Joachim Schlosser, Ulrich Kirchmaier, Michael Armbruster, Wolfgang Lindner
{"title":"Fitting Automotive Quality and Safety Expectations to Free and Open Source Software","authors":"Joachim Schlosser, Ulrich Kirchmaier, Michael Armbruster, Wolfgang Lindner","doi":"10.4271/2024-01-2984","DOIUrl":null,"url":null,"abstract":"Due to manifold benefits compared to proprietary software solutions, free and open source software (FOSS) in general, and Linux especially becomes more and more relevant for embedded solutions in the automotive domain, especially in High Performance Computing Platforms (HPC). However, taking over liability and warranty for a FOSS-based problem raises the problem of software quality assurance, and thus risk control. In order to control and minimize the residual risk of a product or service, the traditional and well-accepted measure in the automotive domain is to assess the engineering processes and resulting work products via a process assessment model given by the ASPICE maturity model, as well as requirements from functional safety standards for safety related functions. The underlying process reference model of ASPICE covers software development performed and controlled by an organization. However, this situation is not given by and even contrary to the nature of FOSS development, where high quality is achieved based on feedback and contributions of an open community. While typical software quality assurance measures are widespread in community-based software development, a single entity cannot control these. This, along with the huge code base in Linux makes applying the low-level software related processes ASPICE Process Reference Model (PRM) both meaningless and economically infeasible. In this paper, we propose a selection and tailoring of standard ASPICE accompanied with compensation measures, which accounts for the FOSS specifics. This allows to achieve the quality assurance and risk mitigation goals of ASPICE, and consequently an assessment via the ASPICE Process Assessment Model (PAM) as well as functional safety standards. We further provide details on our solutions and strategies to fulfill the key elements of our solution. The solution presented here is one key factor for our EB corbos Linux – built on Ubuntu to provide a production grade Linux distribution suited to the automotive embedded needs, including liability, warranty, and long-term maintenance.","PeriodicalId":510086,"journal":{"name":"SAE Technical Paper Series","volume":"13 12","pages":""},"PeriodicalIF":0.0000,"publicationDate":"2024-07-02","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"SAE Technical Paper Series","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.4271/2024-01-2984","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 0
Abstract
Due to manifold benefits compared to proprietary software solutions, free and open source software (FOSS) in general, and Linux especially becomes more and more relevant for embedded solutions in the automotive domain, especially in High Performance Computing Platforms (HPC). However, taking over liability and warranty for a FOSS-based problem raises the problem of software quality assurance, and thus risk control. In order to control and minimize the residual risk of a product or service, the traditional and well-accepted measure in the automotive domain is to assess the engineering processes and resulting work products via a process assessment model given by the ASPICE maturity model, as well as requirements from functional safety standards for safety related functions. The underlying process reference model of ASPICE covers software development performed and controlled by an organization. However, this situation is not given by and even contrary to the nature of FOSS development, where high quality is achieved based on feedback and contributions of an open community. While typical software quality assurance measures are widespread in community-based software development, a single entity cannot control these. This, along with the huge code base in Linux makes applying the low-level software related processes ASPICE Process Reference Model (PRM) both meaningless and economically infeasible. In this paper, we propose a selection and tailoring of standard ASPICE accompanied with compensation measures, which accounts for the FOSS specifics. This allows to achieve the quality assurance and risk mitigation goals of ASPICE, and consequently an assessment via the ASPICE Process Assessment Model (PAM) as well as functional safety standards. We further provide details on our solutions and strategies to fulfill the key elements of our solution. The solution presented here is one key factor for our EB corbos Linux – built on Ubuntu to provide a production grade Linux distribution suited to the automotive embedded needs, including liability, warranty, and long-term maintenance.