Sign up or log in to bookmark your favorites and sync them to your phone or calendar.

OS Dependability [clear filter]
Tuesday, October 27

12:00 GMT

The ELISA Project: Enabling Linux in Safety Applications - Lukas Bulwahn, BMW
There is a current industry trend to build fully autonomous systems. To reach this goal, industry must manage complex software systems with high performance, safety and security requirements. The operating system is non-differentiating in these systems and it is intended to be used multiple times over the whole product portfolio for a long time span. These conditions make it appealing to use Linux as a robust open-source operating system. Based on the results of the SIL2LinuxMP project, the Linux Foundation has initiated the ELISA (Enabling Linux In Safety Applications) Project in the beginning of 2019. The talk shall sketch goals of this collaboration, the first identified challenges of addressing safety aspects in the Linux kernel and the plan how to tackle them. Now, one and half years in movement, we can report our first steps and discussion results, go much more into the detailed problems we face and share our insights based on our recent retrospective. These pointers on challenges are generally insightful for any open-source project that wants to argue its quality and management of quality, as well as for companies that would like to develop their products with these insig

avatar for Lukas Bulwahn

Lukas Bulwahn

Safety Software Key Expert, BMW AG
Lukas Bulwahn has received a diploma in computer science and a PhD in formal methods from Technische Universität München. Since 2012, he is working at BMW on research and development of an open-source software platform for autonomous driving systems. One part of this research has... Read More →

Tuesday October 27, 2020 12:00 - 12:50 GMT
OS Dependability Theater

18:30 GMT

Unsolved Problems in Open Source Security - Rhys Arkins, WhiteSource
Very few people today doubt the principles and benefits of Open Source, but you can definitely be forgiven for having concerns about its security. Some of the ways we rely on Open Source today are fundamentally flawed, yet almost never discussed - from registries hosting unsigned artifacts of unreproducible source to package managers which propagate new versions of dependencies at the earliest opportunity. It's time to identify these unsolved - and mostly undiscussed - risks, evaluate their potential impact, and determine what can be done in the Open Source community to address them. This presentation will discuss why we need reproducible builds in open source, verified artifacts, and why the majority of package managers may need a substantial change, while one in particular got it right. It will also provide some recommendations on defensive use of open source particularly for products and industries at the highest risk of software supply chain attacks.

avatar for Rhys Arkins

Rhys Arkins

Director of Product, WhiteSource
Rhys Arkins is the Director of Product at WhiteSource, where he focuses on Develop Solutions. Rhys joined WhiteSource in 2019 through the acquisition of the company he founded, Renovate Bot - an open source tool for automating dependency updates. He is a big proponent of using automation... Read More →

Tuesday October 27, 2020 18:30 - 19:20 GMT
OS Dependability Theater

Twitter Feed