A Methodology for the Qualification of Operating Systems and Hypervisors for the Deployment in IoT Devices

A Methodology for the Qualification of Operating Systems and Hypervisors for the Deployment in IoT Devices

연구 분야: Verification

학회: International Conference on Computer Safety, Reliability, and Security

In an increasingly interconnected world, where critical infrastructures strongly depend on software applications there is the need to rely on software with demonstrated guarantees of reliability, availability, safety and security. Above all, Operating Systems (OSs) used in critical contexts must have specific characteristics to ensure the correct functioning of software applications and to protect from accidental and malicious failures that could lead to catastrophic consequences. To ensure a secure application layer, applications must run on OSs that possess specific properties, adequate quality and high robustness. This paper presents an OS qualification methodology, which helps designers to select an operating system (or hypervisor) suitable for being employed in a specific critical context. The methodology includes quality, safety, and security evaluations, according to the desired OS properties and the specific context of use. For each evaluation, the procedure is described through the application of different standards (e. g. ISO/IEC 25040, EN50128, ISO26262, ISO/IEC 15408, etc.), thus considering all the necessary aspects with respect to today’s technical and regulatory needs. Finally, an application of the qualifying methodology is presented, showing the safety and security evaluation of a Xen Hypervisor integrated in a railway infrastructure.