Announcement

**kpedersen** · 29 August 2018, 04:26 AM

This sounds like a great idea!

Can someone other than Intel make it please?

In all seriousness, this is quite a good thing for the Linux world. Will they be offering safety guarantees? I cannot imagine that they will accept any liability though? Perhaps one of their partners will take this forward commercially?

**gamerk2** · 29 August 2018, 07:15 AM

Originally posted by L_A_G View Post

As much as I dislike Intel, I'm pretty sure they're working on that right now and that's going to be worked on by a different set of engineers. Also, with the turnaround times for high end silicon, it'll still be a couple of years before anything with substantial fixes will be on store shelves regardless of how many stops they pull.

Pretty much this. What I expect to happen is the existing problems will be extended until Intel retires the Core architecture. The problems are architectural, and Intel really can't afford the performance loss of fixing the problems (thanks AMD!).

**newwen** · 29 August 2018, 07:34 AM

Originally posted by LaeMing View Post

Hmmmm... Intel... safety...

This is not about changing Linux to be safe, but selecting a certain subset of Linux components and write documentation and tests to formally prove that it is safe.
This means to apply the missing waterfall development model steps to an existing piece of software.
Currently, almost nobody in the safety-critical software industry uses Intel processors. Embedded PowerPC processors are king here.
I think, however, that Linux cannot replace a hard real-time RTOS in high criticality systems, such as avionics or railway signalling, which require, in addition to memory and resource partitioning, deterministic time partitioning

**newwen** · 29 August 2018, 07:44 AM

Originally posted by kpedersen View Post

This sounds like a great idea!

Can someone other than Intel make it please?

In all seriousness, this is quite a good thing for the Linux world. Will they be offering safety guarantees? I cannot imagine that they will accept any liability though? Perhaps one of their partners will take this forward commercially?

No, they will provide evidences (tests and documentation) that anyone can bring to an Independent Safety Assessment to certify a system that includes safe-Linux to a certain level (regarding the probability of a critical failure)

**schmidtbag** · 29 August 2018, 10:41 AM

Oh great yet another security-centric distro. The only difference here is this one will probably still have backdoors anyway.

**starshipeleven** · 29 August 2018, 11:57 AM

Originally posted by schmidtbag View Post

Oh great yet another security-centric distro. The only difference here is this one will probably still have backdoors anyway.

Safety != security. That's a "false friend" for many non-native speakers as in other languages there is no such distinction.

Safety is about being reliable and not breaking on your own, security is about protection from malicious attack.

Think of industrial equipment or automotive, not OpenBSD.

**milkylainen** · 29 August 2018, 11:57 AM

Originally posted by schmidtbag View Post

Oh great yet another security-centric distro. The only difference here is this one will probably still have backdoors anyway.

Safety-Critical != Security.

**milkylainen** · 29 August 2018, 12:00 PM

And the entire safety-critical crowd is having a laugh at the statement of Intel bringing x86 craptastic with three tons of legacy, embedded root-kit processors, NMI's to EC, NMI to BIOS code etc... and trying to get a safety-critical certification.

**milkylainen** · 29 August 2018, 12:09 PM

Originally posted by newwen View Post

This is not about changing Linux to be safe, but selecting a certain subset of Linux components and write documentation and tests to formally prove that it is safe.
This means to apply the missing waterfall development model steps to an existing piece of software.
Currently, almost nobody in the safety-critical software industry uses Intel processors. Embedded PowerPC processors are king here.
I think, however, that Linux cannot replace a hard real-time RTOS in high criticality systems, such as avionics or railway signalling, which require, in addition to memory and resource partitioning, deterministic time partitioning

The x86 platform is littered with control flow issues. Everything from very difficult to predict CPU's to NMI's to EC and BIOS code. Side processors running with access to all and everything. x86 is a mine field for control freaks.
Linux is a nightmare to certify as a Safety Critical RTOS (with patches).

**schmidtbag** · 29 August 2018, 01:06 PM

Originally posted by starshipeleven View Post

Safety != security. That's a "false friend" for many non-native speakers as in other languages there is no such distinction.

Safety is about being reliable and not breaking on your own, security is about protection from malicious attack.

Think of industrial equipment or automotive, not OpenBSD.

That makes sense, thanks for the clarification (and for being polite about it).

I think it's worth pointing out that the company I work for creates safety materials (mostly for construction workers, emergency personnel, landscapers, etc) where "safety" in that context means hazard prevention. So in my eyes, enhancing protection from malicious attacks is a form of hazard prevention. Using that same definition, being reliable isn't necessarily preventing hazards, it's just simply maintenance.
In other words, my definition of safety is heavily biased by my work environment. I'm not disagreeing with you and I'm not suggesting my definition is right, I'm just explaining how I came to my conclusion. That being said, in the context of a computer in an industrial environment, I can see how "safety" implies "safe to use; no surprises".

Announcement

Intel To Develop Safety-Critical Linux OS Distribution

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment