Autosar Requirements feedback

Autosar_Requirements/Notes.md

@@ -0,0 +1,52 @@
+# Autosar Requirements to OS - Analysis and Feedback
+The Automotive WG considers Requirements the Autosar consortion poses on the underlying Operating system.
+## Findings
+The following points came up so far:
+### General question regarding the OS flag
+How is the OS flag to be understood? We understood it as requirements that do require something from the OS to be fulfilled, but if that interpretation is correct, then some requirements miss the flag, i.e. [RS_SAF_10037]
+Followup question, some requirements with the OS flag do not have any children that carry the flag as well, i.e. [RS_SAF_10030] or [RS_SAF_10005], [RS_SAF_10002]
+### AUTOSAR_RS_Safety.pdf
+####   RS_SAF_00001, RS_SAF_21202
+Full time and data determinism is needed on system level, but not necessarily on OS level. We should discuss to what exactly the OS needs to provide to make fulfillment of these requirements possible.
+### [RS_SAF_10028]
+The requirements and its children, is the interpretation correct, that fully deterministic execution is ensured by execution management without OS involvement, as long as sufficient computing ressources are availlable? We need to discuss the ressources requirement, this argument is not that easy for a preemptive OS
+#### [RS_SAF_21202] 
+    Execution Management shall support fully deterministic
+	execution (time determinism and data determinism) so that higher ASIL levels
+	can be achieved even when using parallel processing.
+
+Additional Excerpt from AUTOSAR_EXP_PlatformDesign.pdf:
+
+    Deterministic execution provides a mechanism such that a calculation using a given
+    input data set always produces a consistent output within a bounded time. Execution Management distinguishes between time and data determinism. The former states that the output is always produced by the deadline whereas the latter refers to generating the same output from the same input data set and internal state.
+    The support provided by Execution Management focuses on data determinism as it assumes time determinism has handled by the provision of sufficient resources.
+
+This looks very much like static RT µc thinking, time slices and sufficient ressources to finish the task in time.
+With a preemtive OS like Linux this can not be guaranteed by design of the OS
+We should debate adapting the requirements to better fit a preemptive OS, Execution management in tandem with external watchdogs could ensure a temporal upper bound or drive a safe state.
+Just because one can construct a corner case that delays execution on a a Linux based system indefinitely, does not mean it happens a lot. 
+
+#### [RS_SAF_10037]
+    The requirement should be flagged as OS related, see children requirements referring to OS measures
+    When taken out of context of it's parent requirement, the requirement looks more encompassing than it actually is.
+
+### AUTOSAR_RS_OperatingSystemInterface.pdf
+No issues found, Requirements described in the document can in principle be fulfilled by a Linux kernel 
+### Autosar_SWS_Operating_Interface.pdf
+####   SWS_OSI_02000
+Where does the number of ressource groups (8) come from?
+###	[SWS_OSI_01014] 
+Multi-Process Creation Capability Restriction :  seccomp functionality can do the job
+###	[SWS_OSI_02001] Memory ResourceGroups 
+we can use cgroups or setrlimit, example cgroups:
+```
+    memory.memsw.limit_in_bytes
+	memory.limit_in_bytes
+```
+#### [SWS_OSI_02002] CPU ResourceGroups
+Can be done using cgroups :
+```
+	cpu.cfs_period_us
+	cpu.cfs_quota_us
+```
+

README.md

@@ -1,43 +1,43 @@
-# ELISA Automotive WG - Navigation and file locations
-## Mailing list, Calendar etc
-https://lists.elisa.tech/g/automotive
-## Meeting Minutes
-https://docs.google.com/document/d/1qgEkB6HBjq0ojoTSmI_E18BZco3lORK1ZZDrBH1YQo0/edit#heading=h.b7qah2h40uzb
-## Google drive workgroup folder
-https://drive.google.com/drive/folders/1FCEzywCMfk3wY6lxBoMYjfQ_DQ44S5YS
-## Repo Orientation regarding the Telltale Usecase
-### Original considerations of the Use Case can be found in the folder 
-Initialy_discussed_system_scope
-### The First iteration of the use case that the meta-elisa demo is based on can be found in
-AGL_cluster_demo_use_case
-* Item definition
-* Safety Concept/Requirements
-Our Implementation on top of the AGL Cluster demo is split in two repositories:
-
-The meta layer: (also includes build and running instructions)
-
-https://github.com/elisa-tech/meta-elisa
-
-The actual sourcecode repository:
-
-https://github.com/elisa-tech/wg-automotive-safety-app
-
-### The second iteration of the use case including Eclipse Papyrus based SysML models can be found in
-Cluster_Display_Use_Case_v2
-* Item definition [WIP]
-* SysML models [WIP]
-
-The models are also visible via github page deployment as online viewer at:
-
-https://elisa-tech.github.io/wg-automotive/
-
-The html export might not always be up to date with the models, generation is not automated (yet)
-## Tooling
-### Requirements
-Requirements are stored and handled as Freeplane Mindmap with Functional Safety Addon
-* https://www.freeplane.org/wiki/index.php/Home
-* https://github.com/Jochen-Kall/Safety_concept_tool
-### SysML modeling
-SysML models are done with Eclipse Papyrus with SysML v1.6 Plugin
-* https://www.eclipse.org/papyrus/
-* https://marketplace.eclipse.org/content/papyrus-sysml-16
+# ELISA Automotive WG - Navigation and file locations
+## Mailing list, Calendar etc
+https://lists.elisa.tech/g/automotive
+## Meeting Minutes
+https://docs.google.com/document/d/1qgEkB6HBjq0ojoTSmI_E18BZco3lORK1ZZDrBH1YQo0/edit#heading=h.b7qah2h40uzb
+## Google drive workgroup folder
+https://drive.google.com/drive/folders/1FCEzywCMfk3wY6lxBoMYjfQ_DQ44S5YS
+## Repo Orientation regarding the Telltale Usecase
+### Original considerations of the Use Case can be found in the folder 
+Initialy_discussed_system_scope
+### The First iteration of the use case that the meta-elisa demo is based on can be found in
+AGL_cluster_demo_use_case
+* Item definition
+* Safety Concept/Requirements
+Our Implementation on top of the AGL Cluster demo is split in two repositories:
+
+The meta layer: (also includes build and running instructions)
+
+https://github.com/elisa-tech/meta-elisa
+
+The actual sourcecode repository:
+
+https://github.com/elisa-tech/wg-automotive-safety-app
+
+### The second iteration of the use case including Eclipse Papyrus based SysML models can be found in
+Cluster_Display_Use_Case_v2
+* Item definition [WIP]
+* SysML models [WIP]
+
+The models are also visible via github page deployment as online viewer at:
+
+https://elisa-tech.github.io/wg-automotive/
+
+The html export might not always be up to date with the models, generation is not automated (yet)
+## Tooling
+### Requirements
+Requirements are stored and handled as Freeplane Mindmap with Functional Safety Addon
+* https://www.freeplane.org/wiki/index.php/Home
+* https://github.com/Jochen-Kall/Safety_concept_tool
+### SysML modeling
+SysML models are done with Eclipse Papyrus with SysML v1.6 Plugin
+* https://www.eclipse.org/papyrus/
+* https://marketplace.eclipse.org/content/papyrus-sysml-16