On Mon, Nov 17, 2014 at 11:04 PM, Robert <debembed...@gmail.com> wrote:
> On 17/11/2014 10:08, Jeremiah Foster wrote: > > No. At least this is my understanding of the situation today. SIL, or > > System Integrity Level, is something that needs to be certified by a > > third party and I don't believe that has ever been done for Debian. It > > is usually done for proprietary RTOSes like QNX. > > Oh absolutely, Debian has never been SILX out of the box, but I have had > a debian-based system certified SIL1. > > > It is not enough. You need to demonstrate that you meet the SIL level > > you claim through certification. > > Yes. > > > The two issues are orthogonal. Init processes don't really need to meet > > the SIL level since they're mostly a part of userland. OpenEmbedded is > > almost certainly not used by the current SIL certified OSes out there. > > You need to calculate the chance of failure for the total solution which > includes the kernel, init and userspace. Good luck with that. That much complexity will have a great deal of difficulty getting certified. > Saying that the init process > does not form part of the solution is just wrong. > My understanding is that most certifications stop at kernel and C library. Note that you can have a SIL solution that is made up of modules that are not SIL certified. In other words, you can have one part be SIL 2, another part not SIL, and overall you can get a SIL 2 rating. This sounds a little weird to me, but it is done. > > So /sbin/init has two things going for it in this department > > 1. History - systems based on /sbin/init have been certified SIL1 (and > maybe SIL2) before. > Which systems? > 2. Simplicity - Calculating the possibility of failure is (relatively) > easy. > > Systemd + Udev has neither. > > Now, please --- I am not saying that systemd is not the right choice on > the desktop or server, but I have a use case here where my life will > become significantly more difficult if it becomes hard to get a > non-systemd flavor of linux going. > > My question was to find out how other developers in similar situations > are approaching this relatively major transition in the way linux works. Cheers, Jeremiah
