NVIDIA engineer Igor Stoppa presented at the Linux Plumbers Conference (LPC) earlier this month around using Linux in safety-critical environments like automobiles and the current shortcomings of the upstream Linux kernel and the challenges on achieving Automotive Safety Integrity Level (ASIL) certifications around the Linux kernel. It’s an interesting read/watch around the safety of Linux (or not) for such strict safety environments.
Igor Stoppa of NVIDIA summed up in his talk abstract:
“Unlike the typical path chosen for attempting to use Linux in safety applications, the approach developed by NVIDIA strives to avoid placing any burden on upstream maintainers and developers.
Upstream maintainers should not have to become safety experts, nor the linux kernel should become encumbered by verbose descriptions of what the code does, for it to achieve safety.
We want to start a discussion about how we achieve this, and how it can coexist with upstream processes.”
In particular, the Automotive Safety Integrity Level ASIL-B level for integrity requirements is the current focus for their Linux kernel concerns and meeting the needs of the automotive industry.
NVIDIA has worked through changes for the Linux kernel for meeting ASIL-B certification in the areas of the kernel used. At the same time being concerned over not making too invasive of changes and working on code that may end up being suitable for upstreaming without being a burden on upstream kernel developers that may not be too concerned around safety standards. Plus much of the Linux kernel codebase not needing to be covered by safety mandates.
Those interested in NVIDIA’s quest toward a verifiably-safe Linux can check out the PDF slides and the entire LPC 2025 video presentation embedded below.
