EC Projects Update, including Multi-Core API Update – Scott Hansen
Scott Hansen, The Open Group EC Project Coordinator, provided an update on the EC projects that The Open Group is involved with including: JEOPARD, CHESS, CHARTER, MADES, and the Self-Learning Project. Scott also provided updates on new EC opportunities.
The RT&ES Forum members will consider how they might be able to participate in some of the upcoming opportunities from the EC. Scott will connect with Gerry Walles regarding upcoming UK session on Open Readiness Levels.
Real-Time Safety-Critical Java Specification Update – Doug Locke, LC Systems Services Inc.
Doug Locke provided an update on the work being done in the RT&ES Forum on the real-time Java specification (Safety-Critical Java), which is being worked as a Java Specification Request (JSR) under the Java Community Process and will have a reference implementation and a technology compatibility kit.
Doug gave a progress report, highlighting the following milestones and tasks:
- They have completed their Early Draft Review under the Java Community Process; review comments are now being considered.
- The specificaiton is being edited into final form.
- The reference implementation is now being tested as an open source RTSJ-compliant Java executable on an RTSJ-compliant JVM.
- A Technology Compatibility Kit has been created and is being tested.
- The submission to the JCP Executive Committee will be ready in 2011.
Open Readiness Levels (ORLS) – Gerry Walles, US Navy, NAVAIR
Gerry provided a remote presentation (Open Readiness Levels (ORLs)) on their envisioned work to provide assurance that a system is open from a competitive perspective and not just from a technical/engineering design perspective as has traditionally been the case. They are exploring the possibility of creating a set of ORLs that define demonstrable levels of maturity in “openness” of systems and processes that might then be utilized for evaluation purposes to identify differentiation of open systems and processes in industry and government. They are planning a conference in September and October to introduce their efforts for additional exposure.
NAVAIR will work with OTTF to harmonize supply-chain work and component-level definitions and best practices. They will look at what standards organizations have already done in terms of openness in order to harmonize. There is a meeting in September that they would like us to attend.
Common Vulnerability Enumeration (CVE) Identifiers – Bob Martin, Mitre
CVE is a dictionary of public known vulnerabilities (i.e., not a database), and is rapidly growing in adoption. In combination with the Common Weakness Enumeration (CWE), which offers a more detailed look into what might be causing the common vulnerability in various instances, and combined with some training material it can be effective in increasing awareness and learning from mistakes and writing more secure and robust software. There is also a Common Weakness Scoring System and a Common Weakness Risk Analysis Framework – which together identify the top 25 weaknesses.
The next step is to determine whether we can create a team of folks and a lead to work on a Vignette for an embedded technology family within the Mitre/SWA Forum work in CWAM.
Update OA Handbook – Edwin Lee, Raytheon
Edwin gave a presentation on Open Architecting
(all the way) to the Edge:
Navigating the Matrix.
Use-Case for SCADA/Smart Grid – Joe Weiss, Applied Control Solutions
Joe Weis described some of the major failures that have happened since last year in the area of safety-critical systems (Use-Cases for SCADA/
Smart Grid). Many of them were unintentional, but nonetheless disastrous. Much of the discussion was on real-life scenarios, what might be at the root of some of those failure scenarios, and what we need to consider as we plan for securing safety-critical systems today and in the future.
RT&ES Forum Past and Upcoming Events – Joe Bergmann
Joe Bergmann provided an update from his trip to Japan with Ed Roberts, which was arranged and facilitated by Jack Fujieda San. While in Japan Ed Roberts provided a full-day presentation on Architecting to the Edge, and Joe provided an overview of RT&ES Forum along with some discussion on product evaluation for high assurance. They met with the IPA Chairman, responsible for Common Criteria-related activities in Japan and with JISEC as well.
Joe also discussed the upcoming conference in Taiwan, at which the RT&ES Forum will have a presence, though it will not be a full member meeting as it is only two days (October 24-25, 2011).
The Forum plans to follow up with their Japanese hosts in the near future.