BMW’S JOURNEY WITH THE OPEN-SOURCE …€¢ Jenkins • OpenStack • zuul • Gerrit • … BMW...

Lukas Bulwahn | January 18th, 2018

BMW’S JOURNEY WITH THE OPEN-SOURCE ECOSYSTEM

BMW CAR IT GMBH.COMPANY FACTS AND SITES.

- BMW Car IT GmbH is a 100% subsidiary of BMW AG.

- Working exclusively for BMW Group.- International working environment with experts of more than 40 countries.

Mission: As the BMW automotive Software House, we bring software trends into our products.What we do: Software for body electronics, driver assistance, automated driving and infotainment, and the corresponding software platforms.

- The Munich site

- founded in 2000 as a BMW “software think tank”.- has about ~200 employees.

- The Ulm site

- founded in 2012 starting with 57 former Nokia developers.- currently ~200 employees in Ulm.

BMW research and innovation center

BMW Car IT Munich

BMW Car IT Ulm

BMW’s Journey with the Open-Source Ecosystem | Lukas Bulwahn | January 18th, 2018

ABOUT THE PRESENTER.

- Lukas Bulwahn

- Role: software developer, following software development projects and consulting managers

- CV:

- PhD in formal methods at TU München,

worked on open-source theorem prover Isabelle (licensed under 3-clause BSD)

- Software Developer at BMW Car IT since 2012:

- since 2012: Research on an Open-Source Software Platform for Autonomous Driving

- since 2014: Open-Source Compliance Manager for BMW Car IT

- since 2017: Focus on Safety Qualification of Linux kernel in the OSADL collaboration project SIL2LinuxMP

- Maintainer of the OpenEmbedded/Yocto Layer for ROS packages since 2013

- Understanding Open-Source & Collaboration from different views


OVERVIEW

Outside In

Open-Source and License

Compliance

Inside Out

BMW’s Engagement in

Open-Source


OPEN-SOURCE AND LICENSE COMPLIANCE


THE SOFTWARE TRANSFORMATION IN THE AUTOMOTIVE INDUSTRY

- Complex algorithms and complex software architectures

- Open systems and consumer hardware:

- Performance compute capabilities with more

customization and connectivity

- Development is focused on time for feature delivery and

not only dominated by cost reduction

- Automotive in the IT software ecosystems:

Automotive companies compete with IT companies

- Simple algorithms and simple software architectures

- Embedded and closed systems and hardware:

- Very limited compute capabilities with limited memory

and no connectivity

- Reduction of hardware costs allow to spend significant

development effort in optimization for embedded devices

- Closed software ecosystem of automotive industry


Traditional Automotive Software (1970 – 2000) Modern Automotive Software (since 2000)

Why Software Is Eating The World (by Marc Andreessen, 2011):“Software is also eating much of the value chain of industries that are widely viewed as primarily existing in the physical world.

(…)

Companies in every industry need to assume that a software revolution is coming.”

OPEN-SOURCE SOFTWARE USE AT BMW

Software Dev. Tools

• CMake

• Eclipse: Xtext, Sphinx, …

• bitbake/Yocto

• ROS

• …

SW Dev. Services (CI etc.)

• Jenkins

• OpenStack

• zuul

• Gerrit

• …

BMW Display Key

• Part of BMW 7 and BMW 5

series, for sale since 2016

• Includes a small GNU/Linux

distribution (~100 open-

source packages)

Next Headunit System

• Currently under

development

• Includes an extensive

GNU/Linux distribution

(>300 open-source

software packages)

Software Development is impossible without Open-Source

Software tools.

Products are built with increasing number of Open-Source

Software packages.


THE CONCERN WITH OPEN-SOURCE SOFTWARE

Supplier

BMW GroupPurchasing Process

Economical Review

Four-eyes principles

Defined and Split Responsibilities

Contractnegotiations

order

accept order

offer

request offer

Binding Contract

Legal Review

download & use

www.anyone.com

Internet

BMW Group

Software Developer

Binding Contract

Software Project

Default Purchasing Process Use and Integration of Open-Source Software

Any software developer can conclude a contract between BMW Group and a third party.


OPEN-SOURCE COMPLIANCE

Open-Source

Compliance

Business

It just about

putting enough

money on the

table…

Legal

It just about

getting contracts

right…

Engineering

It just about

solving a simple

technical

problem…


CURRENT OPEN-SOURCE COMPLIANCE LANDSCAPE

Page 14

Establish Process and Procedures: OpenChain Exchange license and copyright information: SPDX

Combine Tools to Toolchain and Integrate into SW Development: Here’s OSS Toolkit, Quartermaster (?)

Gather list of material

• Determine build

dependencies

• Determine which open-

software is used

• Determine which files are

distributed

Tools: Here’s OSS Toolkit (partly)

Obtain and preserve true license information

• Scan for license

information

• Scan for copy-and-paste

into proprietary parts

Tools: Fossology, ScanCode

Report license assessment summary

• Indicate license violation

risks

• Track decisions on

licensing questions

Tools: SW 360 (not yet?)

Manage software assets and license information

• Identify identical software

from multiple projects

• Compare license

assessments from multiple

projects

Tools: SW 360 (partly)


OUR OPEN-SOURCE COMPLIANCE VISION

- All (relevant) open-source projects have complete machine-extractable license information on file basis.

- All build systems allow to aggregate license information from files to installed targets.

- All package builders allow to aggregate license information for each package.

- All distribution builders allow to aggregate license information from packages to complete distributions.

Page 15

Source Code Releases

Complete Distributions

Direct Consequence: Easy-to-extract and precise license and copyright information

Indirect Consequence:

• No need for extensive license scanning (tools), identification and comparison of license information• No need for extensive license information collection in software asset management systems

Current Activities in that Directions

- SPDX identifiers in the Linux kernel

- FSFE’s REUSE initiative (http://reuse.software)

- Quartermaster (http://qmstr.org),to become a Linux Foundation Project

- Here’s OSS Review Toolkit(https://github.com/heremaps/oss-review-toolkit)

- SPDX generation in the bitbake/Yocto tool chain


BMW’S ENGAGEMENT IN OPEN-SOURCE

Page 16BMW’s Journey with the Open-Source Ecosystem | Lukas Bulwahn | January 18th, 2018

ENGAGEMENT IN OPEN-SOURCE

- Scalable development model to create software by massively

many stakeholders and developers

- `Branch, Experiment, Discuss, Merge` method

- Merit-based decision process

- Different approach to software design and architecture than in

traditional large-scale development companies (bazaar vs.

cathedral)

- Self-reinforcing momentum of open-source projects

- Cooperation between companies with shared interest

- Agreement on cooperative software development or

cooperative funding on software development

- Open-Source development:

- Build up single providers without violating anti-trust laws

- Avoids vendor lock-in

- Entails “free riders”, especially in small ecosystems with

clear competition on same markets/customer segments

Page 17

Open-Source as Strategic Business Element Open-Source as Collaboration and Development Model


BMW CAR IT’S GITHUB PAGE

Page 18

A Java library for online and offline map matching with OpenStreetMap

• LoC: 20.000

• Commits: 42 (since 08/2015)

• Stars on github: 241

• Internal developers: 1

• External contributors: 4• Used by others in the community, but

not used internally (yet/anymore)

OpenEmbedded/Yocto Layer forROS packages

• LoC: 1.000

• Commits: 1.500 (since 01/2013)


• Internal developers: 1

• External contributors: 25• Used by others in the community, but

not used internally (yet/anymore)

Web-based communication framework for Java, C++, JavaScript

• LoC: 200.000

• Commits: 7.000 (since 10/2013)


• Internal developers: ~10

• External contributors: 0• Used internally, but not used by

others in the community (yet?)

Open-Sourcing Software and Building Communities is difficult. Software developers generally underestimate this.

Some further open-source projects could never establish a continuous development work mode and user community.


AUTOSAR TOOL PLATFORM

- The AUTOSAR Tool Platform (Artop): Common base functionality for AUTOSAR development tools.

- Licensed under an ARTOP (AUTOSAR) License

- For AUTOSAR members and partners:

- Source code is made available; free to use, modify and distribute

- Development process is transparent

- based on a community approach


GENIVI ALLIANCE

- GENIVI is a nonprofit industry alliance

- drives the broad adoption of open source In-Vehicle Infotainment software

- provides open technology for the connected car

- 140 companies joined

- GENIVI is an umbrella for open-source projects:

- Non-differentiating elements of the software stack of an In-Vehicle Infotainment system.


OPENPASS

- OpenPASS: Open-Source Virtual Simulation for Vehicles

- Motivated by need in advanced driver assistance systems and partially automated driving functions

- Assess safety effects in traffic

- Open-Source provides reliability and transparency of results obtained by the simulation

- Currently driven by BMW, Daimler and VW

- Working Group in the Eclipse Foundation


OPEN-SOURCE PLATFORM FOR AUTONOMOUS DRIVING

- Research project started in 2013

- Goal: Create a software platform for autonomous driving, using open-source software

- Idea: Use Linux and use ROS Middleware in the vehicle

- Outcome:

- Definition of the Adaptive AUTOSAR Platform

- Operating system shall be POSIX PSE51 compliant (opens the door for Linux)

- Open-Source development model: Collaborative reference implementation, not just on (infeasible) specifications...

- Linux

- Real-time Linux (3 years of work done by Daniel Wagner)

- Safety-Critical Linux (Nicholas McGuire & team, SIL2LinuxMP project)

- ROS

- BMW moved from proprietary tool to ROS as basic development tool, simulation tool and middleware during development


THE OSADL SIL2LINUXMP PROJECT

-Mission:-Provide procedures and methods to qualify Linux on a multi-core embedded platform at safety integrity level 2

(SIL2) according to IEC 61508 Ed 2.-Show feasibility of procedures and methods on a real-world system-Show potential for collaboration and re-use of Linux kernel analysis

-Collaborative project of industrial & research partners- project running since 2015, organized by OSADL- Full members: BMW Car IT, Intel (since ‘17), A&R Tech, KUKA, Sensor-Technik Wiedemann (full members till ’16, reviewing members in ‘17)

- Reviewing members: Bosch, Elektrobit, Hitachi, Linutronix, MBDA Italia, MEN Mikro Elektronik, Mentor, OpenSynergy,Pilz GmbH & Co. KG, Renesas, Vienna Water Monitoring Solutions

- Academic members: Alexey Khoroshilov (ISP RAS), Kinggo Chow (Lanzhou Univ.), Julia Lawall (Inria/LIP6), Frank Tränkle (HS Heilbronn)

- Experts from certification bodies: Bernhard Nölte (TÜV Süd), Oliver Busa, Robert Heinen, Hendrik Schäbe (TÜV Rheinland)

- SIL2LinuxMP core working team: Nicholas McGuire, Andreas Platschek, Lucas Böhm, Markus Kreidl (OpenTech)

BMW’s Journey with the Open-Source Ecosystem | Lukas Bulwahn | January 18th, 2018 Page 23

MAIN INSIGHTS FOR LINUX IN SAFETY-CRITICAL APPLICATIONS

- System Safety Engineering:

- Ensure isolation of safety-critical applications with Linux kernel mechanisms (cpu shielding, cgroups, seccomp)

- Minimize the relevant system calls and determine precise constraints

- Linux Kernel Development Quality Assessment and Assurance:

- Analyze kernel git meta data to quantify:

- number of remaining bugs (statistically)

- developer competence and independence of reviews

- Analyze kernel source to show (relative) absence of certain bug classes

- Linux Kernel Improvements and Quality Assurance Activities


IMPROVING THE LINUX KERNEL

- Core observation

- Linux kernel developers know Linux in total better than anyone else, i.e., any internal team

- Modifying Linux without following its development process reduces quality and increases risk of safety-critical bugs

- To reduce risk, take a stable main-line Linux

- There is no Linux kernel for safety, it is just a well-matured LTS kernel

- Improving Linux- Changes for improvements must follow the Linux development process

- Improvements must be reviewed, accepted and appreciated by kernel developers

- Engagement and interaction with on-going development is more effective than in a deferred post-development mode

- Companies with Linux in safety-critical products should collaborate on quality assurance activities for Linux closely to kernel

developers

BMW’s Journey with the Open-Source Ecosystem | Lukas Bulwahn | January 18th, 2018 Page 25

NEEDED QUALITY ASSURANCE ACTIVITIES FOR SAFETY-CRITICAL SYSTEMS

- Ongoing and future quality assurance activities

- Coding style

- Respect existing coding style

- Provide evidences for its quality

- Monitor and motivate its compliance

- Testing

- Extend tests of the Linux Test Project for the determined syscalls

- Static analysis

- Detect more bug patterns and bug classes with coccinelle, sparse et al.

- Change management

- Track if bug fixes from main line are consequently backported

- Analyze which kernel bugs & fixes impact the systems’ safety

- Activities focus on parts of the Linux kernel relevant for the systems’ safety


Talk is cheap…

So, we invited Alexey Khoroshilov (LDV) to a three-

day workshop…

…and a group of 8 kernel newbies got 16 bug-fix

patches upstream.

What if we would have worked for even a month…

CONCLUSION


CONCLUSION

The automotive industry is embracing the open-source ecosystem

- Clear profit from using open-source software

- Contributing back to existing open-source projects

- Building up own open-source projects, communities and ecosystems

- People, knowledge and processes in place to get open-source compliance right

…but still many lessons to be learned…

- Not all of our open-source initiatives have been successful

- Strategic, organizational and technical best practices are sometimes overlooked

… and still more to improve…

- Improve compliance machinery

- Be involved instead of re-engineer

- Motivate upstream work in the whole industrial domain

Page 28

Thanks for your attention!


COPYRIGHT ON THIS PRESENTATION

Page 29

This presentation is licensed under Creative Commons Attribution 4.0 International License (cf.

https://creativecommons.org/licenses/by/4.0/). Here is a human-readable summary of (and not a substitute for) the license.

You are free to:- Share — copy and redistribute the material in any medium or format

- Adapt — remix, transform, and build upon the material for any purpose, even commercially.

Under the following terms:- Attribution — You must give appropriate credit, provide a link to the license, and indicate if changes were made. You may do

so in any reasonable manner, but not in any way that suggests the licensor endorses you or your use.

- No additional restrictions — You may not apply legal terms or technological measures that legally restrict others from doing

anything the license permits.

The licensor cannot revoke these freedoms as long as you follow the license terms.

For other uses beyond this license, e.g., under other terms, such as with endorsement of derived work or removal and change of

attribution, please contact the author.

BMW’S JOURNEY WITH THE OPEN-SOURCE …€¢ Jenkins • OpenStack • zuul • Gerrit • … BMW...

Documents

Transcript of BMW’S JOURNEY WITH THE OPEN-SOURCE …€¢ Jenkins • OpenStack • zuul • Gerrit • … BMW...