xen and the art of certification
play

Xen and the Art of Certification Nathan Studer and Robert VanVossen - PowerPoint PPT Presentation

Jul 06, 2023 •114 likes •698 views

Xen and the Art of Certification Nathan Studer and Robert VanVossen Xen Developer Summit 2014 Embedded Systems Engineering Certification Why? B787-2139 by MilborneOne is licensed under http://creativecommons.org/licenses/by-sa/3.0/deed.en

  1. Xen and the Art of Certification Nathan Studer and Robert VanVossen Xen Developer Summit 2014 Embedded Systems Engineering

  2. Certification – Why? B787-2139 by MilborneOne is licensed under http://creativecommons.org/licenses/by-sa/3.0/deed.en Xen Developer Summit Xen and the Art of Certification 2014

  3. Certification – Why? Xen Developer Summit Xen and the Art of Certification 2014

  4. Earning Trust  Assurance standards /= “No Bugs” standards  Demonstrate that your software can be trusted  This trust is required for Medical, Automotive, and Aviation applications Xen Developer Summit Xen and the Art of Certification 2014

  5. Importance  Server flaws do not usually cause direct personal harm.  Flaws in safety-critical systems can kill ► Car: Controlled Fireball ► Plane: Passenger Carrying Missile ► Robotic Surgery: Tamed Terminator Xen Developer Summit Xen and the Art of Certification 2014

  6. Overview  DornerWorks Work  Certification  Certifying Core Xen  Patch Examples  Beyond Core Xen  Cost  Conclusion  Questions Xen Developer Summit Xen and the Art of Certification 2014

  7. DornerWorks Work  Started with the ARINC653 scheduler  Continued with support by Navy Small Business Innovative Research (SBIR) topics ► Rockwell Collins ► Leanna Rierson – Designated Engineering Representative (DER) ► Accuvant Xen Developer Summit Xen and the Art of Certification 2014

  8. DornerWorks Work  Main Goals ► Demonstrate Xen on Embedded Platforms ► Understand what certifying Xen to DO-178 Design Assurance Level (DAL)-A and Common Criteria (CC) Evaluation Assurance Level (EAL) 6+ would take ► Begin the certification process ► Do some Formal Methods Analysis on Xen Xen Developer Summit Xen and the Art of Certification 2014

  9. Overview  DornerWorks Work  Certification  Certifying Core Xen  Patch Example  Beyond Core Xen  Cost  Conclusion  Questions Xen Developer Summit Xen and the Art of Certification 2014

  10. What is certification  Requires things that everyone knows should be done, but tend to skip. (e.g. Documentation)  Enforces good practices. (e.g. design and test independence)  Interesting Verification Activities  Prevent certification loopholes. (e.g. tool qualification) Xen Developer Summit Xen and the Art of Certification 2014

  11. Tool Qualification  Normal Software Engineering Reflex: Automation.  What if the automated tool introduces an error? Xen Developer Summit Xen and the Art of Certification 2014

  12. What is Required?  What does each level require ► DAL-E: The software must exist. ► DAL-D: High-Level Documentation/Tests ► DAL-C: Low-Level Documentation/Unit Tests, Statement Coverage, and Code/Data Coupling Analysis ► DAL-B: Branch Coverage ► DAL-A: Source to Object Analysis and MC/DC Coverage  DO-178 D-A closely related to ASIL A-D[1] Xen Developer Summit Xen and the Art of Certification 2014

  13. Example Applications  DAL-E: Infotainment ► Failure is a minor inconvenience  DAL-D/C: Instruments ► Failure can be mitigated by operator  DAL-B/A: Engine Control ► Failure could kill someone without warning Xen Developer Summit Xen and the Art of Certification 2014

  14. Certification Metrics[2]  With Certification Experience ► DAL-A: 0.67 hour / SLOC ► DAL-B: 0.40 hour / SLOC ► DAL-C: 0.20 hour / SLOC ► DAL-D: 0.13 hour / SLOC ► DAL-E: 0.11 hour / SLOC  Without Certification Experience: Multiply by 3-4 Xen Developer Summit Xen and the Art of Certification 2014

  15. Certification Metrics In Pictures  Rate: $100/hr  Two Examples: ► 30K SLOC: ~Xen ARM ► 1 Million SLOC: Small Linux Kernel? Xen Developer Summit Xen and the Art of Certification 2014

  16. Example Certification Cost – 30K SLOC Cost to Certify 30K SLOC versus DAL $2,000,000.00 $1,500,000.00 Cost ($) $1,000,000.00 $500,000.00 $- E D C DAL With Experience Without Experience Xen Developer Summit Xen and the Art of Certification 2014

  17. Example Certification Cost – 30K SLOC Cost to Certify 30K SLOC versus DAL $10,000,000.00 $8,000,000.00 Cost ($) $6,000,000.00 $4,000,000.00 $2,000,000.00 $- E D C B A DAL With Experience Without Experience Xen Developer Summit Xen and the Art of Certification 2014

  18. Example Certification Cost – 1M SLOC Cost to Certify 1M SLOC versus DAL $60,000,000.00 $50,000,000.00 $40,000,000.00 Cost ($) $30,000,000.00 $20,000,000.00 $10,000,000.00 $- E D C DAL With Experience Without Experience Xen Developer Summit Xen and the Art of Certification 2014

  19. Example Certification Cost – 1M SLOC Cost to Certify 1M SLOC versus DAL $300,000,000.00 $250,000,000.00 $200,000,000.00 Cost ($) $150,000,000.00 $100,000,000.00 $50,000,000.00 $- E D C B A DAL With Experience Without Experience Xen Developer Summit Xen and the Art of Certification 2014

  20. Where does the time go? Breakdown of DO-178 Objectives (DAL-A) Planning Development Verification Configuration Management Quality Assurance Certification Source Code Xen Developer Summit Xen and the Art of Certification 2014

  21. Overview  DornerWorks Work  Certification  Certifying Core Xen  Patch Example  Beyond Core Xen  Cost  Conclusion  Questions Xen Developer Summit Xen and the Art of Certification 2014

  22. General Xen Certification Plan  Create a small subset  Reverse Engineer Certification Artifacts for any extant features  Forward Engineer any additional features Xen Developer Summit Xen and the Art of Certification 2014

  23. Xen Certification Guidelines Create a small subset 1. Use virtualization extensions 2. Xen Developer Summit Xen and the Art of Certification 2014

  24. Reverse Engineering – What can go wrong? [3] ► Poor reverse engineering justification ► Lack of a well defined Software Lifecycle Plan ► Abstraction and traceability problems ► No Access to original developers ► Complex and poorly documented source code Commercial Aviation Safety Team (CAST) Xen Developer Summit Xen and the Art of Certification 2014

  25. Access to Original Developers  “Developing the design, requirements, and test cases for a complex software component, such as an operating system, can be nearly impossible without some access to the original developers.” [3] Xen Developer Summit Xen and the Art of Certification 2014

  26. Xen Original Developers  ARM ► Ian Campbell ► Ian Jackson ► Stefano Stabellini ► Julien Grall  X86 ► Kier Frasier? ► ??? Xen Developer Summit Xen and the Art of Certification 2014

  27. Backup Plan Git commit messages. 1. Archived Design Discussions on the 2. mailing list. Xen Developer Summit Xen and the Art of Certification 2014

  28. Documentation and Comments  “Many reverse engineering efforts start with source code that is complex and poorly documented. The code may contain numerous pointers and complex data structures. The code may also not contain commentary statements, which can make it difficult to understand.” [3]  Reoccurring topic on Slashdot Xen Developer Summit Xen and the Art of Certification 2014

  29. Xen Certification Guidelines Create a small subset 1. Use virtualization extensions 2. Focus on ARM 3. Xen Developer Summit Xen and the Art of Certification 2014

  30. Overview  DornerWorks Work  Certification  Certifying Core Xen  Patch Example  Beyond Core Xen  Cost  Conclusion  Questions Xen Developer Summit Xen and the Art of Certification 2014

  31. Good Patch – Design Details  David Vrabel – Scalable Event Channels Xen Developer Summit Xen and the Art of Certification 2014

  32. Design Details (DAL-E) Xen Developer Summit Xen and the Art of Certification 2014

  33. Design Details (DAL-D) Xen Developer Summit Xen and the Art of Certification 2014

  34. Design Details (DAL-D) Xen Developer Summit Xen and the Art of Certification 2014

  35. Design Details (DAL-C, B, A) Xen Developer Summit Xen and the Art of Certification 2014

  36. Overview  DornerWorks Work  Certification  Certifying Xen  Patch Example  Beyond Core Xen  Cost  Conclusion  Questions Xen Developer Summit Xen and the Art of Certification 2014

  37. Xen Helpers ► U-boot or bootloader ► Qemu ► XL and friends ► Dom0 Xen Developer Summit Xen and the Art of Certification 2014

  38. Xen Certification Guidelines Create a small subset 1. Use virtualization extensions 2. Focus on ARM 3. Create a simpler bootloader 4. Xen Developer Summit Xen and the Art of Certification 2014

  39. Xen Helpers ► U-boot or bootloader ► Qemu ► XL and friends ► Dom0 Xen Developer Summit Xen and the Art of Certification 2014

  40. Xen Certification Guidelines Create a small subset 1. Use virtualization extensions 2. Focus on ARM 3. Create a simpler bootloader 4. Use direct pass-through or PV drivers 5. Xen Developer Summit Xen and the Art of Certification 2014

  41. Xen Helpers ► U-boot or bootloader ► Qemu ► XL and friends ► Dom0 Xen Developer Summit Xen and the Art of Certification 2014

Recommend

1 2 3 KASS Certification Procedure Operation System Certification Certification Training

1 2 3 KASS Certification Procedure Operation System Certification Certification Training

1 2 3 KASS Certification Procedure Operation System Certification Certification Training Inspection/Audit Establish MoC Status of Operator/ Maintainer Manual, Function Identify CRB Record and Interfaces Result of Form Ground/

618 views • 24 slides
CAPLA CERTIFICATION PROGRAM EVERYTHING YOU NEED TO KNOW ABOUT THE CERTIFICATION EXAM HOW TO

CAPLA CERTIFICATION PROGRAM EVERYTHING YOU NEED TO KNOW ABOUT THE CERTIFICATION EXAM HOW TO

CAPLA CERTIFICATION PROGRAM EVERYTHING YOU NEED TO KNOW ABOUT THE CERTIFICATION EXAM HOW TO APPLY TO WRITE Once you have logged into the Then under Certification The Certification committee Application Forms may be CAPLA website using

687 views • 37 slides
1 CERTIFICATION Coming to you soon! 2 What is OPTA VIA Certification? OPTA VIA

1 CERTIFICATION Coming to you soon! 2 What is OPTA VIA Certification? OPTA VIA

1 CERTIFICATION Coming to you soon! 2 What is OPTA VIA Certification? OPTA VIA Certification is based on Dr. As Habits of Health Transformational System and is available to all Coaches who want to apply and reinforce their knowledge of

613 views • 19 slides
Certification Pathway to CCC-A Todd R. Philbrick, CAE Director, Certification Ex Officio to the

Certification Pathway to CCC-A Todd R. Philbrick, CAE Director, Certification Ex Officio to the

ASHA Certification Pathway to CCC-A Todd R. Philbrick, CAE Director, Certification Ex Officio to the CFCC Presentation Overview What is Certification? CCC-A Certification Standards CCC-A Application Process FAQs Keep your

209 views • 19 slides
Timer Certification Clinic Timer Certification A prerequisite for training and certification in

Timer Certification Clinic Timer Certification A prerequisite for training and certification in

Timer Certification Clinic Timer Certification A prerequisite for training and certification in all other positions (Descriptions in some of the following slides are as indicated in the rules, although it is not unusual for the referee to

378 views • 10 slides
Wastewater Laboratory Certification Overview 1 What is laboratory certification? Laboratory

Wastewater Laboratory Certification Overview 1 What is laboratory certification? Laboratory

Wastewater Laboratory Certification Overview 1 What is laboratory certification? Laboratory certification is a process that provides formal recognition to the managerial and technical competence of a laboratory performing specific analyses

853 views • 50 slides
AEROREADY CERTIFICATION Components to AEROready TM Certification In order to award an AEROready TM

AEROREADY CERTIFICATION Components to AEROready TM Certification In order to award an AEROready TM

AEROREADY CERTIFICATION Components to AEROready TM Certification In order to award an AEROready TM certification, our consulting team analyses hundreds of site selection criteria with emphasis on the following 10 items Assessment of airport

1.08k views • 75 slides
IIBA Certification Overview 1 Topics A. Benefits of Attaining an IIBA Certification B. IIBA

IIBA Certification Overview 1 Topics A. Benefits of Attaining an IIBA Certification B. IIBA

IIBA Certification Overview 1 Topics A. Benefits of Attaining an IIBA Certification B. IIBA Certification Options C. Applying for Certification D. Exam Activities Register and Prepare E. Benefits of BABOK studying 2/13/2018, p. 1

127 views • 10 slides
SOUTH DAKOTA DEPARTMENT OF EDUCATION OFFICE OF EDUCATOR CERTIFICATION Certification@state.sd.us

SOUTH DAKOTA DEPARTMENT OF EDUCATION OFFICE OF EDUCATOR CERTIFICATION Certification@state.sd.us

SOUTH DAKOTA DEPARTMENT OF EDUCATION OFFICE OF EDUCATOR CERTIFICATION Certification@state.sd.us OUTCOME OF PRESENTATION Understand the importance of educator certification Ability to create a user id and apply for certification

698 views • 53 slides
Voluntary EU certification for Voluntary EU certification for non-residential buildings

Voluntary EU certification for Voluntary EU certification for non-residential buildings

Voluntary EU certification for Voluntary EU certification for non-residential buildings Definition of an Energy Performance Scale Jana Bendalov BUILDING TESTING AND RESEARCH INSTITUTE / Slovakia 09 January 2012 1 Context

609 views • 19 slides
ABIM Certification and Maintenance of Certification You You ACC ABIM ACC ABIM Your

ABIM Certification and Maintenance of Certification You You ACC ABIM ACC ABIM Your

ABIM Certification and Maintenance of Certification You You ACC ABIM ACC ABIM Your professional The Certifying Body society (also ABP, AOA) Help you as a Accountable to the member public Outline 1. Background & Environmental

1.38k views • 29 slides
Certification in Humanitarian Logistics Level I HLC 2007 How Certification came about.HLC

Certification in Humanitarian Logistics Level I HLC 2007 How Certification came about.HLC

1 Certification in Humanitarian Logistics Level I HLC 2007 How Certification came about.HLC 2003 HLC participant feedback Needs to be clear career map, not just specific training initiatives around warehousing or other functions

473 views • 19 slides
8/6/2020 Direct Certification SY 2020-2021 Overview Direct Certification (DC) What is

8/6/2020 Direct Certification SY 2020-2021 Overview Direct Certification (DC) What is

8/6/2020 Direct Certification SY 2020-2021 Overview Direct Certification (DC) What is it? How does it work? HCNP Systems Direct Certification Menu What is DC? Allows SFAs to certify children as eligible for FREE meals

471 views • 13 slides
Ed-Fi Certification Indiana Department of Education May 16, 2018 Welcome Ed-Fi Vendor

Ed-Fi Certification Indiana Department of Education May 16, 2018 Welcome Ed-Fi Vendor

Ed-Fi Certification Indiana Department of Education May 16, 2018 Welcome Ed-Fi Vendor Certification Agenda Introduction to Ed-Fi Ed-Fi Certification Resources Ed-Fi Certification Process & Benefits Q & A

402 views • 28 slides
National Board Certification A Distinction That Matters National Board Certification Program

National Board Certification A Distinction That Matters National Board Certification Program

National Board Certification A Distinction That Matters National Board Certification Program District and Regional Support Division North Carolina Department of Public Instruction Board Certification: A Vehicle for Transforming Teaching Ron

534 views • 30 slides
3/9/2020 The Virtual The Virtual The Virtual The Virtual Certification Certification

3/9/2020 The Virtual The Virtual The Virtual The Virtual Certification Certification

3/9/2020 The Virtual The Virtual The Virtual The Virtual Certification Certification Certification Certification Interview Interview Interview Interview NACC Initial Certification Webinar for a Zoom Conference Interview 1

359 views • 7 slides
Certification is Coming! What you need to know about ALTA Best Practices Implementation and

Certification is Coming! What you need to know about ALTA Best Practices Implementation and

Certification is Coming! What you need to know about ALTA Best Practices Implementation and Certification By Eugene McCullough Mike Shamblin Matthew Rekers Certification is Coming! Prepared for PYAs External Webinar What you need

280 views • 8 slides
CROP CERTIFICATION MANAGEMENT VOLUNTARY CERTIFICATION FOR MARKETPLACE ASSURANCE MARKET ACCESS AND

CROP CERTIFICATION MANAGEMENT VOLUNTARY CERTIFICATION FOR MARKETPLACE ASSURANCE MARKET ACCESS AND

CROP CERTIFICATION MANAGEMENT VOLUNTARY CERTIFICATION FOR MARKETPLACE ASSURANCE MARKET ACCESS AND CERTIFICATION PROGRAM 635 Capitol St. NE, Salem, OR 97031-2532 USA TEL: (503) 986-4620 FAX: (503) 986-4737

314 views • 13 slides
New Distribution Capability (NDC) NDC Certification February 2016 NDC Certification. Why? To

New Distribution Capability (NDC) NDC Certification February 2016 NDC Certification. Why? To

New Distribution Capability (NDC) NDC Certification February 2016 NDC Certification. Why? To provide transparency on existing NDC 1 deployments : Airlines & Distributors To validate the capability of supporting IT 2 providers in these

239 views • 8 slides
Annual Certification and Data Collection Report and Certification Transaction Level Report

Annual Certification and Data Collection Report and Certification Transaction Level Report

Annual Certification and Data Collection Report and Certification Transaction Level Report Overview of Request for Public Comment MAY 2020 COMMUNITY DEVELOPMENT FINANCIAL INSTITUTIONS FUND www.cdfifund.gov Annual Certification and Data

437 views • 20 slides
Introduction To Officiating USA Swimming Officials Certification Overview of

Introduction To Officiating USA Swimming Officials Certification Overview of

Introduction To Officiating USA Swimming Officials Certification Overview of International/National/Local Swimming Swim Meet Structure and Staffing Certification and re-certification requirements Working meets Timer

697 views • 25 slides
DALI-2 New Standards and Mandatory Certification Dr. Scott Wade Technical & Certification

DALI-2 New Standards and Mandatory Certification Dr. Scott Wade Technical & Certification

International Trends in Lighting Forum & Show Sept 26-28, 2017 | Bregenz DALI-2 New Standards and Mandatory Certification Dr. Scott Wade Technical & Certification Manager, Digital Illumination Interface Alliance Contents DiiA

936 views • 17 slides
Teacher Certification Cina Lackey, Certification & Professional Standards Coordinator

Teacher Certification Cina Lackey, Certification & Professional Standards Coordinator

Teacher Certification Cina Lackey, Certification & Professional Standards Coordinator Supporting Schools and Students to Achieve SHERRI YBARRA, ED.S., SUPERINTENDENT OF PUBLIC INSTRUCTION Objectives Idaho Code 33-1201 Resources

303 views • 28 slides
New Legal Framework a Route to Improving Consistency and Confidence in Certification in

New Legal Framework a Route to Improving Consistency and Confidence in Certification in

New Legal Framework a Route to Improving Consistency and Confidence in Certification in Europe Paul Dixon Director of Certification Services National Measurement Office - United Kingdom 12 th Meeting on the Certification Process Improvement

2.69k views • 32 slides

More recommend