from Stefano Dellosa - Intel)

 

Minutes of the previous meeting have been placed in the usual location: https://drive.google.com/open?id=1h6b7gjLAR5LbXuSfaPzHyHEr3XYUOWkLdvJdmDX_BDQ

 

Thanks

Gab

 

-----Original Appointment-----
From: myu@... <myu@...>
Sent: Friday, February 14, 2020 8:11 PM
To: myu@...; antonio.priore@...; artem_mygaiev@...; dposner@...; mbeltran@...; Gurvitz, Eli (Mobileye); Iacaruso, Maurizio; hartkopp@...; Paoloni, Gabriele; jochen.kall@...; tglx@...; Copperman, Elana (Mobileye); slotosch@...; afaerber@...; lukas.bulwahn@...; yasushi.ando@...; Kate Stewart; Paccapeli, Roberto; doris_wild@...; safety-architecture@...; christopher.temple@...; aymeric.rateau@...
Subject: Invitation: ELISA Safety-Architecture Weekly Meeting @ Weekly from 5am to 6am on Tuesday (PST) (gabriele.paoloni@...)
When: martedì 3 marzo 2020 07:00-08:00 America/Chicago.
Where:

 

You have been invited to the following event.

ELISA Safety-Architecture Weekly Meeting

When

Weekly from 5am to 6am on Tuesday Pacific Time - Los Angeles

Calendar

gabriele.paoloni@...

Who

myu@... - organizer

antonio.priore@...

artem_mygaiev@...

dposner@...

mbeltran@...

eli.gurvitz@...

maurizio.iacaruso@...

hartkopp@...

gabriele.paoloni@...

jochen.kall@...

tglx@...

elana.copperman@...

slotosch@...

afaerber@...

lukas.bulwahn@...

yasushi.ando@...

Kate Stewart

roberto.paccapeli@...

doris_wild@...

safety-architecture@...

christopher.temple@...

aymeric.rateau@...


──────────

ELISA Project is inviting you to a scheduled Zoom meeting.

Join Zoom Meeting
https://zoom.us/j/323975221

Meeting ID: 323 975 221

One tap mobile
+16465588656,,323975221# US (New York)
+16699006833,,323975221# US (San Jose)

Dial by your location
        +1 646 558 8656 US (New York)
        +1 669 900 6833 US (San Jose)
        877 369 0926 US Toll-free
        855 880 1246 US Toll-free
        +1 647 558 0588 Canada
        855 703 8985 Canada Toll-free
Meeting ID: 323 975 221
Find your local number: https://zoom.us/u/aeJU7QC44x


──────────

Going (gabriele.paoloni@...)?   All events in this series:   Yes - Maybe - No    more options »

Invitation from Google Calendar

You are receiving this email at the account gabriele.paoloni@... because you are subscribed for invitations on calendar gabriele.paoloni@....

To stop receiving these emails, please log in to https://www.google.com/calendar/ and change your notification settings for this calendar.

Forwarding this invitation could allow any recipient to send a response to the organizer and be added to the guest list, or invite others regardless of their own invitation status, or to modify your RSVP. Learn More.

 

---------------------------------------------------------------------
INTEL CORPORATION ITALIA S.p.A. con unico socio
Sede: Milanofiori Palazzo E 4
CAP 20094 Assago (MI)
Capitale Sociale Euro 104.000,00 interamente versato
Partita I.V.A. e Codice Fiscale  04236760155
Repertorio Economico Amministrativo n. 997124
Registro delle Imprese di Milano nr. 183983/5281/33
Soggetta ad attivita' di direzione e coordinamento di
INTEL CORPORATION, USA

This e-mail and any attachments may contain confidential material for
the sole use of the intended recipient(s). Any review or distribution
by others is strictly prohibited. If you are not the intended
recipient, please contact the sender and delete all copies.


Andreas Färber <afaerber@...>
 

Hi Gab and Christopher,

Am 01.03.20 um 18:56 schrieb Paoloni, Gabriele:
For ww10 I propose the following agenda:
[ 0 to 10m]: OPENS
[max 10 min]: Quick Recap on the latest chenges to the Safety Arch WG Strategy - slides 7 of https://drive.google.com/open?id=1Ps5paK2IUNcoFsgM1sCiBuYCO8__I9JL
I see slide 11 has been updated since last week and now no longer appears to label the two top boxes as sitting on top of glibc. However the right-hand text still talks about reading back the framebuffer and calculating a CRC, which I had pointed out would seem to involve the whole drm (Display Rendering Manager) subsystem of the kernel, given that you speak of the Display Engine composing the framebuffer further above, seemingly ruling out a trivial/static simple-framebuffer or efifb handled by the bootloader.

My concern therefore still is that the attendees of our WG calls may not all have sufficiently deep levels of drm API knowledge to reason about safety in that particularly complex example. Just the GEM allocation and buffering layer is complex enough in itself for non-experts to have troubles debugging it.

Instead, what was stated on the call was that the CRC operation would be done in specialized external hardware. However, that's not what your slide says - it lists it as an action of the Monitor application as if it were an open syscall followed by read syscalls plus in-memory calculation (in addition to the watchdog open/ioctl operations).

If you want to do it without special hardware, maybe we could just speak about toggling a gpio pin for an LED notification instead, as a much simpler kernel subsystem? (gpio, ignoring pinctrl for configuration)

Regards,
Andreas

[max 10 min]: Reference HW Architecture Definition – next steps
[rest of the time]: Telltale system diagram (from Stefano Dellosa - Intel)
Minutes of the previous meeting have been placed in the usual location: https://drive.google.com/open?id=1h6b7gjLAR5LbXuSfaPzHyHEr3XYUOWkLdvJdmDX_BDQ
Thanks
Gab
-----Original Appointment-----
*From:* myu@... <myu@...>
*Sent:* Friday, February 14, 2020 8:11 PM
*To:* myu@...; antonio.priore@...; artem_mygaiev@...; dposner@...; mbeltran@...; Gurvitz, Eli (Mobileye); Iacaruso, Maurizio; hartkopp@...; Paoloni, Gabriele; jochen.kall@...; tglx@...; Copperman, Elana (Mobileye); slotosch@...; afaerber@...; lukas.bulwahn@...; yasushi.ando@...; Kate Stewart; Paccapeli, Roberto; doris_wild@...; safety-architecture@...; christopher.temple@...; aymeric.rateau@...
*Subject:* Invitation: ELISA Safety-Architecture Weekly Meeting @ Weekly from 5am to 6am on Tuesday (PST) (gabriele.paoloni@...)
*When:* martedì 3 marzo 2020 07:00-08:00 America/Chicago.
*Where:*
*You have been invited to the following event.*
ELISA Safety-Architecture Weekly Meeting
When

Weekly from 5am to 6am on Tuesday Pacific Time - Los Angeles
Calendar

gabriele.paoloni@...
Who



myu@... organizer


antonio.priore@...


artem_mygaiev@...


dposner@...


mbeltran@...


eli.gurvitz@...


maurizio.iacaruso@...


hartkopp@...


gabriele.paoloni@...


jochen.kall@...


tglx@...


elana.copperman@...


slotosch@...


afaerber@...


lukas.bulwahn@...


yasushi.ando@...


Kate Stewart


roberto.paccapeli@...


doris_wild@...


safety-architecture@...


christopher.temple@...


aymeric.rateau@...
*more details » <https://www.google.com/calendar/event?action=VIEW&eid=MWs3YnRkcGMyN3IyZTJhYWZzZmFkZzUzcmYgZ2FicmllbGUucGFvbG9uaUBpbnRlbC5jb20&tok=MjMjbXl1QGxpbnV4Zm91bmRhdGlvbi5vcmc5ODJjNjk5NjhhYzNiYTc1Y2NhZjU2OWRkNjE1OTQ1OWQ2NjA2OTAx&ctz=America%2FLos_Angeles&hl=en&es=1>***
──────────
ELISA Project is inviting you to a scheduled Zoom meeting.
Join Zoom Meeting
https://zoom.us/j/323975221 <https://www.google.com/url?q=https%3A%2F%2Fzoom.us%2Fj%2F323975221&sa=D&ust=1582139437510000&usg=AFQjCNGAWajdKdhjsiyWJTRZZlG7ARcxEw>
Meeting ID: 323 975 221
One tap mobile
+16465588656,,323975221# US (New York)
+16699006833,,323975221# US (San Jose)
Dial by your location
        +1 646 558 8656 US (New York)
        +1 669 900 6833 US (San Jose)
        877 369 0926 US Toll-free
        855 880 1246 US Toll-free
        +1 647 558 0588 Canada
        855 703 8985 Canada Toll-free
Meeting ID: 323 975 221
Find your local number: https://zoom.us/u/aeJU7QC44x <https://www.google.com/url?q=https%3A%2F%2Fzoom.us%2Fu%2FaeJU7QC44x&sa=D&ust=1582139437510000&usg=AFQjCNGrYSkSGfQsfl03T-e2sZyafOWL-g>
──────────
Going (gabriele.paoloni@...)? All events in this series: *Yes <https://www.google.com/calendar/event?action=RESPOND&eid=MWs3YnRkcGMyN3IyZTJhYWZzZmFkZzUzcmYgZ2FicmllbGUucGFvbG9uaUBpbnRlbC5jb20&rst=1&tok=MjMjbXl1QGxpbnV4Zm91bmRhdGlvbi5vcmc5ODJjNjk5NjhhYzNiYTc1Y2NhZjU2OWRkNjE1OTQ1OWQ2NjA2OTAx&ctz=America%2FLos_Angeles&hl=en&es=1>**- **Maybe <https://www.google.com/calendar/event?action=RESPOND&eid=MWs3YnRkcGMyN3IyZTJhYWZzZmFkZzUzcmYgZ2FicmllbGUucGFvbG9uaUBpbnRlbC5jb20&rst=3&tok=MjMjbXl1QGxpbnV4Zm91bmRhdGlvbi5vcmc5ODJjNjk5NjhhYzNiYTc1Y2NhZjU2OWRkNjE1OTQ1OWQ2NjA2OTAx&ctz=America%2FLos_Angeles&hl=en&es=1>**- **No <https://www.google.com/calendar/event?action=RESPOND&eid=MWs3YnRkcGMyN3IyZTJhYWZzZmFkZzUzcmYgZ2FicmllbGUucGFvbG9uaUBpbnRlbC5jb20&rst=2&tok=MjMjbXl1QGxpbnV4Zm91bmRhdGlvbi5vcmc5ODJjNjk5NjhhYzNiYTc1Y2NhZjU2OWRkNjE1OTQ1OWQ2NjA2OTAx&ctz=America%2FLos_Angeles&hl=en&es=1>* more options » <https://www.google.com/calendar/event?action=VIEW&eid=MWs3YnRkcGMyN3IyZTJhYWZzZmFkZzUzcmYgZ2FicmllbGUucGFvbG9uaUBpbnRlbC5jb20&tok=MjMjbXl1QGxpbnV4Zm91bmRhdGlvbi5vcmc5ODJjNjk5NjhhYzNiYTc1Y2NhZjU2OWRkNjE1OTQ1OWQ2NjA2OTAx&ctz=America%2FLos_Angeles&hl=en&es=1>
Invitation from Google Calendar <https://www.google.com/calendar/>
You are receiving this email at the account gabriele.paoloni@... because you are subscribed for invitations on calendar gabriele.paoloni@....
To stop receiving these emails, please log in to https://www.google.com/calendar/ and change your notification settings for this calendar.
Forwarding this invitation could allow any recipient to send a response to the organizer and be added to the guest list, or invite others regardless of their own invitation status, or to modify your RSVP. Learn More <https://support.google.com/calendar/answer/37135#forwarding>.
---------------------------------------------------------------------
INTEL CORPORATION ITALIA S.p.A. con unico socio
Sede: Milanofiori Palazzo E 4
CAP 20094 Assago (MI)
Capitale Sociale Euro 104.000,00 interamente versato
Partita I.V.A. e Codice Fiscale  04236760155
Repertorio Economico Amministrativo n. 997124
Registro delle Imprese di Milano nr. 183983/5281/33
Soggetta ad attivita' di direzione e coordinamento di
INTEL CORPORATION, USA
This e-mail and any attachments may contain confidential material for
the sole use of the intended recipient(s). Any review or distribution
by others is strictly prohibited. If you are not the intended
recipient, please contact the sender and delete all copies.

--
SUSE Software Solutions Germany GmbH
Maxfeldstr. 5, 90409 Nürnberg, Germany
GF: Felix Imendörffer
HRB 36809 (AG Nürnberg)


Paoloni, Gabriele <gabriele.paoloni@...>
 

Hi Andreas

-----Original Message-----
From: Andreas Färber <afaerber@...>
Sent: Monday, March 2, 2020 1:38 PM
To: Paoloni, Gabriele <gabriele.paoloni@...>;
christopher.temple@...
Cc: safety-architecture@...
Subject: Re: [AGENDA] RE: Invitation: ELISA Safety-Architecture Weekly
Meeting @ Weekly from 5am to 6am on Tuesday (PST)
(gabriele.paoloni@...)

Hi Gab and Christopher,

Am 01.03.20 um 18:56 schrieb Paoloni, Gabriele:
For ww10 I propose the following agenda:

[ 0 to 10m]: OPENS

[max 10 min]: Quick Recap on the latest chenges to the Safety Arch WG
Strategy - slides 7 of
https://drive.google.com/open?id=1Ps5paK2IUNcoFsgM1sCiBuYCO8__I9JL
I see slide 11 has been updated since last week and now no longer
appears to label the two top boxes as sitting on top of glibc. However
the right-hand text still talks about reading back the framebuffer and
calculating a CRC, which I had pointed out would seem to involve the
whole drm (Display Rendering Manager) subsystem of the kernel, given
that you speak of the Display Engine composing the framebuffer further
above, seemingly ruling out a trivial/static simple-framebuffer or efifb
handled by the bootloader.
Mmmm I dont' think slide11 has ever been updated since it was
presented in the ELISA workshop in Brussels. However the idea for
tomorrow is to present a more detailed diagram; maybe based on
this we can have a deeper analysis and refine it further also including
your feedbacks


My concern therefore still is that the attendees of our WG calls may not
all have sufficiently deep levels of drm API knowledge to reason about
safety in that particularly complex example. Just the GEM allocation and
buffering layer is complex enough in itself for non-experts to have
troubles debugging it.
My idea for tomorrow is to get initial high level feedbacks and suggestion.
Then as/if we decide to continue with such use case we will need to
have a dedicated taskforce including appropriate experts


Instead, what was stated on the call was that the CRC operation would be
done in specialized external hardware. However, that's not what your
slide says - it lists it as an action of the Monitor application as if
it were an open syscall followed by read syscalls plus in-memory
calculation (in addition to the watchdog open/ioctl operations).
In the call it was stated that usually such use case is supported by having
the safety monitor (CRC checker) implemented in a dedicated ASIL rated
HW; hence it is obvious that any failure mode of the telltale renderer
is detected by the monitor itself. By following this typical approach however
Linux is not assigned with any safety requirements as all of these will be
placed on the external safety monitor.
Here I am putting the monitor side by side with the telltale rendering app
to have Linux assigned with safety reqs


If you want to do it without special hardware, maybe we could just speak
about toggling a gpio pin for an LED notification instead, as a much
simpler kernel subsystem? (gpio, ignoring pinctrl for configuration)
The principle here is that the rendering app is not assigned with safety reqs;
Instead the safety monitor is. If tomorrow we realize that this is a too
complex scenario to start with we can possibly fall back to a simple safety
app as you suggested (during the call we also mentioned a simple app relying
on EDAC to detect HW failures)

Many thanks for your feedbacks

Gab


Regards,
Andreas


[max 10 min]: Reference HW Architecture Definition – next steps

[rest of the time]: Telltale system diagram (from Stefano Dellosa - Intel)

Minutes of the previous meeting have been placed in the usual location:
https://drive.google.com/open?id=1h6b7gjLAR5LbXuSfaPzHyHEr3XYUOWkL
dvJdmDX_BDQ

Thanks

Gab

-----Original Appointment-----
*From:* myu@... <myu@...>
*Sent:* Friday, February 14, 2020 8:11 PM
*To:* myu@...; antonio.priore@...;
artem_mygaiev@...; dposner@...;
mbeltran@...;
Gurvitz, Eli (Mobileye); Iacaruso, Maurizio;
hartkopp@...; Paoloni, Gabriele;
jochen.kall@...; tglx@...; Copperman, Elana
(Mobileye); slotosch@...; afaerber@...;
lukas.bulwahn@...;
yasushi.ando@...; Kate Stewart; Paccapeli, Roberto;
doris_wild@...; safety-architecture@...;
christopher.temple@...; aymeric.rateau@...
*Subject:* Invitation: ELISA Safety-Architecture Weekly Meeting @ Weekly
from 5am to 6am on Tuesday (PST) (gabriele.paoloni@...)
*When:* martedì 3 marzo 2020 07:00-08:00 America/Chicago.
*Where:*


*You have been invited to the following event.*


ELISA Safety-Architecture Weekly Meeting

When



Weekly from 5am to 6am on Tuesday Pacific Time - Los Angeles

Calendar



gabriele.paoloni@...

Who







myu@... organizer





antonio.priore@...





artem_mygaiev@...





dposner@...





mbeltran@...





eli.gurvitz@...





maurizio.iacaruso@...





hartkopp@...





gabriele.paoloni@...





jochen.kall@...





tglx@...





elana.copperman@...





slotosch@...





afaerber@...





lukas.bulwahn@...





yasushi.ando@...





Kate Stewart





roberto.paccapeli@...





doris_wild@...





safety-architecture@...





christopher.temple@...





aymeric.rateau@...

*more details »
<https://www.google.com/calendar/event?action=VIEW&eid=MWs3YnRkc
GMyN3IyZTJhYWZzZmFkZzUzcmYgZ2FicmllbGUucGFvbG9uaUBpbnRlbC5jb20
&tok=MjMjbXl1QGxpbnV4Zm91bmRhdGlvbi5vcmc5ODJjNjk5NjhhYzNiYTc1Y
2NhZjU2OWRkNjE1OTQ1OWQ2NjA2OTAx&ctz=America%2FLos_Angeles&hl
=en&es=1>***


──────────

ELISA Project is inviting you to a scheduled Zoom meeting.

Join Zoom Meeting
https://zoom.us/j/323975221
<https://www.google.com/url?q=https%3A%2F%2Fzoom.us%2Fj%2F323975
221&sa=D&ust=1582139437510000&usg=AFQjCNGAWajdKdhjsiyWJTRZZlG7A
RcxEw>

Meeting ID: 323 975 221

One tap mobile
+16465588656,,323975221# US (New York)
+16699006833,,323975221# US (San Jose)

Dial by your location
        +1 646 558 8656 US (New York)
        +1 669 900 6833 US (San Jose)
        877 369 0926 US Toll-free
        855 880 1246 US Toll-free
        +1 647 558 0588 Canada
        855 703 8985 Canada Toll-free
Meeting ID: 323 975 221
Find your local number: https://zoom.us/u/aeJU7QC44x
<https://www.google.com/url?q=https%3A%2F%2Fzoom.us%2Fu%2FaeJU7
QC44x&sa=D&ust=1582139437510000&usg=AFQjCNGrYSkSGfQsfl03T-
e2sZyafOWL-g>


──────────

Going (gabriele.paoloni@...)? All events in this series: *Yes
<https://www.google.com/calendar/event?action=RESPOND&eid=MWs3Yn
RkcGMyN3IyZTJhYWZzZmFkZzUzcmYgZ2FicmllbGUucGFvbG9uaUBpbnRlbC5j
b20&rst=1&tok=MjMjbXl1QGxpbnV4Zm91bmRhdGlvbi5vcmc5ODJjNjk5Njhh
YzNiYTc1Y2NhZjU2OWRkNjE1OTQ1OWQ2NjA2OTAx&ctz=America%2FLos_A
ngeles&hl=en&es=1>**-
**Maybe
<https://www.google.com/calendar/event?action=RESPOND&eid=MWs3Yn
RkcGMyN3IyZTJhYWZzZmFkZzUzcmYgZ2FicmllbGUucGFvbG9uaUBpbnRlbC5j
b20&rst=3&tok=MjMjbXl1QGxpbnV4Zm91bmRhdGlvbi5vcmc5ODJjNjk5Njhh
YzNiYTc1Y2NhZjU2OWRkNjE1OTQ1OWQ2NjA2OTAx&ctz=America%2FLos_A
ngeles&hl=en&es=1>**-
**No
<https://www.google.com/calendar/event?action=RESPOND&eid=MWs3Yn
RkcGMyN3IyZTJhYWZzZmFkZzUzcmYgZ2FicmllbGUucGFvbG9uaUBpbnRlbC5j
b20&rst=2&tok=MjMjbXl1QGxpbnV4Zm91bmRhdGlvbi5vcmc5ODJjNjk5Njhh
YzNiYTc1Y2NhZjU2OWRkNjE1OTQ1OWQ2NjA2OTAx&ctz=America%2FLos_A
ngeles&hl=en&es=1>*
more options »
<https://www.google.com/calendar/event?action=VIEW&eid=MWs3YnRkc
GMyN3IyZTJhYWZzZmFkZzUzcmYgZ2FicmllbGUucGFvbG9uaUBpbnRlbC5jb20
&tok=MjMjbXl1QGxpbnV4Zm91bmRhdGlvbi5vcmc5ODJjNjk5NjhhYzNiYTc1Y
2NhZjU2OWRkNjE1OTQ1OWQ2NjA2OTAx&ctz=America%2FLos_Angeles&hl
=en&es=1>

Invitation from Google Calendar <https://www.google.com/calendar/>

You are receiving this email at the account gabriele.paoloni@...
because you are subscribed for invitations on calendar
gabriele.paoloni@....

To stop receiving these emails, please log in to
https://www.google.com/calendar/ and change your notification settings
for this calendar.

Forwarding this invitation could allow any recipient to send a response
to the organizer and be added to the guest list, or invite others
regardless of their own invitation status, or to modify your RSVP. Learn
More <https://support.google.com/calendar/answer/37135#forwarding>.

---------------------------------------------------------------------
INTEL CORPORATION ITALIA S.p.A. con unico socio
Sede: Milanofiori Palazzo E 4
CAP 20094 Assago (MI)
Capitale Sociale Euro 104.000,00 interamente versato
Partita I.V.A. e Codice Fiscale  04236760155
Repertorio Economico Amministrativo n. 997124
Registro delle Imprese di Milano nr. 183983/5281/33
Soggetta ad attivita' di direzione e coordinamento di
INTEL CORPORATION, USA

This e-mail and any attachments may contain confidential material for
the sole use of the intended recipient(s). Any review or distribution
by others is strictly prohibited. If you are not the intended
recipient, please contact the sender and delete all copies.

--
SUSE Software Solutions Germany GmbH
Maxfeldstr. 5, 90409 Nürnberg, Germany
GF: Felix Imendörffer
HRB 36809 (AG Nürnberg)
---------------------------------------------------------------------
INTEL CORPORATION ITALIA S.p.A. con unico socio
Sede: Milanofiori Palazzo E 4
CAP 20094 Assago (MI)
Capitale Sociale Euro 104.000,00 interamente versato
Partita I.V.A. e Codice Fiscale 04236760155
Repertorio Economico Amministrativo n. 997124
Registro delle Imprese di Milano nr. 183983/5281/33
Soggetta ad attivita' di direzione e coordinamento di
INTEL CORPORATION, USA

This e-mail and any attachments may contain confidential material for
the sole use of the intended recipient(s). Any review or distribution
by others is strictly prohibited. If you are not the intended
recipient, please contact the sender and delete all copies.