9:59:59.000,9:59:59.000
Welcome back, the next talk will be[br]Jan Kiszka

9:59:59.000,9:59:59.000
on Getting more Debian into our[br]civil infrastructure.

9:59:59.000,9:59:59.000
Thank you Michael.

9:59:59.000,9:59:59.000
So my name is Jan Kiszka,

9:59:59.000,9:59:59.000
you may not know me, I'm not a Debian[br]Developer, not a Debian Maintainer.

9:59:59.000,9:59:59.000
I'm just an upstream hacker.

9:59:59.000,9:59:59.000
I'm working for Siemens

9:59:59.000,9:59:59.000
and part of the Linux team there[br]for now 10 years actually,

9:59:59.000,9:59:59.000
more than 10 years.

9:59:59.000,9:59:59.000
We are supporting our business units[br]in getting Linux into the products successfully

9:59:59.000,9:59:59.000
for that long time, even longer actually.

9:59:59.000,9:59:59.000
Today, I'm representing a collaborative[br]project that has some relationship

9:59:59.000,9:59:59.000
with Debian, and more soon.

9:59:59.000,9:59:59.000
First of all, maybe a surprise to some[br]of you,

9:59:59.000,9:59:59.000
our civilization is heavily running on Linux[br]and you may now think about

9:59:59.000,9:59:59.000
this kind of devices where some kind of[br]Linux inside,

9:59:59.000,9:59:59.000
or you may think of the cloud servers[br]running Linux inside.

9:59:59.000,9:59:59.000
But actually, this is about devices closer[br]to us.

9:59:59.000,9:59:59.000
In all our infrastructure,

9:59:59.000,9:59:59.000
there are control systems, there are[br]management systems included

9:59:59.000,9:59:59.000
and many many of them run Linux inside.

9:59:59.000,9:59:59.000
Maybe if you are traveling with Deutsche[br]Bahn to this event these days,

9:59:59.000,9:59:59.000
there was some Linux system on the train[br]as well,

9:59:59.000,9:59:59.000
as they were on the ???,[br]so on the control side.

9:59:59.000,9:59:59.000
Energy generation.

9:59:59.000,9:59:59.000
Power plants, they are also run with Linux

9:59:59.000,9:59:59.000
in very interesting ways, in positive ways

9:59:59.000,9:59:59.000
Industry automation, the factories, they[br]have control systems inside

9:59:59.000,9:59:59.000
and quite a few are running Linux inside.

9:59:59.000,9:59:59.000
And also other systems like health care,[br]diagnostic systems.

9:59:59.000,9:59:59.000
These big balls up there, they're magnetic[br]resonance imaging systems,

9:59:59.000,9:59:59.000
they're running on Linux for over[br]a decade now.

9:59:59.000,9:59:59.000
Building automation, not at home but in[br]the professional building area.

9:59:59.000,9:59:59.000
Actually, as I said, the train systems are[br]going to be more on Debian soon.

9:59:59.000,9:59:59.000
We have Debian for quite a while in[br]power generation.

9:59:59.000,9:59:59.000
"We", in this case, Siemens.

9:59:59.000,9:59:59.000
We have the box underneath,[br]on the third row,

9:59:59.000,9:59:59.000
the industrial switch there is running[br]Debian.

9:59:59.000,9:59:59.000
And the health care device is still[br]on Ubuntu, but soon will be Debian as well.

9:59:59.000,9:59:59.000
Just to give some examples.

9:59:59.000,9:59:59.000
These are the areas where we, as a group,[br]and we, as Siemens, are active.

9:59:59.000,9:59:59.000
But there are some problems with this.

9:59:59.000,9:59:59.000
Just take an example from a railway[br]system.

9:59:59.000,9:59:59.000
Usually, this kind of devices installation,[br]they have a lifetime

9:59:59.000,9:59:59.000
of 25, 30 years.

9:59:59.000,9:59:59.000
It used to be quite simple with these[br]old devices,

9:59:59.000,9:59:59.000
simple in the sense that it was mechanic,[br]it was pretty robust

9:59:59.000,9:59:59.000
I was once told that one of these locking[br]systems,

9:59:59.000,9:59:59.000
they were basically left in a box out there[br]for 50 years and no one entered the ???

9:59:59.000,9:59:59.000
No one touched the whole thing for 50 years

9:59:59.000,9:59:59.000
These times are a little bit over.

9:59:59.000,9:59:59.000
Nowadays, we have more electronic systems[br]in these systems

9:59:59.000,9:59:59.000
and they contain of course software.

9:59:59.000,9:59:59.000
What does it mean?

9:59:59.000,9:59:59.000
Just to give you an idea, how this kind[br]of development looks like in this domain.

9:59:59.000,9:59:59.000
So ???

9:59:59.000,9:59:59.000
development takes quite a long time[br]until the product is ready,

9:59:59.000,9:59:59.000
3 to 5 years.

9:59:59.000,9:59:59.000
Then, in the railway domain, it's mostly[br]about customizing the systems

9:59:59.000,9:59:59.000
for specific installations of the railway[br]systems,

9:59:59.000,9:59:59.000
not only in Europe, they are kind of messy[br]regarding the differences.[br]

9:59:59.000,9:59:59.000
So you have specific requirements of the[br]customer, the railway operators

9:59:59.000,9:59:59.000
to adjust these systems for their needs.

9:59:59.000,9:59:59.000
And you see by then,

9:59:59.000,9:59:59.000
after 5 years already, a Debian version[br]would be out of maintenance and

9:59:59.000,9:59:59.000
if you add an other year, you can start[br]over again.

9:59:59.000,9:59:59.000
So, in the development time, you may[br]change still the system

9:59:59.000,9:59:59.000
but later on, it's getting hard to change[br]the system ???

9:59:59.000,9:59:59.000
because then the interesting parts start[br]in this domain, not only in this domain,

9:59:59.000,9:59:59.000
that's safety and security assessment and[br]approval for these systems.

9:59:59.000,9:59:59.000
And that also takes time.

9:59:59.000,9:59:59.000
For example, in Germany, you go for the[br]Eisenbahn ???

9:59:59.000,9:59:59.000
and you ask to get a permission to run[br]that train on the track

9:59:59.000,9:59:59.000
and if they say "Mmh, not happy with it",[br]you do it over again

9:59:59.000,9:59:59.000
and it takes time

9:59:59.000,9:59:59.000
and if you change something in the[br]system, it becomes interesting

9:59:59.000,9:59:59.000
because some of these certification[br]aspects become invalid,

9:59:59.000,9:59:59.000
you have to redo it.

9:59:59.000,9:59:59.000
And then of course, these trains on[br]the installation,

9:59:59.000,9:59:59.000
the have a long life as I mentioned[br]before.

9:59:59.000,9:59:59.000
So how do you deal with this in[br]an electronic device and

9:59:59.000,9:59:59.000
in software-driven devices over[br]this long phase?

9:59:59.000,9:59:59.000
That's our challenge

9:59:59.000,9:59:59.000
and just one example and there are[br]more in this area.

9:59:59.000,9:59:59.000
At the same time, what we see now is[br]these fancy buzzwords

9:59:59.000,9:59:59.000
from cloud business entering[br]our conservative, slowly moving domain.

9:59:59.000,9:59:59.000
We talk about IoT, industrial IoT, so[br]connected devices.

9:59:59.000,9:59:59.000
We talk about edge computing, it means[br]getting the power of the cloud

9:59:59.000,9:59:59.000
to the device in the field, closer to[br]where the real things happen.

9:59:59.000,9:59:59.000
So, networking becomes a topic.

9:59:59.000,9:59:59.000
In the past, you basically built a system,[br]you locked it up physically

9:59:59.000,9:59:59.000
you never touched it again, except[br]the customer complains that

9:59:59.000,9:59:59.000
there were some bug inside.

9:59:59.000,9:59:59.000
These days, the customer asks us to[br]do a frequent update.

9:59:59.000,9:59:59.000
And actually the customers ???[br]ask for this.

9:59:59.000,9:59:59.000
So you have to have some security[br]maintenance concept in this

9:59:59.000,9:59:59.000
which means regular updates, regular fixes

9:59:59.000,9:59:59.000
and that is of course ???[br]for this kind of doing the way you have

9:59:59.000,9:59:59.000
slow running and long running[br]support cycles.

9:59:59.000,9:59:59.000
To summarize, there's a very long time[br]we have to maintain our devices in the field

9:59:59.000,9:59:59.000
and so far, this was mostly done[br]individually.

9:59:59.000,9:59:59.000
So each company, and sometimes quite[br]frequently also inside the company,

9:59:59.000,9:59:59.000
each product group, development ???[br]did it individually.

9:59:59.000,9:59:59.000
So everyone was having their own kernel,[br]everyone was having their own base system,

9:59:59.000,9:59:59.000
it was easy to build up so it should be[br]easy to maintain.

9:59:59.000,9:59:59.000
Of course it's not.

9:59:59.000,9:59:59.000
This was one thing, one important thing.

9:59:59.000,9:59:59.000
And then, of course, we not always are[br]completely happy

9:59:59.000,9:59:59.000
with what the free software gives us.

9:59:59.000,9:59:59.000
There are some needs to make things[br]more robust,

9:59:59.000,9:59:59.000
to make things more secure, reliable.

9:59:59.000,9:59:59.000
So we have to work with these components[br]and improve them, mostly upstream,

9:59:59.000,9:59:59.000
and that, of course, is not a challenge[br]we have to address in this area.

9:59:59.000,9:59:59.000
And catch up with a trend coming in from[br]the service space on the cloud space.

9:59:59.000,9:59:59.000
So with this challenge…

9:59:59.000,9:59:59.000
it was the point where we, in this case,[br]a number of big users of

9:59:59.000,9:59:59.000
industrial open source systems,

9:59:59.000,9:59:59.000
came together and created a new[br]collaborative project.

9:59:59.000,9:59:59.000
That's what you do in the open source[br]area.

9:59:59.000,9:59:59.000
This project is called Civil Infrastructure[br]Platform.

9:59:59.000,9:59:59.000
It's under the umbrella of the Linux[br]Foundation,

9:59:59.000,9:59:59.000
there are many projects of the Linux[br]Foundation you may have seen,

9:59:59.000,9:59:59.000
but most of them are more in the area[br]of cloud computing

9:59:59.000,9:59:59.000
or in the area of media.

9:59:59.000,9:59:59.000
Automotive computing, this one is actually[br]even more conservative than the other ones

9:59:59.000,9:59:59.000
and it's also comparably small.

9:59:59.000,9:59:59.000
Our goal is to build this open source[br]base layer for these application scenarios

9:59:59.000,9:59:59.000
based on free software, based on Linux.

9:59:59.000,9:59:59.000
We started two years ago.

9:59:59.000,9:59:59.000
That's basically our structure, to give[br]you an idea.

9:59:59.000,9:59:59.000
Member companies, the 3 on the top are[br]founding platinum companies,

9:59:59.000,9:59:59.000
Hitachi, Toshiba and Siemens.

9:59:59.000,9:59:59.000
We have Codethink and Plat'Home[br]on board,

9:59:59.000,9:59:59.000
we had them on board for the first time[br]as well.

9:59:59.000,9:59:59.000
Renesas joined us and just recently also[br]Moxa.

9:59:59.000,9:59:59.000
So if you compare this with other[br]collaborative projects,

9:59:59.000,9:59:59.000
it's a pretty small one, comparatively[br]small one,

9:59:59.000,9:59:59.000
so our budget is also limited.

9:59:59.000,9:59:59.000
It's still decent enough, but, well,[br]we are growing.

9:59:59.000,9:59:59.000
And based on this budget, we have[br]some developers being paid,

9:59:59.000,9:59:59.000
Ben is paid this way, you will see[br]later on why.

9:59:59.000,9:59:59.000
And we have people working from[br]the companies in the communities

9:59:59.000,9:59:59.000
and we are ramping up on working with[br]communities

9:59:59.000,9:59:59.000
to improve the base layers for our needs.

9:59:59.000,9:59:59.000
Everything is open source, we have[br]a GitLab repo as well and

9:59:59.000,9:59:59.000
you can look up there what's going on there.

9:59:59.000,9:59:59.000
So, the main areas of activities where[br]we are working on right now.

9:59:59.000,9:59:59.000
4 areas.

9:59:59.000,9:59:59.000
Kernel maintenance,

9:59:59.000,9:59:59.000
we started with declaring one kernel as[br]the CIP kernel to have

9:59:59.000,9:59:59.000
an extended support phase for this kernel[br]of 10 years.

9:59:59.000,9:59:59.000
This is what we're aiming for, which is[br]feasible already

9:59:59.000,9:59:59.000
for some enterprise distros[br]in a specific area

9:59:59.000,9:59:59.000
but here we are talking about an industrial[br]area, an embedded area

9:59:59.000,9:59:59.000
so there is some challenge.

9:59:59.000,9:59:59.000
I'm saying 10 years, there's sometimes[br]written 15 years,

9:59:59.000,9:59:59.000
we will see after 10 years if we follow[br]on to this.

9:59:59.000,9:59:59.000
Along with this, of course, comes the need[br]for real time support.

9:59:59.000,9:59:59.000
Currently, it's a separated branch, but[br]it's going to be integrated eventually

9:59:59.000,9:59:59.000
to have the PREEMPT_RT branch [br]??? doing this.

9:59:59.000,9:59:59.000
As I mentioned before, Ben is currently[br]our 4.4 CIP kernel maintainer.

9:59:59.000,9:59:59.000
This is the core, basically where we[br]started activities.

9:59:59.000,9:59:59.000
We continued in extending this on[br]test infrastructure,

9:59:59.000,9:59:59.000
so we invested a bit in improving on[br]??? infrastructure,

9:59:59.000,9:59:59.000
we are now ramping up an internal[br]??? just to enable

9:59:59.000,9:59:59.000
the kernel testing of course.