The document discusses the need for a long-term maintained industrial-grade embedded Linux platform, called the Civil Infrastructure Platform (CIP), to support critical infrastructure systems with lifetimes of 10-60 years. The CIP initiative aims to establish this platform by selecting a long-term supported Linux kernel and filling gaps between open source software capabilities and industrial requirements. It will provide reference implementations, trigger ecosystem development, and share maintenance costs between participating members.
6. 6
A Railway System:
25-50 years products life-cycle
with, again, very reluctant nature for product update and upgrade of hardware
and base software platform
8. The Problems we face …
• The systems that support our modern civilization needs to
survive for a VERY long time.
• The systems not only have to survive for a long time, it has to be
robust, secure and reliable.
• It is a huge deal for those systems to stop the systems for
maintenance or replace.
8
13. Railway Example
13
3 – 5 years development time
2 – 4 years customer specific extensions
1 year initial safety certifications / authorization
3 – 6 months safety certifications / authorization for follow-up releases
(depending on amount of changes)
25 – 50 years lifetime
Image: h%p://www.deutschebahn.com/contentblob/10862328/20160301+Stw+M%C3%BClheim+Innenansicht+1+(1)/data.jpg
14. Power Plant Control Example
14
3 – 5 years development time
0.5 – 4 years customer specific extensions
6 – 8 years supply time
15+ years hardware maintenance after latest shipment
20 – 60 years product lifetime
Image: h%p://zdnet1.cbsistaKc.com/hub/i/r/2016/02/29/10863f77-89b2-40c0-9d8c-dbaa5feb65be/resize/770xauto/490141cef9bddc0db66b492698b53a50/powerplant.jpg
15. Power plant runs on the Linux (please visit our booth)
15
MW
I P L P - A GE N E R AT OR
C V I V
H P L P - B
B oiler
T urbine
S peed Generator
Output
Valve pos ition/ dem and
s ig nal
Control Network
I/O Network
Duplex
System controller
・
・
・
Triple Redundant
Master controller
24. Scope of ac7vi7es
User spaceKernel space
Linux Kernel
App container
infrastructure (mid-term)
App Framework
(opKonally, mid-term)
Middleware/Libraries
Safe & Secure
Update
Monitoring
Domain Specific communication
(e.g. OPC UA)
Shared config. & logging
Real-time support
Real-time /
safe virtualization
Tools Concepts
Build environment
(e.g. yocto recipes)
Test automation
Tracing & reporting
tools
Configuration
management
Device management
(update, download)
Func7onal safety
architecture/strategy,
including compliance
w/ standards (e.g., NERC
CIP, IEC61508)
Long-term support
Strategy:
security patch
management
Standardiza7on
collaboraKve effort with
others
License clearing
Export Control
Classifica7on
On device sobware stack Product development
and maintenance
Application life-
cycle management
Security
24
25. Target Systems
25
Out of scope:
• Enterprise IT and cloud system plakorms.
ARM M0/M0+/M3/M4
8/16/32-bit, < 100 MHz 32-bit, <1 GHz 32/64-bit, <2 GHz 64-bit, >2 GHz
n MiB flash n GiB flash n GiB flash n TiB flash/HDD
< 1 MiB < 1 GiB < 4 GiB > 4 GiB
Arduino class board Raspberry Pi class board SoC-FPGA, e.g.Zync industrial PC
ARM M4/7,A9,R4/5/7
Networked Node Embedded ServerEmbedded ComputerEmbedded Control Unit
special purpose & server based controllerscontrol systems
multi-purpose controllersPLC gateways
Sensor, field device
1 2 3 4
ARM A9/A35,R7,Intel Atom
… Device class no.
Architecture, clock
non-volatile storage
HW ref. platform
ARM offerings1)
RAM
application examples
ARM A53/A72,Core,Xeon
Intel offerings1)
M0/M0+/M3/M4 M4/7, A9, R4/5/7 ARM A9/A35, R7 ARM A53/A72
ARM M0/M0+/M3/M4 ARM M4/7,A9,R4/5/7 ARM A9/A35,R7,Intel Atom ARM A53/A72,Core,XeonQuark MCU Quark SoC Atom Core, Xeon
Target systems
Reference hardware for common sobware plakorm:
§ Start from working the common HW plakorm (PC)
§ Later extend it to small/low power devices
1 4 1) Typical configuraKons Q1/2016