OSADL Safety Critical Linux Working Group

Title: GNU/Linux for Safety Critical Systems

Speaker: Prof. Nicholas Mc Guire

Position: OSADL Safety Coordinator & Distributed & Embedded Systems Lab, Lanzhou University

Date: Jan 16-18, 2015

Venue: Distributed & Embedded Systems Lab, Lanzhou University, P.R. China

Linux for safety related systems has been in discussion for at least since the publication of HSE report 1336 “Justifying the use of software of uncertain pedigree (SOUP) in safety-related applications” in 2001 by HSE. Its deployment target is not only traditional controllers like PLCs but also critical infrastructure and distributed control systems (e.g. ATC, rail interlocking, system monitoring).

In this session we first give an introduction to safety issues in general and the turn to the specifics of utilizing Open Source components. The general introduction to functional safety covers core concepts of ALARM, MEM, GAMAB and generally risk based safety approach, procedural safety focussing on systematic capabilities (SC) of complex software components. Specifically outline the paths available for justifying/arguing (claim: argument: evidence) of open-source components in a safety related system based on IEC 61508 Ed 2 as well as some of the related standards. We then introduce how to actually work with such a standard by interpreting and mapping to the specific system.

Building on pre-existing components changes the high-level development model and this needs to be addressed by your development live-cycle.

In a nut-shell it amounts to:

Traditional:    Requirements -> Design -> Implementation -> Integration

Open-Source:       Requirements -> Selection -> Integration

This is well reflected in current standards in the automotive domain:

ISO 26262 (Safety Element out of Context/Pre-existing software) or the rail domain EN 50128 Ed 2/IEC 62297 (Pre-existing/open-source software).

The goal of the session is to introduce the general work-flow in functional safety – how to work with standards and specifically the potential for using GNU/Linux in safety related applications and to also introduce the potential problems and limitations.

GNU/Linux is not the answer to all computing requirements notably in the domain of safety related systems, but it has some offerings that are well worth investigating – and where it fits it can be a great advantage to build on open-source tools – this session is intended as a starting point.

Program Outline:

* Introduction to safety

* Core standards overview

* Introduction of 61508 Ed2

* Strategies for GNU/Linux in 61508 context

* Some notes on ISO 9001/90003

* Overview of related standard (Rail, Automotive, Avionics)

* Working with standards

– interpretation

– mapping

* Notes on building a Safety Case

* Practical exercises

– system analysis

– component assessment

– tools qualification

* A Brief report on OSADLs SIL2LinuxMP project

This session is free for OSADL members and registered students – for non OSADL members please contact Dr. Zhou Qingguo <zhouqg@lzu.edu.cn> registration by e-mail required.