Difference between revisions of "Category:Safety Certification"

From Xen
(Industry Groups having a stake in certifying Open Source Stacks: Adding Genivi members)
 
(12 intermediate revisions by 2 users not shown)
Line 1: Line 1:
This page links to documents, public discussions, meetings, etc. related to Safety Certification of Xen Project based products or code-lines.  
+
This page is lists documents which cover general topics on safety certification in open source and that are not specific to activities related to enabling safety certification for Xen based systems.  
 +
Tasks related to such activities are in [[:Category:Safety Certification/FuSa SIG|Category:Safety Certification/FuSa SIG]].
  
{{InfoLeft|At this stage this category is primarily a place where to track various activities and also to see who is interested in certification efforts of Xen and who could perform which role.}}
+
<hr>
 
+
Use at the bottom of new pages for this category
== Industry Groups having a stake in certifying Open Source Stacks ==
+
<pre>[[Category:Safety Certification]]</pre>
* '''Automotive Grade Linux''' [https://wiki.automotivelinux.org/eg-virt Virtualization Expert Group]
 
:* ''Members with Xen based products'': GlobalLogic (bronze), StarLab (bronze)
 
:* ''Members which indirectly support Xen in this context'': Renesas (platinum), Arm (gold)
 
:* ''Members which are also Advisory Board members'': Amazon (silver), Qualcomm(silver), Oracle (bronze)
 
* '''Genivi:''' [https://at.projects.genivi.org/wiki/display/DIRO/Hypervisor+Workshop+Team Hyervisor Team (or a group that will eventually become one)]
 
:* ''Members with Xen based products'':  EPAM (2nd tier), GlobalLogic (2nd tier)
 
:* ''Members which indirectly support Xen in this context'': Renesas (silicon), Arm (silicon)
 
:* ''Members which are also Advisory Board members'': Intel (silicon), Qualcomm(silicon)
 
* '''Linaro:''' ''I am not sure whether there is a Linaro group yet, if so it would be worth adding it here''
 
 
 
== Relevant Presentations and Papers ==
 
 
 
=== Xen Specific ===
 
* [https://docs.google.com/document/d/1-vYsOpPC0rb7SIMD6ITHl8fo-xgsdUGIYnQ9p8HVuKY Summary Table Comparing Different Hypervisors] (March 2018)
 
* '''Xen and the Art of Certification''' - Nathan Studer, DornerWorks, 2014: [https://www.youtube.com/watch?v=UyW5ul_1ct0 video], [https://www.slideshare.net/xen_com_mgr/art-certification?qid=891f18a6-18a3-4d8f-9f2e-66b8a4069e04 slides]
 
 
 
=== Industry Wide ===
 
* '''The AGL software defined connected car architecture''', April 2018: [https://docs.google.com/document/d/1HpYzClh0nDEocsUHb17X0DxiehsAbCgyWE-P2Wk_RNU/edit# whitepaper]
 
* '''TSC Sponsored BoF: Can Linux and Automotive Functional Safety Mix ? Take 2: Towards an open source, industry acceptable high assurance OS''', Robin Randhawa, 2017: [https://www.slideshare.net/linaroorg/tsc-sponsored-bof-can-linux-and-automotive-functional-safety-mix-take-2-towards-an-open-source-industry-acceptable-high-assurance-os-sfo17218 slides]
 
 
 
== Automotive Requirements ==
 
 
 
Automotive functions requirements for virtualized ECUs (copied from the [https://docs.google.com/document/d/1HpYzClh0nDEocsUHb17X0DxiehsAbCgyWE-P2Wk_RNU/edit# AGL whitepaper])
 
 
 
{{TODOLeft|It would be good, if we could map these to specific Xen Features, such that we see where there are gaps.}}
 
 
 
=== Computing ===
 
 
 
* C1: Static resource partitioning and flexible on-demand resource allocation (CPU, RAM, GPU and IO).
 
* C2: Memory/IO bus bandwidth allocation and rebalancing.
 
 
 
=== Peripherals sharing ===
 
* P1: GPU and displays shall be shared between execution environments supporting both fixed (each one talks to its own display or to a specified area on a single display) and flexible configurations (shape, z-order, position and assignment of surfaces from different execution environments may change at run time).
 
* P2: Inputs shall be routed to one or multiple execution environments depending on current mode, display configuration (for touchscreens), active application (for jog dials & buttons), etc.
 
* P3: Audio shall be shared between execution environments. Sound complex mixing policies for multiple audio streams and routing of dynamic source/sink devices (BT profiles, USB speakers/microphones, etc.) shall be supported.
 
* P4: Network shall be shared between execution environments. Virtual networks with different security characteristics shall be supported (e.g., traffic filtering and security mechanisms).
 
* P5: Storage shall support static or shared allocation, together with routing of dynamic storage devices (USB mass storage).
 
 
 
=== Security ===
 
* SE1: Root of Trust and Secure boot shall be supported for all execution environments.
 
* SE2: Trusted Computing (discrete TPM, Arm TrustZone or similar) shall be available and configurable for all execution environments.
 
* SE3: Hardware isolation shall be supported (cache, interrupts, IOMMUs, firewalls, etc.).
 
* SE4: Secure updates shall be supported.
 
 
 
=== Performance and Power consumption ===
 
* PP1: Virtualization performance overhead shall be minimal: 1-2% on CPU/memory benchmarks, up to 5% on GPU benchmarks.
 
* PP2: Predictability shall be guaranteed. Minimal performance requirements shall be met in any condition (unexpected events, system overload, etc.).
 
* PP3: Execution environments fast boot: Less than 2 seconds for safety critical applications, less than 5 seconds for Instrument Cluster, and 10 seconds for IVI. Hibernate and Suspend to RAM shall be supported.
 
* PP4: Execution environments startup order shall be predictable.
 
* PP5: Advanced power management shall be implemented with flexible policies for each execution environment.
 
 
 
=== Safety ===
 
* SA1: System monitoring shall be supported to attest and verify that the system is correctly running.
 
* SA2: Restart shall be possible for each execution environment in case of failure.
 
* SA3: Redundancy shall be supported for the highest level of fault tolerance with fallback solutions available to react in case of failure.
 
* SA4: Real time support shall be guaranteed together with predictive reaction time.
 
 
 
== Functional Safety  Requirements ==
 
=== Safety Certification ===
 
{{TODOLeft|I left this out for now, but [[Safety Certification Challenges]] provides some initial pointers to groups of information.}}
 
 
 
=== Code Size impacting the cost of Safety Certification ===
 
{{TODOLeft|Add coarse analyses from misc e-mail threads.}}
 
 
 
== Products using Xen and OpenEmbedded that need/have a degree of Safety Certification ==
 
 
 
=== Products with a degree of Safety Certification ===
 
* [https://dornerworks.com/xen/virtuosity/virtuosity DornerWorks Virtuosity]
 
 
 
=== Automotive Products ===
 
* [https://epam.com EPAM] [https://github.com/xen-troops xen-troops]
 
* [https://cdn10.globallogic.com/wp-content/uploads/2016/12/GlobalLogic-Nautilus-Platform.pdf Global Logic Nautilus]
 
 
 
=== Embedded/Other Products ===
 
* [http://openxt.org/history/ OpenXT]
 
* [https://starlab.io/products/crucible/ Star Lab Crucible]
 
* [http://www.wiki.xilinx.com/XEN+Hypervisor Xilinx]
 
* [https://dornerworks.com/xen/virtuosity/nxpxen DornerWorks Virtuosity for i.MX 8]
 
 
 
== Contributor Spotlights ==
 
* [https://blog.xenproject.org/2018/03/21/xen-project-contributor-spotlight-yurii-konovalenko/ GlobalLogic]
 
* [https://blog.xenproject.org/2018/02/28/xen-project-member-spotlight-dornerworks/ DornerWorks]
 
* [https://blog.xenproject.org/2017/12/12/xen-project-contributor-spotlight-irby-thompson/ StarLabs]
 
* [https://blog.xenproject.org/2017/11/28/xen-project-contributor-spotlight-aporeto/ Stefano Stabellini]
 
  
 
[[Category:Embedded]]
 
[[Category:Embedded]]
 
[[Category:OpenEmbedded]]
 
[[Category:OpenEmbedded]]
 +
[[Category:Embedded and Automotive]]
 +
[[Category:XenARM]]

Latest revision as of 01:31, 15 May 2019

This page is lists documents which cover general topics on safety certification in open source and that are not specific to activities related to enabling safety certification for Xen based systems. Tasks related to such activities are in Category:Safety Certification/FuSa SIG.


Use at the bottom of new pages for this category

[[Category:Safety Certification]]