The Open Source Automation Development Lab (OSADL) wants to simplify the process of certifying Linux-based devices to the IEC’s Safety Integrity Level 2 specs. Now, the group is asking interested parties to sign a letter-of-intent, through which various system components would be pre-certified on a cost-shared basis.
OSADL describes SIL2LinuxMP as “the first community-based Linux certification project of its kind.” The group’s strategy is to certify the “base components” of an embedded Linux RTOS (real-time operating system) running on commercially available board-level computers having single- or multi-core processors. “Base components” refers to the system’s Linux kernel, bootloader, root filesystem, and C library bindings for kernel access; “user space” applications are not included within the project’s scope, other than a limited set of system utilities, such as for system inspection, file management, and self-diagnostics,
According to OSADL, preparing Linux-based systems and devices for safety-critical applications involves two types of preparation:
- Demonstrating “deterministic performance” (i.e. real-time responsiveness) on the part of the software
- Compliance with standards imposed by safety-critical environments
The first of these was facilitated in 2006, when priority-inheritance mutexes were merged into the mainline Linux kernel, as an important step toward transforming Linux into an RTOS. To verify Linux’s real-time capabilities, the OSADL built a “QA Farm,” where more than 50 different Linux systems have undergone continuous long-term testing using “a large number of variables.” Parameters profiled include worst-case system latencies for both idle and heavy load conditions. The systems’ Linux kernels are equipped with the real-time patches developed and maintained by the Linux RT community led by kernel developer Thomas Gleixner.
After running several of the QA Farm’s systems through continuous tests for more than a year, the OSADL published a set of six 3D graphs showing the results. One example, for a 500MHz TI AM3517 processor-based system, appears below.
500MHz TI AM3517: 158µs maximum latency after 87.2 billion cycles
The second requirement, proving the certifiability of Linux-based systems, is “out of the hands of Linux software developers, however, and must be driven by application integrators,” says the OSADL.
“This is because safety properties depend on the entire system and not on the Linux kernel alone, and so this requires an overall approach based on individual requirements,” OSADL continues. “Although a number of successfully certified Linux systems are in use worldwide, they are the result of custom one-of-a-kind certification procedures that were very involved and complex.”
To ease the burden of certifying Linux-based systems, the SIL2LinuxMP project has developed a process whereby specific system components will be certified by TUV Rheinland on a cost-shared basis, resulting in a pool of pre-certified components from which certifiable systems could be built.
A call for action
To accomplish this, the OSADL has issued a call for interested parties to sign a letter of intent. In the letter, the participant pledges to contribute a specific level of funding to the project, contingent on a total level of funding and certain other conditions being satisfied. If the funding and other requirements are met and the project moves forward, the participants will have rights to share in the resulting certifications to varying degrees, based on their membership and pledge levels.
The SIL2LinuxMP letter-of-intent is available for download here (pdf file).
About the OSADL
The OSADL’s goal is “to foster the development of open source projects in the areas of embedded systems and industrial design, including projects focused on real-time and safety-related systems, and special drivers for the Linux kernel required by the automation industry.” Its 42 current members include “equipment manufacturers, hardware and software companies, service providers, and user associations to achieve synergies to grow open source initiatives.”
For further information, visit the OSADL’s website, here.