Zephyr: Developing Open Source For Safety And Security
1y ago
27 Views
1 Downloads
3.98 MB
25 Pages
Report/dmca
Download PDF

Transcription

Zephyr:Developing Open Source forSafety and SecurityKate Stewart, The Linux Foundation, @ kate stewartMarch 14, 20191

Open Source, RTOS, Connected, EmbeddedFits where Linux is too bigZephyr Project: Open source real time operating system Vibrant Community participation Built with safety and security in mind Cross-architecture with growing developertool support Vendor Neutral governance Permissively licensed - Apache 2.0 Complete, fully integrated, highlyconfigurable, modular for flexibility, betterthan roll-your-own Product development ready with LTS Certification ready with AuditableZephyr OS3rd Party LibrariesApplication ServicesOS ServicesKernelHAL2

Why Zephyr? Existing commercial solutionsforce roll your own solutionsand duplication of softwarecomponents Reuse allows NRE costs to beamortized across multipleproducts and solutions Multi-architecture supportreduces platform switchingcosts and vendor lock-inconcerns Roll your own is expensive &difficult to develop & maintain Permissively licensedcorresponds to ease of adoption Corporate sponsorship assureslong term commitment andlongevity Community innovation hasproven faster for progressionand project development is acollaboration of industry expertsFeature Richness Disjoint use cases have led tofragmentation in RTOS space Modular and configurableinfrastructure allows creation ofhighly compact and optimalsolutions for different productsfrom a common originOpen-Source No single RTOS addressesbroad set of embedded usecases across a broad set ofplatforms and architecturesModular InfrastructureAddress FragmentationThe Zephyr OS addresses broad set of embedded use cases across a broad set of platforms and architectures using amodular and configurable infrastructure. It addresses the need for RTOS consolidation. Need for a solution rather than justan ingredient. Lowers entry level barrier for newproducts, speeds software deliveryusing existing feature support Encourages adherence to standardsand promotes collaboration oncomplex features in the project Developers focus on the end-userfacing interfaces instead ofre-inventing low level interfacesReduce costs and improve efficiency through reuse

ArchitectureSmart Objects / High Level APIs / Data Models LWM2MMQTTHTTPDTLSTLSRPLHighly Configurable, Highly Modular Cooperative and Pre-emptive Threading Memory and Resources are typically staticallyallocated Integrated device driver interface Memory Protection: Stack overflow protection,Kernel object and device driver permissiontracking, Thread isolation Bluetooth Low Energy (BLE 4.2, 5.0) with bothcontroller and host, BLE Mesh Native, fully featured and optimized eSystem GPIOUARTKernel Services / SchedulerskernelSPI TCP/UDPThreadDeviceManagementCoAPLow Level APII2COS ServicesApplication ServicesApplicationArchitecture InterfacePlatformRadiosSensorsCrypto HWFlashFully featured OS allows developers to focus on the application4

Zephyr EcosystemZephyr OS The kernel and HAL OS Services such as IPC, Logging, filesystems, cryptoZephyr “Community”Zephyr ProjectKernel / HAL Scheduler Kernel objects and services low-level architecture and board support power management hooks and low levelinterfaces to hardwareZephyr ProjectOS Services and Low level APIs SDK, tools and developmentenvironment Additional middleware and features Device Management and BootloaderZephyr OSKernel / HALOS Services Platform specific drivers Generic implementation of I/O APIs File systems, Logging, Debugging and IPC Cryptography Services Networking and Connectivity Device ManagementApplication ServicesZephyr CommunityApplication Services 3rd Party modules and libraries Support for Zephyr in 3rd partyprojects, for example: Jerryscript,Micropython, Iotivity High Level APIs Access to standardized data models High Level networking protocols

Zephyr Supported Architectures6

Zephyr Project MembershipFebruary 2016February 2019and others .7

Sample of Board SupportNucleo 103RBNRF51Nucleo64 L476RGNucleo 401REHexiwearARM V2M MPS2TI Launchpad WifiBBC MicrobitSiFive HiFive1Arduino DueArduino 101MinnowboardAltera MAX10GalileoNXP FRDM K64FNRF52Seeed CarbonQuark D2000STM32 OlimexinoSTM Mini A15Seeed NitrogenARM V2M BeetleNucleo F411REZedboard PulpinoNRF52 pca10040STM3210cAtmel SAM E70STM32373cRedbear BLE NanoNXP FRDM-KW41Z141 BOARDS TODAY WITH MORE ON WAY cleo F334R8tinyTILESynopsys EMSKAdafruit Feather96b Neon KeyNXP i.MX RT1050

Products Running Zephyr TodayAdero tracking devicesEllcie-Healthy SmartConnected EyewearAntmicro BadgeProGloveScanning GlovesGNARBOX 2.0 SSDRigado IoTGatewayReel BoardhereOSmartwatchGrush GamingToothbrushBlocks Modular SmartwatchIntellinium Safety ShoesPapyr9

Growing a Diverse Community!Repositories 2016/2: 5 2019/2: 15Authors 2016/2: 80 2019/2: 439CommitsBoards 2016/2: 2,806 2019/2: 28,285 2016/2: 4 2019/2: 141 in progress1.13 release statistics:› 13 weeks cycle, with 2 weeks ofmerge window› 1,834 changes (patch commits)› 140 developers identified› 25 companies participated› 20 changes / day ( .8/hour)

Vibrant & Distributed Community11

Developer Tools.SynopsysDesignWareARC DevelopmentTools12

Open Source, RTOS, Connected, EmbeddedFits where Linux is too bigZephyr Project: Open source real time operating system Vibrant Community participation Built with safety and security in mind Cross-architecture with growing developertool support Vendor Neutral governance Permissively licensed - Apache 2.0 Complete, fully integrated, highlyconfigurable, modular for flexibility, betterthan roll-your-own Product development ready with LTS Certification ready with AuditableZephyr OS3rd Party LibrariesApplication ServicesOS ServicesKernelHAL13

Code RepositoriesBackports & KeepingConfigurations in SyncCommunityContributionsvia DCODevelopmentReleasesLong TermSupport“Stable”ProductsAudit ReadyDocumentation(PLATINUMMEMBERS ONLY)AuditableSafety & SecurityProcessesProducts Readyto be Certified14

Zephyr OS: Quality Matters Quality is a mandatory expectationfor software across the industry. Assumptions: Software Quality is enforced acrossZephyr project members Compliance to internal qualityprocesses is expected. Software Quality is not an additionalrequirement caused by functionalsafety standards. Functional safety considers Qualityas an existing pre-condition.FunctionalSafety ProcessQuality asthebasementFunctional SafetyStandards e.g. IEC 61508Basic Quality ManagementSystem15

Zephyr OS: Long Term Support (LTS)It is: Product Focused Compatible with New Hardware: We will make point releases throughoutthe development cycle to provide functional support for new hardware. More Tested: Shorten the development window and extend the Beta cycleto allow for more testing and bug fixing Certifiable: The base for the auditable branchIt is not: A Feature-Based Release: focus on hardening functionality of existingfeatures, versus introducing new ones. Cutting Edge16

Zephyr OS: Preparation for Auditable Established Security Working Group, meets bi-weekly. Secure Coding Practices have been documented for project. Zephyr Project registered as a CVE Numbering Authority with Mitre. Security Working Group has vulnerability response criteria publiclydocumented addressed weaknesses and vulnerabilities already Gold Best Practices for projects as defined by CII cts/74 Leveraging Automation to prevent regressions: Weekly Coverity Scans to detect bad practices in imported codeMISRA scans being incorporated, to evolve to conformance and address issues.17

CII Badge Status:1 of only 3 Golds in the 2,167 projects publicly documenting their practices!18

Zephyr OS: Auditable Code BaseSubset of ZephyrOS kernel derived from LTS code base. Initial and subsequent certification targets to be decided by GoverningBoard. An auditable code base will be established from a subset of Zephyr OS. Code bases will be kept in sync from that point forward. More rigorous processes (necessary for certification) will be appliedbefore new features move into the auditable code base.Processes to achieve selected certification to be determined by SecurityWorking Group and coordinated with Technical Steering Committee.19

2019 Certification Scope (in orange)Not in scope: Platform drivers or BSPs No platform specific powermanagement implementation, onlydevice and kernel part of PM. No Filesystem or sensor driverimplementation, only interface andinfrastructure to support those ontop of existing em/ for more details20

Zephyr OS: Candidate StandardsCoding for Safety, Security, Portability and Reliability in Embedded Systems: MISRA C:2012, with Amendment 1, following MISRA C Compliance:2016 guidanceSafety: IEC 61508: 2010 broadest for robotics and autonomous vehicle engineering companies. Reference for otherstandards in Robotics domain. Sampled Certifications derived from IEC 61508: Auto: ISO 26262; Medical: IEC 62304;Security: Common Criteria (EAL4 but possibly higher levels EAL5,6 )Others: Medical: FDA 510(K), ISO 14971, IEC 60601; Industrial: UL 1998, ?21

Zephyr Developer Participation InformationOrientation: e/contribute guidelines.htmGithub: https://github.com/zephyrproject-rtos/zephyrMail Lists: https://lists.zephyrproject.org/g/mainIRC: #zephyrproject on freenode.netSlack: https://zephyrproject.slack.com (get invite from github page)22

Member InformationJoin Today: https://www.zephyrproject.org/join/Why Become a Member? Industry LeadershipFast track to Technical Steering Committee ParticipationHelp shape the Zephyr Certification ProgramMarketing OpportunitiesMember Networking Opportunities within the Zephyr ProjectLearning and EngagementMeeting ScheduleTechnical Steering CommitteeWeekly, WednesdaysMarketing Working GroupBi-weekly, MondaysSecurity Working GroupBi-Weekly, Wednesdays (members only)Governing BoardMonthly (members only)23

www.zephyrproject.org

Zephyr Project GovernanceGoverningBoardFinancial &MarketingPolicy Oversight OversightTechnical ecurityMaintainerKernel & SubsystemMaintainersDeveloper sMemberIndividualContributors OrganizationsSupportingOrganizationsOthersGoal: Separate business decisions from meritocracy, technical decisionsGoverning Board Decides project goals Sets business , marketing andlegal decisions Prioritizes investments andoversees budget Oversees marketing such asPR/AR, branding, others Identifies memberrequirementsTechnical Steering Committee Serves as the highest technicaldecision body consisting of projectmaintainers and voting membersSets technical direction for the projectCoordinates X-communitycollaboration Sets up new projectsCoordinates releasesEnforces developmentprocessesModerates working groupsOversees relationships with otherrelevant projectsCommunity Code base open to allcontributors, need not be amember to contribute.Path to committer and maintainerstatus through peer assessedmerit of contributions and codereviewsEcosystem enablement

2 Zephyr Project: Open source real time operating system Vibrant Community participation Built with safety and security in mind Cross-architecture with growing developer tool support Vendor Neutral governance Permissively licensed - Apache 2.0 Complete, fully integrated, highly configurable, modular for flexibility, better than roll-your-own

Related Books

Institutionen för systemteknik - DiVA portal

Institutionen för systemteknik - DiVA portal

BUSMASTER – An Open Source Tool

BUSMASTER – An Open Source Tool

6/7 FÄRGPLOTTER Modell GP-1650/1850 - Furuno

6/7 FÄRGPLOTTER Modell GP-1650/1850 - Furuno

6/7 FÄRGPLOTTER Modell GP-1650W/1850W - Furuno

6/7 FÄRGPLOTTER Modell GP-1650W/1850W - Furuno

User Maunal-iPOLiS Mobile-Android-SWEDISH-v2,6

User Maunal-iPOLiS Mobile-Android-SWEDISH-v2,6

DESIGN OF A GLASS FLOOR STRUCTURE - Hem

DESIGN OF A GLASS FLOOR STRUCTURE - Hem

Open Source Used In Cisco Telepresence Management Suite .

Open Source Used In Cisco Telepresence Management Suite .

Open Source Used In Webex Meetings Virtual Desktop App 39

Open Source Used In Webex Meetings Virtual Desktop App 39

The RISCOSS Platform for Risk Management in Open

The RISCOSS Platform for Risk Management in Open

Is Open Source the right model in the Cloud Rush era?

Is Open Source the right model in the Cloud Rush era?

Zephyr Project

Zephyr Project

PopularTags

Recent Views