[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Xen-devel] Organising a workshop to solve safety certification related questions

To: xen-devel <xen-devel@xxxxxxxxxxxxxxxxxxxx>
From: Lars Kurth <lars.kurth.xen@xxxxxxxxx>
Date: Tue, 8 Jan 2019 17:59:27 +0000
Cc: Artem Mygaiev <Artem_Mygaiev@xxxxxxxx>, "robin.randhawa@xxxxxxx" <robin.randhawa@xxxxxxx>, Richard Bellairs <Richard_Bellairs@xxxxxxxx>, Alex Agizim <Alex_Agizim@xxxxxxxx>, Rich Persaud <persaur@xxxxxxxxx>, Committers <committers@xxxxxxxxxxxxxx>, Stewart Hildebrand <Stewart.Hildebrand@xxxxxxxxxxxxxxx>, "vfachin@xxxxxxxxxxxxxx" <vfachin@xxxxxxxxxxxxxx>, Giulio Corradi <giulioc@xxxxxxxxxx>, Irby Thompson <irby@xxxxxxxxxx>, Matt Spencer <Matt.Spencer@xxxxxxx>, Jarvis Roach <Jarvis.Roach@xxxxxxxxxxxxxxx>
Delivery-date: Tue, 08 Jan 2019 17:59:44 +0000
List-id: Xen developer discussion <xen-devel.lists.xenproject.org>

Hi all,

just before XMas Stefano (Xilinx), Alex (EPAM), Artem (EPAM), Matt (Arm), 
Guilio (Xilinx) and Munakata San (Renesas) and me had a quick call see whether 
from a Xen Project community perspective, it would be possible to make 
significant progress towards making more easily Xen Safety certifiable in 2019. 
From a technical viewpoint, I believe we are at a stage where it should be 
possible for a vendor to take a snapshot of upstream Xen and build a safety 
certifiable product on top of it (e.g. taking route 3S to achieve 26262 ASIL 
B). However, the cost of doing so today, would make it likely that vendors who 
tried to do this not share the effort and essentially lead to safety certified 
productized forks of Xen. This is undesirable for both the Xen Project and also 
for the vendors who were in the room, which is a good starting point. There are 
also a number of unresolved technical, business and process issues to make this 
happen.

To make progress on this questions, we discussed the possibility to get a few 
key people from the embedded/automotive Xen community into a room with some 
long established maintainers/committers and agree what is possible. The idea 
was for EPAM (with my help) to organise a 1-2 day workshop alongside an 
automotive event. 

Candidates discussed were
* Embedded World; Nuremberg 26-28 of Feb in Nuremberg, Germany 
* AGL all member meeting; March 5-6 in Tokyo 
* Autoshow in Detroit in April

For this to work, we would need at least 2-3 of our committers to participate 
and at least someone who is maintaining common Hypervisor code. This in my view 
disqualifies holding such a meeting outside of Europe, as most of the Xen 
maintainers are not likely to get the travel approved. We could also try and 
open some of the meetings on-line, but having a core of people in a room would 
be much more productive.

However, if we were to hold the meetings in Europe that may be easier. Options 
on the table would be:
* 28 Feb / 1 March in Frankfurt
* 21/22 Feb in Frankfurt
* Citrix could also host meetings on March 1 and Feb 22nd in Cambridge, but 
there is not enough space on both Thursday's
* Are there any other vendors who would be willing to host the meeting?

Cambridge has the advantage that most of our active committers are local (with 
the exception of Jan and Stefano). For both locations, we would have to 
restrict the meeting to 12 people.

With this in mind, I was wondering who on the committers@ list could 
participate for at least some of the meeting and if so, in which location. 
Secondly, I would like to know who else would be interesting in attending. We 
would also invite a specialist from TUV or another test institute.

What I need is 
- Raise your hands if you are interested 
- Let me know of date / location restrictions
- We could try and so some of this via video conference: would you be able to 
attend if we did open the meeting up to some remote participation

Do this either privately by replying to this mail or publicly by replying to 
the thread

In terms of agenda, we would need to discuss
1) Big picture - get everyone on one page
2) MISRA (as a placeholder for coding standard compliance)
There has not been enough progress on this in my view in 2018 and questions 
that were raised at the summit remain unresolved
3) Process and Technical implications
This would cover topics such as creating and maintaining certification artefacts
Who does this interact with the contribution workflow - aka are there any 
potential issues
Does the current master/staging approach work - if not, would we be open for a 
group of vendors to maintain official base branches for certifiable Xen based 
products
Etc.
4) Business Model
Probably a little too early for that, but I will leave this as an option
If we do get a specialist from a test institute to attend, that may be a 
worthwhile discussion to have
5) We should also discuss related issues which have been stalling, such as 
testing

Best Regards
Lars






_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxxx
https://lists.xenproject.org/mailman/listinfo/xen-devel

Follow-Ups:
- Re: [Xen-devel] Organising a workshop to solve safety certification related questions
  - From: George Dunlap

Prev by Date: Re: [Xen-devel] [PATCH v5 3/4] xen/x86: use SYMBOL when required
Next by Date: Re: [Xen-devel] [PATCH v4 2/2] xen: use SYMBOL when required
Previous by thread: [Xen-devel] Xen Security Advisory 282 v2 (CVE-2018-19967) - guest use of HLE constructs may lock up host
Next by thread: Re: [Xen-devel] Organising a workshop to solve safety certification related questions
Index(es):
- Date
- Thread

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.