Skip to content

Minutes 16 Feb 2023

Jump to bottom
Paul Albertella edited this page Feb 16, 2023 · 1 revision

Host: Paul Albertella Participants: Kent Nelson, Daniel Krippner, Pete Brink, Raffaele Giannessi

Agenda

  • Proposal: change meeting cadence from weekly to fortnightly
  • Relevant topics from Safety Critical Systems Symposium
  • Review progress on CPU Scheduling topic

Meeting cadence

Discussed changing meeting cadence, but concluded that we would keep it weekly and Paul will simply continue to cancel the meeting if he is not able to attend.

SSS’23 topics

  • The challenges of autonomy
    • Complexity, operational domains, novel technology
  • Moving from document-centric to model-centric approaches
    • Need to update safety cases / evidence to track software updates
  • ML/AI: Architectural models for using ‘untrusted’ components in safety-critical systems
    • Building a ‘cage’ of constraints around a component that provides optimised (but non-deterministic) behaviour
  • Learning from past accidents
    • first 100 years of rail, Fukushima/Chernobyl/3 Mile Island, Deepwater Horizon

Discussion about what to focus on next in OSEP:

Daniel

  • Discussions oscillate between looking at the challenges at high level and atomic level, generic vs specific context
  • Should we try to focus on specific, but generic analysis e.g. of syscalls? Pete
  • Focussing on the atomic level can be meaningless unless we have defined the goal - i.e. the requirements at the system level
  • We can reverse-engineer the intent from what exists, but we still need to do the analysis of the architecture to identify the gaps Paul
  • We are always going to need to look at both perspectives, but does it matter where we start? Kent
  • The challenges tend to be more visible if we start at the higher level - what we need

Conclusion: Pick up the stack memory topic (already started) again and plan the next steps in the analysis, then share results of ‘naive’ analysis by (mostly) non-kernel experts with other WGs and discuss the gaps we identified (and what we may have missed)

Action: Paul to share examples of procedure documents for using STPA to analyse software systems for next week; Pete to review these and discuss with WG, to document a process for how we plan to apply the approach in OSEP

Clone this wiki locally