Session
FOSDEM 2021 Schedule
Safety and Open Source

Community Discussion: Safety and Open Source

We would like to hold an open live discussion on the topic of Safety and Open Source.
We would like to hold an open live discussion on the topic of Safety and Open Source. We welcome folk to join regardless of their experience level in the topic area, and encourage everyone to engage with talking points, questions, debate and so on. Possible talking points might include (but are not limited to): Pros and cons of using Open Source software in safety Examples of Open Source Software being used in safety applications today Legal and moral implications for contributors who have their code used in safety applications Safety analysis techniques for complex software systems Requirements analysis, and verification and validation techniques (including creating argumentation to prove that software is safe enough to use) What we need to do as FOSS creators to shift the industry mentality around the use of FOSS vs. current safety standards Open Source Development practices and how we can map these to practices such as the V-model which are needed for current industry safety standards (e.g. IEC 61508, ISO 26262 ect.) We will upload a link to an online meeting space to do this.

Additional information

Type devroom

More sessions

2/6/21
Safety and Open Source
shaunmooneyct
D.safety
The advantages of Free and Open Source Software are numerous, benefiting industry partners, individual contributors and the wider community who collaborate to advance state of the art. More than ever companies choose FOSS, however the world of safety is behind the curve. Software developed for safety applications often use old development practices and are closed source. Too commonly this code is seen as a competitive advantage, and having spent vast sums developing and analysing for safety, ...
2/6/21
Safety and Open Source
Joffrey Huguet
D.safety
The guarantees provided by SPARK, an open-source formal proof tool for Ada, and its analysis are only as strong as the properties that were initially specified. In particular, use of third-party libraries or the Ada standard libraries may weaken the analysis, if the relevant properties of the library API are not specified. We progressively added contracts to some of the GCC GNAT Ada standard libraries to enable users to prove additional properties when using them, thus increasing the safety of ...
2/6/21
Safety and Open Source
Matthias Valvekens
D.safety
The push for paperless bureaucracy has been going on for quite some time, but the circumstances of the past year made the issue even more pressing than it already was. The PDF specification outlines a number of security features, including but not limited to encryption, digital signatures and redaction support. The goal of this talk is to give a broad overview of the various security mechanisms provided by the PDF standard and their applications in the real world, with a particular focus on ...
2/6/21
Safety and Open Source
Claire Dross
D.safety
SPARK is an open-source tool for formal verification of the Ada. language. Last year, support for pointers, aka access types, was added to SPARK. It works by enforcing an ownership policy somewhat similar to the one used in Rust. It ensures in particular that there is only one owner of a given data at all time, which can be used to modify it. One of the most complex parts for verification is the notion of borrowing. It allows to transfer the ownership of a part of a data-structure, but only for ...
2/6/21
Safety and Open Source
shaunmooneyct
D.safety
Assessing whether a system is safe, requires understanding the system sufficiently. If the system depends on Linux, it is important to understand Linux within that system context and how Linux is used in that system. The challenge is selecting Linux components and features that can be evaluated for safety and identifying gaps that exist where more work is needed to evaluate safety sufficiently. The ELISA project has taken on the challenge to make it easier for companies to build and certify ...