Skip to main content
All Posts By

CIP

CIP Core supports Debian 11-based reference images

By Announcement, Blog, In the News

Author: Kazuhiro Hayashi,  CIP Core Team Chair, Toshiba

The Civil Infrastructure Platform (CIP) project has five Working Groups – Security, Kernel, Testing, Software Update and CIP Core. The CIP Core Working Group [1], which was launched in 2019, is responsible for developing, testing and maintaining tools to generate CIP Core reference file system images. We are excited to announce that the working group now supports Debian 11-based reference images. 

The CIP Core images consist of CIP kernel and Debian base systems and provide run-time environments that work with CIP reference hardware [2. ] This library of images is the foundation for CIP developers to enhance new features, test existing functions, and maintain them for the long-term. CIP users can evaluate the features with the reference images in relation to their use cases.

The isar-cip-core [3] now supports 5.10 based CIP kernel [4] and Debian 11 bullseye packages. Isar-cip-core is a set of extensions for isar (an image generation tool) to support CIP reference hardware and other features including, but not limited to, security and software updates. Debian 11 bullseye is currently the “stable” version and will be maintained by Debian project and the LTS project until June 2026. After June 2026, the Debian Extended LTS project will inherit its maintenance. The 5.10 CIP kernel is being maintained by the Linux kernel community as a long term release kernel until Dec. 2026. After this, CIP will maintain it until Jan 2031.

By supporting 5.10 CIP kernel + bullseye based CIP Core images, users can use the latest stable versions of CIP kernel and userland with all the CIP reference hardware[2], some of which are only supported by the 5.10 kernel. 

The CIP Security Working Group[5] is targeting version 5.10 CIP kernel and the bullseye based CIP image to achieve IEC-62443-4-x certification. The CIP Software Updates Working Group[6] is actively improving secure software update mechanisms by SWUpdate and secure boot and expanding devices where the features have been supported, with the latest version of CIP Core image as well as the previous.

The CIP Core Working Group plans to continue to introduce more useful features like above to the 5.10 kernel + bullseye based image and maintain them in cooperation with other working groups and related open source software communities. Contact us via the cip-dev mailing list for feedback, questions, or discussions.

[1] https://wiki.linuxfoundation.org/civilinfrastructureplatform/cip-core

[2] https://wiki.linuxfoundation.org/civilinfrastructureplatform/ciptesting/cipreferencehardware

[3] https://gitlab.com/cip-project/cip-core/isar-cip-core

[4] https://www.cip-project.org/blog/2020/12/02/cip-to-embark-on-kernel-5-10-development-for-slts

[5] https://wiki.linuxfoundation.org/civilinfrastructureplatform/cip-security

[6] https://wiki.linuxfoundation.org/civilinfrastructureplatform/cip-sw-updates

Civil Infrastructure Platform: The Project at Open Source Summit + Embedded Linux Conference Europe

By Blog

The CIP Project has had an eventful week at the Linux Foundation’s Open Source Summit Europe and Embedded Linux Conference in Lyon, France. In addition to the project’s interactive booth, complete with live demos, the project also had a slew of informative and well-attended talks and hosted a completely sold out mini-summit.

Open source thrives on collaboration, and having this face to face time with the open-source community is so valuable in moving our project forward. Check out below for the details of CIP at OSS EU+ ELC.

CIP at OSS EU. Photos by Masato Minda

The Talks

CIP and CIP members had a combined total of five talks over the three-day event.

With more than 200 people in attendance, “Debian and Yocto Project-Based Long-Term Maintenance Approaches for Embedded Products,” given by Kazuhiro Hayashi, Toshiba & Jan Kiszka, Siemens AG, really struck interest from the OSS EU audience.

Jan Kiszka, Siemens AG and Kazuhiro Hayashi, Toshiba

In this talk, the duo explained the overall build and test setup in their talk about Debian and Yocto-based embedded Linux approaches that satisfy the requirement for 10+ year maintenance in industrial products, specifically around security fixes, reproducible builds, and continuous system updates. 

In their talk, “Open Source Projects to Live Long and Prosper: Linux for Smart Infrastructure and Industry,” Yoshitake Kobayashi, Toshiba Corporation & Urs Gleim, Siemens AG gave an overview of the project and what happened during the last year. Especially the working groups of CIP (on kernel, real-time, core packages, security, and software update) led to great progress in providing a sustainable base for any industrial-grade Linux distribution. 

SZ Lin (林上智), Moxa & Pavel Machek, Denx focused on the long-term maintenance strategy of the kernel in their talk calledActivities of Super Long Term Support Kernel Workgroup in Civil Infrastructure Platform Project.”

Wolfgang Mauerer, Siemens AG, contributed to The List is our Process: An Analysis of the Kernel’s Email-based Development Process. Together with main author Ralf Ramsauer, Technical University of Applied Sciences Regensburg, Sebastian Duda from U Erlangen, and L. Bulwahn from the ELISA project, discussed analysis methods how to track the flow of patches into the kernel, and applied their results to specific subsystems of the Linux kernel. Their work contributes to a reliability analysis of the kernel development and can be used to detect remaining weak spots.

Michael Adler from Siemens AG, and Chris Paterson from Renesas presented “A Guide to CIP and Testing,” where they walked the audience through the CIP testing approach at the Automated Testing Summit. 

The CIP Mini-Summit

For the first time, the CIP project organized a mini-summit, a half-day, single-track event covering Linux-based industrial open source systems. With this event, CIP  gathered those interested in open source to provide technical details and in-depth insights to further develop the industrial-grade CIP base layer which is built on the work of established and stable work from the likes of Debian, Yocto Project, Real-Time Linux.  The sold-out event included topics such as 

  • The State of Civil Infrastructure Platform
  • CIP SLTS kernel development (e.g. Patch management for collaboration with stable kernel team)
  • Security in industrial systems and its future
  • Safe software updates for industrial IoT devices
  • Use cases of the CIP open source base layer

The CIP Booth

In addition to great content in the form of talks and sessions, the CIP community also interacted with hundreds of attendees in the CIP booth in the Sponsor Showcase. Within the booth, both Plat’Home and Toshiba demoed their technologies which are built on CIP.

CIP booth at OSS EU

CIP is focused on IEC 62443 for cyber security measures of IACS

By Blog

By Kento Yoshida, CIP security working group member and Senior staff engineer of MPU Product Department, Enterprise Infrastructure Business Division at Renesas Electronics Corporation

The threat of cyber-attacks is growing. With the evolution of IoT, the targets of cyber-attacks are changing from information assets to Industrial Automation and Control System (IACS). Serious damage such as operation stops and the destruction of components are occurring.

In order to deal with evolving cyber attacks, all layers that make up an IACS, such as system services and component functions, in addition to operational layer must be kept secure. For this reason the IEC 62443 series is attracting attention as the de facto cyber security standard for all layers of IACS.

The Civil Infrastructure Platform (“CIP”), the open source project hosted at the Linux Foundation which intends to create reusable building blocks that meet requirements of industrial and civil infrastructure, places great importance on the IEC 62443 series.

Additionally, CIP  supports the adoption of IEC 62443 across the entire industry and are working to roll out solutions as soon as possible as part of an all-out effort to support users’ effort to acquire certification through the newly established CIP security working group.

As a first step to making the industry more secure our working group actively supports suppliers of industrial products so that they can certify using the IEC 62443-4-2 standard, now.

Suppliers will be efficiently able to develop security functions which conform to the IEC 62443-4-2 standard using an open source “base layer” of industrial grade software provided by our activities to reduce development cost, difficulty and uncertainty.

 Currently, we are in the process of completing the investigation of the security functions required for certification and selecting component packages to realize them.

The investigation we conducted showed that more than half of the functionality needed to achieve security level 3 (SL-3) of IEC-62443-4-2 in embedded or network devices can be realized on our platform including our reference hardware.

This high coverage shows that Linux has continued to provide effective and practical features to the industry to date. We are very pleased with this result. And we hope that many industrial-grade software suppliers adopt our open source base layer with high coverage for SL-3 as a development platform for their application.

For more details, visit the CIP security working group wiki page and learn more about our activities. Furthermore, we will present the concept and goal of our activities at the CIP booth at the upcoming Open Source Summit Japan 2019 in Tokyo from July 17 – 19.  If you have any interest in our activities, we hope to see you at the venue.

Renesas RZ/G2M-96CE board adopted as Arm64 reference board for the next CIP SLTS Kernel

By Blog

Today, the Civil Infrastructure Platform (CIP) Project is debuting the Renesas RZ/G2M-96CE board, based on the Arm 64-bit architecture, at Embedded Linux Conference. It is the first-ever using Arm 64-bit architecture that the CIP project will support.

The CIP project aims to support the reference hardware in the project’s Super Long Term Support (SLTS) Linux Kernels and minimal reference filesystem, CIP Core. Testing of the reference hardware will be done using CIP’s customised kernelci and LAVA instances and B@D. This makes it easy for software developers to make the most of the software developed by CIP and allows them to quickly and easily develop industrial applications.

The RZ/G2M-96CE board is based on the Linaro 96boards extended consumer specification. This design allows for rapid prototyping for application, kernel and hardware engineers.  The RZ/G2M-96CE board development kits will be available Q1 2019.

RZ/G2M-96CE board Block Diagram (Preliminary*) includes:

The RZ/G2M-96CE joins the current list of CIP-supported embedded hardware including:

  • RZ/G1M iWave Qseven Development Kit (Armv7)
  • AM335x Beaglebone Black (Armv7)
  • QEMU x86_64

CIP will be showing a selection of the reference hardware, including the RZ/G2M-96CE board, at their booth at the Embedded Linux Conference Europe 2018. Stop by to learn more about the project. For additional information about how Renesas is providing the solutions using CIP kernel on the RZ/G2M-96CE board, please visit here for details.

CIP Member Spotlight: Cybertrust

By Blog

The Civil Infrastructure Platform (CIP) project aims to speed implementation of Linux-based civil infrastructure systems, build upon existing open source foundations and expertise, establish de facto standards by providing a base layer reference implementation, and contribute to and influence upstream projects regarding industrial needs. CIP is driven by some of the world’s leading manufacturers of civil infrastructure systems and industry leaders including Cybertrust, Codethink, Hitachi, Plat’Home, Renesas, Siemens, Moxa and Toshiba.

This spotlight series highlights CIP members and how they are contributing to open source software solutions that will benefit the world’s technical systems. Today, we highlight our newest member Cybertrust Japan, Co., Ltd. in a conversation with Tatsuo Ito, Vice President, CTO and Principal Evangelist.

What does your company do?

Cybertrust is a company that supplies enterprise Linux operating systems, advances its commitment to building secure and reliable embedded equipment and systems. We enable customers to build and manage highly secured IT infrastructures.

Our business portfolio covers Linux and Open Source Software Businesses,  Authentication Businesses, and Security and IoT Businesses. With more than 17 years of development experience of Linux OS, we have a proven track record of building mission critical systems and offering super long support in both server and embedded areas.

Why is your company investing in an open source “base layer” of industrial grade software?

We have a lot of experienced engineers in open source, Linux, embedded systems and employ multiple Linux kernel maintainers. As a Linux distributor, we are committed to making the base layer that supports embedded system foundations more robust and secure. By investing in the base layer, we can supply more secure enterprise Linux operating systems and build more reliable embedded equipment and systems.

Why did your company join CIP?

As a measure against a wide range of springboard attacks, the Bipartisan Legislation was introduced to improve security of IoT devices last summer in the U.S. This requires devices that are purchased by the U.S. government to meet certain minimum security requirements, such as patchable capability to fix security holes. Users also are reaching consensus that embedded devices are not over when they are made, and that they have to be supported definitely, which has resulted in a bigger demand from them for super long-term support (SLTS).

Unlike server systems, platforms for embedded systems vary user-by-user, and are customized for each user. This increases costs and generates resource issues to realize SLTS for both users and platform vendors. CIP aims to achieve SLTS in tandem by a community, not by one company alone. We agreed with the objective, and decided to join the CIP.

How are you currently active in CIP?

We will contribute to step up the level of long-term support and to make it sustainable, which would lead to the safety and security of society as a whole.

Cybertrust is active in CIP by:

  • Contributing to the maintenance of the SLTS kernel in the direction that a Cybertrust member will take over the CIP kernel maintainer
  • Responding to the Spectre/Meltdown issues for LTS4.4/CIP SLTS (under way)
  • Promoting CIP to  our customers/partners or at commercial events
  • Recruiting new CIP members

How are you going to use the software?

As a new member of CIP, we’re excited to go all in. We will be using the open source industrial grade software, such as CIP SLTS kernel and CIP Core, as the foundation for our distro for embedded systems. With CIP’s new collaboration with Debian LTS, we will also use that to complete various use cases.

What benefits have you seen or what do you expect to achieve?

CIP members have the expertise and work together diligently on the same goal of creating an open source framework that is secure and reliable on a global scale. We believe that together, we can address these critical issues.

Where do you see civil infrastructure systems in 20 years?

The embedded infrastructure that supports social infrastructure will cover wider and deeper towards the advancement of IoT, the improvement of convenience by smart city, and the safe and secure society against natural disasters and environmental changes.

Key Learnings at OSS Japan

By Blog

Written by Yoshitake Kobayashi, Chair of the CIP TSC and Senior Manager of Open Source Technology Department at Toshiba 

On June 20-22, more than 1,000 technologists and open source industry leaders attended Open Source Summit Japan and Automotive Linux Summit 2018 in Tokyo. The attendees came from organizations both big and small from 45 countries around the globe. In fact, attendees from overseas increase from 28% last year to 33% this year – making this a true international conference.

The Linux Foundation shared the results of the post-event survey – of attendees surveyed, more than 55% were attending for the first time this year, underscoring the ever-expanding interest and participation in the open source ecosystem. The survey also showcased the fact that around 87% of attendees only attend three or fewer conferences a year, making Open Source Summit Japan and Automotive Linux Summit a valuable place to connect with this audience.

CIP, a Silver Sponsor of the conference, was very active in the event. We kicked off the conference with several face-to-face meetings for the Technical Steering Committee and the Governing Board to discuss the roadmap, security, the new partnership with  Debian Long Term Support activities and welcoming Cybertrust as a new Silver Member. You can see the announcement here.

Dan Cauchy, Executive Director for Automotive Grade Linux, gave a keynote speech about the state of the alliance and mentioned CIP as a key partner in collaboration to make safer systems. AGL and CIP work together Functional Safety. You can see his presentation here.

Additionally, several CIP leaders gave presentations. I gave a presentation about how CIP has progressed since its launch two years ago with the CIP SLTS kernel, Real time Linux, Board at desk (CIP Testing), CIP Core and what’s ahead with collaboration with other open source project like Debian and EdgeX Foundry. You can view the presentation here.

Agustín Benito Bethencourt, Principal Consultant at CodeThink and active CIP TSC member, shared a technical summary that discussed Long Term Support (LTS) the 4.4 Linux kernel, the extensive testing the kernel goes through and the impact of all the technical activity that increases long term maintenance. In total, around 100 people attended the CIP-related sessions led by myself and Agustin.

Additionally, CIP member Wolfgang Mauerer, provided best practices and guidelines for embedded Linux quality assurance to around 50 attendees. He shared tips designing and running automated statistical tests that capture relevant information, how to properly evaluate the resulting data and common mistakes in over-interpreting statistical results and predictions.

In addition to technical content provided these industry visionaries, OSS Japan and ALS  hosted a bustling showcase featuring sponsor booths with interactive demos. The CIP booth had demos from Hitachi, Renesas and Plat’Home and CIP-branded Legos that were a hit with attendees.

Nearly 95% of this year’s attendees visited sponsor booths, and hundreds of attendees participated in the evening booth crawl, time dedicated exclusively to attendee-sponsor interaction, and a lot of them stopped by our booth to discuss our project and make their own CIP Lego man. In fact, we’ve now adopted him into the project and he’s the official CIP mascot!

Additionally, a Long Term Support Initiative (LTSI) workshop was held at the conference with about 50 people. I did a lightning talk to explain all of the CIP activities for LTS and CIP SLTS. The discussion made two things clear: collaboration and education are the keys to maintain the stable kernel. CIP believes this as a fact, which is why we launched a CIP kernel team. Nevertheless, the workshop was great and really helped instill a positive camaraderie for long term support – not just for CIP but all projects and industries like automotive and IoT.

In addition to attending the conference, the CIP project team had time for a little fun….

If you missed CIP at OSS Summit Japan, don’t worry, you’ll have another chance. Come visit us at Open Source Summit Europe, which will be co-located with Embedded Linux Conference and OpenIoT Summit! More details to come…

Real-time patchset for the CIP Kernel

By Blog

By Daniel Wagner, CIP member and kernel maintainer and Embedded Linux Developer at Siemens AG

CIP aims to establish a “base layer” of industrial-grade tooling using the Linux kernel and other open source projects. This base layer will be available for use by developers creating software building blocks that meet safety, security, reliability and other requirements that are critical to industrial and civil infrastructure projects.

As part of this mission, CIP provides super long term support (SLTS) for the kernel. This is an important base and the CIP kernel maintainers, like myself and Ben Hutchings, are working within various environments in order to meet Industrial Grade requirements. As we’re working on the SLTS, we realized that it was missing the real-time aspect of the operation system.

While the Linux Foundation’s Real-Time Linux collaborative project is working on getting the final features from the RPEEMPT_RT patchset into mainline kernel, there is no direct support a -rt flavor for the CIP kernel. There are stable real-time patches for 3.2, 3.10, 3.18, 4.1, 4.4 and 4.9. They are based on top of the LTS trees maintained by Greg Kroah-Hartman, Sasha Levin and Ben Hutchings.

The use cases CIP project is targeting have a life cycle of for more than 10 years. In theory, this is the time in which products shipped with the CIP kernel will be under maintenance. However, identifying and backporting relevant fixes becomes increasingly difficult as upstream kernel development diverges further from a stable branch. Any given SLTS branch is unlikely to be maintainable for more than 10-20 years.

Since the first CIP kernel is also 4.4 based, maintaining a variation of the 4.4-rt stable patchset is possible without too much overhead. The CIP real-time patchset will be follow the 4.4 stable-rt patchset as close as possible. The stable-rt patchset won’t gain new features (e.g. hrtimer rework, cpu hotplug rework, no_hz fixes) because backporting has a high risk of breaking stable-rt. Therefore, the stable-rt maintaining goals overlap with the cip-rt goals, which allows keep the variations of the real-time patchset smaller.

For more details, visit the CIP kernel maintenance wiki page. If you want to join the conversation or ask questions, subscribe to the CIP Dev List.

CIP Launches CIP Core

By Blog

Author: Daniel Sangorrin, CIP TSC member

Today, at Embedded Linux Conference Europe, the CIP Project announced the new CIP Core. The CIP Core project aims to provide minimal reference file system images and SDK’s to test and demonstrate the use of the CIP kernel and the CIP Core packages, a selected set of open source software components that require super long-term support.

Within the open source base layer, the CIP Core connects the CIP Kernel with non-CIP packages (see figure 1).

The implementation of the CIP Core is based on the Deby distribution, a reproducible and maintainable embedded Linux distribution based on poky. Deby overlays meta-debian on top of poky to build file system images out of Debian long-term supported source code packages. The associated source code (metadata) is available on the CIP Core repository and this first release contains support for the following CIP reference hardware:

  • iWave RZ/G1M Qseven Development Kit
  • Beaglebone Black
  • QEMU x86_64
  • DE0-Nano-SoC development kit.

Users of CIP Core can easily extend or customize the reference file system by adding some of the packages already supported by Deby (non-CIP packages).

For more about CIP Core, visit the wiki page, follow the quickstart or check out the source code. You can also register in the CIP’s public mailing list to learn more about CIP’s technical roadmap and participate in discussions.

Civil Infrastructure Project – Year One Update + Whitepaper Release

By Blog

We’ve launched the Civil Infrastructure Platform (CIP) project just over a year ago, and since then, we have made a lot of progress in making Linux usable in industrial grade environments such as power plants, railway systems, and so on. The followings outlines the achievements since the inception of the project.

  • Organized a scheme to maintain the Linux Kernel for 10+ years, including appointing of CIP super long term support (SLTS) kernel, Ben Hutchings.
  • Established v4.4 as the first CIP SLTS Kernel.
  • Identified the reference hardware platform we will target to maintain; Beaglebone Black and Renesas RZ/G1M.
  • Building up a concept of “Base Layer”, which consists of the Linux kernel and very basic components that would be used in the industrial grade system environment.
  • Started a test framework project, Board @ Desk, that will enable anyone to test the CIP Kernel in their environment and share the test result, that will result in a reduction to the testing effort among those who use CIP Kernel for their system.

CIP has been delivering a measurable amount of output over the last year or so.

Today, we are very pleased to inform all of you that CIP recently added even more value to our industry; investing in the Real Time Linux Project, the first formal release of Board @ Desk, and our Whitepaper publication.

  1. Investment in Real-Time Project

Again, our work is to develop a software “Base Layer” to support mission critical systems like power plants and train systems, etc. Those systems require hard, real-real time capability, so it is very critical for us that the Real Time patches be integrated into the mainline kernel sometime in the near future.  To make that happen, CIP decided to take action.

Today, we would like to announce that CIP has become a Gold Member of the Real Time Linux Project hosted at the Linux Foundation.  To be very clear, by becoming a member of Real Time Linux Project, we are not paying money only and are letting someone else do the work, but we will be making a real commitment to the mainlining of the Real Time patch set, ensuring it will happen.

CIP members will not only be contributing to the upstream Kernel, but will also make sure to maintain it so the industry can rely on the use the kernel for their real business.  To do so, CIP member, Daniel Wagner, Siemens, has become the maintainer of -rt series of CIP Kernel.

  1. Formal Release of Board @ Desk

One of the pain-points for the industry has been testing.  We all do testing. In many cases, we all do very similar (if not exactly the same) testing at each company separately, yet testing has been the area which there has not been much collaboration among the open source community up until some years ago.

Recently, we’ve seen this situation changing. Testing has become one of the hot areas of open source collaboration. LTSI launched a testing project 3-4 years ago, called JTA, and the project has now become the origin of an independent project called Fuego, maintained by Tim Bird.  It has also become a source of a testing framework used by Automotive Grade Linux (AGL), called CIAT. Linaro has developed LAVA and is supporting the Linux Kernel community through the kernelci.org project.

For CIP developers, we would like to take this opportunity to announce the release of “Board @ Desk”, an instance of LAVA and KernelCI integrated by Codethink for CIP that should allow a customised and easy to deploy instance of the kernelci.org and LAVA projects that should allow developers to test Linux kernels on boards connected to their own development machines using the tooling used by one of the most successful Open Source and distributed testing projects, kernelci.org.

With this effort, the CIP project is trying to create a first step towards “trusted testing” within CIP for every member and the CIP kernel maintainer.

  1. New Publication

Finally, we have an announcement regarding our new publication.

CIP is a very engineering-centric project in nature. Our main focus is not a sexy and innovative technology, but rather more conservative maintenance work to establish a foundation for the systems that have to run our society for many, many years.

Buildings

Thus, as already mentioned, it has been just over a year since CIP has been started and delivered a measurable amount of output, yet we have not reached out much to the developers to whom CIP can be valuable.  This whitepaper provides the information developers need to understand who we are and what we are doing, and what value our activities can have for them.

We will be distributing the hard copy of the white paper at our booth at Open Source Summit Japan, May 31st through June 2nd. If you are participating in the event, please make sure to come to our booth to pick up the white paper (both English and Japanese versions are available)

You can also download the whitepaper from here.
(Japanese version is also available here)

We are looking forward to seeing as many of you as possible at Open Source Summit Japan!

[Member Blog] Why Codethink is a founding member of the Civil Infrastructure Platform, a Linux Foundation initiative

By Blog

by Agustin Benito Bethencourt, Codethink

On April 4th 2016 a new Linux Foundation initiative called the Civil Infrastructure Platform was announced. CIP aims to share efforts around building a Linux-based commodity platform for industrial grade products that need to be maintained for anything between 25 and 50 years – in some cases even longer. Codethink is one of the founding members.

Industrial grade use cases

In order to describe why this initiative is relevant let me go over the use cases that motivate companies like Siemens, Toshiba, Hitachi, and Renesas to share efforts.

During the Open Source Leadership Summit, Noriaki Fukuyasu (Linux Foundation) and myself, based on the experience of Siemens, Hitachi and Toshiba, described the development life cycle in industrial grade use cases. For example, a railway management system is as follows:

  • Analysis + design + development: 3 – 6 years
  • Customizations and extensions: 2 – 4 years
  • The certification process and other authorizations take a year.
  • Each new release or update has to go through further certifications and authorizations that take between 3 and 6 months.
  • The system is expected to work for between 25 and 50 years.

So on average, an industrial grade product might take 5 to 7 years from conception to deployment. This is coherent with our experience in other industries like automotive, where life cycles are also quite long despite the expected lifetime being shorter.

A key part of the life cycle is maintenance. Due to its length, the associated risks are high. The certification processes to introduce significant changes in any already deployed systems are painful and expensive. In addition, the capacity to simulate a production environment is, in general, limited. This is true in other cases like energy production plans, for instance.

Open Source principles in the Civil Infrastructure industry

It’s obvious that Open Source could have a dramatic impact in this industry. By sharing efforts, corporations can commoditise a significant portion of the base system focusing on differentiation factors, increasing control through transparency and the quality of that starting point over time. Collaboration with upstream will bring even higher impact benefits.

Two immediate challenges come to mind when thinking about Open Source in this industry:

  • Development of processes and practices to produce software for safety critical environments.
  • Bridging the gap between the Open Source approach for software maintenance and the approach currently taken when building large-scale platform projects. For instance, how can approaches oriented to update any specific Open Source software component to the latest upstream stable version be compatible with any typical industry SDLC?

 

READ MORE