[SystemSafety] [cip-dev] Critical systems Linux

Peter Bernard Ladkin ladkin at rvs.uni-bielefeld.de
Thu Nov 22 12:59:52 CET 2018 


On 2018-11-22 10:24 , Paul Sherwood wrote:
> 
>>>> As Linux is monolithic, already written  (with minimal requirements/design
>>>> docs) and not to any coding standard
>>>> How would the world go about making a Certifiable Linux?
>>
>>>> Is it possible?
> 
> Sadly most of the followon discussion seems to have stayed only on systemsafetylist.org [1] which
> rather reduces its impact IMO.

There is a standard governing use of pre-existing software which is claimed to be "proven in use".
This is a category otherwise known as "Route 2S" of qualifying items for use in a safety-critical
system according to IEC 61508.

The standard is IEC 61508-3-1 and is some 4pp long. It costs some CHF 40. The material is currently
being incorporated into Edition 3 of IEC 61508.

The weakness of IEC 61508-3-1, as I see it, is that it makes no reference to statistical evaluation.
The reason for this is that StatEval is written up in IEC 61508-7 Annex D, and this is becoming more
widely recognised as a very misleading document. (Indeed, some of us have been working for over nine
years to get it changed. The good news is that it will be changed for Edition 3 into something which
is no longer misleading. The bad news is how long it will take before Edition 3 is agree and
published.)

I see almost no chance that something as complex and monolithic as a Linux kernel could fulfil the
requirements of IEC 61508-3-1 unless there is a very extensive reverse engineering, and manbe
re-engineering effort applied to the software to substantiate the requirements of IEC 61508-3-1.

I, at least, am content with this in the current state of affairs. However, I would also welcome any
extensive re-engineering effort of a piece of important software such as an OS to enhance its
dependability characteristics.

I presume hardly anyone here, or on Linux mailing lists, familiar with OSs is also familiar with IEC
61508-3-1. So I am not sure what there is to discuss. I would encourage people to read it first.

PBL

Prof. Peter Bernard Ladkin, Bielefeld, Germany
MoreInCommon
Je suis Charlie
Tel+msg +49 (0)521 880 7319  www.rvs-bi.de





-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 488 bytes
Desc: OpenPGP digital signature
URL: <https://lists.techfak.uni-bielefeld.de/mailman/private/systemsafety/attachments/20181122/cdd46457/attachment.sig>

More information about the systemsafety mailing list