A Systematic Framework for the Assessment of Operating Systems
Operating systems (OS) are common to almost all computing platforms including those used in safety related systems (SRS). OS are commercial components and, as with other “off the shelf” components, there can be significant difficulties in assessing their dependability cost-effectively. An OS provides a broad range of support services to application software, hence it cannot easily be assessed independently of the services of the application it supports. Also many of the functions of the OS are at a low level, but are so influential to the operation of the system that they become an intrinsic aspect of deployment risk for those systems. Thus we require a specialised approach to assessing dependability of OS.
This paper considers the use of an assessment framework for OS from the air traffic control domain. Our findings are based on a case study that applied the assessment framework to a simple OS: the L4 micro-kernel. The paper considers the issues in, and potential benefits of, using such a general framework.
KeywordsSystem Call Assessment Framework Safety Objective Operating System Assessment Requirement Satisfaction
Unable to display preview. Download preview PDF.
- (Au 1999).Au A. Heiser G. (1999) “L4 User Manual Version 1.14”, Report Number UNSW-CSE-TR-9801. University of New South Wales, AustraliaGoogle Scholar
- (Conmy 2001).Conmy P and J. McDermid (2001). “High Level Failure Analysis for Integrated Modular Avionics”, 6th Australian Workshop on Industrial Experience with Safety Critical Systems and Software, Brisbane, AustraliaGoogle Scholar
- (CAA 2003).Civil Aviation Authority (2003) CAP 670, “Air Traffic Services Safety Requirements”, CAA Safety Regulations Group, pp B3/1x2013;B3/52, http://www.caa.co.ukldocsl33/CAP670.PDF
- (Pierce 2003).Pierce R.H., (2003), Nicholson M, Faulkner A.G., “Assessing Operating Systems for Use in Safety Related Systems”, International Systems Safety Conference Ottawa 2003.Google Scholar
- (Tews 2001).Tews H. Hartig J. Hohmuth M. (2001) “V-Fiasco — Towards a provably correct Micro-kernel”, Report Numer TUD-Fl0l-l, Technische Universitat Dresden, GermanyGoogle Scholar