Re: [01/05] Embedded with systemd: systemd and SIL

[Robert <debembedded@gmail.com>]

On 17/11/2014 10:08, Jeremiah Foster wrote:
> No. At least this is my understanding of the situation today. SIL, or
> System Integrity Level, is something that needs to be certified by a
> third party and I don't believe that has ever been done for Debian. It
> is usually done for proprietary RTOSes like QNX.

Oh absolutely, Debian has never been SILX out of the box, but I have had
a debian-based system certified SIL1.

> It is not enough. You need to demonstrate that you meet the SIL level
> you claim through certification. 

Yes.

> The two issues are orthogonal. Init processes don't really need to meet
> the SIL level since they're mostly a part of userland. OpenEmbedded is
> almost certainly not used by the current SIL certified OSes out there.

You need to calculate the chance of failure for the total solution which
includes the kernel, init and userspace. Saying that the init process
does not form part of the solution is just wrong.

So /sbin/init has two things going for it in this department

1. History - systems based on /sbin/init have been certified SIL1 (and
maybe SIL2) before.

2. Simplicity - Calculating the possibility of failure is (relatively) easy.

Systemd + Udev has neither.

Now, please --- I am not saying that systemd is not the right choice on
the desktop or server, but I have a use case here where my life will
become significantly more difficult if it becomes hard to get a
non-systemd flavor of linux going.

My question was to find out how other developers in similar situations
are approaching this relatively major transition in the way linux works.