bmw’s journey with the open-source …€¢ jenkins • openstack • zuul • gerrit • … bmw...
TRANSCRIPT
Page 2
BMW CAR IT GMBH.COMPANY FACTS AND SITES.
- BMW Car IT GmbH is a 100% subsidiary of BMW AG.
- Working exclusively for BMW Group.- International working environment with experts of more than 40 countries.
Mission: As the BMW automotive Software House, we bring software trends into our products.What we do: Software for body electronics, driver assistance, automated driving and infotainment, and the corresponding software platforms.
- The Munich site
- founded in 2000 as a BMW “software think tank”.- has about ~200 employees.
- The Ulm site
- founded in 2012 starting with 57 former Nokia developers.- currently ~200 employees in Ulm.
BMW research and innovation center
BMW Car IT Munich
BMW Car IT Ulm
BMW’s Journey with the Open-Source Ecosystem | Lukas Bulwahn | January 18th, 2018
ABOUT THE PRESENTER.
- Lukas Bulwahn
- Role: software developer, following software development projects and consulting managers
- CV:
- PhD in formal methods at TU München,
worked on open-source theorem prover Isabelle (licensed under 3-clause BSD)
- Software Developer at BMW Car IT since 2012:
- since 2012: Research on an Open-Source Software Platform for Autonomous Driving
- since 2014: Open-Source Compliance Manager for BMW Car IT
- since 2017: Focus on Safety Qualification of Linux kernel in the OSADL collaboration project SIL2LinuxMP
- Maintainer of the OpenEmbedded/Yocto Layer for ROS packages since 2013
- Understanding Open-Source & Collaboration from different views
Page 3BMW’s Journey with the Open-Source Ecosystem | Lukas Bulwahn | January 18th, 2018
OVERVIEW
Outside In
Open-Source and License
Compliance
Inside Out
BMW’s Engagement in
Open-Source
Page 4BMW’s Journey with the Open-Source Ecosystem | Lukas Bulwahn | January 18th, 2018
OPEN-SOURCE AND LICENSE COMPLIANCE
Page 5BMW’s Journey with the Open-Source Ecosystem | Lukas Bulwahn | January 18th, 2018
THE SOFTWARE TRANSFORMATION IN THE AUTOMOTIVE INDUSTRY
- Complex algorithms and complex software architectures
- Open systems and consumer hardware:
- Performance compute capabilities with more
customization and connectivity
- Development is focused on time for feature delivery and
not only dominated by cost reduction
- Automotive in the IT software ecosystems:
Automotive companies compete with IT companies
- Simple algorithms and simple software architectures
- Embedded and closed systems and hardware:
- Very limited compute capabilities with limited memory
and no connectivity
- Reduction of hardware costs allow to spend significant
development effort in optimization for embedded devices
- Closed software ecosystem of automotive industry
BMW’s Journey with the Open-Source Ecosystem | Lukas Bulwahn | January 18th, 2018 Page 6
Traditional Automotive Software (1970 – 2000) Modern Automotive Software (since 2000)
Why Software Is Eating The World (by Marc Andreessen, 2011):“Software is also eating much of the value chain of industries that are widely viewed as primarily existing in the physical world.
(…)
Companies in every industry need to assume that a software revolution is coming.”
OPEN-SOURCE SOFTWARE USE AT BMW
Page 7
Software Dev. Tools
• CMake
• Eclipse: Xtext, Sphinx, …
• bitbake/Yocto
• ROS
• …
SW Dev. Services (CI etc.)
• Jenkins
• OpenStack
• zuul
• Gerrit
• …
BMW Display Key
• Part of BMW 7 and BMW 5
series, for sale since 2016
• Includes a small GNU/Linux
distribution (~100 open-
source packages)
Next Headunit System
• Currently under
development
• Includes an extensive
GNU/Linux distribution
(>300 open-source
software packages)
Software Development is impossible without Open-Source
Software tools.
Products are built with increasing number of Open-Source
Software packages.
BMW’s Journey with the Open-Source Ecosystem | Lukas Bulwahn | January 18th, 2018
THE CONCERN WITH OPEN-SOURCE SOFTWARE
Page 8
Supplier
BMW GroupPurchasing Process
Economical Review
Four-eyes principles
Defined and Split Responsibilities
Contractnegotiations
order
accept order
offer
request offer
Binding Contract
Legal Review
download & use
www.anyone.com
Internet
BMW Group
Software Developer
Binding Contract
Software Project
Default Purchasing Process Use and Integration of Open-Source Software
Any software developer can conclude a contract between BMW Group and a third party.
BMW’s Journey with the Open-Source Ecosystem | Lukas Bulwahn | January 18th, 2018
OPEN-SOURCE COMPLIANCE
Page 9
Open-Source
Compliance
Business
It just about
putting enough
money on the
table…
Legal
It just about
getting contracts
right…
Engineering
It just about
solving a simple
technical
problem…
BMW’s Journey with the Open-Source Ecosystem | Lukas Bulwahn | January 18th, 2018
CURRENT OPEN-SOURCE COMPLIANCE LANDSCAPE
Page 14
Establish Process and Procedures: OpenChain Exchange license and copyright information: SPDX
Combine Tools to Toolchain and Integrate into SW Development: Here’s OSS Toolkit, Quartermaster (?)
Gather list of material
• Determine build
dependencies
• Determine which open-
software is used
• Determine which files are
distributed
Tools: Here’s OSS Toolkit (partly)
Obtain and preserve true license information
• Scan for license
information
• Scan for copy-and-paste
into proprietary parts
Tools: Fossology, ScanCode
Report license assessment summary
• Indicate license violation
risks
• Track decisions on
licensing questions
Tools: SW 360 (not yet?)
Manage software assets and license information
• Identify identical software
from multiple projects
• Compare license
assessments from multiple
projects
Tools: SW 360 (partly)
BMW’s Journey with the Open-Source Ecosystem | Lukas Bulwahn | January 18th, 2018
OUR OPEN-SOURCE COMPLIANCE VISION
- All (relevant) open-source projects have complete machine-extractable license information on file basis.
- All build systems allow to aggregate license information from files to installed targets.
- All package builders allow to aggregate license information for each package.
- All distribution builders allow to aggregate license information from packages to complete distributions.
Page 15
Source Code Releases
Complete Distributions
Direct Consequence: Easy-to-extract and precise license and copyright information
Indirect Consequence:
• No need for extensive license scanning (tools), identification and comparison of license information• No need for extensive license information collection in software asset management systems
Current Activities in that Directions
- SPDX identifiers in the Linux kernel
- FSFE’s REUSE initiative (http://reuse.software)
- Quartermaster (http://qmstr.org),to become a Linux Foundation Project
- Here’s OSS Review Toolkit(https://github.com/heremaps/oss-review-toolkit)
- SPDX generation in the bitbake/Yocto tool chain
BMW’s Journey with the Open-Source Ecosystem | Lukas Bulwahn | January 18th, 2018
BMW’S ENGAGEMENT IN OPEN-SOURCE
Page 16BMW’s Journey with the Open-Source Ecosystem | Lukas Bulwahn | January 18th, 2018
ENGAGEMENT IN OPEN-SOURCE
- Scalable development model to create software by massively
many stakeholders and developers
- `Branch, Experiment, Discuss, Merge` method
- Merit-based decision process
- Different approach to software design and architecture than in
traditional large-scale development companies (bazaar vs.
cathedral)
- Self-reinforcing momentum of open-source projects
- Cooperation between companies with shared interest
- Agreement on cooperative software development or
cooperative funding on software development
- Open-Source development:
- Build up single providers without violating anti-trust laws
- Avoids vendor lock-in
- Entails “free riders”, especially in small ecosystems with
clear competition on same markets/customer segments
Page 17
Open-Source as Strategic Business Element Open-Source as Collaboration and Development Model
BMW’s Journey with the Open-Source Ecosystem | Lukas Bulwahn | January 18th, 2018
BMW CAR IT’S GITHUB PAGE
Page 18
A Java library for online and offline map matching with OpenStreetMap
• LoC: 20.000
• Commits: 42 (since 08/2015)
• Stars on github: 241
• Internal developers: 1
• External contributors: 4• Used by others in the community, but
not used internally (yet/anymore)
OpenEmbedded/Yocto Layer forROS packages
• LoC: 1.000
• Commits: 1.500 (since 01/2013)
• Stars on github: 111
• Internal developers: 1
• External contributors: 25• Used by others in the community, but
not used internally (yet/anymore)
Web-based communication framework for Java, C++, JavaScript
• LoC: 200.000
• Commits: 7.000 (since 10/2013)
• Stars on github: 46
• Internal developers: ~10
• External contributors: 0• Used internally, but not used by
others in the community (yet?)
Open-Sourcing Software and Building Communities is difficult. Software developers generally underestimate this.
Some further open-source projects could never establish a continuous development work mode and user community.
BMW’s Journey with the Open-Source Ecosystem | Lukas Bulwahn | January 18th, 2018
AUTOSAR TOOL PLATFORM
- The AUTOSAR Tool Platform (Artop): Common base functionality for AUTOSAR development tools.
- Licensed under an ARTOP (AUTOSAR) License
- For AUTOSAR members and partners:
- Source code is made available; free to use, modify and distribute
- Development process is transparent
- based on a community approach
Page 19BMW’s Journey with the Open-Source Ecosystem | Lukas Bulwahn | January 18th, 2018
GENIVI ALLIANCE
- GENIVI is a nonprofit industry alliance
- drives the broad adoption of open source In-Vehicle Infotainment software
- provides open technology for the connected car
- 140 companies joined
- GENIVI is an umbrella for open-source projects:
- Non-differentiating elements of the software stack of an In-Vehicle Infotainment system.
Page 20BMW’s Journey with the Open-Source Ecosystem | Lukas Bulwahn | January 18th, 2018
OPENPASS
- OpenPASS: Open-Source Virtual Simulation for Vehicles
- Motivated by need in advanced driver assistance systems and partially automated driving functions
- Assess safety effects in traffic
- Open-Source provides reliability and transparency of results obtained by the simulation
- Currently driven by BMW, Daimler and VW
- Working Group in the Eclipse Foundation
Page 21BMW’s Journey with the Open-Source Ecosystem | Lukas Bulwahn | January 18th, 2018
OPEN-SOURCE PLATFORM FOR AUTONOMOUS DRIVING
- Research project started in 2013
- Goal: Create a software platform for autonomous driving, using open-source software
- Idea: Use Linux and use ROS Middleware in the vehicle
- Outcome:
- Definition of the Adaptive AUTOSAR Platform
- Operating system shall be POSIX PSE51 compliant (opens the door for Linux)
- Open-Source development model: Collaborative reference implementation, not just on (infeasible) specifications...
- Linux
- Real-time Linux (3 years of work done by Daniel Wagner)
- Safety-Critical Linux (Nicholas McGuire & team, SIL2LinuxMP project)
- ROS
- BMW moved from proprietary tool to ROS as basic development tool, simulation tool and middleware during development
Page 22BMW’s Journey with the Open-Source Ecosystem | Lukas Bulwahn | January 18th, 2018
THE OSADL SIL2LINUXMP PROJECT
-Mission:-Provide procedures and methods to qualify Linux on a multi-core embedded platform at safety integrity level 2
(SIL2) according to IEC 61508 Ed 2.-Show feasibility of procedures and methods on a real-world system-Show potential for collaboration and re-use of Linux kernel analysis
-Collaborative project of industrial & research partners- project running since 2015, organized by OSADL- Full members: BMW Car IT, Intel (since ‘17), A&R Tech, KUKA, Sensor-Technik Wiedemann (full members till ’16, reviewing members in ‘17)
- Reviewing members: Bosch, Elektrobit, Hitachi, Linutronix, MBDA Italia, MEN Mikro Elektronik, Mentor, OpenSynergy,Pilz GmbH & Co. KG, Renesas, Vienna Water Monitoring Solutions
- Academic members: Alexey Khoroshilov (ISP RAS), Kinggo Chow (Lanzhou Univ.), Julia Lawall (Inria/LIP6), Frank Tränkle (HS Heilbronn)
- Experts from certification bodies: Bernhard Nölte (TÜV Süd), Oliver Busa, Robert Heinen, Hendrik Schäbe (TÜV Rheinland)
- SIL2LinuxMP core working team: Nicholas McGuire, Andreas Platschek, Lucas Böhm, Markus Kreidl (OpenTech)
BMW’s Journey with the Open-Source Ecosystem | Lukas Bulwahn | January 18th, 2018 Page 23
MAIN INSIGHTS FOR LINUX IN SAFETY-CRITICAL APPLICATIONS
- System Safety Engineering:
- Ensure isolation of safety-critical applications with Linux kernel mechanisms (cpu shielding, cgroups, seccomp)
- Minimize the relevant system calls and determine precise constraints
- Linux Kernel Development Quality Assessment and Assurance:
- Analyze kernel git meta data to quantify:
- number of remaining bugs (statistically)
- developer competence and independence of reviews
- Analyze kernel source to show (relative) absence of certain bug classes
- Linux Kernel Improvements and Quality Assurance Activities
Page 24BMW’s Journey with the Open-Source Ecosystem | Lukas Bulwahn | January 18th, 2018
IMPROVING THE LINUX KERNEL
- Core observation
- Linux kernel developers know Linux in total better than anyone else, i.e., any internal team
- Modifying Linux without following its development process reduces quality and increases risk of safety-critical bugs
- To reduce risk, take a stable main-line Linux
- There is no Linux kernel for safety, it is just a well-matured LTS kernel
- Improving Linux- Changes for improvements must follow the Linux development process
- Improvements must be reviewed, accepted and appreciated by kernel developers
- Engagement and interaction with on-going development is more effective than in a deferred post-development mode
- Companies with Linux in safety-critical products should collaborate on quality assurance activities for Linux closely to kernel
developers
BMW’s Journey with the Open-Source Ecosystem | Lukas Bulwahn | January 18th, 2018 Page 25
NEEDED QUALITY ASSURANCE ACTIVITIES FOR SAFETY-CRITICAL SYSTEMS
- Ongoing and future quality assurance activities
- Coding style
- Respect existing coding style
- Provide evidences for its quality
- Monitor and motivate its compliance
- Testing
- Extend tests of the Linux Test Project for the determined syscalls
- Static analysis
- Detect more bug patterns and bug classes with coccinelle, sparse et al.
- Change management
- Track if bug fixes from main line are consequently backported
- Analyze which kernel bugs & fixes impact the systems’ safety
- Activities focus on parts of the Linux kernel relevant for the systems’ safety
Page 26BMW’s Journey with the Open-Source Ecosystem | Lukas Bulwahn | January 18th, 2018
Talk is cheap…
So, we invited Alexey Khoroshilov (LDV) to a three-
day workshop…
…and a group of 8 kernel newbies got 16 bug-fix
patches upstream.
What if we would have worked for even a month…
CONCLUSION
The automotive industry is embracing the open-source ecosystem
- Clear profit from using open-source software
- Contributing back to existing open-source projects
- Building up own open-source projects, communities and ecosystems
- People, knowledge and processes in place to get open-source compliance right
…but still many lessons to be learned…
- Not all of our open-source initiatives have been successful
- Strategic, organizational and technical best practices are sometimes overlooked
… and still more to improve…
- Improve compliance machinery
- Be involved instead of re-engineer
- Motivate upstream work in the whole industrial domain
Page 28
Thanks for your attention!
BMW’s Journey with the Open-Source Ecosystem | Lukas Bulwahn | January 18th, 2018
COPYRIGHT ON THIS PRESENTATION
Page 29
This presentation is licensed under Creative Commons Attribution 4.0 International License (cf.
https://creativecommons.org/licenses/by/4.0/). Here is a human-readable summary of (and not a substitute for) the license.
You are free to:- Share — copy and redistribute the material in any medium or format
- Adapt — remix, transform, and build upon the material for any purpose, even commercially.
Under the following terms:- Attribution — You must give appropriate credit, provide a link to the license, and indicate if changes were made. You may do
so in any reasonable manner, but not in any way that suggests the licensor endorses you or your use.
- No additional restrictions — You may not apply legal terms or technological measures that legally restrict others from doing
anything the license permits.
The licensor cannot revoke these freedoms as long as you follow the license terms.
For other uses beyond this license, e.g., under other terms, such as with endorsement of derived work or removal and change of
attribution, please contact the author.