Debian on Civil Infrastructure Systems
Total Page:16
File Type:pdf, Size:1020Kb
Debian on Civil Infrastructure Systems Yoshitake Kobayashi, CIP TSC chair DebConf17, 12 August 2017 What is CIP? • One of the most conservative open source project in the Linux Foundation • One of the most important project for our civilization DebConf17, Montrial, CANADA 4 Our Civilization is run by Linux DebConf17, Montrial, CANADA 5 https://www.airpano.com/360Degree-VirtualTour.php?3D=San-Francisco-USA Our Civilization is run by Debian DebConf17, Montrial, CANADA 6 https://www.airpano.com/360Degree-VirtualTour.php?3D=San-Francisco-USA Transport Energy Industry Others Industry automation Healthcare Rail automation Power Generation Vehicle control CNC control Building automation Automatic ticket gates Turbine Control Industrial communication Broadcasting DebConf17, Montrial, CANADA 7 https://www.airpano.com/360Degree-VirtualTour.php?3D=San-Francisco-USA CIP members are interested in Debian DebConf17, Montrial, CANADA 8 Why Debian is one of the most important distribution? • Large community-driven ecosystem • To ensure “free software only” in “main” • License checks / discussions ([email protected]) • CPU architecture support (x86, ARM, PPC64, …) • Popular in embedded (Raspbian, Armbian, …) • Long-term support (Debian-LTS) • Scales up and down • Successfully used in several of our products DebConf17, Montrial, CANADA 9 There are issues to be solved… https://www.airpano.com/360Degree-VirtualTour.php?3D=SanDebConf17,-Francisco- USAMontrial, CANADA 10 A Railway System: 25-50 years products life-cycle with very reluctant nature for product update and upgrade of hardware and base software platform Image: http://www.deutschebahn.com/contentblob/10862328/20160301+Stw+M%C3%BClheim+Innenansicht+1+(1)/data.jpg DebConf17, Montrial, CANADA 11 Railway Example 3 – 5 years development time 2 – 4 years customer specific extensions 1 year initial safety certifications / authorization 3 – 6 months safety certifications / authorization for follow-up releases (depending on amount of changes) 25 – 50 years lifetime Image: http://www.deutschebahn.com/contentblob/10862328/20160301+Stw+M%C3%BClheim+Innenansicht+1+(1)/data.jpg DebConf17, Montrial, CANADA 12 The Problems we face … • The systems that support our modern civilization need to survive for a VERY LONG TIME. Until now the corresponding industrial grade super long term maintenance has been done individually by each company. • These systems not only have to survive for a long time, they must be “INDUSTRIAL GRADE” (robust, secure and reliable). And at the same time the industry will also need to catch up with the latest technology trends DebConf17, Montrial, CANADA 14 The Solutions we need … LONG TERM INDUSTRIAL Collaborative MAINTENACE GRADE Development • We need a Collaborative framework to maintain the same open source based system for many, many, many years to keep it secure, robust and reliable. • AND most importantly, we need to do this collaboratively in the upstream communities, not locally. DebConf17, Montrial, CANADA 15 CIP is our solution… Establishing an Open Source Base Layer of industrial-grade software to enable the use and implementation of software building blocks for Civil Infrastructure Systems https://www.cip-project.org/ DebConf17, Montrial, CANADA 16 What is CIP? • One of the most conservative open source project in the Linux Foundation • CIP aims to • Provide an open source base layer for CIP related embedded systems • Work closely with the upstream community • CIP does not aim to • Create a new Linux distribution DebConf17, Montrial, CANADA 17 What is “Open Source Base Layer (OSBL)”? • OSBL is a set of industrial grade core open source software components, Non-CIP packages tools and methods Linux distribution (e.g. Debian) may extend/include CIP packages. User User space • Open source based CIP Reference Filesystem image with SDK Open reference (CIP Core packages) implementation Source • Start from a minimal set Base Layer for controllers in CIP SLTS Kernel industrial grade systems Kernel CIP Reference Hardware Hardware DebConf17, Montrial, CANADA 18 An example of minimal package set for CIP base layer CIP will start with a minimal set of packages. “CIP kernel” and “CIP core” packages run on hardware. Candidates for initial component set Keep these packages for Reproducible build • Kernel • Flex • Git • pax-utils CIP • Kernel Linux kernel + backported patches • Bison • Glib • Pciutils • PREEMPT_RT patch • autoconf • Gmp • Perl • Bootloader • automake • Gzip • pkg-config • U-boot • bc • gettext • Popt • Shells / Utilities • bison • Kbd • Procps • Busybox Dev • Bzip2 • Libibverbs • Quilt • Base libraries packages • Curl • Libtool • Readline CIP Core • Glibc Packages • Db • Libxml2 • sysfsutils • Tool Chain • Dbus • Mpclib • Tar • Binutils • GCC • Expat • Mpfr4 • Unifdef • Security • Flex • Ncurses • Zlib • OpenSSL • gawk • Make • Gdb • M4 NOTE: The maintenance effort varies considerably for different packages. DebConf17, Montrial, CANADA 19 Development plan CIP will increase the development effort to create a industrial grade common base-layer add. pkgs add. pkgs Core Core Core Packages Packages Packages Kernel Kernel Kernel (SLTS) (SLTS) (SLTS) Phase 1: Phase 2: Phase 3: • Define supported kernel • Patch collection, stabilization, back • Domain specific enhancements, subsystems, arch. port of patches for CIP kernel e.g. communication protocols, • Initial SLTS component selection packages industrial IoT middleware • Select SLTS versions • Support more subsystems • Optionally: more subystems • Set-up maintenance • Additional core packages • Optionally: more core packages infrastructure (build, test) DebConf17, Montrial, CANADA 20 Using Debian on Civil Infrastructure Systems DebConf17, Montrial, CANADA 21 How we use Debian for embedded systems • Customization • Tests • Kernel • Documentation • Change kernel options • Open source software licenses • Change Linux kernel version compliance • Modify the kernel source code • Export control classification • Packages • Change compile option • Change package dependencies DebConf17, Montrial, CANADA 22 Creating Debian-based images for embedded systems • There are several way to create Debian-based images for embedded systems Native/Cross-build Debian Install Debian (Pre-rebuild + Cross-build Source code packages) Install Debian Install Native/Cross-build Source Code (Pre(Prebuild-build + Cross-build (CIP kernel, etc.) packages) + Install Target Systems DebConf17, Montrial, CANADA 23 Why Debian is one of the most important distribution? • Large community-driven ecosystem • To ensure “free software only” in “main” • License checks / discussions ([email protected]) • CPU architecture support (x86, ARM, PPC64, …) • Popular in embedded (Raspbian, Armbian, …) • Long-term support (Debian-LTS) • Scales up and down • Successfully used in several of our products • CIP does not want to re-invent the wheel DebConf17, Montrial, CANADA 24 CIP current scope and status DebConf17, Montrial, CANADA 26 Scope of activities App container App Framework infrastructure (mid-term) (optionally, mid-term) Tools Concepts Build environment Functional safety Shared config. (e.g. yocto recipes) architecture/strategy, Domain Specific communication Multimedia (e.g. OPC UA) & logging including compliance Test automation w/ standards (e.g., NERC CIP, IEC61508) Middleware/Libraries Tracing & reporting Long-term support User User space tools Strategy: security patch Configuration management Safe & Secure management Monitoring Security Update Standardization Device management collaborative effort with (update, download) others Real-time / Real-time support Application life- safe virtualization cycle management License clearing Export Control Kernel space Kernel Linux Kernel Classification On device software stack Product development and maintenance DebConf17, Montrial, CANADA 27 Technical topics and related projects (Feb. 2017 version) * Topics will be added or removed to reflect CIP technical interests Application support Infrastructure and Services App Framework HMI Framework FW update App deployment Middleware / Tools Coherent Security Mechanisms Build and production Yocto Project Debian build system Domain specific and IoT communication Configuration/Device management Multimedia Common issues OPC UA TSN Echonet OM2M Configuration Industrial Zeroconf Y2038 Testing Industrial special-purpose protocols Avnu LTP kselftest KernelCI Fuego CIP test suite Linux Kernel RTOS `I Support Security Functional Safety Userland Isolation Kernel Isolation SLTS Backwards compatibility Anomaly detection Live patching Monitoring/error detection SafeG LXC Cgroups LSM SELinux SIL2LinuxMP SIL3 support w Jailhouse Development process Communication SIL2 support SIL3 support Real-time support Monitoring / Tracing GPGPU/FPGA real-time RT/non-RT communication Ftrace ktap Heterogeneous Legal topics SPDX FOSSology Computing Xenomai PREEMPT-RT RAS License Clearing Export Control SoC FPGA Hardware / SoC (x86 or ARM based) Legend To be specified / implemented by CIP Integration / cooperation DebConf17, Montrial, CANADA 28 Scope of activities App container App Framework infrastructure (mid-term) (optionally, mid-term) Tools Concepts Build environment Functional safety Shared config. (e.g. yocto recipes) architecture/strategy, Domain Specific communication Multimedia (e.g. OPC UA) & logging including compliance Test automation w/ standards (e.g., NERC CIP, IEC61508) Middleware/Libraries Tracing & reporting Long-term support User User space tools Strategy: security patch