You are here: Home / Projects / Safety Critical Linux / 
2024-04-26 - 01:24
OSADL Projects

OSADL Project: Safety Critical Linux

Safety Critical Linux - Working Group Proposal by Nicholas Mc Guire

next up previous
Next: Modular Safety Case Up: Problem Statement Previous: Problem Statement

Safety Case

The arguments presented to authorities for certification of systems in the safety critical computing arena build on a safety-case. The safety case is the most contended part providing safety critical systems based on COTS/OSS components. This has been mainly due to dominant safety regulations targeting procedure driven safety evidence.

One can distinguish two principal types of safety cases in current standards practice:

  • procedure based safety case
    • review driven (CENELEC, 61508, DO178B)
    • evidence of meeting spec. is based on a formal set of documents and there review. The formal documents and the underlying project management, safety management and QA of the development process is the focus.
  • evidence based safety case
    • goal driven (CAP 670)
    • evidence of meeting spec. is derived from field service, testing and analysis as well as standard compliance. Formal methods for testing and analysis as well as description of findings is the focus.

From preliminary research efforts it is clear that evidence based safety cases are more likely to be successful for safety critical systems based on COTS/OSS. Though an initial assessment of current practice in some flag-ship OSS projects like the Linux kernel indicate that even these projects are able to provide high quality development practice guided by documentation and standards and a relatively well defined formal software Lifecycle which could lend it self to a mapping into the CENELEC context (as supportive argument). This observation is not conclusive as of now, but it does seem promising to investigate how far a procedure based safety case could be argued for COTS/OSS components like the Linux kernel. At the same time it is also clear that application of GNU/Linux in domains that have an established practice of using evidence based safety cases (i.e. Air Traffic Control (CAP670)) might be the best initial targets for deploying Linux in safety critical systems.


Subsections
next up previous
Next: Modular Safety Case Up: Problem Statement Previous: Problem Statement
latex2html 2007-07-15

To top