Dependability through Assuredness
(Tuesday October 20)

Objective of Meeting

This session was conducted by the Real-time & Embedded Systems Forum.

The objective of this Tuesday session was to explore Open Architecture concepts, models, tools, and certification in the Real-Time and Embedded Systems environment.

Summary

During the first morning session there was discussion and consideration of how utilizing TOGAF, possibly with extensions, would allow us to take advantage of the open source tools being developed to support SAE's AADL and Automated Tools, with the following presentations driving those discussions:

• Ed Roberts, from Elparazim, an active and knowledgeable member of the Real-time & Embedded Systems Forum, provided a perspective on looking at open architecture from the Enterprise to the Platform level, considering that applicability and fit of TOGAF and AADL.
• Bruce Lewis, Chairman, AADL Standardization Committee, gave an overview of SAE Architecture Analysis & Design Language.

The midday session focused on Open Systems Architecture from a variety of perspectives: MOSA, the need for a general understanding of the landscape at the executive level, and the importance of verification, with the following presentations framing the open systems architecture discussions:

• Glen Logan, Chair of the Real-time & Embedded Systems Forum, and long-time and conscientious contributor of the Forum, provided an excellent and very current presentation, offering an informed glimpse into the Modular Open Systems Approach (MOSA) architecture; its various components, and the players, policies, and practices surrounding it.
• Glen Logan also presented the Open Systems Architecture Pocket Guide, co-drafted by him and Edwin Lee, Raytheon, another stellar contributor in the Real-time & Embedded Systems Forum. The Pocket Guide will be used as an informational piece to promote open architecture for mission-critical applications, in medium to high assurance environments.
• Dr. Gerwin Klein, a very knowledgeable participant from National ICT Australia, presented an interesting and analytical view on Formal Verification of an OS Kernel.

The final session of the day was devoted to the Multiple Independent Levels of Security (MILS) Architecture, Compositional Certification, Cyber-Physical Systems, and Commercial Approaches to Evaluation, Certification, & Accreditation of High Robustness Security Products. These discussions were spearheaded by the following presenters and their presentations:

• Rance de Long, a solid systems analyst and steadfast member of the Real-time & Embedded Systems Forum, offered a good look into the MILS architecture and the challenges of integration.
• Rance de Long also delivered a presentation from John Rushby SRI, another impressive researcher and member of the Real-time & Embedded Systems Forum, on Compositional Certification, which gave a very interesting mathematical and deterministic approach to evaluating assurance levels at the component level.

Joe Bergman provided a compelling rationale for a Commercial Approach to Evaluation, Certification, & Accreditation of High Robustness Security Products and provided feedback on this concept from discussions with key managers from the NSA, NATO NC3 Board, NC3A, EC, NCSA, EDA, & the NSC.

Outputs

Ed Roberts and the Real-time & Embedded Systems Forum and Security Forum will meet at the Joint meeting on November 16-18 to discuss how to extend TOGAF to high-assurance environments.

Edwin Lee and Glen Logan will provide a next DRAFT of the Open Systems Architecture Pocket Guide at the Joint Meeting in San Francisco for review and feedback.

MILS API discussions from the business perspective (IPR and business value) and from the technical perspective (what portions of the APIs do we need to standardize?), will take place in break-out sessions at the San Francisco Joint Meeting in November.

Next Steps

If you are interested in seeing a detailed agenda for the November 16-18 meeting or attending the upcoming joint Real-time & Embedded Systems and Security Forum meeting, please direct enquiries and/or register via email to: j.bergmann@opengroup.org or s.long@opengroup.org.

Links

We are still waiting for public release of the presentations. Links will be provided to the presentations within the next few weeks.