diff --git a/.devcontainer/devcontainer.json b/.devcontainer/devcontainer.json index 1a3b163c06d..e88d473e821 100644 --- a/.devcontainer/devcontainer.json +++ b/.devcontainer/devcontainer.json @@ -1,4 +1,4 @@ { "name": "eclipse-s-core", - "image": "ghcr.io/eclipse-score/devcontainer:1.0.0" + "image": "ghcr.io/eclipse-score/devcontainer:v1.1.0" } diff --git a/.github/CODEOWNERS b/.github/CODEOWNERS index 35d78ae2ea9..21b4997cbde 100644 --- a/.github/CODEOWNERS +++ b/.github/CODEOWNERS @@ -6,16 +6,16 @@ # Note: last match wins # By Default reviews go to the infrastructure community, to address missing lines in this document. -* @AlexanderLanin @dcalavrezo-qorix +* @AlexanderLanin @dcalavrezo-qorix @MaximilianSoerenPollak # All special files go to infrastructure as well -.* @AlexanderLanin @dcalavrezo-qorix +.* @AlexanderLanin @dcalavrezo-qorix @MaximilianSoerenPollak -.github/ISSUE_TEMPLATE/ @pahmann @PhilipPartsch @masc2023 @aschemmel-tech +.github/ISSUE_TEMPLATE/ @pahmann @masc2023 @aschemmel-tech @PandaeDo .github/CODEOWNERS @antonkri @FScholPer @qor-lb @johannes-esr -/docs/ @pahmann @PhilipPartsch @masc2023 @aschemmel-tech -/docs/conf.py @AlexanderLanin @dcalavrezo-qorix +/docs/ @pahmann @masc2023 @aschemmel-tech @PandaeDo +/docs/conf.py @AlexanderLanin @dcalavrezo-qorix @MaximilianSoerenPollak /docs/contribute/ @eclipse-score/automotive-score-committers # /docs/features/ @eclipse-score/automotive-score-technical-leads /docs/features/ @antonkri @FScholPer @qor-lb @johannes-esr @@ -23,27 +23,27 @@ architecture/ @eclipse-score/automotive-score-committers # requirements/ @eclipse-score/automotive-score-technical-leads requirements/ @antonkri @FScholPer @qor-lb @johannes-esr # safety_analysis/ @eclipse-score/safety-managers -safety_analysis/ @aschemmel-tech @PhilipPartsch @masc2023 +safety_analysis/ @aschemmel-tech @masc2023 @PandaeDo # safety_planning/ @eclipse-score/automotive-score-technical-leads safety_planning/ @antonkri @FScholPer @qor-lb @johannes-esr verification/ @eclipse-score/automotive-score-committers -/docs/design_decisions/*infra* @AlexanderLanin @dcalavrezo-qorix +/docs/design_decisions/*infra* @AlexanderLanin @dcalavrezo-qorix @MaximilianSoerenPollak /docs/glossary/ @eclipse-score/automotive-score-committers /docs/introduction/ @eclipse-score/automotive-score-committers /docs/manuals/ @eclipse-score/automotive-score-committers /docs/modules/ @eclipse-score/automotive-score-committers # /docs/platform_management_plan/ @eclipse-score/community-process -/docs/platform_management_plan/ @pahmann @PhilipPartsch @masc2023 @aschemmel-tech +/docs/platform_management_plan/ @pahmann @masc2023 @aschemmel-tech @PandaeDo # /docs/quality/ @eclipse-score/quality-managers /docs/quality/ @masc2023 @pahmann @PandaeDo # /docs/requirements/stakeholder/ @eclipse-score/automotive-score-technical-leads /docs/requirements/stakeholder/ @antonkri @FScholPer @qor-lb @johannes-esr # /docs/requirements/tool/ @eclipse-score/community-process -/docs/requirements/tool/ @pahmann @PhilipPartsch @masc2023 @aschemmel-tech +/docs/requirements/tool/ @pahmann @masc2023 @aschemmel-tech @PandaeDo # /docs/safety/ @eclipse-score/safety-managers -/docs/safety/ @aschemmel-tech @PhilipPartsch @masc2023 @PandaeDo +/docs/safety/ @aschemmel-tech @masc2023 @PandaeDo # /docs/score_releases/ @eclipse-score/automotive-score-project-leads -/docs/score_releases/ @thilo-schmitt @HartmannNico @skappel29 @grandyholger +/docs/score_releases/ @thilo-schmitt @HartmannNico @skappel29 @grandyholger @antonkri @FScholPer @qor-lb @johannes-esr /docs/score_tools/ @eclipse-score/automotive-score-committers # /docs/security/ @eclipse-score/security-managers /docs/security/ @masc2023 @PandaeDo @@ -52,4 +52,4 @@ verification/ @eclipse-score/automotive-score-committers /platform_integration_tests/ @eclipse-score/automotive-score-committers # /tools/ @eclipse-score/infrastructure-maintainers -/tools/ @AlexanderLanin @dcalavrezo-qorix +/tools/ @AlexanderLanin @dcalavrezo-qorix @MaximilianSoerenPollak diff --git a/.github/ISSUE_TEMPLATE/1-bugfix.yml b/.github/ISSUE_TEMPLATE/1-bugfix.yml index b23d6ae149e..c3784949cb3 100644 --- a/.github/ISSUE_TEMPLATE/1-bugfix.yml +++ b/.github/ISSUE_TEMPLATE/1-bugfix.yml @@ -15,6 +15,7 @@ name: Problem Report description: Issue to track a bug title: "Bug: Your bugfix title" labels: ["codeowner_review"] +type: 'Bug' body: - type: markdown attributes: diff --git a/.github/ISSUE_TEMPLATE/config.yml b/.github/ISSUE_TEMPLATE/config.yml index bb961996016..d8944ceeaff 100644 --- a/.github/ISSUE_TEMPLATE/config.yml +++ b/.github/ISSUE_TEMPLATE/config.yml @@ -11,4 +11,4 @@ # SPDX-License-Identifier: Apache-2.0 # ******************************************************************************* -blank_issues_enabled: true +blank_issues_enabled: false diff --git a/.gitignore b/.gitignore index 5b56c3953a3..ecf96856b66 100644 --- a/.gitignore +++ b/.gitignore @@ -27,3 +27,7 @@ __pycache__/ # Mac .DS_Store + +# IDE +/.clwb +/.idea diff --git a/.vscode/settings.json b/.vscode/settings.json index 47e46435ca0..c7f8436a638 100644 --- a/.vscode/settings.json +++ b/.vscode/settings.json @@ -88,8 +88,12 @@ }, "cSpell.words": [ "__getitem__", + "baselibs", "bazel", "buildifier", + "Codeowner", + "codeowners", + "docname", "getstrt", "metatags", "reqs" diff --git a/CONTRIBUTION.md b/CONTRIBUTION.md index dcc54e64cb3..d8f89f084d3 100644 --- a/CONTRIBUTION.md +++ b/CONTRIBUTION.md @@ -1,21 +1,48 @@ -# Eclipse Safe Open Vehicle Core (SCORE) +# Eclipse Safe Open Vehicle Core (S-CORE) The [Eclipse Safe Open Vehicle Core](https://projects.eclipse.org/projects/automotive.score) project aims to develop an open-source core stack for Software Defined Vehicles (SDVs), specifically targeting embedded high-performance Electronic Control Units (ECUs). -Please check the [documentation](https://eclipse-score.github.io) for more information. +Please check the [documentation](https://eclipse-score.github.io/score/main/) for more information. The source code is hosted at [GitHub](https://github.com/eclipse-score). -The communication mainly takes place via the [`score-dev` mailing list](https://accounts.eclipse.org/mailing-list/score-dev) and GitHub issues & pull requests (PR). And we have a chatroom for community discussions here [Eclipse SCORE chatroom](https://chat.eclipse.org/#/room/#automotive.score:matrix.eclipse.org). +The communication mainly takes place via the [`score-dev` mailing list](https://accounts.eclipse.org/mailing-list/score-dev), [Discussions](https://github.com/orgs/eclipse-score/discussions) and GitHub issues & pull requests (PR). +We have a Slack channel for community discussions here [Eclipse S-CORE Slack Channel](https://sdvworkinggroup.slack.com/archives/C083Z4VL90B). -Please note that for the project the [Eclipse Foundation’s Terms of Use](https://www.eclipse.org/legal/terms-of-use/) apply. -In addition, you need to sign the [ECA](https://www.eclipse.org/legal/ECA.php) and the [DCO](https://www.eclipse.org/legal/dco/) to contribute to the project. ## Contributing + +### Code of Conduct + +Please be familiar with the [Code of Conduct](CODE_OF_CONDUCT.md). + +## Eclipse Contributor Agreement & Developer Certificate of Origin + +Please note that for the project the [Eclipse Foundation’s Terms of Use](https://www.eclipse.org/legal/terms-of-use/) apply. + +Before your contribution can be accepted by the project team contributors must +electronically sign the Eclipse Contributor Agreement (ECA). + +* https://www.eclipse.org/legal/eca/ + + +For more information, please see the Eclipse Committer Handbook: +https://www.eclipse.org/projects/handbook/#resources-commit + +To complete and submit a ECA, log into the +[Eclipse projects forge](https://www.eclipse.org/contribute/cla/) +(you will need to create an account with the Eclipse Foundation if you have not already done so). +Click on "Eclipse Contributor Agreement" and complete the form. +Be sure to use the same email address when you register for the account +that you intend to use when you commit to Git. + +In addition, you need to sign the [DCO](https://www.eclipse.org/legal/dco/) to contribute to the project. + + ### Getting the source code & building the project Please refer to the [README.md](README.md) for further information. ### Getting involved #### Setup Phase -This phase is part of the eclipse Incubation Phase and shall establish all the processes needed for a safe development of functions. Only after this phase it will be possible to contribute code to the project. As the development in this project is driven by requirements, the processes and needed infrastructure incl. tooling will be established based on non-functional Stakeholder_Requirements. During setup phase the contributions are Bug Fixes and Improvements (both on processes and infrastructure). +This phase is part of the eclipse Incubation Phase and shall establish all the processes needed for a safe development of functions. Only after this phase it will be possible to contribute code to the project. As the development in this project is driven by requirements, the processes and needed infrastructure incl. tooling will be established based on [Non-functional Stakeholder_Requirements](https://eclipse-score.github.io/score/main/requirements/stakeholder/index.html). During setup phase the contributions are Bug Fixes and Improvements (both on processes and infrastructure). #### Bug Fixes and Improvements Improvements are adding/changing processes and infrastructure, bug fixes can be also on development work products like code. @@ -23,13 +50,12 @@ In case you want to fix a bug or contribute an improvement, please perform the f 1) Create a PR by using the corresponding template ([Bugfix PR template](.github/PULL_REQUEST_TEMPLATE/bug_fix.md) or [Improvement PR template](.github/PULL_REQUEST_TEMPLATE/improvement.md)). Please mark your PR as draft until it's ready for review by the Committers (see the [Eclipse Foundation Project Handbook](https://www.eclipse.org/projects/handbook/#contributing-committers) for more information on the role definitions). Improvements are requested by the definition or modification of [Stakeholder Requirements](docs/stakeholder_requirements) or [Tool Requirements](docs/tool_requirements) and may be implemented after acceptance/merge of the request by a second Improvement PR. The needed reviews are automatically triggered via the [CODEOWNERS](.github/CODEOWNERS) file in the repository. 2) Initiate content review by opening a corresponding issue for the PR when it is ready for review. Review of the PR and final merge into the project repository is in responsibility of the Committers. Use the [Bugfix Issue template](.github/ISSUE_TEMPLATE/bug_fix.md) or [Improvement Issue template](.github/ISSUE_TEMPLATE/improvement.md) for this. -Please check here for our Git Commit Rules in the [Configuration_Tool_Guidelines](https://eclipse-score.github.io/score/process_description/guidelines/index.html). +Please check here for our Git Commit Rules in the [Git Guidelines](https://eclipse-score.github.io/score/main/contribute/general/git.html). -Please use the [Stakeholder and Tool Requirements Template](https://eclipse-score.github.io/score/process_description/templates/index.html) when defining these requirements. ![Contribution guide workflow](./docs/_assets/contribution_guide.svg "Contribution guide workflow") #### Additional Information Please note, that all Git commit messages must adhere the rules described in the [Eclipse Foundation Project Handbook](https://www.eclipse.org/projects/handbook/#resources-commit). -Please find process descriptions here: [process description](https://eclipse-score.github.io/score/process_description/). +Please find process descriptions here: [process description](https://eclipse-score.github.io/process_description/main/index.html). diff --git a/MODULE.bazel b/MODULE.bazel index 0e9b333faaa..f44c0331a31 100644 --- a/MODULE.bazel +++ b/MODULE.bazel @@ -13,7 +13,7 @@ module( name = "score_platform", - version = "0.4.2", + version = "0.5.2", compatibility_level = 0, ) @@ -22,11 +22,11 @@ module( # Python version # ############################################################################### -bazel_dep(name = "rules_python", version = "1.4.1") +bazel_dep(name = "rules_python", version = "1.8.3") PYTHON_VERSION = "3.12" -python = use_extension("@rules_python//python/extensions:python.bzl", "python") +python = use_extension("@rules_python//python/extensions:python.bzl", "python", dev_dependency = True) python.toolchain( configure_coverage_tool = True, is_default = True, @@ -36,7 +36,7 @@ use_repo(python) # Additional Python rules provided by aspect, e.g. an improved version of # `py_binary`. But more importantly, it provides `py_venv`. -bazel_dep(name = "aspect_rules_py", version = "1.6.3") +bazel_dep(name = "aspect_rules_py", version = "1.6.6", dev_dependency = True) ############################################################################### # @@ -72,6 +72,6 @@ bazel_dep(name = "rules_java", version = "8.15.1") # Score custom modules loading # ############################################################################### -bazel_dep(name = "score_tooling", version = "1.0.2") -bazel_dep(name = "score_docs_as_code", version = "2.1.0") -bazel_dep(name = "score_process", version = "1.3.2") +bazel_dep(name = "score_tooling", version = "1.1.0") +bazel_dep(name = "score_docs_as_code", version = "3.0.0") +bazel_dep(name = "score_process", version = "1.4.3") diff --git a/docs/_assets/architetcure_diagram_for_code_generation.svg b/docs/_assets/architetcure_diagram_for_code_generation.svg new file mode 100644 index 00000000000..1c13baf355d --- /dev/null +++ b/docs/_assets/architetcure_diagram_for_code_generation.svg @@ -0,0 +1,4 @@ + + + +
Code Generator



















|

Sensor / Accelerator
Hardware Platform
Communication
Mechanism Implementation
System Model Description
....
....
...
Code-generated component 
Project/Application-
specific component
Orchestration logic







Dynamic
implementation
Common Software Tooling
Intermediate Representation
Software Compute Unit archetype











Software Compute Unit Instance






onUpdate(....)
onInit(...)
onReset(....)
Base Libraries
POSIX-like HLOS
Execution Manager logic
 \ No newline at end of file diff --git a/docs/_assets/contribution_guide.svg b/docs/_assets/contribution_guide.svg index 1f1a3d52da6..9481e43f06c 100644 --- a/docs/_assets/contribution_guide.svg +++ b/docs/_assets/contribution_guide.svg @@ -1,4 +1,4 @@ -


Contribution during
setup phase























Contribution during...
Contributor
Contr...
Committer
Commi...
Contribution
for bug fixes/
improvements
Contribution...
Contributor creates Issue/PR
with filled out Template
Contributor creates Issue/PR...
Issue/PR
Bug Fix/Improvement
Template
Issue/PR...
Contributor requests review and
discussion of his PR 
Contributor requests review and...
Contribution
accepted ?
Contribution...
Acceptance Criteria
not met
Acceptance Criteria...
YES
YES
NO
NO
Issue closed
PR Not
merged
Issue closed...
Issue closed
PR merged
Issue closed...Text is not SVG - cannot display \ No newline at end of file +


Contribution during
setup phase























Contribution during...
Contributor
Contr...
Committer
Commi...
Contribution
for bug fixes/
improvements
Contribution...
Contributor creates Issue/PR
with filled out Template
Contributor creates Issue/PR...
Issue/PR
Bug Fix/Improvement
Template
Issue/PR...
Contributor requests review and
discussion of the PR 
Contributor requests review and...
Contribution
accepted ?
Contribution...
Acceptance Criteria
not met
Acceptance Criteria...
YES
YES
NO
NO
Issue closed
PR Not
merged
Issue closed...
Issue closed
PR merged
Issue closed...Text is not SVG - cannot display diff --git a/docs/contribute/contribution_request/index.rst b/docs/contribute/contribution_request/index.rst index 74d5af97646..1a7e73145d5 100644 --- a/docs/contribute/contribution_request/index.rst +++ b/docs/contribute/contribution_request/index.rst @@ -112,7 +112,7 @@ The figure below shows a simplified workflow for a PR. Content in general may contain features, requirements, architectural designs, modules, components, detailed designs, implementations and source code, tests, process descriptions, any documentations, guidelines, tutorials, tools, or infrastructure topics and more of the *S-CORE* project. In case of doubt or for any other input we strongly encourage to open a *GitHub Issue* (:need:`doc__issue_guideline`) first. -The *PR* should provide all required information of the new or changed content. Therefore the *S-CORE* project provides content specific templates, which the contributor (:need:`Contributor `) must use for his *PR* (ToDo link here to the templates overview). Templates may be *PR* templates, *GitHub Issue* templates and also additional document or work product templates. +The *PR* should provide all required information of the new or changed content. Therefore the *S-CORE* project provides content specific templates, which the contributor (:need:`Contributor `) must use for their *PR* (ToDo link here to the templates overview). Templates may be *PR* templates, *GitHub Issue* templates and also additional document or work product templates. The content of any *PR* is the commit content and the description as well as the comments given in GitHub and is kept in a versioned repository, their revision history is the historical record of the PR. diff --git a/docs/contribute/development/assets/example_rust_source_code_link.png b/docs/contribute/development/assets/example_rust_source_code_link.png new file mode 100644 index 00000000000..7815d552f6d Binary files /dev/null and b/docs/contribute/development/assets/example_rust_source_code_link.png differ diff --git a/docs/contribute/development/index.rst b/docs/contribute/development/index.rst index b8428b2ae8c..2cb371a6ce9 100644 --- a/docs/contribute/development/index.rst +++ b/docs/contribute/development/index.rst @@ -19,6 +19,7 @@ Development :maxdepth: 1 development_environment + traceability_tooling api_guideline cpp/index rust/index diff --git a/docs/contribute/development/python/coding_guidelines.rst b/docs/contribute/development/python/coding_guidelines.rst index 65e9ac80b15..e2f9d719f0e 100644 --- a/docs/contribute/development/python/coding_guidelines.rst +++ b/docs/contribute/development/python/coding_guidelines.rst @@ -67,6 +67,7 @@ Testing implementation details. Overly fine-grained tests lead to brittle code and high maintenance. - **Boundary conditions:** - Edge cases often break things. Think about invalid input, large data sets, empty cases, and concurrency issues. +- **Enesure Traceability** - Make sure to use the pytest decorator where applicable to enable traceabillity throughout. More infos on how to use it `example here `_ and `more through documentation here `_ Documentation -------------------- diff --git a/docs/contribute/development/traceability_tooling.rst b/docs/contribute/development/traceability_tooling.rst new file mode 100644 index 00000000000..b5346de32e0 --- /dev/null +++ b/docs/contribute/development/traceability_tooling.rst @@ -0,0 +1,140 @@ +.. + # ******************************************************************************* + # Copyright (c) 2026 Contributors to the Eclipse Foundation + # + # See the NOTICE file(s) distributed with this work for additional + # information regarding copyright ownership. + # + # This program and the accompanying materials are made available under the + # terms of the Apache License Version 2.0 which is available at + # https://www.apache.org/licenses/LICENSE-2.0 + # + # SPDX-License-Identifier: Apache-2.0 + # ******************************************************************************* + + +.. document:: Traceability Tooling + :id: doc__traceability_tooling + :status: valid + :safety: QM + :security: NO + :realizes: wp__requirements_proc_tool + +Traceability Tooling +#################### + +This document describes tools or some functionality of them, that can be used regardless of source code language.These tools are also provided by S-CORE projects, like Docs-As-Code. + + + +Link Requirements to Source Code +******************************** + +This functionality provides the ability to link any requirement to any part of the source code. +It is possible to link as many places of source code as are needed. All of them will show up in the requirement. + +All that is needed is to write the 'template string' that the program is looking for. +It is either `# req-Id: ` or `# req-traceability: ` +If there is multiple requirements that need to be linked to this place in the source code, repeat the line for each one. + +As an example for one requirement: + +.. code-block:: python + + # req-Id: tool_req__docs_common_attr_title + def your_function(args): + """Your function that implements the requirement partiall or fully""" + ... + +`A Rendered Example `_ + +An Example of multiple requirements: + +.. code-block:: python + + # req-Id: tool_req__docs_common_attr_title + # req-Id: tool_req__docs_common_attr_status + # req-Id: tool_req__docs_common_attr_safety + def your_function(args): + """Your function that implements the requirement partiall or fully""" + ... + +The tool will look through any files except: + +Directories or files that start with '.' or '_' +It skips all files that end with one of the following: +- .pyc +- .so +- .exe +- .bin +- .rst +- .md + + +The template string works regardless of the language. +This means both following examples are valid and will work. + +.. code-block:: cpp + + // # req-Id: comp_req__containers_rust__fixed_vector + int your_function() { + ... + } + + +.. code-block:: rust + + /// # req-Id: comp_req__containers_rust__fixed_vector + impl FixedCapacityVec { + ... + } + + +Here is how this would look rendered: + +.. image:: assets/example_rust_source_code_link.png + + + +Link Requirements to Tests +************************** + +There is a tool that has the ability to link requirements to your tests as well as provide virtual tests sphinx-needs in order to make statistics etc. possible to be rendered. + +The implementation here differs based on your source code language though. +So it is best if you read up in the language you want to develop in how to do this. + +In rough terms the data flow looks as follows. + +Your testing framework produces XML files with pre-defined properties. +These XML files are loaded and parsed. The test needs to get build details from the parsed data and link it to the requirements mentioned. + +You can now also do statistics on your tests. + + +.. code-block:: rst + + .. needtable:: SUCCESSFUL TESTS + :filter: result == "passed" + :tags: TEST + :columns: name as "testcase";result;fully_verifies;partially_verifies;test_type;derivation_technique;id as "link" + + + .. needpie:: Test Results + :labels: passed, failed, skipped + :colors: green, red, orange + :legend: + + type == 'testcase' and result == 'passed' + type == 'testcase' and result == 'failed' + type == 'testcase' and result == 'skipped' + + +Find the rendered examples here: `Docs as Code Test Statistics examples `_ + + +Find More Information +===================== + +If you need more information, you can read it all in the `Docs as Code Documentation `_ + diff --git a/docs/design_decisions/DR-001-infra.md b/docs/design_decisions/DR-001-infra.md index 923fc044a76..dc820deedb5 100644 --- a/docs/design_decisions/DR-001-infra.md +++ b/docs/design_decisions/DR-001-infra.md @@ -14,10 +14,15 @@ SPDX-License-Identifier: Apache-2.0 # DR-001-Infra: Integration Strategy for External Development Tools -* **Status:** Agreed within Community -* **Owner:** Infrastructure Community * **Date:** 2025-09-01 +```{dec_rec} Integration Strategy for External Development Tools +:id: dec_rec__infra__dev_tools +:status: accepted +:context: Infrastructure +:decision: Devcontainer is the primary distribution for all tools +``` + --- ## 1. Context / Problem diff --git a/docs/design_decisions/DR-002-infra.md b/docs/design_decisions/DR-002-infra.md index 62d938237f2..00a87e7deba 100644 --- a/docs/design_decisions/DR-002-infra.md +++ b/docs/design_decisions/DR-002-infra.md @@ -13,10 +13,15 @@ SPDX-License-Identifier: Apache-2.0 # DR-002-Infra: Integration Testing in a Distributed Monolith -* **Status:** Agreed within Community -* **Owner:** Infrastructure Community * **Date:** 2025-09-01 +```{dec_rec} Integration Testing in a Distributed Monolith +:id: dec_rec__infra__int_testing +:status: accepted +:context: Infrastructure +:decision: two testing layers +``` + --- ## Executive Summary diff --git a/docs/design_decisions/DR-003-infra.md b/docs/design_decisions/DR-003-infra.md index 70d0f882986..0dcdf8aa352 100644 --- a/docs/design_decisions/DR-003-infra.md +++ b/docs/design_decisions/DR-003-infra.md @@ -13,10 +13,15 @@ SPDX-License-Identifier: Apache-2.0 # DR-003-Infra: Devcontainer Strategy for S-CORE -- **Status:** Proposed -- **Owner:** Infrastructure Community - **Date:** 2025-10-06 +```{dec_rec} Devcontainer Strategy for S-CORE +:id: dec_rec__infra__devcontainer +:status: accepted +:context: Infrastructure +:decision: Hybrid Approach with Devcontainer Features +``` + --- ## 1. Context / Problem diff --git a/docs/design_decisions/DR-004-infra.rst b/docs/design_decisions/DR-004-infra.rst index 07ca4002220..f3b717616a3 100644 --- a/docs/design_decisions/DR-004-infra.rst +++ b/docs/design_decisions/DR-004-infra.rst @@ -13,14 +13,14 @@ DR-004-Infra: Bi-directional traceability in docs ================================================= +- **Date:** 2025-10-24 + .. dec_rec:: Bi-directional traceability in docs :id: dec_rec__infra__traceable_docs :status: accepted :context: Infrastructure :decision: Single documentation build - Date: 2025-10-24 - Context / Problem ----------------- diff --git a/docs/design_decisions/DR-006-infra.md b/docs/design_decisions/DR-006-infra.md new file mode 100644 index 00000000000..a1c18306886 --- /dev/null +++ b/docs/design_decisions/DR-006-infra.md @@ -0,0 +1,84 @@ + + +# DR-006-Infra: Clippy Integration via rules_lint + +- **Date:** 2026-01-19 + +```{dec_rec} Clippy Integration via rules_lint +:id: dec_rec__infra__clippy_rules_lint +:status: accepted +:context: Infrastructure +:decision: Use rules_lint for Clippy in S-CORE modules +``` + +--- + +## 1. Context / Problem + +S-CORE needs a consistent, Bazel-native way to run Rust Clippy across modules. We +initially aligned on rules_rust for Clippy integration, but rules_lint added native +Clippy support while that work was ongoing. We must choose one approach to reduce +divergence and keep lint workflows maintainable. + +Key constraints: +- Avoid running Clippy across the entire tree by default. +- Avoid maintaining long, manual target lists. +- Keep lint rules centralized and versioned. +- Allow CI-friendly lint runs without additional tooling requirements. + +## 2. Decision + +We adopt rules_lint for Clippy integration in S-CORE modules. + +## 3. Rationale + +rules_lint fits better with the linting workflow: +- It is designed for linting (output groups, lint tests, lint-oriented UX). +- It avoids whole-tree runs and manual target lists by linting only the build graph + of requested targets. +- Clippy support is released and tested, which reduces risk. + +rules_rust remains a valid option, but it requires manual target enumeration for +lint-only runs and is harder to scope for incremental linting. + +## 4. Integration Approach + +Each module integrates Clippy through a rules_lint aspect: +- Use the shared aspect from `@score_rust_policies//clippy:linters.bzl` + (repo-local aspects remain an option if needed). +- Reference the centralized Clippy configuration from the policies repo: + `@score_rust_policies//clippy/strict:clippy.toml`. +- Enable the aspect in `.bazelrc` via `build --aspects=...%clippy` and request + output groups `rules_lint_human` (and optionally `rules_lint_machine`). +- Skip linting for specific targets using the `no-lint` tag. +- For CI, add `--@aspect_rules_lint//lint:fail_on_violation=true` to fail on findings. +- Use `aspect_rules_lint` >= `2.0.0-rc0` to support `fail_on_violation` with Clippy. + +This keeps configuration and behavior consistent while allowing each module to scope +linting to the targets it builds. + +## 5. Consequences + +- Clippy runs on the Rust targets in the build graph of the requested Bazel targets, + not the whole repository by default. +- Lint rules are centralized in `score_rust_policies`, reducing duplication and drift. +- The Aspect CLI is not required for Clippy execution; standard `bazel build` works. +- rules_lint uses Aspect telemetry; this can be disabled via repo environment + variables if required by policy. + +## 6. Future Considerations + +We may integrate the Aspect CLI in the future to enable the `bazel lint` command and +additional lint UX (interactive output, filtering, reporting). This is optional and +separate from the Bazel-based execution path. diff --git a/docs/design_decisions/DR-007-infra.rst b/docs/design_decisions/DR-007-infra.rst new file mode 100644 index 00000000000..7c8f60c6e57 --- /dev/null +++ b/docs/design_decisions/DR-007-infra.rst @@ -0,0 +1,326 @@ +.. + Copyright (c) 2025 Contributors to the Eclipse Foundation + + See the NOTICE file(s) distributed with this work for additional + information regarding copyright ownership. + + This program and the accompanying materials are made available under the + terms of the Apache License Version 2.0 which is available at + https://www.apache.org/licenses/LICENSE-2.0 + + SPDX-License-Identifier: Apache-2.0 + +DR-007-Infra: Solution for cyclic dependencies between docs-as-code and process description +=========================================================================================== + +- **Date:** 2026-02-04 + +.. dec_rec:: Move examples to module_template repository + :id: dec_rec__infra__dependency_docs_as_code + :status: accepted + :context: Infrastructure + :decision: Option 3 + +Context / Problem +----------------- + +Currently, there are two repositories defining the docs-as-code principles with Sphinx and Sphinx-Needs: + +- The ``eclipse_score/process_description`` repository defines the process and the requirements for the meta model of the Sphinx-Needs objects (sphinx objects for requirements, architecture, processes, etc.). + It includes also example Sphinx-Needs objects that illustrate the usage of the defined meta model. +- The ``eclipse_score/docs_as_code`` repository provides the base docs as code infrastructure and uses the process requirements to define the sphinx needs meta model and includes Sphinx-Needs objects from the process repository for testing. + +However, the process repository also uses the ``docs_as_code`` repository's as infrastructure for the process documentation and the meta model for Sphinx-Needs objects, creating a **cyclic dependency** between the two repositories. +Any change in the process requirements (in ``process_description``) for the meta model possibly leads to a change in the docs-as-code meta model, but any change in the docs-as-code meta model can cause build errors in the process_description repo and this happens during the docs-as-code build as Sphinx-Needs objects from the process repo are imported. +This tight coupling makes maintenance and evolution of both repositories difficult and error-prone. + +.. uml:: + :align: center + :caption: Cyclic dependency between process and docs-as-code repositories + + left to right direction + database process_description { + artifact examples + artifact templates + } + database docs_as_code { + artifact metamodel.yaml as yaml + } + + process_description --> docs_as_code : defines metamodel + docs_as_code --> process_description : checks metamodel + +The artifacts within those repos are: + +* "examples" are exemplary instances of the metamodel like :need:`feat__example_feature`. +* "templates" (more precisely `folder templates `_) + are instances which can be copied when creating new modules + like :need:`doc__feature_name_architecture`. +* "metamodel.yaml" is `this file `__. + +This means to roll out a change to the process looks like this: + +1. Change ``process_description`` but *not* the examples and folder templates. +2. Change ``docs_as_code`` accordingly (potentially with constraints because ``@process_description//:needs_json`` includes old examples and folder templates) +3. Change ``process_description`` a *second* time adapting the examples and folder templates. +4. Change ``docs_as_code`` a *second* time removing constraints from step 2. + +Currently the `module_template repo `_ +is not used and not up to date. +However, the Process community intends to use it for the folder templates in the future. +Thus, step 3 above will become a pull request to a third repository eventually. +Still, there is no plan to move the examples to that repository. + +Goals and Requirements +^^^^^^^^^^^^^^^^^^^^^^ + +- **Effort**: Don't spend much one-time effort to implement the change proposed here. +- **Independence**: Enable independent evolution of process requirements for the meta model and the meta model verification implementation. +- **UX**: Enable a process change rollout which does not require multiple pull requests in a single repository due to dependency cycles. +- **Clear Ownership**: Each repository should have a clear responsibility and ownership of its contents. +- **Maintainability**: Keep long-term maintenance effort low. + +Non-Goals +~~~~~~~~~ + +- Redesigning the entire docs-as-code or process description approach. +- Removing Sphinx or Sphinx-Needs as documentation tools. +- Avoid inconsistencies between process and tool implementation. + +Options Considered +------------------ + +Option 0: No change +^^^^^^^^^^^^^^^^^^^ + +Keep the current repository structure and workflows as they are. +Accept the cyclic dependency between ``process_description`` and ``docs_as_code`` and manage it through careful coordination and communication between maintainers. +Continue handling build errors manually when they occur. + +Effort 💚: None. + +Independence 😡: The repos ``process_description`` and ``docs_as_code`` are coupled. + +UX 😡: Poor due to the coupling some back and forth changes are necessary. + +Maintainability 😡: Poor (ongoing coordination burden). + +Clear Ownership 💚: Process community and docs-as-code are clearly separated. + + +Option 1: Merge both repositories into one +^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ + +Combine ``process_description`` and ``docs_as_code`` into a single repository. +This eliminates the cyclic dependency by having a single source of truth for both the meta model and the Sphinx-Needs objects/examples, but process is repo is potentially large and complex and is implementation specific. + +.. uml:: + :align: center + :caption: Merge both repositories into one + + left to right direction + database "process_description\n+ docs_as_code" { + artifact metamodel.yaml as yaml + artifact examples + artifact templates + } + +Effort 😡😡: Disruptive effort to merge repos. +Such changes conflict with practically all parallel pull requests. +Dependencies across all S-CORE repos are necessary. + +Independence 💚: Coupling is tolerable because both can be changed as an atomic commit. + +UX 💚: Excellent as single source. + +Maintainability 💚: Good because everything is in one place. + +Option 2: Move meta model definition to process repository +^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ + +Define and maintain the ``metamodel.yaml`` +solely in the process repository. +The docs-as-code repository would then only provide the infrastructure for the meta model, not define or modify it. +The process repository would be the authoritative source for the meta model. +Also tests (scripts) and examples would be maintained there. + +.. uml:: + :align: center + :caption: Move meta model definition to process repository + + left to right direction + database process_description { + artifact examples + artifact templates + artifact metamodel.yaml as yaml + } + database docs_as_code { + } + + process_description --> docs_as_code : defines metamodel + yaml --> docs_as_code : as input + docs_as_code --> process_description : checks metamodel + +Implication: +If the docs-as-code module would select the metamodel yaml version on its own, +we would not have resolved the cyclic dependency issue. +Thus, ``process_description`` would need to define which version of ``metamodel.yaml`` to use +and ``docs_as_code`` provides a configuration option to specify it. + +Moving only the ``metamodel.yaml`` file means that a few Python-implemented checks still remain in ``docs_as_code``. +While the problem is not solved completely, it should fix most of the cases. + +Effort 😡: Medium effort. + +Independence 😡: Rather good because ``docs_as_code`` mostly consumes except a few remaining checks. + +UX 💚: Excellent since authority is clear. + +Maintainability 💚: Good because of clear ownership. + +Clear Ownership 💚: Cleanly separated. + +Option 3: Move examples to docs_as_code and templates to module_template +^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ + +Move all examples from ``process_description`` into ``docs_as_code`` repo +and all templates from ``process_description`` into ``module_template`` repo. +No relevant cyclic dependency remains. + +.. uml:: + :align: center + :caption: Move examples to docs_as_code and templates to module_template + + left to right direction + database process_description { + } + database docs_as_code { + artifact metamodel.yaml as yaml + artifact examples + } + database module_template { + artifact templates + } + + process_description --> docs_as_code : defines metamodel + docs_as_code --> module_template : checks metamodel + +Effort 💚: Low. + +Independence 💚: Good because process repo becomes independent. + +UX 💚: Excellent since authority is clear. + +Maintainability 😡: More repos to maintain. + +Clear Ownership 💚: Process community is responsible for ``process_description`` and ``module_template``. + +Option 4: Move meta model and examples into a separate repository +^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ + +Create or use a dedicated meta model repository that contains only the Sphinx-Needs meta model definitions and the examples. +Both the process repository and docs-as-code repository would depend on this meta model repository (if necessary), making it the single source of truth. +This breaks the cycle by introducing a clear hierarchical dependency structure. + +.. uml:: + :align: center + :caption: Move meta model and examples into a separate repository + + left to right direction + database process_description { + } + database docs_as_code { + } + database module_template { + artifact metamodel.yaml as yaml + artifact examples + artifact templates + } + + process_description --> docs_as_code : defines metamodel + docs_as_code --> module_template : checks metamodel + yaml --> docs_as_code : as input + +Effort 😡: High effort for the configurable ``metamodel.yaml``. + +Independence 💚: Good because process repo becomes independent. + +UX 😡: It is strange that same checks are implemented in ``docs_as_code`` and some in ``module_template``. + +Maintainability 😡: More repos to maintain. + +Clear Ownership 💚: Clearly, the Process community takes authority over ``metamodel.yaml``. + +Option 5: Move examples and templates to docs-as-code repository +^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ + +Move all example Sphinx-Needs objects from the ``process_description`` repository to the ``docs_as_code`` repository. +The process repository would define requirements for the meta model, while docs-as-code would provide infrastructure, the meta model and host the examples that demonstrate the meta model. +This breaks the cycle by removing the import dependency from docs-as-code back to the process repository. + +.. uml:: + :align: center + :caption: Move examples to docs-as-code repository + + left to right direction + database process_description { + } + database docs_as_code { + artifact examples + artifact templates + artifact metamodel.yaml as yaml + } + + process_description --> docs_as_code : defines metamodel + +Effort 💚: Low effort. + +Independence 💚: Good because ``process_description`` just consumes. + +UX 💚: Fine. + +Maintainability 💚: Good because of clear ownership. + +Clear Ownership 😡: Process community wants control of the templates but they are in the ``docs_as_code`` repo. + +Option 6: Change error handling from warnings as errors to warnings only +^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ + +Keep the current repository structure but change the Sphinx build configuration in the docs-as-code repository to treat warnings as warnings instead of errors. +This would allow the build to succeed even when imported Sphinx-Needs objects from the process repository have inconsistencies with the meta model, effectively breaking the tight coupling that causes build failures. +The cyclic dependency would remain, but its impact would be reduced and only real errors like type name changes would cause build failures. +Please notice that missing mandatory links or fields, as well as additional links only generate warnings in this setup. +Only unknown types would still cause errors. + +Effort 💚: Low effort because only config and documentation needs to be changed. + +Independence 💚: Good because no errors are blocking anymore. + +UX 💚: Easy because problems can be ignored. + +Maintainability 😡😡: Poor because warnings won't be fixed as quickly as errors. + +Evaluation +---------- + +The effort for Option 1 is prohibitively high, so we ignore it for the evaluation. +Likewise we ignore Option 6 due to grave maintainability concerns. + +Here is the summary, how well each option achieves the goals in order of goal importance: + +.. csv-table:: + :header: Goals, Option 0, Option 2, Option 3, Option 4, Option 5 + :widths: 15, 10, 10, 10, 10, 10 + + Effort, 💚, 😡, 💚, 😡, 💚 + Independence, 😡, 😡, 💚, 💚, 💚 + UX, 😡, 💚, 💚, 😡, 💚 + Clear Ownership, 💚, 💚, 💚, 💚, 😡 + Maintainability, 😡, 💚, 😡, 😡, 💚 + +Due to our most important goal, effort, Options 2 and 4 are disqualified. +Then Option 0 is disqualified due to independence concerns (among others). +Option 5 is disqualified due to the ownership issue. + +**Decision:** Option 3 is the remaining best choice. +We accept the maintainability tradeoff. diff --git a/docs/features/baselibs/docs/architecture/chklst_arc_inspection.rst b/docs/features/baselibs/docs/architecture/chklst_arc_inspection.rst index 01101981fad..03f3d3befa3 100644 --- a/docs/features/baselibs/docs/architecture/chklst_arc_inspection.rst +++ b/docs/features/baselibs/docs/architecture/chklst_arc_inspection.rst @@ -18,7 +18,7 @@ Architecture Inspection Checklist .. document:: Baselibs Architecture Inspection Checklist :id: doc__baselibs_arc_inspection - :status: draft + :status: valid :safety: ASIL_B :security: YES :realizes: wp__sw_arch_verification @@ -33,15 +33,27 @@ practices. The checklist guides evaluation of the architecture design, identifies potential problems, and aids in communication and documentation of architectural decisions to stakeholders. +Conduct +------- + +As described in the concept :need:`doc_concept__wp_inspections` the following "inspection roles" are expected to be filled: + +- content responsible (author): ``_ +- reviewer: ``_ +- moderator: only needed for conflict resolution between author and reviewers, is the safety manager, security manager or quality manager called in as a reviewer (can be derived from version mgt tool) + Checklist --------- +It is mandatory to fill in the "passed" column with "yes" or "no" for each checklist item and additionally to add in the remarks why it is passed or not passed. +In case of "no" an issue link to the issue tracking system has to be added in the last column (if not solved in the same issue). +See also :need:`doc_concept__wp_inspections` for further information about reviews in general and inspection in particular. + .. list-table:: Architecture Design Review Checklist :header-rows: 1 * - Review Id - Acceptance criteria - - Type - Guidance - passed - Remarks @@ -49,107 +61,125 @@ Checklist * - ARC_01_01 - Is the traceability from software architectural elements to requirements, and other level architectural elements (e.g. component to interface) established according to the "Relations between the architectural elements" as described in :need:`doc_concept__arch_process`? - - automated - - Trace should be checked by Sphinx. Will be removed from checklist once requirement is implemented. - - - - - - + - Trace should be checked automatically by tool support in the future. It will be removed from the checklist once the requirement (:need:`Correlations of the architectural building blocks `) is implemented. Refer to `Tool Requirements `_ for the current status. + - NO + - Several functional feature requirements are not linked to the baselibs feature architecture. + - `#2265 `_ * - ARC_01_02 - If the architectural element is related to any supplier manuals (incl. safety and security) are the relevant parts covered? - - manual - If the architecture makes use of supplied elements, their manuals (like safety) have to be considered (i.e. its provided functionality matches the expectation and assumptions are fulfilled). Note that in case of safety component this means that assumed Technical Safety Requirements and AoUs of the safety manual are covered. - - - - + - YES + - Baselibs uses OS. S-CORE's reference OS safety manual was considered during development, but cannot be published in this open source project - * - ARC_01_03 - Is the architectural element traceable to the lower level artifacts as defined by the workproduct traceability? - - automated - - Will be removed from checklist once requirement is implemented by automated tool check. + - Will be removed from checklist once the requirement (:need:`Correlations of the architectural building blocks `) is implemented by automated tool check. See `Tool Requirements `_. Details of possible linking can be depicted from `traceability concept `_ - - - - + - YES + - Baselibs feature architecture includes logic interfaces, these can be used to link to components (see static view :need:`feat_arc_sta__baselibs__static_view_arch`) - * - ARC_02_01 - Is the software architecture design compliant with the (overall) feature architecture? - - manual - On component level check against the feature architecture, on feature level check other features with common components used. - - - - + - YES + - Shared module is the OS, which is designed to work with multiple components using it. - * - ARC_02_02 - Is appropriate and comprehensible operation/interface naming present in the architectural design? - - manual - Check :need:`gd_guidl__arch_design` - - - - + - YES + - Interfaces and operations names are abstract but sufficient for understanding. - * - ARC_02_03 - Are correctness of data flow and control flow within the architectural elements considered? - - manual - E.g. examine definitions, transformations, integrity, and interaction of data; check error handling, data exchange between elements, correct response to inputs and documented decision making. Note: consistency is ensured by the process/tooling, by defining each interface only once. - - - - + - YES + - There is no control/data flow between baselibs components (each of it is stand-alone), so no sequence diagram needed. - * - ARC_02_04 - Are the interfaces between the software architectural element and other architectural elements well-defined? - - manual - Check if the interface reacts on non-defined behavior or errors; can established protocols be used; are the interfaces for inputs, outputs, error codes documented; is loose coupling considered and only limited exposure; can unit or integration test be written against the interface; data amount transferred; no sensitive data exposure; - - - - - - + - NO + - Errors are generally managed by the "Result" component (ok) + If an operation is an input or an output is not shown (nok) + Libraries are split in logical way, enable testing, data amount and sensitivity is not an issue. Maybe with the exception of JSON - add a AoU here? + - `#2265 `_ * - ARC_02_05 - Does the software architectural element consider the timing constraints (from the parent requirement)? - - manual - If there are hard requirements on the timing a programming time estimation should be performed and also deadline supervision considered. - - - - + - YES + - As the functionalities are quite small, timing should not be a problem. No requirements on timing for baselibs. - * - ARC_02_06 - Is the documentation of the software architectural element, including textual and graphical descriptions (e.g., UML diagrams), comprehensible and complete? - - manual - Use of semi-formal notation is expected for architectural elements with an allocated ASIL level. Is the architecture template correctly filled? - - - - - - + - NO + - Architecture template: Requirements section missing, but this is covered by Static View linking, Module View not needed (same as Feature Static View) (ok) + Semi-Formal Notation used (ok) + Mismatch between libraries mentioned in "Description" and the ones depicted in Static View (this also does not match with the 0.5 planning/release note) and also not matching feature request https://eclipse-score.github.io/score/main/features/baselibs/index.html (nok) + - `#2265 `_ * - ARC_03_01 - Is the architectural element modular and encapsulated? - - manual - Check e.g. that only minimal interfaces are used. Design should be object oriented. Interfaces and interactions are clearly defined. Usage of access types (private, protected) properly set. Limited global variables. - - - - + - YES + - small functionality - * - ARC_03_02 - Is the suitability of the software architecture for future modifications and maintainability considered? - - manual - Check for e.g. loose coupling, separation of concerns, high cohesion, versioning strategy for interfaces, decision records, use of established design patterns. - - - - + - YES + - Nothing which can be seen in the architecture documentation speaks against this. - * - ARC_03_03 - Are simplicity and avoidance of unnecessary complexity present in the software architecture? - - manual - Indicators for complexity are: number of use cases (corresponding to dynamic diagrams) allocated to single design element, number of interfaces and operations in an interface, function parameters, global variables, complex types, limited comprehensibility. Note: If the "number" above exceeds "3" a design rationale is mandatory (for all types) - - - - + - YES + - Baselibs is just a big container for globally shared library functions - thus offers a lot of (unconnected) interfaces. - * - ARC_03_04 - Is the software architecture design following best practices and design principles? - - manual - Refer to architectural guidelines and recommendations within the project documentation. + - YES + - Guideline :need:`gd_guidl__arch_design` is followed, template usage checked in ARC_02_06, some design principles already checked in ARC_03_02, no additional recommendations in the project's PMP - - - - - + +.. attention:: + The above checklist entries must be filled according to your feature architecture in scope. + +Note: If a Review ID is not applicable for your architecture, then state ""n/a" in status and comment accordingly in remarks. + +The following static views in "valid" state and with "inspected" tag set are in the scope of this inspection: + +.. needtable:: + :filter: "baselibs" in docname and "architecture" in docname and docname is not None and status == "valid" + :style: table + :types: feat_arc_sta + :tags: baselibs + :columns: id;status;tags + :colwidths: 25,25,25 + :sort: title + +and the following dynamic views: + +.. needtable:: + :filter: "baselibs" in docname and "architecture" in docname and docname is not None and status == "valid" + :style: table + :types: feat_arc_dyn + :tags: baselibs + :columns: id;status;tags + :colwidths: 25,25,25 + :sort: title diff --git a/docs/features/baselibs/docs/architecture/index.rst b/docs/features/baselibs/docs/architecture/index.rst index 8050c42da72..a353a3a990e 100644 --- a/docs/features/baselibs/docs/architecture/index.rst +++ b/docs/features/baselibs/docs/architecture/index.rst @@ -84,13 +84,23 @@ The decomposition of Baselibs into modular libraries is motivated by the need fo Static Architecture ------------------- -.. feat_arc_sta:: Static View +.. feat:: Baselibs + :id: feat__baselibs + :security: YES + :safety: ASIL_B + :status: valid + :includes: logic_arc_int__baselibs__json, logic_arc_int__baselibs__memory_shared, logic_arc_int__baselibs__message_passing, logic_arc_int__baselibs__result, logic_arc_int__baselibs__bit_manipulation, logic_arc_int__baselibs__bit_mask_operator, logic_arc_int__baselibs__dynamic_array, logic_arc_int__baselibs__intrusive_list, logic_arc_int__baselibs__filesystem, logic_arc_int__baselibs__utils_base64, logic_arc_int__baselibs__utils_scoped_op, logic_arc_int__baselibs__promise, logic_arc_int__baselibs__future, logic_arc_int__baselibs__shared_future, logic_arc_int__baselibs__executor, logic_arc_int__baselibs__task, logic_arc_int__baselibs__task_result, logic_arc_int__baselibs__synchronized_queue, logic_arc_int__baselibs__condition_variable + :consists_of: comp__com_configuration, comp__com_ipc_binding, comp__com_mock_binding, comp__com_frontend + +.. feat_arc_sta:: Baselibs Static View :id: feat_arc_sta__baselibs__static_view_arch :security: YES :safety: ASIL_B :status: valid :fulfils: feat_req__baselibs__core_utilities - :includes: logic_arc_int__baselibs__json, logic_arc_int__baselibs__memory_shared, logic_arc_int__baselibs__message_passing, logic_arc_int__baselibs__result, logic_arc_int__baselibs__bit_manipulation, logic_arc_int__baselibs__bit_mask_operator, logic_arc_int__baselibs__dynamic_array, logic_arc_int__baselibs__intrusive_list, logic_arc_int__baselibs__filesystem + :includes: logic_arc_int__baselibs__json, logic_arc_int__baselibs__memory_shared, logic_arc_int__baselibs__message_passing, logic_arc_int__baselibs__result, logic_arc_int__baselibs__bit_manipulation, logic_arc_int__baselibs__bit_mask_operator, logic_arc_int__baselibs__dynamic_array, logic_arc_int__baselibs__intrusive_list, logic_arc_int__baselibs__filesystem, logic_arc_int__baselibs__utils_base64, logic_arc_int__baselibs__utils_scoped_op, logic_arc_int__baselibs__promise, logic_arc_int__baselibs__future, logic_arc_int__baselibs__shared_future, logic_arc_int__baselibs__executor, logic_arc_int__baselibs__task, logic_arc_int__baselibs__task_result, logic_arc_int__baselibs__synchronized_queue, logic_arc_int__baselibs__condition_variable + :tags: inspected + :belongs_to: feat__baselibs .. needarch:: :scale: 50 @@ -107,4 +117,4 @@ The Baselibs feature exposes the following logical interfaces: :style: table :columns: title;id;status :sort: title - :filter: id in ['logic_arc_int__baselibs__json', 'logic_arc_int__baselibs__memory_shared', 'logic_arc_int__baselibs__message_passing' ,'logic_arc_int__baselibs__result', 'logic_arc_int__baselibs__bit_manipulation', 'logic_arc_int__baselibs__bit_mask_operator', 'logic_arc_int__baselibs__dynamic_array', 'logic_arc_int__baselibs__intrusive_list', 'logic_arc_int__baselibs__filesystem'] + :filter: id in ['logic_arc_int__baselibs__json', 'logic_arc_int__baselibs__memory_shared', 'logic_arc_int__baselibs__message_passing' ,'logic_arc_int__baselibs__result', 'logic_arc_int__baselibs__bit_manipulation', 'logic_arc_int__baselibs__bit_mask_operator', 'logic_arc_int__baselibs__dynamic_array', 'logic_arc_int__baselibs__intrusive_list', 'logic_arc_int__baselibs__filesystem', 'logic_arc_int__baselibs__utils_base64', 'logic_arc_int__baselibs__utils_scoped_op', 'logic_arc_int__baselibs__promise', 'logic_arc_int__baselibs__future', 'logic_arc_int__baselibs__shared_future', 'logic_arc_int__baselibs__executor', 'logic_arc_int__baselibs__task', 'logic_arc_int__baselibs__task_result', 'logic_arc_int__baselibs__synchronized_queue', 'logic_arc_int__baselibs__condition_variable'] diff --git a/docs/features/baselibs/docs/requirements/chklst_req_inspection.rst b/docs/features/baselibs/docs/requirements/chklst_req_inspection.rst index 20a05105c63..31e26909857 100644 --- a/docs/features/baselibs/docs/requirements/chklst_req_inspection.rst +++ b/docs/features/baselibs/docs/requirements/chklst_req_inspection.rst @@ -129,7 +129,7 @@ Requirement Inspection Checklist - * - REQ_08_01 - Is the requirement *verifiable*? - - If at the time of the inspection already tests are created for the requirement, the answer is yes. This can be checked via traces, but also :need:`gd_req__req_attr_test_covered` shows this. In case the requirement is not sufficiently traced to test cases already, a test expert is invited to the inspection to give his opinion whether the requirement is formulated in a way that supports test development and the available test infrastructure is sufficient to perform the test. + - If at the time of the inspection already tests are created for the requirement, the answer is yes. This can be checked via traces, but also :need:`gd_req__req_attr_test_covered` shows this. In case the requirement is not sufficiently traced to test cases already, a test expert is invited to the inspection to give their opinion whether the requirement is formulated in a way that supports test development and the available test infrastructure is sufficient to perform the test. - - - diff --git a/docs/features/baselibs/docs/requirements/index.rst b/docs/features/baselibs/docs/requirements/index.rst index 0453e2cf969..caea7d05981 100644 --- a/docs/features/baselibs/docs/requirements/index.rst +++ b/docs/features/baselibs/docs/requirements/index.rst @@ -131,3 +131,26 @@ Requirements :status: valid The base libraries shall provide a filesystem library with file and directory manipulation functionality. + +.. feat_req:: Memory Library + :id: feat_req__baselibs__memory_library + :reqtype: Functional + :security: YES + :safety: ASIL_B + :satisfies: stkh_req__functional_req__base_libraries + :status: valid + + The baselibs shall provide a memory management library that includes utilities for shared memory operations, polymorphic memory resources, position-independent pointers, endianness conversion, and inter-process synchronization mechanisms. + +.. feat_req:: Concurrency Library + :id: feat_req__baselibs__concurrency_library + :reqtype: Functional + :security: NO + :safety: ASIL_B + :satisfies: stkh_req__functional_req__base_libraries + :status: valid + + The base libraries shall provide a library for parallel execution of C++ callables with thread pool management. + +.. needextend:: "__baselibs" in id + :+tags: baselibs diff --git a/docs/features/baselibs/docs/safety_planning/index.rst b/docs/features/baselibs/docs/safety_planning/index.rst index e5d7544e30c..0d902b68b85 100644 --- a/docs/features/baselibs/docs/safety_planning/index.rst +++ b/docs/features/baselibs/docs/safety_planning/index.rst @@ -13,8 +13,8 @@ # ******************************************************************************* -Feature Safety Planning -======================= +Feature Safety Work Products List +================================= .. document:: Baselibs Safety WPs :id: doc__baselibs_safety_wp @@ -30,74 +30,66 @@ Feature Safety Planning * - Work product Id - Link to process - Process status - - Link to issue - Link to WP - - WP/doc status * - :need:`wp__feat_request` - :need:`gd_temp__change_feature_request` - :ndf:`copy('status', need_id='gd_temp__change_feature_request')` - - `#549 `_ - :need:`doc__baselibs` - - :ndf:`copy('status', need_id='doc__baselibs')` * - :need:`wp__requirements_feat` - :need:`gd_temp__req_feat_req` - :ndf:`copy('status', need_id='gd_temp__req_feat_req')` - - `#549 `_ - :need:`doc__baselibs_requirements` - - doc :ndf:`copy('status', need_id='doc__baselibs_requirements')` & WP below * - :need:`wp__requirements_feat_aou` - :need:`gd_temp__req_aou_req` - :ndf:`copy('status', need_id='gd_temp__req_aou_req')` - - - :need:`doc__baselibs_requirements` - - doc :ndf:`copy('status', need_id='doc__baselibs_requirements')` & WP below * - :need:`wp__feature_arch` - :need:`gd_temp__arch_feature` - :ndf:`copy('status', need_id='gd_temp__arch_feature')` - - `#1240 `_ - :need:`doc__baselibs_architecture` - - doc :ndf:`copy('status', need_id='doc__baselibs_architecture')` & WP below * - :need:`wp__feature_fmea` - :need:`gd_temp__feat_saf_fmea` - :ndf:`copy('status', need_id='gd_temp__feat_saf_fmea')` - - - :need:`doc__baselibs_fmea` - - doc :ndf:`copy('status', need_id='doc__baselibs_fmea')` & WP below * - :need:`wp__feature_dfa` - :need:`gd_temp__feat_saf_dfa` - :ndf:`copy('status', need_id='gd_temp__feat_saf_dfa')` - - - :need:`doc__baselibs_dfa` - - doc :ndf:`copy('status', need_id='doc__baselibs_dfa')` & WP below * - :need:`wp__requirements_inspect` - :need:`gd_chklst__req_inspection` - :ndf:`copy('status', need_id='gd_chklst__req_inspection')` - - - - - - + - :need:`doc__baselibs_req_inspection` * - :need:`wp__sw_arch_verification` - :need:`gd_chklst__arch_inspection_checklist` - :ndf:`copy('status', need_id='gd_chklst__arch_inspection_checklist')` - - - - - - + - :need:`doc__baselibs_arc_inspection` * - :need:`wp__verification_feat_int_test` - :need:`gd_guidl__verification_guide` - :ndf:`copy('status', need_id='gd_guidl__verification_guide')` - - - - - +Feature Safety Package +====================== + +To create the safety package (according to :need:`gd_guidl__saf_package`) the following +documents and work products status have to go to "valid" (after the relevant verification were performed). +Feature Documents Status +------------------------ + +For all the work product documents the status can be seen by following the "Link to WP". +A summary of the status is also documented in the project's documentation management plan. + +See :ref:`documents_docs_features_baselibs` Feature Requirements Status --------------------------- @@ -127,7 +119,7 @@ Feature Architecture Status --------------------------- .. needtable:: - :filter: docname is not None and "baselibs" in docname and "requirements" in docname + :filter: docname is not None and "baselibs" in docname and "architecture" in docname :style: table :types: feat_arc_sta; feat_arc_dyn :tags: baselibs diff --git a/docs/features/baselibs/index.rst b/docs/features/baselibs/index.rst index c1f16888004..c6a06a9dade 100644 --- a/docs/features/baselibs/index.rst +++ b/docs/features/baselibs/index.rst @@ -14,7 +14,7 @@ .. _baselibs_feature: -Base Libraries (v0.5 alpha) +Base Libraries (v0.5 beta) ########################### .. document:: Base Libraries diff --git a/docs/features/code_generation/index.rst b/docs/features/code_generation/index.rst new file mode 100644 index 00000000000..39af4084a59 --- /dev/null +++ b/docs/features/code_generation/index.rst @@ -0,0 +1,302 @@ +.. + # ******************************************************************************* + # Copyright (c) 2025 Contributors to the Eclipse Foundation + # + # See the NOTICE file(s) distributed with this work for additional + # information regarding copyright ownership. + # + # This program and the accompanying materials are made available under the + # terms of the Apache License Version 2.0 which is available at + # https://www.apache.org/licenses/LICENSE-2.0 + # + # SPDX-License-Identifier: Apache-2.0 + # ******************************************************************************* + +.. _code_generation_feature: + +Code Generation +############### + +.. document:: Code-Generation + :id: doc__code_generation + :status: draft + :safety: ASIL_B + :security: NO + :tags: feature_request + :realizes: wp__feat_request + +.. toctree:: + :maxdepth: 1 + :glob: + :titlesonly: + :hidden: + + */index + + +Feature flag +============ + +To activate this feature, use the following feature flag: + +``experimental_code_generation`` + + +Abstract +======== + + +Motivation +========== + +To accomplish multi-generational portability of systems and +applications across suppliers, there is a need to enable +decoupling of human-written functional code from vendor-specific +system deployment architectures, application development frameworks, +communication mechanism libraries and operating system interface +specifics. + +Rationale +========= + +Separation of concern +_____________________ + +Traditionally, automotive project/system-specific implementations tend +to be very heavily interwoven with technology supplier API +peculiarities and vendor framework-expected application code +structures. This is okay for one-off projects, but not for reusable +code across different technology stacks and vehicle generations. To +address this issue, a key design philosophy is to impose a very +specific code structure requirement for all functional code that is to +be run in the middleware space. For example, one want to have the freedom to +swap communication mechanisms as new improved technologies +emerge. This means the architecture needs to be +simultaneously agnostic and accomodating of different communication +frameworks and protocols. This is accomplished by enforcing a standard +API for the function/application developer to access input data, +runtime parameters, internal state variables, hardware interface +contexts and to populate output data structures. + +A standard well defined API is the condition to code generation. + + +Code generation approach +________________________ + + +The isolation of functional code from system-level and +deployment-level context allows for code reuse, rapid system +reconfiguration, prototyping, simulation and advanced fuzz testing +without in-code changes and refactoring when the application lifecycle +standard API is combined with a code generator. The code generator is +responsible for generating the middleware boiler code that gets compiled and +deployed. There is no need for the developer to know how this is done. + +This allows eliminating large amounts of +"boilerplate" code that would otherwise clutter human-written +codebases and slow down refactoring. This opens the door to affordable +code base translation. + + +The only limiting factor in freedom-of-redeployment is if the +functional code's dependency libraries (if any) require +specific hardware or drivers. Abstracting away vendor-specific +accelerator hardware/driver interfaces is beyond the current scope. + + + +Specification +============= + +Software Compute Unit +_____________________ + +Let's define a software unit an entity that implements a specific +input-output algorithmic function as part of a larger graph +algorithm. This would be a ROS node or an ARA Application. + +We want to support both functional programming style or Object +Oriented programming style. In object-oriented programming languages, +such as C++, a software unit would be implemented as a trivially +default-constructible class with public methods and no defined +constructors, that inherits from the C++ base class. Conversely in +Rust, it would be a struct that implements the equivalent public +functions with no constructor. + +We want to support error handling and not enforce throwing exception. +Each of the standard interface functions must return an ErrorCode. + +We want to advanced code re-usability. We therefore define the concept +for an archetype which is the skeleton of a software unit. An instance +is a unique implementation of an archetype, with a specific +configuration defined as a parameter set. For example, if you would +have 5 cameras in the car, you would define a single archetype, but +instanciate it 5 times, with a different set of parameters for each +camera. + +We want to support different steps in the operation mode. +The standard set of API we came up looks like this: + +**onInit(Parameters p, InternalState is)** is responsible for +initializing any Internal State or Hidden State variables and data +structures, including any hardware contexts. onInit() is only called +once during the lifecycle of a software unit. You can think of this as +roughly equivalent to the contents of a class constructor. This +function determines the starting point of the lifecycle of a software +unit instance. + +**onUpdate(Time t, Parameters p, Inputs in, InternalState is, Output +out)** is responsible for the core repeated logic to be +executed. onUpdate() is called by the execution triggering logic that +may be internal or external depending on the execution environment. + +**onReset(Parameters p, InternalState is)** is responsible for +handling situations where the internal state needs to +be reset, to either recover from a trivial error state or because +something in the execution environment has changed. Any trivial +mechanisms for recovery from transient error states can be handled as +part of the onReset function. onReset() can be called any number of +times during the lifecycle of a compute unit instance. + +**onShutdown(Parameters p, InternalState is)** is responsible for +handling any cleanup tasks of hardware states and deallocation of +heap-allocated data structures before a compute unit will be deallocated +from memory and any execution terminated. You can think of this as +roughly equivalent to the contents of a class destructor. + + + +Interface +_________ + + +Software Compute units communicate via abstracted input and output +interfaces, with the Software Compute instance itself not knowing +anything about where the data come from or where it should go. + +The Inputs data structure contains a collection of input queues for +each inputs modeled for the Software Compute Archetype. + +The Outputs data structure is similar to the Inputs data structure +with the difference that the contents are mutable, i.e. writable by +the Software Compute Archetype. + + +Internal State +______________ + +A Software Compute unit only concern +is with its own internal needs relevant to the implementation of +an algorithm or other logic block. + +For storing variables between execution cycles that have no relevance +for the reproducibility of computation results of a stateful +algorithm, a special Hidden State data structure can be defined. + + +Parameter +_________ + +The Parameters data structure contains any runtime Parameters required +by the Software Compute instance. A default parameter data structure +is defined for the archetype. It can be re-configured for each +instance of the Compute instance. + +Error Handling +______________ + +There shall be a error management framework defining error type, +category of errors, mechanism for the propagation of error. In Rust or +modern C++, monadic behavior would be recommended. The recovery logic +should be modelable in the Modeling Language. + + + +Static analysis of the system +_____________________________ + +The system would be modeled using a specific description language. +The description language consists of three primary concepts: + +**Interface Lists** these are collections of data types of the data to + be exchanged. They are modeled similarly to common IDLs; + +**Software Compyte Unit Archetype Lists** these are collections of + metadata descriptions of human-written Software Compyte Unit + implementations. One can think of them as similar to application + manifests in Adaptive Autosar or the Android Framework. + +**Software Compyte Unit Instance Lists** these are used to describe + the deployment of (instantiate) Software Compyte Unit Archetypes in + an operating system context, including both standard and user-defined + configuration parameters. + +The above are parsed as files into an intermediate representation that +represents the entire modeled system. The intermediate representation +open the doors to a static system analysis (resources analysis and +checks, resource allocation, static schedling). + +Subchapter +__________ + +.. example for image embedding +.. .. image:: _assets/sample_image.svg +.. :alt: Name + +.. example for image embedding +.. .. image:: _assets/architetcure_diagram_for_code_generation.svg +.. :alt: Architecture Diagram + + +uml example: + +.. uml:: + + @startuml + + class ExampleClass { + +fun(input): bool + } + + @enduml + + +Requirements +____________ + +The related requirements can be found in :doc:`requirements/index`. + + +Backwards Compatibility +======================= + + +Security Impact +=============== + + +Safety Impact +============= + +Strict repeatible design pattern, extensive code re-usablility, is easy to certify. +Requires tool qualification for the code generator for ASIL relevant components. + +License Impact +============== + + +How to Teach This +================= + + +Rejected Ideas +============== + + +Open Issues +=========== + + +Footnotes +========= diff --git a/docs/features/code_generation/requirements/index.rst b/docs/features/code_generation/requirements/index.rst new file mode 100644 index 00000000000..64455cc0650 --- /dev/null +++ b/docs/features/code_generation/requirements/index.rst @@ -0,0 +1,125 @@ +.. + # ******************************************************************************* + # Copyright (c) 2025 Contributors to the Eclipse Foundation + # + # See the NOTICE file(s) distributed with this work for additional + # information regarding copyright ownership. + # + # This program and the accompanying materials are made available under the + # terms of the Apache License Version 2.0 which is available at + # https://www.apache.org/licenses/LICENSE-2.0 + # + # SPDX-License-Identifier: Apache-2.0 + # ******************************************************************************* + +.. _codegen_requirements: + +Requirements +============ + +.. feat_req:: The system uses a human-readable definition language. + :id: feat_req__code_generation__definitionlanguage + :reqtype: Functional + :security: NO + :safety: ASIL_B + :satisfies: stkh_req__dev_experience__idl_support + :status: valid + + The system shall be modeled in YAML-syntax files. This means the system should + use YAML due to the availability of parsers in Rust and C++. The + system should prefer YAML over JSON due to its simpler syntax. + +.. feat_req:: Software Compute Units signal initialization failures by returning an Error indicating failure. + :id: feat_req__code_generation__initialization + :reqtype: Functional + :security: NO + :safety: ASIL_B + :satisfies: stkh_req__execution_model__processes + :status: valid + + Software Compute Unit Instances shall be considered to have failed + permanently if they fail to initialize. + +.. feat_req:: Software Compute Units correctly deallocate any dynamically allocated memory in the onShutdown function. + :id: feat_req__code_generation__deinitialization + :reqtype: Functional + :security: NO + :safety: ASIL_B + :satisfies: stkh_req__execution_model__processes + :status: valid + + Software Compute Unit instances shall have onInit and onShutdown + called only once during their lifecycle. + +.. feat_req:: Software Compute Units do not spawn a variable number of threads. + :id: feat_req__code_generation__nomultithreading + :reqtype: Functional + :security: NO + :safety: ASIL_B + :satisfies: stkh_req__execution_model__processes + :status: valid + + Software Compute Units shall have a predetermined number of threads + if they spawn any threads at all. Software Compute Units shall not + dynamically spawn and join or detach worker threads. + +.. feat_req:: Software Compute Units do not throw exceptions or "panic". + :id: feat_req__code_generation__error_handling1 + :reqtype: Functional + :security: NO + :safety: ASIL_B + :satisfies: stkh_req__execution_model__processes + :status: valid + + Software Compute Units shall handle any exceptions in dependency + libraries completely inside the standard interface functions. Software Compute Units shall signal an error by returning an Error that contains an ErrorCode other than Success. Software Compute Units shall terminate execution if unhandled exceptions occur. + +.. feat_req:: Software Compute Units do not attempt to trigger program termination. + :id: feat_req__code_generation__error_handling2 + :reqtype: Functional + :security: NO + :safety: ASIL_B + :satisfies: stkh_req__execution_model__processes + :status: valid + + Software Compute Units shall return an Error with a suitable + Errorcode and follow the defined error propagation mechanism to + handle errors. Software Compute Units shall not manage their own + lifecycle. + +.. feat_req:: Software Compute Units do not call their own standard interface methods. + :id: feat_req__code_generation__error_handling3 + :reqtype: Functional + :security: NO + :safety: ASIL_B + :satisfies: stkh_req__ai_platform__runtime_determinism + :status: valid + + Software Compute Units shall not interfere with their external + lifecycle management by calling their own interface methods + (onInit, onUpdate, onReset, onShutdown). Software Compute Units may + call onReset() from onShutdown() if required for avoiding code + duplication. + +.. feat_req:: Software Compute Units implement transient error recovery mechanisms in onReset. + :id: feat_req__code_generation__error_handling4 + :reqtype: Functional + :security: NO + :safety: ASIL_B + :satisfies: stkh_req__ai_platform__runtime_determinism + :status: valid + + Software Compute Units shall signal transient errors as a failure of + onUpdate. The responsible Software Compute Unit shall trigger + onReset to recover from transient errors based on logic modeled for + the Archetype. + +.. feat_req:: Software Compute Units signal reset and recovery failures via the Error return value of onReset. + :id: feat_req__code_generation__error_handling5 + :reqtype: Functional + :security: NO + :safety: ASIL_B + :satisfies: stkh_req__ai_platform__runtime_determinism + :status: valid + + Software Compute Units shall be considered to have failed permanently if they return a failure on onReset. diff --git a/docs/features/communication/abi_compatible_data_types/index.rst b/docs/features/communication/abi_compatible_data_types/index.rst index 9fb5cf0be86..c5992d11822 100644 --- a/docs/features/communication/abi_compatible_data_types/index.rst +++ b/docs/features/communication/abi_compatible_data_types/index.rst @@ -43,9 +43,9 @@ To activate this feature, use the following feature flag: Abstract ======== -This feature request defines a set of ABI-compatible data types and a runtime type description format to support zero-copy inter-process communication between C++17 and Rust 1.8x processes using the same endianness. It ensures consistent type layouts across languages by requiring fixed-size, statically allocated types without absolute pointers or language-specific metadata. +This feature request defines a set of ABI-compatible data types and a runtime type metadata format to support zero-copy inter-process communication between C++17 and Rust 1.88 processes using the same endianness. It ensures consistent type layouts across languages by requiring fixed-size, statically allocated types without absolute pointers or language-specific metadata. -The specification covers primitive types, structs, enums, arrays, and introduces ABI-stable representations for vectors, options, and results. A runtime-readable type description enables processes to interpret shared memory without compile-time access to type definitions. +The specification covers primitive types, structs, enums, arrays, and introduces ABI-stable representations for vectors, strings, options, and results. An optional runtime-readable type structure metadata enables processes to interpret shared memory without compile-time access to type definitions. Motivation @@ -53,15 +53,15 @@ Motivation This feature request addresses specific challenges in achieving type compatibility within our inter-process communication (IPC) framework that leverages zero-copy shared memory mechanisms. Two essential scenarios are under evaluation: -1. **ABI Compatibility**: Processes implemented in different programming languages (C++17 and Rust 1.8x) must interpret a shared memory location consistently as the same native type, provided both have compile-time access to the type definition. This scenario eliminates serialization overhead and allows direct memory access. +1. **ABI Compatibility**: Processes implemented in different programming languages (C++17 and Rust 1.88) must interpret a shared memory location consistently as the same native type, provided both have compile-time access to the type definition. This scenario eliminates serialization overhead and allows direct memory access. -2. **Type Description**: It should be possible to record arbitrary data streams, and convert or analyze them at a later time and/or on a different system, without having to recompile the conversion or analysis tools for that particular data format. A machine-readable description of the format, including any user-defined data types, should be available on request during runtime. In addition, this description could potentially be used by gateway processes to perform relatively simple but generic transformations between different data representations. +2. **Type Structure Metadata**: It should be possible to record arbitrary data streams, and convert or analyze them at a later time and/or on a different system, without having to recompile the conversion or analysis tools for that particular data format. A machine-readable description of the format, including any user-defined data types, should be available on request during runtime. In addition, this structure description could potentially be used by gateway processes to perform relatively simple but generic transformations between different data representations. ABI Compatibility ----------------- -Our communication feature relies on shared memory to transfer data between processes. For effective zero-copy data exchange, processes written in C++17 and Rust 1.8x must inherently understand the data at shared memory locations identically. Achieving this requires ensuring that data types have consistent, fixed-size memory layouts. +Our communication feature relies on shared memory to transfer data between processes. For effective zero-copy data exchange, processes written in C++17 and Rust 1.88 must inherently understand the data at shared memory locations identically. Achieving this requires ensuring that data types have consistent, fixed-size memory layouts. This evaluation initially targets the following process configurations: @@ -69,6 +69,7 @@ This evaluation initially targets the following process configurations: * Processes running on different operating systems but under the same hypervisor. Supporting different endianness between processes is explicitly out of scope, as it inherently demands bit manipulation, effectively requiring serialization. +A mechanism to ensure that sender and receiver use the same endianness is out of scope as well. Different bit widths, however, are implicitly supported by specifying the width of all types and excluding word-size integers. The following data types shall be supported: @@ -76,7 +77,13 @@ The following data types shall be supported: * **Primitive Types**: * Boolean - * Numeric (fixed-size integers 8-128 bits, signed and unsigned; IEEE 754 floating-point numbers) + * Integer (signed and unsigned, 8/16/32/64-bit) + * Floating-point: + + * IEEE 754 binary 32/64-bit + * FP16/bfloat16 (*optional*) + + * Character (Unicode scalar value) * **Sequence Types**: @@ -92,6 +99,7 @@ The following data types shall be supported: * **Fixed-Size, Variable-Length Containers**: * Vector + * String (UTF-8 encoded) * Queue * Hash map (*optional*) * Hash set (*optional*) @@ -109,6 +117,9 @@ Type Description A critical scalability feature involves gateway processes, which subscribe to IPC endpoints and translate ABI-compatible data types into external serialization formats. These gateways require the ability to interpret data without compile-time access to type definitions. To address this, an explicit runtime-readable type description format is necessary. This description allows dynamic, runtime interpretation of data structures, enabling the addition of new IPC topics without recompiling gateway processes. +Summary +------- + In summary, the motivation behind this feature request is to define and standardize ABI-compatible data types and a runtime-accessible type description mechanism to ensure interoperability and scalability in zero-copy IPC scenarios involving multiple languages and dynamic environments. @@ -122,7 +133,7 @@ Specification ABI Compatibility ----------------- -This specification defines the set of rules and constraints for representing data types in shared memory such that they can be interpreted consistently across processes implemented in C++17 and Rust 1.8x. These types enable zero-copy inter-process communication by enforcing ABI compatibility at the memory layout level. The focus is on data exchange between processes using the same endianness. +This specification defines the set of rules and constraints for representing data types in shared memory such that they can be interpreted consistently across processes implemented in C++17 and Rust 1.88. These types enable zero-copy inter-process communication by enforcing ABI compatibility at the memory layout level. The focus is on data exchange between processes using the same endianness. Assumptions ^^^^^^^^^^^ @@ -153,7 +164,6 @@ Primitive Types These types are ABI-compatible when declared using fixed-size standard types: - .. list-table:: Native Type Mapping :header-rows: 1 @@ -162,15 +172,19 @@ These types are ABI-compatible when declared using fixed-size standard types: - C++17 * - Boolean - ``bool`` - - ``bool`` (1 byte, with ``0x00`` and ``0x01`` as the only valid bit patterns) + - ``AbiBool`` (1 byte, with ``0x00`` representing ``false`` and ``0x01`` representing ``true`` as the only valid bit patterns) * - Integers (N = 8, 16, 32, 64) - ``uN``, ``iN`` - ``std::uintN_t``, ``std::intN_t`` * - Floating point - ``f32``, ``f64`` - ``float``, ``double`` (compliant with IEEE 754) + * - Character + - ``char`` + - ``AbiChar`` (32-bit unsigned integer, valid bit patterns ``0x0`` to ``0xD7FF`` and ``0xE000`` to ``0x10FFFF``) -All types must avoid trap representations and undefined padding. +* Booleans can't be represented as native ``bool`` type in C++, because the language doesn't guarantee a size of 1 byte, and it doesn't guarantee that only the values ``0x00`` and ``0x01`` will be stored in memory. +* Characters can't be represented as native ``uint32_t`` type in C++ without a wrapper, because it must be guaranteed that *surrogate code points* (``0xD800`` to ``0xDFFF``) and non-code points (values above ``0x10FFFF``) won't be stored in memory. Structs and Tuples """""""""""""""""" @@ -184,17 +198,20 @@ Structs and tuples are supported using standard layout rules: (no virtual functions, no virtual inheritance, and only one class in the hierarchy has non-static data members; `full specification `__) +Field types must themselves be ABI compatible. Field ordering must be preserved and padding must be identical across compilers. Any alignment greater than the default must be explicitly declared. +Empty structs and tuples are forbidden, because zero-sized types have different representations in C++ and Rust. Enums """"" -Only fieldless enums with a defined underlying integer type are supported. These must use: +Fieldless enums with a defined underlying integer type are supported. These must use: * ``#[repr(u8)]``, ``#[repr(u16)]``, etc. in Rust * ``enum class MyEnum : std::uint8_t`` in C++ -*Note:* Enums with payloads ("variants" or "tagged unions") are optionally supported. +Each entry in an enum must have well-defined representation. +Enums with payloads ("variants" or "tagged unions") are optionally supported. Arrays """""" @@ -204,37 +221,65 @@ Fixed-size arrays are naturally ABI-compatible and supported in both languages. * Rust: ``[T; N]`` * C++: wrapper around ``T[N]`` to enforce bounds-checking for element access -Element types must also conform to this specification. No dynamic length information is allowed. +Element types must themselves be ABI compatible. No dynamic length information is allowed. +Empty arrays (``N=0``) are forbidden, because zero-sized types have different representations in C++ and Rust. Vectors -"""""""" +""""""" To provide bounded sequence types with familiar APIs, a custom vector implementation must be provided in both languages that matches the memory layout defined below. .. code-block:: rust #[repr(C)] - pub struct AbiVec { + pub struct AbiVec { len: u32, - capacity: u32, elements: [T; N], } .. code-block:: cpp - template + template struct AbiVec { private: std::uint32_t len; - std::uint32_t capacity; T elements[N]; }; -* Capacity is fixed and equal to ``N`` at compile time. +* Capacity is fixed and equal to ``N`` elements at compile time. * Overflow beyond capacity must be a checked error. * No heap allocation is permitted. -* Internally, these are ABI-compatible with ``len``, ``capacity`` and ``elements`` accessible from both languages. +* Internally, these are ABI-compatible with ``len`` and ``elements`` accessible from both languages. * The public API must match standard vector types in usability (e.g. ``push()``, ``pop()``). +* Zero-capacity vectors (``N=0``) are forbidden, because zero-sized arrays have different representations in C++ and Rust. + +Strings +""""""" + +Strings have the same memory layout as ``AbiVec``, but additionally guarantee that their content is valid UTF-8. + +.. code-block:: rust + + #[repr(C)] + pub struct AbiString { + len: u32, + bytes: [u8; N], + } + +.. code-block:: cpp + + template + struct AbiString { + private: + std::uint32_t len; + std::uint8_t bytes[N]; + }; + +* Capacity is fixed and equal to ``N`` bytes at compile time. +* Overflow beyond capacity must be a checked error. +* No heap allocation is permitted. +* The public API must provide for a way to extend the string by a single character (Unicode scalar value) and by a string slice encoded as UTF-8. +* Zero-capacity strings (``N=0``) are forbidden, because zero-sized array have different representations in C++ and Rust. Option Types """""""""""" @@ -245,7 +290,7 @@ ABI-compatible optional types must be implemented manually using a one-byte tag #[repr(C)] pub struct AbiOption { - is_some: u8, + is_some: bool, value: T, } @@ -254,13 +299,13 @@ ABI-compatible optional types must be implemented manually using a one-byte tag template struct AbiOption { private: - std::uint8_t is_some; + AbiBool is_some; T value; }; -* ``is_some == 0`` indicates absence; ``1`` indicates presence. +* ``is_some == false`` indicates absence; ``true`` indicates presence. * The value field is always initialized and occupies memory regardless of state. -* The public API must match standard optional types in usability. +* The public API should match standard optional types in usability, as far as possible. Result Types """""""""""" @@ -271,14 +316,14 @@ Result types represent tagged unions with two possible states. #[repr(C)] pub struct AbiResult { - is_ok: u8, + is_err: bool, value: AbiResultUnion, } #[repr(C)] union AbiResultUnion { - ok: T, - err: E, + ok: ManuallyDrop, + err: ManuallyDrop, } .. code-block:: cpp @@ -286,15 +331,15 @@ Result types represent tagged unions with two possible states. template struct AbiResult { private: - std::uint8_t is_ok; + AbiBool is_err; union { T ok; E err; } value; }; -* ``is_ok == 1`` indicates ``ok`` field is valid -* ``is_ok == 0`` indicates ``err`` field is valid +* ``is_err == false`` indicates ``ok`` field is valid +* ``is_err == true`` indicates ``err`` field is valid * The layout must guarantee correct union member interpretation based on the discriminant Language Conformance Summary @@ -309,7 +354,7 @@ Language Conformance Summary - Specification Status * - Primitives - ✅ Native types - - ✅ Native types + - ⚠ Native and custom types - Conforming * - Structs - ✅ ``#[repr(C)]`` @@ -321,12 +366,16 @@ Language Conformance Summary - Conforming * - Arrays - ✅ ``[T; N]`` - - ✅ ``T[N]`` + - ✅ ``std::array`` - Conforming * - Vector - ❌ ``Vec`` - ❌ ``std::vector`` - ✅ ``AbiVec`` required + * - String + - ❌ ``String`` + - ❌ ``std::string`` + - ✅ ``AbiString`` required * - Option - ❌ ``Option`` - ❌ ``std::optional`` @@ -341,14 +390,7 @@ Language Conformance Summary Type Description ---------------- -To address the scenarios outlined in the motivation, a clearly defined type description mechanism is required. The type description provides sufficient information during runtime, enabling a process without compile-time access to type definitions to correctly interpret a given memory location according to the previously established ABI rules. - -The goals are: - -* Enable interpretation of shared memory content without compile-time access to type definitions. -* Support all ABI-compatible data types previously defined. -* Include versioning to manage schema evolution and compatibility. -* Allow easy generation and parsing by tooling in both C++ and Rust. +To address the scenarios outlined in the motivation, a clearly defined type description mechanism is required. Workflows ^^^^^^^^^ @@ -361,10 +403,11 @@ Two potential workflows are considered for creating type descriptions: Both workflows are valid, and the final decision is deferred pending further feasibility analysis. -Type Description Format +Type Structure Metadata ^^^^^^^^^^^^^^^^^^^^^^^ -The format of the type description shall explicitly support versioning to allow schema evolution and backward compatibility. It must accommodate all data types described earlier in the ABI compatibility section. It should be simple, human-readable, and easily machine-parsable. +Precise information about the structure of the types is preserved for use during runtime, enabling a process without compile-time access to type definitions to correctly interpret a given memory location according to the previously established ABI rules. +The format of the type metadata shall explicitly support versioning to allow schema evolution and backward compatibility. It must accommodate all data types described earlier in the ABI compatibility section. It should be simple, human-readable, and easily machine-parsable. The choice of serialization format is left open but may include RON, JSON5, or a custom DSL, based on readability, tooling support, and maintainability. @@ -410,7 +453,7 @@ Reflection Reflection, in this context, is the ability to inspect data at runtime even if its structure is not or not fully known at compile time. Benefits of reflection include being able to translate recorded data into a human-readable format (e.g., JSON or CSV) without having to know the type definitions at compile time; this enables general-purpose data recording and transformation tools. -This ability requires some form of *type description* being available at runtime, so that a sequence of bytes can be interpreted as a data structure. +This ability requires some form of *type structure metadata* being available at runtime, so that a sequence of bytes can be interpreted as a data structure. There are two primary approaches to achieve this goal: * *inline type descriptions*, which precede each instance of every type, and @@ -431,10 +474,10 @@ This approach, however, comes with significant downsides: Alternative Approach ^^^^^^^^^^^^^^^^^^^^ -Instead of inserting inline type descriptions into each instance of an ABI compatible type, the full type description can be made available to a consumer only once, either proactively or on request. +Instead of inserting inline type descriptions into each instance of an ABI compatible type, the full type structure metadata can be made available to a consumer only once, either proactively or on request. The consumer decides if it uses or ignores this metadata. -This type description can be used to dynamically translate between the compact, non-reflective ABI compatible data structures on one side, and a reflective, inline-describing format on the other side. +This description of the type structure can be used to dynamically translate between the compact, non-reflective ABI compatible data structures on one side, and a reflective, inline-describing format on the other side. Although this incurs a copy and some minor processing, the overhead should be negligible compared to other computational tasks involving the payload. One method to efficiently translate a payload consisting of ABI compatible types to an inline-described reflective format is to convert the hierarchical type description to a flat list of *instructions* which can be executed by an interpreter. @@ -476,7 +519,7 @@ Reflection will not be part of version 1.0 of this feature request. 3. The specification for SOME/IP types is incompatible with the requirement of ABI vectors that can grow dynamically during construction, i.e., vectors which contain fewer valid elements than they take up space in memory. 4. Inserting inline type descriptions on demand is expected to be a relatively cheap operation, which negates the main motivation for including them directly in ABI types in the first place. -* External type descriptions will probably be included in a later version of this feature request. +* External type structure descriptions will probably be included in a later version of this feature request. For now, they're postponed until we have a better understanding of the relevant use cases. diff --git a/docs/features/communication/abi_compatible_data_types/requirements.rst b/docs/features/communication/abi_compatible_data_types/requirements.rst index 52fe94cf66f..f416f1eba32 100644 --- a/docs/features/communication/abi_compatible_data_types/requirements.rst +++ b/docs/features/communication/abi_compatible_data_types/requirements.rst @@ -30,7 +30,7 @@ Restrictions on Native Types :satisfies: stkh_req__communication__abi_compatible :status: valid - For ABI compatibility, the implementation shall restrict boolean types to one byte (``bool`` in Rust and C++). + For ABI compatibility, the implementation shall restrict boolean types to one byte (``bool`` in Rust) and to the bit patterns ``0x00`` and ``0x01``. .. feat_req:: Fixed-width integers :id: feat_req__abi_compatible_data_types__int_fix @@ -52,6 +52,16 @@ Restrictions on Native Types For ABI compatibility, floating-point types shall be limited to 32-bit (``f32`` in Rust / ``float`` in C++) and 64-bit (``f64`` in Rust / ``double`` in C++); all floating-point representations shall be compliant with IEEE 754. +.. feat_req:: Characters + :id: feat_req__abi_compatible_data_types__char + :reqtype: Functional + :security: NO + :safety: QM + :satisfies: stkh_req__communication__abi_compatible + :status: valid + + For ABI compatibility, the Unicode character type shall use fixed-width definitions (``char`` in Rust; wrapper around ``std::uint32_t`` in C++), and shall restrict values to the ranges ``0x0`` to ``0xD7FF`` and ``0xE000`` to ``0x10FFFF``. + .. feat_req:: Fixed-size arrays :id: feat_req__abi_compatible_data_types__arr_fix :reqtype: Functional @@ -121,19 +131,17 @@ Vector .. code-block:: rust #[repr(C)] - pub struct AbiVec { + pub struct AbiVec { len: u32, - capacity: u32, elements: [T; N], } .. code-block:: cpp - template + template struct AbiVec { private: std::uint32_t len; - std::uint32_t capacity; T elements[N]; }; @@ -155,7 +163,7 @@ Vector :satisfies: stkh_req__communication__abi_compatible :status: valid - The ``AbiVec`` API shall mirror ``std::vector`` / ``Vec`` but shall not allocate or reallocate memory. + The ``AbiVec`` API shall mirror ``std::vector`` / ``Vec``, but shall not allocate or reallocate memory. .. feat_req:: AbiVec overflow check :id: feat_req__abi_compatible_data_types__abv_ovf @@ -167,46 +175,105 @@ Vector Any attempt to exceed ``AbiVec.capacity`` shall result in a checked runtime error. +String +^^^^^^ + +.. feat_req:: Provide AbiString + :id: feat_req__abi_compatible_data_types__prv_abs + :reqtype: Functional + :security: NO + :safety: QM + :satisfies: stkh_req__communication__abi_compatible + :status: valid + + An ABI-compatible ``AbiString`` type shall be provided in both C++ and Rust with the specified layout. + + .. code-block:: rust + + #[repr(C)] + pub struct AbiString { + len: u32, + bytes: [u8; N], + } + + .. code-block:: cpp + + template + struct AbiString { + private: + std::uint32_t len; + std::uint8_t bytes[N]; + }; + +.. feat_req:: AbiString field semantics + :id: feat_req__abi_compatible_data_types__abs_fld + :reqtype: Functional + :security: NO + :safety: QM + :satisfies: stkh_req__communication__abi_compatible + :status: valid + + ``AbiString.len`` shall report the current byte count; ``AbiString.capacity`` shall equal the compile-time size ``N``. + +.. feat_req:: AbiString API + :id: feat_req__abi_compatible_data_types__abs_noa + :reqtype: Functional + :security: NO + :safety: QM + :satisfies: stkh_req__communication__abi_compatible + :status: valid + + The ``AbiString`` API shall mirror the applicable parts of ``std::basic_string`` / ``String``, but shall not allocate or reallocate memory. + +.. feat_req:: AbiString overflow check + :id: feat_req__abi_compatible_data_types__abs_ovf + :reqtype: Functional + :security: NO + :safety: QM + :satisfies: stkh_req__communication__abi_compatible + :status: valid + + Any attempt to exceed ``AbiString.capacity`` shall result in a checked runtime error. + Option ^^^^^^ -.. TODO: Uncomment when issue with "some" in description is resolved -.. .. feat_req:: Provide AbiOption -.. :id: feat_req__abi_compatible_data_types__prv_abo -.. :reqtype: Functional -.. :security: NO -.. :safety: QM -.. :satisfies: stkh_req__communication__abi_compatible -.. :status: valid +.. feat_req:: Provide AbiOption + :id: feat_req__abi_compatible_data_types__prv_abo + :reqtype: Functional + :security: NO + :safety: QM + :satisfies: stkh_req__communication__abi_compatible + :status: valid -.. An ABI-compatible ``AbiOption`` type shall be provided in both C++ and Rust with the specified layout. + An ABI-compatible ``AbiOption`` type shall be provided in both C++ and Rust with the specified layout. -.. .. code-block:: rust + .. code-block:: rust -.. #[repr(C)] -.. pub struct AbiOption { -.. is_some: u8, -.. value: T, -.. } + #[repr(C)] + pub struct AbiOption { + is_some: bool, + value: T, + } -.. .. code-block:: cpp + .. code-block:: cpp -.. template -.. struct AbiOption { -.. private: -.. std::uint8_t is_some; -.. T value; -.. }; + template + struct AbiOption { + private: + AbiBool is_some; + T value; + }; -.. .. feat_req:: AbiOption is_some flag -.. :id: feat_req__abi_compatible_data_types__abo_flg -.. :reqtype: Functional -.. :security: NO -.. :safety: QM -.. :satisfies: stkh_req__communication__abi_compatible -.. :status: valid +.. feat_req:: AbiOption is_some flag + :id: feat_req__abi_compatible_data_types__abo_flg + :reqtype: Functional + :security: NO + :safety: QM + :satisfies: stkh_req__communication__abi_compatible + :status: valid -.. ``AbiOption.is_some`` shall be ``0`` when empty and ``1`` when containing a value. + ``AbiOption.is_some`` shall be ``false`` when empty and ``true`` when containing a value. .. feat_req:: AbiOption API :id: feat_req__abi_compatible_data_types__abo_api @@ -216,7 +283,7 @@ Option :satisfies: stkh_req__communication__abi_compatible :status: valid - The ``AbiOption`` API shall mirror ``std::optional``/``Option`` without introducing extra fields or indirections. + The ``AbiOption`` API shall mirror ``std::optional`` / ``Option`` without introducing extra fields or indirections. Result ^^^^^^ @@ -235,14 +302,14 @@ Result #[repr(C)] pub struct AbiResult { - is_ok: u8, + is_err: bool, value: AbiResultUnion, } #[repr(C)] union AbiResultUnion { - ok: T, - err: E, + ok: ManuallyDrop, + err: ManuallyDrop, } .. code-block:: cpp @@ -250,14 +317,14 @@ Result template struct AbiResult { private: - std::uint8_t is_ok; + AbiBool is_err; union { T ok; E err; } value; }; -.. feat_req:: AbiResult is_ok flag +.. feat_req:: AbiResult is_err flag :id: feat_req__abi_compatible_data_types__ari_flg :reqtype: Functional :security: NO @@ -265,7 +332,7 @@ Result :satisfies: stkh_req__communication__abi_compatible :status: valid - ``AbiResult.is_ok`` shall be ``1`` if ``value.ok`` is valid, and ``0`` if ``value.err`` is valid. + ``AbiResult.is_err`` shall be ``false`` if ``value.ok`` is valid, and ``true`` if ``value.err`` is valid. .. feat_req:: AbiResult API :id: feat_req__abi_compatible_data_types__ari_api @@ -275,4 +342,4 @@ Result :satisfies: stkh_req__communication__abi_compatible :status: valid - The ``AbiResult`` API shall mirror ``std::expected``/``Result`` without hidden storage or pointers. + The ``AbiResult`` API shall mirror ``std::expected`` / ``Result`` without hidden storage or pointers. diff --git a/docs/features/communication/docs/architecture/index.rst b/docs/features/communication/docs/architecture/index.rst index 334788a26ff..f32f3de7520 100644 --- a/docs/features/communication/docs/architecture/index.rst +++ b/docs/features/communication/docs/architecture/index.rst @@ -36,6 +36,14 @@ As discussed in :ref:`com_rationale`, the overall architecture of the communicat This ensures a stable public API, independent of the underlying binding(s). At the same time, the communication framework can support many different communication protocols in a flexible manner. +.. feat:: Communication Feature + :id: feat__com_communication + :security: YES + :safety: ASIL_B + :status: valid + :includes: logic_arc_int__communication__user + :consists_of: comp__com_configuration, comp__com_ipc_binding, comp__com_mock_binding, comp__com_frontend + .. feat_arc_sta:: Feature Architecture Communication :id: feat_arc_sta__com__communication :security: YES @@ -43,13 +51,14 @@ This ensures a stable public API, independent of the underlying binding(s). At t :status: valid :fulfils: feat_req__com__interfaces :includes: logic_arc_int__communication__user + :belongs_to: feat__com_communication .. needarch:: :scale: 50 :align: center {{ draw_feature(need(), needs) }} - mod_view_sta__tracing__tracing -[hidden]-> mod_view_sta__baselibs__baselibs + mod__tracing -[hidden]-> mod__baselibs In the following sections we will look on the different architectural elements of the communication framework in more detail. diff --git a/docs/features/communication/docs/requirements/index.rst b/docs/features/communication/docs/requirements/index.rst index be5fea73627..88d040723fd 100644 --- a/docs/features/communication/docs/requirements/index.rst +++ b/docs/features/communication/docs/requirements/index.rst @@ -291,6 +291,20 @@ Mixed-Criticality safety systems Consumers with lower criticality shall not be able to drop data before it is consumed by partners with higher criticality. +Cross VM Communication +^^^^^^^^^^^^^^^^^^^^^^ + +.. feat_req:: Cross VM + :id: feat_req__com__cross_vm + :reqtype: Functional + :security: YES + :safety: ASIL_B + :satisfies: stkh_req__communication__vm + :status: valid + :valid_from: v1.0.0 + + The communication framework shall allow to communicate between different VMs over shared memory + Performance ^^^^^^^^^^^ @@ -643,5 +657,5 @@ Safety Impact The communication framework shall support safe communication up to ASIL-B. -.. needextend:: "__com_" in id - :+tags: com +.. needextend:: docname is not None and "communication/ipc/requirements" in docname + :+tags: ipc diff --git a/docs/features/communication/index.rst b/docs/features/communication/index.rst index 176d1806f10..62000c6fc91 100644 --- a/docs/features/communication/index.rst +++ b/docs/features/communication/index.rst @@ -14,7 +14,7 @@ .. _com_feature: -Communication (v0.5 alpha) +Communication (v0.5 beta) ########################## .. document:: Communication diff --git a/docs/features/communication/ipc/docs/architecture/index.rst b/docs/features/communication/ipc/docs/architecture/index.rst index 8b75ae5647e..c777421a53c 100644 --- a/docs/features/communication/ipc/docs/architecture/index.rst +++ b/docs/features/communication/ipc/docs/architecture/index.rst @@ -144,7 +144,7 @@ Synchronization Algorithm A slot shall contain all necessary meta-information in order to synchronize data access. This information most certainly needs to include a timestamp to indicate the order of produced data within the slots. Additionally, a use count is needed, indicating if a slot is currently in use by one process. The concrete data is implementation defined and must be covered by the detailed design. -The main idea of the algorithm is that a producer shall always be able to store one new data sample. If he cannot find a respective slot, this indicates a contract violation, which indicates that a QM process misbehaved. In such a case, a producer should exclude any QM consumer from the communication. +The main idea of the algorithm is that a producer shall always be able to store one new data sample. If it cannot find a respective slot, this indicates a contract violation, which indicates that a QM process misbehaved. In such a case, a producer should exclude any QM consumer from the communication. This whole idea builds up on the split of shared memory segments by ASIL levels. This way we can ensure that an QM process will not degrade the ASIL Level for a communication path. In another case, where we already have a QM producer, it is possible for an ASIL B consumer to consume the QM data. In this scenario, there is no separate control data for ASIL B, and they instead interact on the control data for ASIL QM. This is because, the data is QM and it is impossible for the middleware to apply additional checks to enhance the quality of data. This can only be done on application layer level. Hence, separating QM and ASIL consumers holds no benefit. @@ -200,7 +200,7 @@ Each consumer and the producer owns a corresponding transaction log, which resid #. Executing the activity in question. #. Writing a transaction end marker, which annotates, whether the activity in (2) was done or not. -During the restart of a communication partner, he checks for existing transaction logs in shared memory, which it +During the restart of a communication partner, it checks for existing transaction logs in shared memory, which it created in an earlier run, so that it can roll them back. Two scenarios are possible: @@ -208,7 +208,7 @@ Two scenarios are possible: - All transaction log entries are complete (transaction end marker is written). The communication partner can roll all transactions back and rejoin communication. - A transaction log entry is incomplete (transaction end marker is missing). - The communication partner is incapable of rolling back his actions fully. + The communication partner is incapable of rolling back its actions fully. Rejoining the communication would impact other communication partners. The communication partner is barred from rejoining the communication. @@ -225,6 +225,7 @@ Dynamic Architecture :status: valid :safety: ASIL_B :fulfils: feat_req__com__depl_config_runtime + :belongs_to: feat__com_communication .. uml:: _assets/dyn_arch.puml :scale: 50 diff --git a/docs/features/communication/ipc/docs/safety_planning/index.rst b/docs/features/communication/ipc/docs/safety_planning/index.rst index 8f38b0ab198..3dd5c285973 100644 --- a/docs/features/communication/ipc/docs/safety_planning/index.rst +++ b/docs/features/communication/ipc/docs/safety_planning/index.rst @@ -14,8 +14,16 @@ .. _safety_planning_ipc: -Safety Planning -############### +Feature Safety Work Products List +################################# + +.. document:: Communication IPC Safety WPs + :id: doc__com_ipc_safety_wp + :status: draft + :safety: ASIL_B + :security: YES + :realizes: wp__platform_safety_plan + Tailoring ========= @@ -37,72 +45,66 @@ Inter-process Communication Safety Work Products * - Workproduct Id - Link to process - Process status - - Link to issue - Link to WP - - WP status * - :need:`wp__feat_request` - :need:`gd_temp__change_feature_request` - :ndf:`copy('status', need_id='gd_temp__change_feature_request')` - - `#69 `_ - :need:`doc__com_ipc` - - :ndf:`copy('status', need_id='doc__com_ipc')` * - :need:`wp__requirements_feat` - :need:`gd_temp__req_feat_req` - :ndf:`copy('status', need_id='gd_temp__req_feat_req')` - - `#69 `_ - :need:`doc__ipc_requirements`, :need:`doc__communication_requirements` - - :ndf:`copy('status', need_id='doc__ipc_requirements')`, :ndf:`copy('status', need_id='doc__communication_requirements')` * - :need:`wp__requirements_feat_aou` - :need:`gd_temp__req_aou_req` - :ndf:`copy('status', need_id='gd_temp__req_aou_req')` - - - :need:`doc__ipc_requirements`, :need:`doc__communication_requirements` - - :ndf:`copy('status', need_id='doc__ipc_requirements')`, :ndf:`copy('status', need_id='doc__communication_requirements')` * - :need:`wp__feature_arch` - :need:`gd_temp__arch_feature` - :ndf:`copy('status', need_id='gd_temp__arch_feature')` - - `#388 `_ - :need:`doc__ipc_architecture` - - :ndf:`copy('status', need_id='doc__ipc_architecture')` * - :need:`wp__feature_fmea` - :need:`gd_temp__feat_saf_fmea` - :ndf:`copy('status', need_id='gd_temp__feat_saf_fmea')` - - - :need:`doc__ipc_fmea` - - :ndf:`copy('status', need_id='doc__ipc_fmea')` * - :need:`wp__feature_dfa` - :need:`gd_temp__feat_saf_dfa` - :ndf:`copy('status', need_id='gd_temp__feat_saf_dfa')` - - - :need:`doc__ipc_dfa` - - :ndf:`copy('status', need_id='doc__ipc_dfa')` * - :need:`wp__requirements_inspect` - :need:`gd_chklst__req_inspection` - :ndf:`copy('status', need_id='gd_chklst__req_inspection')` - tailored - - n/a - - n/a * - :need:`wp__sw_arch_verification` - :need:`gd_chklst__arch_inspection_checklist` - :ndf:`copy('status', need_id='gd_chklst__arch_inspection_checklist')` - tailored - - n/a - - n/a * - :need:`wp__verification_feat_int_test` - :need:`gd_guidl__verification_guide` - :ndf:`copy('status', need_id='gd_guidl__verification_guide')` - - - - - + +Feature Safety Package +====================== + +To create the safety package (according to :need:`gd_guidl__saf_package`) the following +documents and work products status have to go to "valid" (after the relevant verification were performed). + +Feature Documents Status +------------------------ + +For all the work product documents the status can be seen by following the "Link to WP". +A summary of the status is also documented in the project's documentation management plan. + +See :ref:`documents_docs_features_communication` Feature Requirements Status --------------------------- diff --git a/docs/features/communication/some_ip_gateway/architecture/index.rst b/docs/features/communication/some_ip_gateway/architecture/index.rst index 4b3e79164bb..65dce26e750 100644 --- a/docs/features/communication/some_ip_gateway/architecture/index.rst +++ b/docs/features/communication/some_ip_gateway/architecture/index.rst @@ -27,7 +27,8 @@ data or to subscribe to data. As such it will need to know and understand the da the IPC network. It also is a participant in the SOME/IP network and provides services for the service oriented communication. -This shall be possible by including SOME/IP stacks that are AUTOSAR compliant. +This shall be possible by including the `vsomeip `_ SOME/IP stack for reference, +which can be replaced by other implementations, i.e. proprietary commercial stacks. There need to be some components between the two communication networks as data types and their according representations and transmission cadence can be different. Translation of data types could be handled in some translation module @@ -43,7 +44,7 @@ should be mostly freely programmable by integrators using the SOME/IP gateway. Structural View =============== -SOME/IP stacks as supplied by AUTOSAR vendors mostly are available as QM only. +SOME/IP stacks as supplied by different vendors mostly are available as QM only. In the case that SOME/IP implementations are not developed under ASIL-B constraints, adequate measures need to be taken to separate this QM component from the otherwise ASIL-B compliant components. This may be achieved through separate processes, which again will require dedicated inter-process-communication between the SOME/IP-stack and the rest of the gateway. @@ -122,7 +123,7 @@ to the IPC clients to enable the client to individually judge on particular E2E .. note:: The proposed error enumeration is an abstraction. Deriving detailed errors based on the E2E metadata is task of the client. - For reference, this is the error enumeration of the AUTOSAR specification (R24-11): + For reference, this is the typical error enumeration: * OK * ERROR @@ -135,7 +136,7 @@ to the IPC clients to enable the client to individually judge on particular E2E E2E State Machine Considerations -------------------------------- -The E2E (End-to-End) state machine as defined within AUTOSAR E2E protocol provides a summarized result +The E2E (End-to-End) state machine provides a summarized result about the overall health and state of a communication channel. Unlike individual E2E Profile Check() functions, which assess data validity for a single communication cycle, the state machine aggregates results from multiple Check() function invocations over a period. This allows it to determine a more holistic and debounced status of the communication. diff --git a/docs/features/communication/some_ip_gateway/assets/e2e_state_machine_in_gateway.drawio.svg b/docs/features/communication/some_ip_gateway/assets/e2e_state_machine_in_gateway.drawio.svg index cf9ffa295ce..ce4644d3fad 100644 --- a/docs/features/communication/some_ip_gateway/assets/e2e_state_machine_in_gateway.drawio.svg +++ b/docs/features/communication/some_ip_gateway/assets/e2e_state_machine_in_gateway.drawio.svg @@ -1,4 +1,692 @@ - - - -
SOME/IP Gateway
SOME/IP Gateway
IPC 
participant
IPC...
Gateway Logic & Configuration
Gateway Logic & Configuration
SOME/IP
communication
stack
SOME/IP...
End-to-End
protection PlugIn
with state machine
End-to-End...
Payload
Transformation
PlugIn
Payload...
IFC
IFC
IFC
IFC
IFC
IFC
IPC 
participant
IPC...
IPC 
participant
IPC...
IPC 
participant
IPC...
<< QM Process >> 1..n
<< QM Process >> 1..n
<< ASIL Process >>  1..n
<< ASIL Process >>  1..n
Payload Transformation
Payload Transformation
IPC
Mw::com/LoLa
IPC...
Additional metadata to be passed to the client:
    Additional metadata to be passed to the cli...
    E2E results
    of each single
    communication cycle
    E2E results...
    IFC = Interface
    IFC = Interface
    IFC
    IFC
    AUTOSAR code
    AUTOSAR code
    Aggregated state machine results per communication channel
    Aggregated stat...
    +
    +
    State machine configuration per communication channel
    State machine c...
    Due to pub/sub nature of mw::com, clients listening on the same topic can not be separately addressed. Therefore, the state machine results can not be selectively distributed according to the particular communication channel they belong to.

    Due to pub/sub nature of mw::co...    Text is not SVG - cannot display     \ No newline at end of file + + + + + + + + + + + + + + + + + + +
    +
    +
    + SOME/IP Gateway +
    +
    +
    +     + + SOME/IP Gateway + +     +     +     + + + + + + + + + + + + + +
    +
    +
    + IPC +
    + participant +
    +
    +
    +
    +     + + IPC... + +     +     +     + + + + + + + +
    +
    +
    + Gateway Logic & Configuration +
    +
    +
    +     + + Gateway Logic & Configuration + +     +     +     + + + + + + + + + + +
    +
    +
    + SOME/IP +
    + + communication + +
    + + stack + +
    +
    +
    +
    +     + + SOME/IP... + +     +     +     + + + + + + + +
    +
    +
    + End-to-End +
    + protection PlugIn +
    + + + with + + + state machine +
    +
    +
    +
    +     + + End-to-End... + +     +     +     + + + + + + + +
    +
    +
    + Payload +
    + Transformation +
    + PlugIn +
    +
    +
    +
    +     + + Payload... + +     +     +     + + + + + + + + + + + + + + + + + + + +
    +
    +
    + IFC +
    +
    +
    +     + + IFC + +     +     +     + + + + + + + +
    +
    +
    + IFC +
    +
    +
    +     + + IFC + +     +     +     + + + + + + + +
    +
    +
    + IFC +
    +
    +
    +     + + IFC + +     +     +     + + + + + + + +
    +
    +
    + IPC +
    + participant +
    +
    +
    +
    +     + + IPC... + +     +     +     + + + + + + + +
    +
    +
    + IPC +
    + participant +
    +
    +
    +
    +     + + IPC... + +     +     +     + + + + + + + +
    +
    +
    + IPC +
    + participant +
    +
    +
    +
    +     + + IPC... + +     +     +     + + + + + + + +
    +
    +
    + << QM Process >> + + + 1..n +
    +
    +
    +     + + << QM Process >> 1..n + +     +     +     + + + + + + + +
    +
    +
    + << ASIL Process >>  1..n +
    +
    +
    +     + + << ASIL Process >>  1..n + +     +     +     + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    +
    +
    + Payload Transformation +
    +
    +
    +     + + Payload Transformation + +     +     +     + + + + + + + + + + +
    +
    +
    + + + IPC + + +
    + Mw::com/LoLa +
    +
    +
    +
    +     + + IPC... + +     +     +     + + + + + + + +
    +
    +
    +
    + Additional metadata to be passed to the client: +
    +
    +
      +
      +
      +
      +
      +       + + Additional metadata to be passed to the cli... + +       +       +       + + + + + + + + +
      +
      +
      +
      + + E2E results + +
      +
      + + of each single + +
      +
      + + communication cycle + +
      +
      +
      +
      +       + + E2E results... + +       +       +       + + + + + + + +
      +
      +
      + IFC = Interface +
      +
      +
      +       + + IFC = Interface + +       +       +       + + + + + + + +
      +
      +
      + IFC +
      +
      +
      +       + + IFC + +       +       +       + + + + + + + +
      +
      +
      + vsomeip code +
      +
      +
      +       + + vsomeip code + +       +       +       + + + + + + + + +
      +
      +
      +
      + Aggregated state machine results + + per communication channel + +
      +
      +
      +
      +       + + Aggregated stat... + +       +       +       + + + + + + + +
      +
      +
      + + +
      +
      +
      +       + + + + +       +       +       + + + + + + + + +
      +
      +
      +
      + State machine configuration per communication channel +
      +
      +
      +
      +       + + State machine c... + +       +       +       + + + + + + + + + + + +
      +
      +
      +
      + Due to pub/sub nature of mw::com, clients listening on the same topic can not be separately addressed. Therefore, the state machine results can not be selectively distributed according to the particular communication channel they belong to. +
      +
      +
      +
      +
      +
      +
      +       + + Due to pub/sub nature of mw::co... + +       +       +       + + + +       + + + + + Text is not SVG - cannot display + + + +       diff --git a/docs/features/communication/some_ip_gateway/assets/e2e_state_machine_on_client_side.drawio.svg b/docs/features/communication/some_ip_gateway/assets/e2e_state_machine_on_client_side.drawio.svg index a3aa7e7592b..3ca9265c5cd 100644 --- a/docs/features/communication/some_ip_gateway/assets/e2e_state_machine_on_client_side.drawio.svg +++ b/docs/features/communication/some_ip_gateway/assets/e2e_state_machine_on_client_side.drawio.svg @@ -1,4 +1,706 @@ - - - -
      SOME/IP Gateway
      SOME/IP Gateway
      IPC 
      participant
      IPC...
      Gateway Logic & Configuration
      Gateway Logic & Configuration
      SOME/IP
      communication
      stack
      SOME/IP...
      End-to-End
      protection PlugIn
      w/o state machine
      End-to-End...
      Payload
      Transformation
      PlugIn
      Payload...
      IFC
      IFC
      IFC
      IFC
      IFC
      IFC
      IPC 
      participant
      IPC...
      IPC 
      participant
      IPC...
      IPC 
      participant
      IPC...
      << QM Process >> 1..n
      << QM Process >> 1..n
      << ASIL Process >>  1..n
      << ASIL Process >>  1..n
      All E2E results received via IPC metadata need to be fed into the state machine for each single  communication cacle.

      E2E state machine configuration details need to be known by the client.
      All E2E results received...
      End-to-End
      protection
      state machine
      End-to-End...
      IFC
      IFC
      E2E sate machine configuration
      E2E sate mach...
      Payload Transformation
      Payload Transformation
      IPC
      Mw::com/LoLa
      IPC...
      Additional metadata to be passed to the client:
        Additional metadata to be passed to the cli...
        E2E results
        of each single
        communication cycle
        E2E results...
        IFC = Interface
        IFC = Interface
        IFC
        IFC
        AUTOSAR code
        AUTOSAR code        Text is not SVG - cannot display         \ No newline at end of file + + + + + + + + + + + + + + + + + + +
        +
        +
        + SOME/IP Gateway +
        +
        +
        +         + + SOME/IP Gateway + +         +         +         + + + + + + + + + + + + + +
        +
        +
        + IPC +
        + participant +
        +
        +
        +
        +         + + IPC... + +         +         +         + + + + + + + +
        +
        +
        + Gateway Logic & Configuration +
        +
        +
        +         + + Gateway Logic & Configuration + +         +         +         + + + + + + + + + + +
        +
        +
        + SOME/IP +
        + + communication + +
        + + stack + +
        +
        +
        +
        +         + + SOME/IP... + +         +         +         + + + + + + + +
        +
        +
        + End-to-End +
        + protection PlugIn +
        + + + w/o + + + state machine +
        +
        +
        +
        +         + + End-to-End... + +         +         +         + + + + + + + +
        +
        +
        + Payload +
        + Transformation +
        + PlugIn +
        +
        +
        +
        +         + + Payload... + +         +         +         + + + + + + + + + + + + + + + + + + + +
        +
        +
        + IFC +
        +
        +
        +         + + IFC + +         +         +         + + + + + + + +
        +
        +
        + IFC +
        +
        +
        +         + + IFC + +         +         +         + + + + + + + +
        +
        +
        + IFC +
        +
        +
        +         + + IFC + +         +         +         + + + + + + + +
        +
        +
        + IPC +
        + participant +
        +
        +
        +
        +         + + IPC... + +         +         +         + + + + + + + +
        +
        +
        + IPC +
        + participant +
        +
        +
        +
        +         + + IPC... + +         +         +         + + + + + + + +
        +
        +
        + IPC +
        + participant +
        +
        +
        +
        +         + + IPC... + +         +         +         + + + + + + + +
        +
        +
        + << QM Process >> + + + 1..n +
        +
        +
        +         + + << QM Process >> 1..n + +         +         +         + + + + + + + +
        +
        +
        + << ASIL Process >>  1..n +
        +
        +
        +         + + << ASIL Process >>  1..n + +         +         +         + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
        +
        +
        + + All E2E results received via IPC metadata need to be fed into the state machine for each single  communication cacle. + +
        +
        + + + E2E state machine configuration details need to be known by the client. + + +
        +
        +
        +
        +         + + All E2E results received... + +         +         +         + + + + + + + +
        +
        +
        + End-to-End +
        + protection +
        + + state machine + +
        +
        +
        +
        +         + + End-to-End... + +         +         +         + + + + + + + +
        +
        +
        + IFC +
        +
        +
        +         + + IFC + +         +         +         + + + + + + + + + + + + + + + + + + + + + + +
        +
        +
        + E2E sate machine configuration +
        +
        +
        +         + + E2E sate mach... + +         +         +         + + + + + + + + + + + +
        +
        +
        + Payload Transformation +
        +
        +
        +         + + Payload Transformation + +         +         +         + + + + + + + + + + +
        +
        +
        + + + IPC + + +
        + Mw::com/LoLa +
        +
        +
        +
        +         + + IPC... + +         +         +         + + + + + + + +
        +
        +
        +
        + Additional metadata to be passed to the client: +
        +
        +
          +
          +
          +
          +
          +           + + Additional metadata to be passed to the cli... + +           +           +           + + + + + + + + +
          +
          +
          +
          + + E2E results + +
          +
          + + of each single + +
          +
          + + communication cycle + +
          +
          +
          +
          +           + + E2E results... + +           +           +           + + + + + + + +
          +
          +
          + IFC = Interface +
          +
          +
          +           + + IFC = Interface + +           +           +           + + + + + + + +
          +
          +
          + IFC +
          +
          +
          +           + + IFC + +           +           +           + + + + + + + +
          +
          +
          + + vsomeip code + +
          +
          +
          +           + + vsomeip code + +           +           +           +           + + + + + Text is not SVG - cannot display + + + +           diff --git a/docs/features/communication/some_ip_gateway/assets/some_ip_gateway_details.drawio.svg b/docs/features/communication/some_ip_gateway/assets/some_ip_gateway_details.drawio.svg index 699817d6a9b..2b1cb5cd000 100644 --- a/docs/features/communication/some_ip_gateway/assets/some_ip_gateway_details.drawio.svg +++ b/docs/features/communication/some_ip_gateway/assets/some_ip_gateway_details.drawio.svg @@ -1,6 +1,6 @@ - + - + @@ -164,7 +164,7 @@ - + @@ -368,13 +368,13 @@
          - AUTOSAR code + vsomeip code
          - AUTOSAR code + vsomeip code @@ -461,7 +461,7 @@ - + diff --git a/docs/features/communication/some_ip_gateway/index.rst b/docs/features/communication/some_ip_gateway/index.rst index c096008d16d..0a7d28743de 100644 --- a/docs/features/communication/some_ip_gateway/index.rst +++ b/docs/features/communication/some_ip_gateway/index.rst @@ -102,9 +102,8 @@ The requirements from Communication generally apply to the SOME/IP Gateway. SOME/IP protocol implementation ------------------------------- -The protocol implementation shall be fully compatible and complying with the SOME/IP specification from AUTOSAR Adaptive. (:need:`feat_req__some_ip_gateway__someip_protocol`) -Specifically the SOME/IP specification from AUTOSAR release R24-11 shall be supported by the SOME/IP Gateway. This shall guarantee that systems integrated with the SOME/IP gateway can be used in according -automotive E/E-architectures. +For reference purpose, the gateway shall use the `vsomeip `_ protocol +implementation that is compatible and complying with the SOME/IP specification from `some-ip.com `_. (:need:`feat_req__some_ip_gateway__someip_protocol`) Protocol implementations shall be wrapped in an abstraction API, that stays stable and allows implementations may be exchanged, potentially even by binary only libraries. The SOME/IP Gateway shall support SOME/IP Events, Fields and Methods and shall map these accordingly into IPC. @@ -176,7 +175,7 @@ Access Control acts on OSI Layer 5-7. It shall fulfill the following: .. note:: - Checking SOME/IP-SD messages with the ACL is optional because no functional data is transported. - - SOME/IP-SD messages are not protected as per AUTOSAR Adaptive specification. + - SOME/IP-SD messages are not protected as per specification. .. uml:: @@ -219,7 +218,7 @@ End-to-End (E2E) protection with CRC and counters Applications communicating over the network may have to protect data with end-to-end protection (E2E), which may involve CRC-protection and checks, and message counters. -There are several E2E (= End-to-End) profiles, which utilize various CRC routines as part of AUTOSAR E2E Protocol Specification, that shall be supported with the SOME/IP Gateway. +There are several E2E (= End-to-End) profiles, which utilize various CRC routines as part of E2E Protocol Specification, that shall be supported with the SOME/IP Gateway. Though the implementation of the SOME/IP protocol itself is likely not going to be ASIL-B compliant and have a safety consideration of QM rather, E2E-checks and protection need to happen in an ASIL-B context. The gateway may perform the CRC routines as a central service. @@ -229,21 +228,18 @@ SOME/IP Events, Methods, and Fields need to be supported with E2E protection. Please refer to the SOME/IP Gateway architecture for further details. -References - -- `AUTOSAR_FO_PRS_E2EProtocol `_ -- `AUTOSAR_FO_RS_E2E `_ License Impact ============== [How could the copyright impacted by the license of the new contribution?] -Since SOME/IP is a protocol, including applied E2E protection and the according profile (polynom, etc.), -defined by AUTOSAR and published under the license of AUTOSAR, the gateway implementation shall carefully distinguish between the SOME/IP communication stack, -the E2E protection of data, and the integration into S-CORE mw::com. Breach of foreign licenses must be avoided. +SOME/IP is a protocol, including applied E2E protection and the according profile (polynom, etc.), +is defined by multiple organizations, here we refer to the us of `vsomeip `_ implementation that refers to `some-ip.com `_. +The gateway implementation shall carefully distinguish between the SOME/IP communication stack, +the E2E protection of data, and the integration into S-CORE mw::com. -Anybody using SOME/IP Gateway needs to make sure to follow the license conditions and rules of AUTOSAR. +Anybody requiring specific SOME/IP versions needs to make sure to follow the license conditions and rules of the underlying standards or specifications. How to Teach This ================= diff --git a/docs/features/communication/some_ip_gateway/requirements/index.rst b/docs/features/communication/some_ip_gateway/requirements/index.rst index bc26141f5f7..b182582bc02 100644 --- a/docs/features/communication/some_ip_gateway/requirements/index.rst +++ b/docs/features/communication/some_ip_gateway/requirements/index.rst @@ -39,7 +39,7 @@ Functional Requirements The SOME/IP Gateway shall support an interface to plug-in a E2E protection service implementation. -.. feat_req:: Compatibility with AUTOSAR SOME/IP Protocol Specification +.. feat_req:: Compatibility with `some-ip.com `_ Protocol Specification :id: feat_req__some_ip_gateway__someip_protocol :reqtype: Functional :security: NO @@ -47,11 +47,9 @@ Functional Requirements :satisfies: stkh_req__communication__supported_net :status: valid - The SOME/IP protocol implementation shall be fully compatible and complying with the SOME/IP protocol specification from AUTOSAR Adaptive Version 24-11. - - `AUTOSAR_FO_PRS_SOMEIPProtocol `_ - - `AUTOSAR_FO_RS_SOMEIPProtocol `_ + The SOME/IP protocol implementation shall be fully compatible and complying with the SOME/IP protocol specification from `some-ip.com `_. -.. feat_req:: Compatibility with AUTOSAR E2E Protocol Specification +.. feat_req:: Compatibility with `some-ip.com `_ E2E Protocol Specification :id: feat_req__some_ip_gateway__e2e_specs :reqtype: Functional :security: NO @@ -59,12 +57,9 @@ Functional Requirements :satisfies: stkh_req__communication__supported_net :status: valid - The E2E protection implementation shall be fully compatible and complying with the E2E protocol specification from AUTOSAR Adaptive Version 24-11. - - `AUTOSAR_FO_PRS_E2EProtocol `_ - - `AUTOSAR_FO_RS_E2E `_ + The E2E protection implementation shall be fully compatible and complying with the E2E protocol specification from `some-ip.com `_. - -.. feat_req:: Compatibility with AUTOSAR SOME/IP Service Discovery Protocol Specification +.. feat_req:: Compatibility with `some-ip.com `_ SOME/IP Service Discovery Protocol Specification :id: feat_req__some_ip_gateway__someip_sd_protocol :reqtype: Functional :security: NO @@ -72,6 +67,4 @@ Functional Requirements :satisfies: stkh_req__communication__supported_net :status: valid - The Service Discovery implementation shall be fully compatible and complying with the SOME/IP service discovery specification from AUTOSAR Adaptive Version 24-11. - - `AUTOSAR_FO_PRS_SOMEIPServiceDiscoveryProtocol `_ - - `AUTOSAR_FO_RS_SOMEIPServiceDiscoveryProtocol `_ + The Service Discovery implementation shall be fully compatible and complying with the SOME/IP service discovery specification from `some-ip.com `_. diff --git a/docs/features/configuration/config_model/index.rst b/docs/features/configuration/config_model/index.rst new file mode 100644 index 00000000000..7045060bf7b --- /dev/null +++ b/docs/features/configuration/config_model/index.rst @@ -0,0 +1,155 @@ +Configuration Model +################### + +.. document:: Configuration Model + :id: doc__configuration_model + :status: draft + :safety: QM + :security: NO + :tags: feature_request + :realizes: wp__feat_request + +Feature flag +============ + +To activate this feature, use the following feature flag: + +``experimental_configuration_model`` + + +Abstract +======== + +This proposal introduces a unified approach to static component configuration in S-CORE by combining a Configuration Guideline and a Configuration Model. It covers both platform and application components. While the guideline defines how configurations should be structured—covering naming conventions, identifier usage, storage formats, and parameter organization—the model specifies what needs to be configured, focusing on common elements that must remain consistent across all components. The dual approach ensures clarity, predictability, and maintainability, reducing integration complexity and improving user experience. By standardizing both the structure and the content of configurations, the solution enables faster onboarding of new components, supports future extensions (e.g., JSON or FlatBuffers), and lays the foundation for automated compliance checks. + +Motivation +========== + +The current configuration landscape in S-CORE suffers from fragmentation: contributors define static configurations independently, leading to inconsistencies in identifiers, variable naming, and file storage. Beyond structural differences, there is no common understanding of what must be configured for each component (e.g., support for "multiple instances"). This results in missing or redundant parameters, unclear dependencies, and unpredictable integration behavior. Without a shared model, cross-component consistency can hardly be guaranteed, making maintenance and scaling difficult. Introducing both a guideline and a model addresses these gaps by ensuring uniformity in configuration structure and content, reducing errors, and improving overall system reliability. + +Focus of this proposal is on static post compile time configurations of application and middleware components. Pre-compile time configurations like 'feature_selection' are out of scope. + +Rationale +========= + +Will be added during implementation. + +Specification +============= + +Guideline and model definition is part of the pitch. They should cover at least the following aspects: + +Requirements +------------ + +* **Common Format**: Define a formal description language for the configuration model (e.g., JSON schema) to ensure machine-readable and validated configurations. +* **Self-Contained Component Configuration**: To provide a self-contained component, each component must be able to carry its own configuration. This introduces a potential conflict with centralized consistency. Potential compromise: Implement consistency checks across components rather than enforcing a single shared configuration file. +* **Extensibility**: The model should be designed to accommodate future features and extensions without breaking existing configurations. +* **Simplicity**: The guideline and model should be easy to understand and each configuration parameter should have a clear purpose. +* **Supported Features**: + + * Configuration scope of current component configurations need to be considered + * Configuration of required and provided capabilities of components. + * Multiple instantiations of the same component with distinct configurations. + * Versioning of configuration schema for backward compatibility. + * further features to be defined. + +Architecture +------------ + +* **Configuration Schema Layer**: Defines the model, e.g. in JSON schema. +* **Validation Engine**: Performs consistency checks across components and validates schema compliance. +* **Integration Layer**: Ensures that component configurations can be loaded independently while maintaining global consistency rules. + +Changes Introduced +------------------ + +* **Requirements**: Add mandatory adherence to the guideline and model for all new components. +* **Architecture**: Introduce schema-based configuration and validation components. +* **Implementation**: Provide reference templates and examples for contributors. +* **Process**: Update component development workflow to include configuration compliance checks. +* **Documentation**: Publish guideline and model specifications with examples. +* **Infrastructure**: Add tooling for automated validation and integration testing. + + + +Backwards Compatibility +======================= + +**Impact Assessment**: Low to Medium + +The configuration model is designed with extensibility and versioning to maintain backward compatibility. However, some existing components may require minor configuration adjustments to align with the new standardized model. + + +Security Impact +=============== + +none + +Safety Impact +============= + +none + +License Impact +============== + +none + + +How to Teach This +================= + +**Implementation Roadmap**: + +1. **Documentation Package**: + * Configuration guideline with naming conventions and structure rules + * Model specification with required and optional elements + * Migration guide for existing components + * Best practices and common patterns + +2. **Developer Resources**: + * Updated component templates with configuration sections + * Validation tools and IDE integration + * Example configurations for common use cases + * Training workshops for development teams + +3. **Integration Support**: + * Automated compliance checking in CI/CD pipelines + * Configuration validation utilities + * Migration assistance for legacy components + + +Rejected Ideas +============== + +**Centralized Configuration File**: Would compromise component portability and independence + +**Purely Structural Approach**: Fails to address content fragmentation issues + +**Hard-coded Standards**: Too inflexible for future extensions and diverse component needs + +**Runtime Configuration Only**: Will not meet runtime requirements like fast startup time + +Open Issues +=========== + +1. **Schema Implementation Language**: Final decision between JSON Schema and FlatBuffers pending performance analysis + +2. **Migration Timeline**: Coordination with existing component development cycles +3. **Validation Granularity**: Define scope of consistency checks between local (component specific) and global (cross component) configuration aspects, considering self-containment of component configuration vs. cross component consistency. +4. **Tooling Integration**: Specify IDE and build system integration requirements + + + +References +========== + +* **JSON Schema**: https://json-schema.org/ - Specification for configuration validation +* **FlatBuffers**: https://google.github.io/flatbuffers/ - Alternative serialization format +* **Module Development Guide**: Internal project documentation +* **Configuration Examples**: Available in project repository under `/examples/config/` + + +.. toctree:: + :hidden: diff --git a/docs/features/diagnostics/index.rst b/docs/features/diagnostics/index.rst index fc1bdd387b0..5f1c46b2b27 100644 --- a/docs/features/diagnostics/index.rst +++ b/docs/features/diagnostics/index.rst @@ -97,10 +97,10 @@ The next diagram shows the concept in a distributed view to highlight components .. image:: _assets/score-diagnostics-distributed.drawio.svg :alt: Diagnostic stack component architecture -In scope components -------------------- +In scope components (full stack) +-------------------------------- -The following components are considered in scope of this feature request. +The following components are considered in scope of this feature request for the long term implementation of the diagnostic system (beyond v1.0). Fault Library @@ -183,6 +183,24 @@ UDS2SOVD Proxy - UDS transport layer (e.g. DoIP or other vendor specific transports) shared with Classic Diagnostic Adapter. - Central component and unique per ECU (one per ECU or per System is possible). +In scope components (v1.0) +-------------------------- + +The following use-cases are considered in scope of this feature request for S-CORE v1.0. + +- Read DTCs through the SOVD API. +- Report new faults from platform and app components via the Fault API and handle them in the DFM. +- Clear DTCs over SOVD. +- Reach an UDS ECU through the Classic Diagnostic Adapter, at least for read/clear DTC paths. +- A sample Diagnostic service can be triggered via SOVD (Diagnostic service = a function which can be triggered via SOVD). +- OPTIONAL: Retrieve ECU- and app-level metadata (HW revision, SW version) via SOVD. +- OPTIONAL: Read/write component configuration through SOVD, backed by the S-CORE configuration service. + +The following components are considered in scope of this feature request for S-CORE v1.0. + +- All componenets are in scope for v1.0 but with limited functionality to support the use-cases described above. + +Further information can be found here: https://github.com/eclipse-opensovd/opensovd/blob/main/docs/design/mvp.md Out of scope components ----------------------- diff --git a/docs/features/diagnostics/requirements/index.rst b/docs/features/diagnostics/requirements/index.rst index 6c1d5055be0..78ee1b0a978 100644 --- a/docs/features/diagnostics/requirements/index.rst +++ b/docs/features/diagnostics/requirements/index.rst @@ -27,6 +27,7 @@ Diagnostic and Fault Management :safety: QM :satisfies: stkh_req__diagnostics__via_sovd :status: valid + :valid_from: v1.0.0 The SOVD implementation shall conform to the SOVD standard as defined in ISO/DIS 17978 (or the latest available draft or final publication). @@ -37,8 +38,9 @@ Diagnostic and Fault Management :safety: QM :satisfies: stkh_req__diagnostics__via_sovd, stkh_req__diagnostics__secure_access :status: valid + :valid_from: v1.0.0 - The diagnostic system shall include a central SOVD server that exposes diagnostic functionality via a standard REST interface, dispatches incoming requests to backend services, and enforces authentication and access control. + The diagnostic system shall include a central SOVD server that exposes diagnostic functionality via a standard REST interface. .. feat_req:: SOVD Configuration :id: feat_req__diagnostics__sovd_config @@ -47,6 +49,7 @@ Diagnostic and Fault Management :safety: QM :satisfies: stkh_req__diagnostics__via_sovd :status: valid + :valid_from: v1.5.0 The system shall provide configuration management for SOVD components, including protocol parameters and security settings. @@ -57,6 +60,7 @@ Diagnostic and Fault Management :safety: QM :satisfies: stkh_req__diagnostics__via_sovd :status: valid + :valid_from: v1.5.0 The SOVD server shall integrate with the S-CORE Configuration Manager to support runtime access and modification of configuration data. @@ -67,8 +71,9 @@ Diagnostic and Fault Management :safety: QM :satisfies: stkh_req__diagnostics__secure_access :status: valid + :valid_from: v1.5.0 - The SOVD server shall integrate with the S-CORE Authentication Manager to enforce access control and validate client credentials. + The SOVD server shall enforce access control and validate client credentials. .. feat_req:: SOVD Gateway :id: feat_req__diagnostics__sovd_gateway @@ -77,6 +82,7 @@ Diagnostic and Fault Management :safety: QM :satisfies: stkh_req__diagnostics__distributed_support :status: valid + :valid_from: v1.0.0 The system shall include a SOVD gateway to route diagnostic requests between different network domains and protocols. @@ -87,6 +93,7 @@ Diagnostic and Fault Management :safety: QM :satisfies: stkh_req__diagnostics__via_sovd, stkh_req__diagnostics__secure_access :status: valid + :valid_from: v1.0.0 The system shall provide a SOVD client to allow external applications to communicate with the SOVD server. @@ -97,6 +104,7 @@ Diagnostic and Fault Management :safety: QM :satisfies: stkh_req__diagnostics__via_sovd :status: valid + :valid_from: v1.0.0 The SOVD client shall be designed as a reusable core component that can be deployed in off-board, on-board, or cloud environments. @@ -107,8 +115,9 @@ Diagnostic and Fault Management :safety: QM :satisfies: stkh_req__diagnostics__custom_services :status: valid + :valid_from: v1.0.0 - The diagnostic system shall include a base service application (AKA routine) that is triggered from the SOVD Server and used to derive custom service applications. + The diagnostic system shall include a base service application (AKA routine) that is triggered by the SOVD Server and used to derive custom service applications. .. feat_req:: OEM Diagnostic Plug In :id: feat_req__diagnostics__oem_plugin @@ -117,6 +126,7 @@ Diagnostic and Fault Management :safety: QM :satisfies: stkh_req__diagnostics__custom_services :status: valid + :valid_from: v1.5.0 The diagnostic system shall provide a plug-in mechanism to include OEM-specific features. @@ -127,8 +137,20 @@ Diagnostic and Fault Management :safety: QM :satisfies: stkh_req__diagnostics__fault_reporting :status: valid + :valid_from: v1.0.0 - The system shall include a fault reporting library that provides an IPC-based interface for applications and platform components to report diagnostic faults, including metadata. + The system shall include a fault reporting library that provides an interface for applications and platform components to report diagnostic faults including metadata. + +.. feat_req:: Fault Library Catalog + :id: feat_req__diagnostics__fault_lib_catalog + :reqtype: Functional + :security: YES + :safety: QM + :satisfies: stkh_req__diagnostics__fault_reporting + :status: valid + :valid_from: v1.0.0 + + The fault library shall provide the ability to define faults via a component fault catalog for the scope of the respective parent component. .. feat_req:: Fault Library Debouncing :id: feat_req__diagnostics__fault_lib_debounce @@ -137,6 +159,7 @@ Diagnostic and Fault Management :safety: QM :satisfies: stkh_req__diagnostics__fault_reporting :status: valid + :valid_from: v1.5.0 The fault library shall support configurable error debouncing. @@ -147,8 +170,20 @@ Diagnostic and Fault Management :safety: QM :satisfies: stkh_req__diagnostics__fault_reporting, stkh_req__diagnostics__dtc_read_sovd :status: valid + :valid_from: v1.0.0 + + The system shall include a central diagnostic fault manager that aggregates data from fault libraries, provides DTC status to the SOVD server, and interfaces with a persistent diagnostic database. + +.. feat_req:: Fault Catalog Aggregation + :id: feat_req__diagnostics__fault_catalog_agg + :reqtype: Functional + :security: YES + :safety: QM + :satisfies: stkh_req__diagnostics__fault_reporting + :status: valid + :valid_from: v1.0.0 - The system shall include a central diagnostic fault manager that aggregates data from fault libraries, provides fault status to the SOVD server, and interfaces with a persistent diagnostic database. + The Diagnostic Fault Manager shall be configureable via the aggregated fault catalog derived from all fault libraries in the system. .. feat_req:: Diagnostic Database :id: feat_req__diagnostics__db @@ -157,8 +192,9 @@ Diagnostic and Fault Management :safety: QM :satisfies: stkh_req__diagnostics__fault_reporting, stkh_req__diagnostics__dtc_read_sovd :status: valid + :valid_from: v1.0.0 - The system shall include a diagnostic database using the S-CORE::Persistency module to store DTCs, occurrence counts, and associated metadata for fault events. + The system shall include a diagnostic database to store DTCs, occurrence counts, and associated metadata for fault events. .. feat_req:: Diagnostic Database Persistence :id: feat_req__diagnostics__db_persistence @@ -167,8 +203,9 @@ Diagnostic and Fault Management :safety: QM :satisfies: stkh_req__diagnostics__fault_reporting :status: valid + :valid_from: v1.0.0 - The diagnostic database shall store all diagnostic data persistently using the S-CORE::Persistency infrastructure. + The diagnostic database shall store all diagnostic data persistently. .. feat_req:: Classic Diagnostic Adapter :id: feat_req__diagnostics__classic_adapter @@ -177,6 +214,7 @@ Diagnostic and Fault Management :safety: QM :satisfies: stkh_req__diagnostics__uds_ecus :status: valid + :valid_from: v1.0.0 The system shall include a classic diagnostic adapter to translate SOVD requests into UDS commands. @@ -187,6 +225,7 @@ Diagnostic and Fault Management :safety: QM :satisfies: stkh_req__diagnostics__uds_ecus :status: valid + :valid_from: v1.0.0 The classic diagnostic adapter shall support configuration via ODX files that describe the UDS command mappings and behavior per ECU. @@ -197,6 +236,7 @@ Diagnostic and Fault Management :safety: QM :satisfies: stkh_req__diagnostics__uds_tester_compat :status: valid + :valid_from: v1.5.0 The system shall include a proxy to translate UDS diagnostic requests to SOVD protocol requests. @@ -207,6 +247,7 @@ Diagnostic and Fault Management :safety: QM :satisfies: stkh_req__diagnostics__uds_tester_compat :status: valid + :valid_from: v1.5.0 The UDS2SOVD proxy shall support configuration via standardized ODX files to define which SOVD services are exposed via the UDS interface. @@ -217,5 +258,6 @@ Diagnostic and Fault Management :safety: QM :satisfies: stkh_req__diagnostics__via_sovd, stkh_req__diagnostics__dtc_read_sovd :status: valid + :valid_from: v1.0.0 All internal communication between diagnostic components that do not use UDS or SOVD protocols shall be implemented using the S-CORE::COM middleware. diff --git a/docs/features/frameworks/feo/architecture/feature_architecture.rst b/docs/features/frameworks/feo/architecture/feature_architecture.rst index 161c6dcaef3..221d676fdc2 100644 --- a/docs/features/frameworks/feo/architecture/feature_architecture.rst +++ b/docs/features/frameworks/feo/architecture/feature_architecture.rst @@ -95,6 +95,14 @@ expected to be used directly in a productive system. They may become obsolete in Static Architecture ------------------- +.. feat:: Feature FEO + :id: feat__feo + :security: YES + :safety: ASIL_B + :status: valid + :includes: logic_arc_int__feo__activity, logic_arc_int__feo__prim_agent, logic_arc_int__feo__sec_agent, logic_arc_int__feo__lifecycle + :consists_of: comp__feo_main + .. feat_arc_sta:: Static Architecture :id: feat_arc_sta__feo__main :security: YES @@ -102,6 +110,7 @@ Static Architecture :status: valid :fulfils: feat_req__feo__application, feat_req__feo__activity, feat_req__feo__task_chain, feat_req__feo__agent :includes: logic_arc_int__feo__activity, logic_arc_int__feo__prim_agent, logic_arc_int__feo__sec_agent, logic_arc_int__feo__lifecycle + :belongs_to: feat__feo .. uml:: _assets/stat_arch.puml :scale: 50 @@ -117,6 +126,7 @@ Dynamic Architecture :safety: ASIL_B :fulfils: feat_req__feo__application, feat_req__feo__activity, feat_req__feo__task_chain, feat_req__feo__agent :status: valid + :belongs_to: feat__feo .. uml:: _assets/dyn_arch.puml :scale: 50 diff --git a/docs/features/frameworks/feo/index.rst b/docs/features/frameworks/feo/index.rst index 80ce3f51d73..827455b72c8 100644 --- a/docs/features/frameworks/feo/index.rst +++ b/docs/features/frameworks/feo/index.rst @@ -12,8 +12,8 @@ # SPDX-License-Identifier: Apache-2.0 # ******************************************************************************* -Fixed execution order framework (FEO) -##################################### +Fixed execution order framework (FEO) (v0.5 beta) +################################################# .. document:: Fixed execution order framework :id: doc__frameworks_feo diff --git a/docs/features/frameworks/feo/requirements/aou_req.rst b/docs/features/frameworks/feo/requirements/aou_req.rst index 3b8bd29f116..d15818ee2d2 100644 --- a/docs/features/frameworks/feo/requirements/aou_req.rst +++ b/docs/features/frameworks/feo/requirements/aou_req.rst @@ -28,7 +28,7 @@ FEO Feature Assumption of Use Requirements :reqtype: Functional :security: NO :safety: ASIL_B - :status: valid + :status: invalid Something shall be done. diff --git a/docs/features/frameworks/feo/safety_planning/index.rst b/docs/features/frameworks/feo/safety_planning/index.rst index e976cd92b48..b8d7a69ec80 100644 --- a/docs/features/frameworks/feo/safety_planning/index.rst +++ b/docs/features/frameworks/feo/safety_planning/index.rst @@ -13,8 +13,8 @@ # ******************************************************************************* -FEO Feature Safety Planning -=========================== +Feature Safety Work Products List +================================= .. document:: FEO Safety Work Products :id: doc__feo_safety_wp @@ -31,79 +31,71 @@ FEO Feature Safety Planning * - Work product Id - Link to process - Process status - - Link to issue - Link to WP - - WP/doc status * - :need:`wp__feat_request` - :need:`gd_temp__change_feature_request` - :ndf:`copy('status', need_id='gd_temp__change_feature_request')` - - https://github.com/eclipse-score/score/issues/1646 - :need:`doc__frameworks_feo` - - :ndf:`copy('status', need_id='doc__frameworks_feo')` * - :need:`wp__requirements_feat` - :need:`gd_temp__req_feat_req` - :ndf:`copy('status', need_id='gd_temp__req_feat_req')` - - https://github.com/eclipse-score/score/issues/1647 - :need:`doc__frameworks_feo_feat_reqs` - - :ndf:`copy('status', need_id='doc__frameworks_feo_feat_reqs')` * - :need:`wp__requirements_feat_aou` - :need:`gd_temp__req_aou_req` - :ndf:`copy('status', need_id='gd_temp__req_aou_req')` - - https://github.com/eclipse-score/score/issues/1648 - :need:`doc__frameworks_feo_aou_reqs` - - :ndf:`copy('status', need_id='doc__frameworks_feo_aou_reqs')` * - :need:`wp__feature_arch` - :need:`gd_temp__arch_feature` - :ndf:`copy('status', need_id='gd_temp__arch_feature')` - - https://github.com/eclipse-score/score/issues/1649 - :need:`doc__frameworks_feo_feat_arch` - - :ndf:`copy('status', need_id='doc__frameworks_feo_feat_arch')` * - :need:`wp__feature_fmea` - :need:`gd_temp__feat_saf_fmea` - :ndf:`copy('status', need_id='gd_temp__feat_saf_fmea')` - - https://github.com/eclipse-score/score/issues/1650 - :need:`doc__frameworks_feo_fmea` - - :ndf:`copy('status', need_id='doc__frameworks_feo_fmea')` * - :need:`wp__feature_dfa` - :need:`gd_temp__feat_saf_dfa` - :ndf:`copy('status', need_id='gd_temp__feat_saf_dfa')` - - https://github.com/eclipse-score/score/issues/1651 - :need:`doc__frameworks_feo_dfa` - - :ndf:`copy('status', need_id='doc__frameworks_feo_dfa')` * - :need:`wp__fdr_reports` (Features's Safety Analyses & DFA) - :need:`gd_chklst__safety_analysis` - :ndf:`copy('status', need_id='gd_chklst__safety_analysis')` - - https://github.com/eclipse-score/score/issues/1652 - :need:`doc__saf_ana_inspec_frameworks_feo` - - :ndf:`copy('status', need_id='doc__saf_ana_inspec_frameworks_feo')` * - :need:`wp__requirements_inspect` - :need:`gd_chklst__req_inspection` - :ndf:`copy('status', need_id='gd_chklst__req_inspection')` - - https://github.com/eclipse-score/score/issues/1653 - :need:`doc__req_inspection_frameworks_feo` - - :ndf:`copy('status', need_id='doc__req_inspection_frameworks_feo')` * - :need:`wp__sw_arch_verification` - :need:`gd_chklst__arch_inspection_checklist` - :ndf:`copy('status', need_id='gd_chklst__arch_inspection_checklist')` - - https://github.com/eclipse-score/score/issues/1654 - :need:`doc__arch_inspection_frameworks_feo` - - :ndf:`copy('status', need_id='doc__arch_inspection_frameworks_feo')` * - :need:`wp__verification_feat_int_test` - :need:`gd_guidl__verification_guide` - :ndf:`copy('status', need_id='gd_guidl__verification_guide')` - - https://github.com/eclipse-score/score/issues/1655 - - - + +Feature Safety Package +====================== + +To create the safety package (according to :need:`gd_guidl__saf_package`) the following +documents and work products status have to go to "valid" (after the relevant verification were performed). + +Feature Documents Status +------------------------ + +For all the work product documents the status can be seen by following the "Link to WP". +A summary of the status is also documented in the project's documentation management plan. + +See :ref:`documents_docs_features_frameworks` FEO Requirements Status ----------------------- diff --git a/docs/features/index.rst b/docs/features/index.rst index 08fe4d199f0..d8f647937c5 100644 --- a/docs/features/index.rst +++ b/docs/features/index.rst @@ -26,3 +26,12 @@ The following features are defined: :glob: */index + +Feature List +------------ + +.. needtable:: + :style: table + :types: feat + :columns: id;Security;Safety;status + :filter: id not in ["feat__example_feature", "feat__feature_name", "feat__feature_name_example"] diff --git a/docs/features/infrastructure/bazel_registry.rst b/docs/features/infrastructure/bazel_registry.rst deleted file mode 100644 index 9dfbe4cfa90..00000000000 --- a/docs/features/infrastructure/bazel_registry.rst +++ /dev/null @@ -1,100 +0,0 @@ -.. - # ******************************************************************************* - # Copyright (c) 2024 Contributors to the Eclipse Foundation - # - # See the NOTICE file(s) distributed with this work for additional - # information regarding copyright ownership. - # - # This program and the accompanying materials are made available under the - # terms of the Apache License Version 2.0 which is available at - # https://www.apache.org/licenses/LICENSE-2.0 - # - # SPDX-License-Identifier: Apache-2.0 - # ******************************************************************************* - -.. _bazel_registry: - -Bazel registry -############## - -Documentation -************** - -Description -=========== - -S-CORE, as a multi repository projects requires a setup of it's own -registry, that will help managing the dependencies between various -parts. - -The registry is located at: -https://github.com/eclipse-score/bazel_registry - -In order to use it the following lines need to be added to the .bazelrc -file of a module: - -.. code:: - - common --registry=https://raw.githubusercontent.com/eclipse-score/bazel_registry/main/ - common --registry=https://bcr.bazel.build - -S-CORE registry is set as first registry with the fallback to Bazel's -central registry for other open source modules. - -Minimal module entry -==================== - -The following directory layout reflects a minimal module entry: - -.. code:: - - ├── bazel_registry.json - ├── modules - │   └── score_example - │   ├── 0.1 - │   │   ├── MODULE.bazel - │   │   └── source.json - │   └── metadata.json - └── README.md - -The *score_example* directory contains the metadata.json file which holds basic information about the module: - -.. code:: - - { - "homepage": "https://github.com/eclipse-score/example", - "repository": [ - "github:eclipse-score/example" - ], - "versions": [ - "0.1" - ], - "yanked_versions": {} - } - -Each version of the module is stored as a separate directory. Version directory requires a *source.json* and *MODULE.bazel* files. -The *source.json* file tell bazel where to get the sources from. - -.. code:: - - { - "integrity": "sha256-hGJ4VQ+0q/HcxbvOrY/C2UT4SjMnNLVgQAD4k5aAToI=", - "strip_prefix": "example-872caac46177cc3699899ef91348a643881b0981", - "url": "https://github.com/eclipse-score/example/archive/872caac46177cc3699899ef91348a643881b0981.zip" - } - - -The *MODULE.bazel* file should be the same as delpoyed in the referenced sources. - -Module version should comply to the established `Bazel version format `_ -and use the `compatibility_level `_ to specify breaking changes. - - -References -========== - -- Bazel external dependency management: - https://bazel.build/external/overview#bzlmod -- Bazel central registry browser: https://registry.bazel.build/ -- Bzlmod usage examples: - https://github.com/bazelbuild/examples/tree/main/bzlmod\ diff --git a/docs/features/infrastructure/config_as_code.rst b/docs/features/infrastructure/config_as_code.rst deleted file mode 100644 index 6ec6457df2c..00000000000 --- a/docs/features/infrastructure/config_as_code.rst +++ /dev/null @@ -1,68 +0,0 @@ -.. - # ******************************************************************************* - # Copyright (c) 2024 Contributors to the Eclipse Foundation - # - # See the NOTICE file(s) distributed with this work for additional - # information regarding copyright ownership. - # - # This program and the accompanying materials are made available under the - # terms of the Apache License Version 2.0 which is available at - # https://www.apache.org/licenses/LICENSE-2.0 - # - # SPDX-License-Identifier: Apache-2.0 - # ******************************************************************************* - -Configuration as code -####################### - -Documentation -*************** - -Description -=========== - -S-CORE project uses GitHub for hosting source code as well as GitHub -Actions for all CI/CD task. The configuration of the organization and -repositories is managed by otterdog, a config-as-code solution. GitHub -provides several approaches to set up repositories. In order to provide -unified experience among all the S-CORE repositories, the following rules -should be followed. - -For in depth description of the properties and the relations, please -refer to the otterdog documentation. - -Current setup can be viewed in the dashboard: -https://otterdog.eclipse.org/projects/automotive.score - -Automatically generated documentation for eclipse-score otterdog -configuration is here: https://eclipse-score.github.io/.eclipsefdn/ - -All changes to the configuration should be handled by pull requests in -https://github.com/eclipse-score/.eclipsefdn/ - -Organization settings ---------------------- - -- ``default_branch_name`` - the default branch name for newly created - repositories is set to ``main``. -- ``has_discussions`` - organisation level discussions are enabled. -- ``discussion_source_repository`` - organization level discussiones - are attached to ``eclipse-score/score`` repository. - -Repository settings -------------------- - -- ``homepage`` - the link that is displayed when opening the repository - in github. -- ``environments`` - ``github-pages`` environment needs to be defined - for building documentation. -- ``gh_pages_build_type`` - set to ``workflow`` to build the - documentation rather than serve static content. - -References -========== - -- GitHub documentation: https://docs.github.com/en -- GitHub repositories: https://docs.github.com/en/repositories -- GitHub actions: https://docs.github.com/en/actions -- otterdog: https://otterdog.readthedocs.io/en/latest/ diff --git a/docs/features/integration/_assets/score_high_level_dependencies.png b/docs/features/integration/_assets/score_high_level_dependencies.png deleted file mode 100644 index 44f2334abd1..00000000000 Binary files a/docs/features/integration/_assets/score_high_level_dependencies.png and /dev/null differ diff --git a/docs/features/integration/index.rst b/docs/features/integration/index.rst deleted file mode 100644 index 691cf65fa6f..00000000000 --- a/docs/features/integration/index.rst +++ /dev/null @@ -1,112 +0,0 @@ -.. - # ******************************************************************************* - # Copyright (c) 2024 Contributors to the Eclipse Foundation - # - # See the NOTICE file(s) distributed with this work for additional - # information regarding copyright ownership. - # - # This program and the accompanying materials are made available under the - # terms of the Apache License Version 2.0 which is available at - # https://www.apache.org/licenses/LICENSE-2.0 - # - # SPDX-License-Identifier: Apache-2.0 - # ******************************************************************************* - -.. _integration_features: - -Integration -########### - -Documentation -************* - -Description -=========== - -Bazel is the build/test infrastructure of choice for the S-CORE project. -Overall integration and build should be realized using available rules -or custom rules developed for the project. This means that the following -should be integrated with bazel: - -- code build -- documentation build -- test runs -- binary runs -- external tooling - -Running external tooling outside of Bazel should be limited as much as -possible, in order to streamline the development with simple ``bazel -{build,test,run}`` command, across multiple repositories and multiple -languages. - -All dependencies should be managed thru mechanisms available in Bazel. -Dependency to host system should be limited as much as possible. - -Each repository should register an entry in the `bazel_registry `_ -for dependency management between different modules. - -High level integration dependency - -|score_high_level_dependencies| - -Mandatory repositories: - -- bazel_registry (implicit dependency, stores version of all modules) -- process_description (S-CORE development process description) -- score (requirements and architecture) -- reference_integration (brings all parts together) - -Optional repositories: - -- repositories containing implementation of particular features - -Versioning and release cycle -============================ - -Each repository that is planned to be consumed as a dependency, should adopt -the `Bazel versioning scheme `_ and use the -`compatibility_level `_ -to indicate breaking changes between the versions. - -This requires that each repository has its own release cycle. A release should create a tag in the repository -and publish a new version in `bazel_registry `_, -which can then be consumed by the users. - -Refer to :ref:`Bazel registry ` for detailed setup of a module entry. - -Incubation repositories -======================= - -For early evaluation of existing implementations and prototypes we introduce -so called `incubation repositories`. -They should serve as a prototyping area where developers can share and build -code with only limited restrictions such as quality KPIs, review processes, etc. - -Incubation repositories are indicated by the prefix `inc_` in the repo name. - -Any incubation repository shall evolve over time towards a fully functional -Bazel module, which can be integrated via an additional dependency in the main -build. - -If a repo has reached this state and the concept is approved in general the -content can be used as input for the score production repositories. - -This means that the existing code can be transferred to the production -repositories as copy via the contribution process. The incubation -repository will be archived at this point in time. - -The content shall be disabled via a Bazel `feature flag` with the following -naming convention `//experimental_[feature]`. -The `experimental` prefix indicates to the user that -this functionality is not yet ready for series production. -Additionally the relevant code might not meet all required quality KPIs. - - -References -========== - -- Bazel: https://bazel.build/ -- Bazel modules: https://bazel.build/external/module -- Bazel registries: https://bazel.build/external/registry - -.. |score_high_level_dependencies| image:: _assets/score_high_level_dependencies.png diff --git a/docs/features/lifecycle/architecture/health_monitor.rst b/docs/features/lifecycle/architecture/health_monitor.rst index b609feaf7a0..deef630097d 100644 --- a/docs/features/lifecycle/architecture/health_monitor.rst +++ b/docs/features/lifecycle/architecture/health_monitor.rst @@ -177,6 +177,7 @@ Dynamic Architecture :status: invalid :safety: ASIL_B :fulfils: feat_req__lifecycle__process_monitoring + :belongs_to: feat__lifecycle .. uml:: _assets/application_health_monitoring_dynamic.puml :scale: 50 @@ -299,6 +300,7 @@ Dynamic Architecture :status: invalid :safety: ASIL_B :fulfils: feat_req__lifecycle__process_monitoring + :belongs_to: feat__lifecycle .. uml:: _assets/logical_sup.puml :scale: 50 diff --git a/docs/features/lifecycle/architecture/launch_manager.rst b/docs/features/lifecycle/architecture/launch_manager.rst index 4c29c258d78..0e6d7dc0a02 100644 --- a/docs/features/lifecycle/architecture/launch_manager.rst +++ b/docs/features/lifecycle/architecture/launch_manager.rst @@ -42,7 +42,7 @@ E.g. the configuration below consists of three :term:`Run Targets ` :scale: 50 :align: center -The :need:`comp_arc_sta__lifecycle__launch_manager` implements the following interfaces,for the selection of :term:`Run Target` s, starting and stopping of components and monitoring of the processes. +The :need:`comp__lifecycle_launch_manager` implements the following interfaces,for the selection of :term:`Run Target` s, starting and stopping of components and monitoring of the processes. Switching between Run Targets ----------------------------- @@ -117,11 +117,11 @@ This unified approach allows external state managers to request any run target a .. feat_arc_dyn:: Control interface dynamic architecture activate run target :id: feat_arc_dyn__lifecycle__control_if_activate - :security: YES :status: valid :safety: ASIL_B + :security: YES :fulfils: feat_req__lifecycle__control_commands, feat_req__lifecycle__request_run_target_start, feat_req__lifecycle__switch_run_targets - :includes: + :belongs_to: feat__lifecycle .. uml:: _assets/control_interface_start_sequence.puml :scale: 50 @@ -250,7 +250,7 @@ Dynamic Architecture :status: valid :safety: ASIL_B :fulfils: feat_req__lifecycle__control_commands, feat_req__lifecycle__request_run_target_start, feat_req__lifecycle__switch_run_targets - :includes: + :belongs_to: feat__lifecycle .. uml:: _assets/lifecycle_state_machine.puml :scale: 50 @@ -354,6 +354,7 @@ Dynamic architecture :safety: ASIL_B :fulfils: feat_req__lifecycle__monitoring_processes, feat_req__lifecycle__polling_interval,, feat_req__lifecycle__failure_detect :includes: + :belongs_to: feat__lifecycle .. uml:: _assets/alive_monitoring_dynamic.puml :scale: 50 diff --git a/docs/features/lifecycle/index.rst b/docs/features/lifecycle/index.rst index 0c24127603a..c04727f8c3d 100644 --- a/docs/features/lifecycle/index.rst +++ b/docs/features/lifecycle/index.rst @@ -27,6 +27,14 @@ Lifecycle :realizes: wp__feat_request +.. feat:: Lifecycle + :id: feat__lifecycle + :security: YES + :safety: ASIL_B + :status: valid + :includes: logic_arc_int__lifecycle__lifecycle_if, logic_arc_int__lifecycle__controlif, logic_arc_int__lifecycle__alive_if, logic_arc_int__lifecycle__logical_monitor_if, logic_arc_int__lifecycle__deadline_monitor_if + :consists_of: comp__lifecycle_launch_manager, comp__lifecycle_healthmonitor + Feature Flag ============ @@ -108,7 +116,7 @@ Specification .. mod_view_sta:: Feature architecture :id: mod_view_sta__lifecycle__overview - :includes: comp_arc_sta__lifecycle__launch_manager, comp_arc_sta__lifecycle__healthmonitor + :includes: comp__lifecycle_launch_manager, comp__lifecycle_healthmonitor .. needarch:: :scale: 50 @@ -122,7 +130,7 @@ Specification LifecycleApplication --> logic_arc_int__lifecycle__deadline_monitor_if :use LifecycleApplication --> posix_signals : implements NativeApplication --> posix_signals : implements - comp_arc_sta__lifecycle__launch_manager --> posix_signals : use + comp__lifecycle_launch_manager --> posix_signals : use The overall functionality of the feature can be split into 2 subfeatures, which are diff --git a/docs/features/orchestration/architecture/index.rst b/docs/features/orchestration/architecture/index.rst index 9c1f2011e07..5c64a624c68 100644 --- a/docs/features/orchestration/architecture/index.rst +++ b/docs/features/orchestration/architecture/index.rst @@ -23,6 +23,14 @@ Feature Architecture :realizes: wp__feature_arch :tags: orchestration +.. feat:: Orchestration + :id: feat__orchestration + :security: YES + :safety: ASIL_B + :status: valid + :includes: logic_arc_int__orchestration__user, logic_arc_int__orchestration__design, logic_arc_int__orchestration__deployment + :consists_of: comp__orchestrator + Overview -------- @@ -63,6 +71,7 @@ Static Architecture :status: invalid :fulfils: feat_req__orchestration__orch_static_graphs, feat_req__orchestration__exec_async_rt :includes: logic_arc_int__orchestration__user, logic_arc_int__orchestration__design, logic_arc_int__orchestration__deployment + :belongs_to: feat__orchestration .. needarch:: :scale: 50 diff --git a/docs/features/orchestration/index.rst b/docs/features/orchestration/index.rst index 54a121fa107..fe5dcb9db09 100644 --- a/docs/features/orchestration/index.rst +++ b/docs/features/orchestration/index.rst @@ -15,7 +15,7 @@ .. _orch_feature: -Orchestration (v0.5 alpha) +Orchestration (v0.5 beta) ########################## .. document:: Orchestration diff --git a/docs/features/persistency/kvs/architecture/_assets/kvs_dyn_builder.puml b/docs/features/persistency/architecture/_assets/kvs_dyn_builder.puml similarity index 100% rename from docs/features/persistency/kvs/architecture/_assets/kvs_dyn_builder.puml rename to docs/features/persistency/architecture/_assets/kvs_dyn_builder.puml diff --git a/docs/features/persistency/kvs/architecture/_assets/kvs_dyn_check_value_default.puml b/docs/features/persistency/architecture/_assets/kvs_dyn_check_value_default.puml similarity index 100% rename from docs/features/persistency/kvs/architecture/_assets/kvs_dyn_check_value_default.puml rename to docs/features/persistency/architecture/_assets/kvs_dyn_check_value_default.puml diff --git a/docs/features/persistency/kvs/architecture/_assets/kvs_dyn_delete_data_key.puml b/docs/features/persistency/architecture/_assets/kvs_dyn_delete_data_key.puml similarity index 100% rename from docs/features/persistency/kvs/architecture/_assets/kvs_dyn_delete_data_key.puml rename to docs/features/persistency/architecture/_assets/kvs_dyn_delete_data_key.puml diff --git a/docs/features/persistency/kvs/architecture/_assets/kvs_dyn_flush_local_repr_to_file.puml b/docs/features/persistency/architecture/_assets/kvs_dyn_flush_local_repr_to_file.puml similarity index 100% rename from docs/features/persistency/kvs/architecture/_assets/kvs_dyn_flush_local_repr_to_file.puml rename to docs/features/persistency/architecture/_assets/kvs_dyn_flush_local_repr_to_file.puml diff --git a/docs/features/persistency/kvs/architecture/_assets/kvs_dyn_read_data_key.puml b/docs/features/persistency/architecture/_assets/kvs_dyn_read_data_key.puml similarity index 100% rename from docs/features/persistency/kvs/architecture/_assets/kvs_dyn_read_data_key.puml rename to docs/features/persistency/architecture/_assets/kvs_dyn_read_data_key.puml diff --git a/docs/features/persistency/kvs/architecture/_assets/kvs_dyn_read_file_into_local_repr.puml b/docs/features/persistency/architecture/_assets/kvs_dyn_read_file_into_local_repr.puml similarity index 100% rename from docs/features/persistency/kvs/architecture/_assets/kvs_dyn_read_file_into_local_repr.puml rename to docs/features/persistency/architecture/_assets/kvs_dyn_read_file_into_local_repr.puml diff --git a/docs/features/persistency/kvs/architecture/_assets/kvs_dyn_restore_snapshot.puml b/docs/features/persistency/architecture/_assets/kvs_dyn_restore_snapshot.puml similarity index 100% rename from docs/features/persistency/kvs/architecture/_assets/kvs_dyn_restore_snapshot.puml rename to docs/features/persistency/architecture/_assets/kvs_dyn_restore_snapshot.puml diff --git a/docs/features/persistency/kvs/architecture/_assets/kvs_dyn_write_data_key.puml b/docs/features/persistency/architecture/_assets/kvs_dyn_write_data_key.puml similarity index 100% rename from docs/features/persistency/kvs/architecture/_assets/kvs_dyn_write_data_key.puml rename to docs/features/persistency/architecture/_assets/kvs_dyn_write_data_key.puml diff --git a/docs/features/persistency/kvs/architecture/_assets/kvs_interface.puml b/docs/features/persistency/architecture/_assets/kvs_interface.puml similarity index 100% rename from docs/features/persistency/kvs/architecture/_assets/kvs_interface.puml rename to docs/features/persistency/architecture/_assets/kvs_interface.puml diff --git a/docs/features/persistency/kvs/architecture/_assets/kvs_static_view.puml b/docs/features/persistency/architecture/_assets/kvs_static_view.puml similarity index 100% rename from docs/features/persistency/kvs/architecture/_assets/kvs_static_view.puml rename to docs/features/persistency/architecture/_assets/kvs_static_view.puml diff --git a/docs/features/persistency/architecture/chklst_arc_inspection.rst b/docs/features/persistency/architecture/chklst_arc_inspection.rst new file mode 100644 index 00000000000..e52a0e13320 --- /dev/null +++ b/docs/features/persistency/architecture/chklst_arc_inspection.rst @@ -0,0 +1,176 @@ +.. + # ******************************************************************************* + # Copyright (c) 2025 Contributors to the Eclipse Foundation + # + # See the NOTICE file(s) distributed with this work for additional + # information regarding copyright ownership. + # + # This program and the accompanying materials are made available under the + # terms of the Apache License Version 2.0 which is available at + # https://www.apache.org/licenses/LICENSE-2.0 + # + # SPDX-License-Identifier: Apache-2.0 + # ******************************************************************************* + + +.. document:: Persistency Architecture Inspection Checklist + :id: doc__persistency_arc_inspection + :status: draft + :safety: ASIL_B + :security: YES + :realizes: wp__sw_arch_verification + + +Architecture Inspection Checklist +================================= + +Purpose +------- + +The purpose of the software architecture checklist is to ensure that the design meets the criteria and quality as +defined per project processes and guidelines for feature and component architectural design elements. +It helps to check the compliance with requirements, identify errors or inconsistencies, and ensure adherence to best +practices. +The checklist guides evaluation of the architecture design, identifies potential problems, and aids in +communication and documentation of architectural decisions to stakeholders. + +Checklist +--------- + +.. list-table:: Feature Architecture Design Review Checklist Persistency + :header-rows: 1 + + * - Review Id + - Acceptance criteria + - Type + - Guidance + - passed + - Remarks + - Issue link + * - ARC_01_01 + - Is the traceability from software architectural elements to requirements, and other level architectural + elements (e.g. component to interface) established according to the defined :need:`Relations between the architectural elements `? + - automated + - Trace should be checked by Sphinx. Will be removed from checklist once requirement is implemented. + - No + - Traceability not complete, template not followed + - `Issue for Findings `_ + * - ARC_01_02 + - If the architectural element is related to any supplier manuals (incl. safety and security) + are the relevant parts covered? + - manual + - If the architecture makes use of supplied elements, their manuals (like safety) have to be considered (i.e. its provided functionality matches the expectation and assumptions are fulfilled). Note that in case of safety component this means that assumed Technical Safety Requirements and AoUs of the safety manual are covered. + - Yes + - Not applicable + - + * - ARC_01_03 + - Is the architectural element traceable to the lower level artifacts as defined by the workproduct traceability? + - automated + - Will be removed from checklist once requirement is implemented by automated tool check. + Details of possible linking can be depicted from `Traceability Concept `_ + - No + - Traceability not complete, template not followed + - `Issue for Findings `_ + * - ARC_02_01 + - Is the software architecture design compliant with the (overall) feature architecture? + - manual + - On component level check against the feature architecture, on feature level check other features with common components used. + - No + - There is no component architecture available for persistency + - `Issue for Findings `_ + * - ARC_02_02 + - Is appropriate and comprehensible operation/interface naming present in the architectural design? + - manual + - Check :need:`gd_guidl__arch_design` + - No + - Are these interfaces names, any operations? Please update template. + - `Issue for Findings `_ + * - ARC_02_03 + - Are correctness of data flow and control flow within the architectural elements considered? + - manual + - E.g. examine definitions, transformations, integrity, and interaction of data; check error handling, data + exchange between elements, correct response to inputs and documented decision making. + Note: consistency is ensured by the process/tooling, by defining each interface only once. + - Yes + - + - + * - ARC_02_04 + - Are the interfaces between the software architectural element and other architectural elements well-defined? + - manual + - Check if the interface reacts on non-defined behavior or errors; can established protocols be used; are the + interfaces for inputs, outputs, error codes documented; is loose coupling considered and only limited exposure; + can unit or integration test be written against the interface; data amount transferred; no sensitive data + exposure; + - Yes + - + - + * - ARC_02_05 + - Does the software architectural element consider the timing constraints (from the parent requirement)? + - manual + - If there are hard requirements on the timing a programming time estimation should be performed and also + deadline supervision considered. + - No + - No information found, but required + - `Issue for Findings `_ + * - ARC_02_06 + - Is the documentation of the software architectural element, including textual and graphical descriptions + (e.g., UML diagrams), comprehensible and complete? + - manual + - Use of semi-formal notation is expected for architectural elements with an allocated ASIL level. + Is the architecture template correctly filled? + - Yes + - + - + * - ARC_03_01 + - Is the architectural element modular and encapsulated? + - manual + - Check e.g. that only minimal interfaces are used. Design should be object oriented. Interfaces and interactions are clearly defined. Usage of access types (private, protected) properly set. Limited global variables. + - No + - Yes + - + * - ARC_03_02 + - Is the suitability of the software architecture for future modifications and maintainability considered? + - manual + - Check for e.g. loose coupling, separation of concerns, high cohesion, versioning strategy for interfaces, + decision records, use of established design patterns. + - Yes + - Not applicable on feature architecture level + - + * - ARC_03_03 + - Are simplicity and avoidance of unnecessary complexity present in the software architecture? + - manual + - Indicators for complexity are: number of use cases (corresponding to dynamic diagrams) + allocated to single design element, number of interfaces and operations in an interface, + function parameters, global variables, complex types, limited comprehensibility. + + Note: If the "number" above exceeds "3" a design rationale is mandatory (for all types) + - Yes + - Not applicable on feature architecture level + - + * - ARC_03_04 + - Is the software architecture design following best practices and design principles? + - manual + - Refer to architectural guidelines and recommendations within the project documentation. + - Yes + - + - + * - ARC_04_01 + - If software partitioning (different operating system processes) is used to implement freedom from interference between the processes with different rating (QM/ASIL), is effectiveness evidence generated during integration and verification tests? + + Note: see ISO 26262-6, 7.4.9 and Annex D for partitioning + - manual + - + a) the usage of shared resources (cpu time, shared memory, ...) are checked in a way that freedom from interference between the processes is ensured, + b) check if the operating system supports freedom from interference between the processes + - + - + - + * - ARC_04_02 + - Is an upper estimation of the required resources (RAM, ROM, non volatile memory, communication) available and documented? + + Note: see ISO 26262-6, 7.4.11 + - manual + - + - + - + - diff --git a/docs/features/persistency/kvs/architecture/index.rst b/docs/features/persistency/architecture/index.rst similarity index 70% rename from docs/features/persistency/kvs/architecture/index.rst rename to docs/features/persistency/architecture/index.rst index 750dbdfc11b..d416bc6e6a4 100644 --- a/docs/features/persistency/kvs/architecture/index.rst +++ b/docs/features/persistency/architecture/index.rst @@ -12,7 +12,7 @@ # SPDX-License-Identifier: Apache-2.0 # ******************************************************************************* -.. _feature_architecture_PersistencyKvs: +.. _feature_architecture_persistency: Architecture ============ @@ -25,7 +25,24 @@ Architecture :realizes: wp__feature_arch :tags: persistency -Overview + +.. feat:: Persistency + :id: feat__persistency + :security: YES + :safety: ASIL_B + :status: valid + :includes: logic_arc_int__persistency__interface + :consists_of: comp__persistency_kvs + +.. comp:: persistency::kvs + :id: comp__persistency_kvs + :security: YES + :safety: ASIL_B + :status: valid + :implements: logic_arc_int__persistency__interface + + + -------- The Key-Value-Storage (kvs) provides the capability to efficiently store, @@ -62,8 +79,9 @@ Static Architecture :security: YES :safety: ASIL_B :includes: logic_arc_int__persistency__interface - :fulfils: feat_req__persistency__default_value_get,feat_req__persistency__default_values,feat_req__persistency__events,feat_req__persistency__integrity_check,feat_req__persistency__persist_data,feat_req__persistency__persistency,feat_req__persistency__snapshots,feat_req__persistency__support_datatype_keys,feat_req__persistency__support_datatype_value,feat_req__persistency__variant_management,feat_req__persistency__default_value_file,feat_req__persistency__config_file,feat_req__persistency__async_api,feat_req__persistency__access_control,feat_req__persistency__intra_process_comm + :fulfils: feat_req__persistency__default_value_get,feat_req__persistency__default_values,feat_req__persistency__async_completion,feat_req__persistency__integrity_check,feat_req__persistency__store_data,feat_req__persistency__load_data,feat_req__persistency__snapshot_create,feat_req__persistency__support_datatype_keys,feat_req__persistency__support_datatype_value,feat_req__persistency__variant_management,feat_req__persistency__default_value_file,feat_req__persistency__cfg,feat_req__persistency__async_api,feat_req__persistency__access_control,feat_req__persistency__concurrency :status: valid + :belongs_to: feat__persistency .. uml:: _assets/kvs_static_view.puml @@ -75,6 +93,7 @@ Dynamic Architecture :safety: ASIL_B :fulfils: feat_req__persistency__default_values,feat_req__persistency__default_value_get :status: valid + :belongs_to: feat__persistency .. uml:: _assets/kvs_dyn_check_value_default.puml @@ -82,8 +101,9 @@ Dynamic Architecture :id: feat_arc_dyn__persistency__delete_key :security: YES :safety: ASIL_B - :fulfils: feat_req__persistency__events + :fulfils: feat_req__persistency__support_datatype_keys,feat_req__persistency__support_datatype_value :status: valid + :belongs_to: feat__persistency .. uml:: _assets/kvs_dyn_delete_data_key.puml @@ -91,8 +111,9 @@ Dynamic Architecture :id: feat_arc_dyn__persistency__flush :security: YES :safety: ASIL_B - :fulfils: feat_req__persistency__persist_data,feat_req__persistency__persistency,feat_req__persistency__snapshots,feat_req__persistency__integrity_check,feat_req__persistency__snapshots + :fulfils: feat_req__persistency__store_data,feat_req__persistency__snapshot_create,feat_req__persistency__integrity_check,feat_req__persistency__snapshot_restore :status: valid + :belongs_to: feat__persistency .. uml:: _assets/kvs_dyn_flush_local_repr_to_file.puml @@ -102,6 +123,7 @@ Dynamic Architecture :safety: ASIL_B :fulfils: feat_req__persistency__support_datatype_keys,feat_req__persistency__support_datatype_value,feat_req__persistency__default_values,feat_req__persistency__default_value_get :status: valid + :belongs_to: feat__persistency .. uml:: _assets/kvs_dyn_read_data_key.puml @@ -109,8 +131,9 @@ Dynamic Architecture :id: feat_arc_dyn__persistency__read_from_storage :security: YES :safety: ASIL_B - :fulfils: feat_req__persistency__persist_data,feat_req__persistency__persistency,feat_req__persistency__integrity_check,feat_req__persistency__snapshots + :fulfils: feat_req__persistency__load_data,feat_req__persistency__integrity_check,feat_req__persistency__snapshot_restore :status: valid + :belongs_to: feat__persistency .. uml:: _assets/kvs_dyn_read_file_into_local_repr.puml @@ -120,6 +143,7 @@ Dynamic Architecture :safety: ASIL_B :fulfils: feat_req__persistency__support_datatype_keys,feat_req__persistency__support_datatype_value :status: valid + :belongs_to: feat__persistency .. uml:: _assets/kvs_dyn_write_data_key.puml @@ -127,8 +151,9 @@ Dynamic Architecture :id: feat_arc_dyn__persistency__snapshot_restore :security: YES :safety: ASIL_B - :fulfils: feat_req__persistency__snapshots,feat_req__persistency__persist_data,feat_req__persistency__persistency + :fulfils: feat_req__persistency__snapshot_restore,feat_req__persistency__store_data :status: valid + :belongs_to: feat__persistency .. uml:: _assets/kvs_dyn_restore_snapshot.puml @@ -144,3 +169,6 @@ Logical Interfaces :status: valid .. uml:: _assets/kvs_interface.puml + +.. needextend:: docname is not None and "persistency/kvs/architecture" in docname + :+tags: persistency diff --git a/docs/features/persistency/index.rst b/docs/features/persistency/index.rst index e76c5e30e10..36074b9e8f9 100644 --- a/docs/features/persistency/index.rst +++ b/docs/features/persistency/index.rst @@ -12,22 +12,43 @@ # SPDX-License-Identifier: Apache-2.0 # ******************************************************************************* -Persistency (v0.5 alpha) +Persistency (v0.5 beta) ######################## +.. document:: Persistency + :id: doc__persistency + :status: valid + :safety: ASIL_B + :security: NO + :realizes: wp__feat_request + :tags: feature_request, persistency + .. toctree:: - :maxdepth: 1 - :glob: - :titlesonly: + architecture/index.rst + architecture/chklst_arc_inspection.rst + requirements/index.rst + requirements/chklst_req_inspection.rst + safety_analysis/fmea.rst + safety_analysis/dfa.rst + safety_analysis/safety_analysis_fdr.rst + safety_planning/index.rst + security_planning/index.rst + security_analysis/stride.rst + + +Feature flag +============ + +To activate this feature, use the following feature flag: - */index +``persistency`` Abstract ======== Persistency is a critical feature that ensures the long-term storage and -retrieval of data within the S-CORE. It provides a reliable mechanism for +retrieval of data within S-CORE. It provides a reliable mechanism for preserving information, allowing the application to maintain its state and data integrity over time. This feature is essential for enabling the system to resume operations seamlessly, even in the event of unexpected shutdowns or @@ -35,3 +56,97 @@ system failures. By implementing robust persistence mechanisms, the application can guarantee the persistence of user-generated content, configuration settings, and other vital data, ensuring a consistent and reliable user experience. + +This feature request describes the key-value storage (KVS) that is needed by +applications to store either temporary or permanent data in an easy way that +conforms to most programming languages that provide a hash, hashmap, dictionary, +or similar data structure. Access to the KVS is possible from any supported +language through language-specific interfaces. + +In the scope of S-CORE, an application can range from a system service to an +end-user visible UI. The application uses the KVS as an external memory store +to read and persist data as needed. For example, an application that controls +the air conditioning system in a car could use the KVS to store the current +temperature setting. When the car is started again, the application can +retrieve the temperature setting from the persistent KVS storage, providing a +seamless user experience by restoring the previous state. + + +Motivation +========== + +The current solutions available mostly don't meet the specific needs of the +S-CORE project like storing specific datatypes without a BASE64 conversion or +having no rollback/replay feature. Also the integration into analysis tools is +simpler when the solution grows with the needs instead having to adapt existing +data structures through wrappers. Especially in the focus of security it will +be possible to build a system that integrates the layers from scratch and +provide them as API to any language whilst still using Rust as the backend. + +A main USP of the solution will be the integration of a tracing framework that +allows to understand how events also in the context of other events interact. + +A key-value storage is used within many applications to store e.g. +configuration data and is therefore seen crucial for the Eclipse S-CORE +platform. + + +Rationale +========= + +1. | Requirement 1: Multiple key-value storages per application + | Solution: Allow each application to have multiple key-value storages (KVS) to enable data separation and different levels of security. +2. | Requirement 2: Update mechanism for KVS versions + | Solution: Implement an update mechanism to ensure compatibility through updates and rollbacks of different KVS versions. +3. | Requirement 3: Language-agnostic KVS interface + | Solution: Design a flexible interface that allows the KVS to be read and written from multiple programming languages, including C++, Rust, and others. +4. | Requirement 4: Default values for KVS + | Solution: Configure the KVS to store default values for all keys, returning either the default value or an error if the key needs to be written first. +5. | Requirement 5: Simple data representation for KVS + | Solution: Utilize a simple data representation, such as JSON or Cap'n Proto, that supports versioned up- and downgrading and is easily debuggable by developers. +6. | Requirement 6: KVS integrity checking + | Solution: Ensure the KVS maintains a consistent state, providing either the currently stored data or the previous snapshot if data retrieval is not possible. + + +Backwards Compatibility +======================= + +The API for the specific language tries to represent the language specific +implementation like hashmaps or dictionaries to be mostly backwards compatible +to already existing key-value-storage usage cases. Access without a safe error +handling path, like the array-operator in Rust which can panic, must be +avoided. + + +Security Impact +=============== + +Access to the key-value-storage would allow a malicious user to control the +behavior of the device, so it must be secured to prevent unauthorized access. +To achieve this, debug access should only be provided when a debug firmware +image is installed. + + +Safety Impact +============= + +The expected ASIL level is ASIL-B. To reach this goal we will apply the S-CORE +development process. Key elements of it are listed in the process descriptions +of safety management and safety analysis. In the safety analysis we will +analyze the impact of the feature. + +:need:`doc__persistency_fmea` + +We use an iterative development process and apply results from the next steps +back to the feature request. + +To ensure the freedom of interference the feature key-value storage should not +be used within different processes. + + +License Impact +============== + +.. note:: + The key-value storage itself uses the Apache-2.0 license. Licenses of + used libraries are need to be checked. diff --git a/docs/features/persistency/kvs/index.rst b/docs/features/persistency/kvs/index.rst deleted file mode 100644 index 895c7392838..00000000000 --- a/docs/features/persistency/kvs/index.rst +++ /dev/null @@ -1,141 +0,0 @@ -.. - # ******************************************************************************* - # Copyright (c) 2025 Contributors to the Eclipse Foundation - # - # See the NOTICE file(s) distributed with this work for additional - # information regarding copyright ownership. - # - # This program and the accompanying materials are made available under the - # terms of the Apache License Version 2.0 which is available at - # https://www.apache.org/licenses/LICENSE-2.0 - # - # SPDX-License-Identifier: Apache-2.0 - # ******************************************************************************* - -Key-Value-Storage -################# - -.. document:: Persistency Key-Value-Storage - :id: doc__persistency_kvs - :status: valid - :safety: ASIL_B - :security: NO - :realizes: wp__feat_request - :tags: feature_request, persistency - -.. toctree:: - requirements/index.rst - architecture/index.rst - requirements/chklst_req_inspection.rst - safety_analysis/fmea.rst - safety_analysis/dfa.rst - safety_planning/index.rst - - - -Feature flag -============ - -To activate this feature, use the following feature flag: - -``persistency_kvs`` - - -Abstract -======== - -This feature request describes the key-value storage (KVS) that is needed by -applications to store either temporary or permanent data in an easy way that -conforms to most programming languages that provide a hash, hashmap, dictionary -or similar data structure. Access to the KVS is possible from any support -language through language specific interfaces. - -In the scope of S-CORE, an application can range from a system service to an -end-user visible UI. The application uses the KVS as an external memory store -to read and persist data as needed. For example, an application that controls -the air conditioning system in a car could use the KVS to store the current -temperature setting. When the car is started again, the application can -retrieve the temperature setting from the persistent KVS storage, providing a -seamless user experience by restoring the previous state. - - -Motivation -========== - -The current solutions available mostly don't meet the specific needs of the -S-CORE project like storing specific datatypes without a BASE64 conversation or -having no rollback/replay feature. Also the integration into analysis tools is -simpler when the solution grows with the needs instead having to adapt existing -data structures through wrapppers. Especially in the focus of security it will -be possible to build a system that integrates the layers from scratch and -provide them as API to any language whilst still using Rust as the backend. - -A main USP of the solution will be the integration of a tracing framework that -allows to understand how events also in the context of other events interact. - -A key-value storage is used within many applications to store e.g. -configuration data and is therefore seen crucial for the Eclipse S-CORE -platform. - - -Rationale -========= - -1. | Requirement 1: Multiple key-value storages per application - | Solution: Allow each application to have multiple key-value storages (KVS) to enable data separation and different levels of security. -2. | Requirement 2: Update mechanism for KVS versions - | Solution: Implement an update mechanism to ensure compatibility through updates and rollbacks of different KVS versions. -3. | Requirement 3: Language-agnostic KVS interface - | Solution: Design a flexible interface that allows the KVS to be read and written from multiple programming languages, including C++, Rust, and others. -4. | Requirement 4: Default values for KVS - | Solution: Configure the KVS to store default values for all keys, returning either the default value or an error if the key needs to be written first. -5. | Requirement 5: Simple data representation for KVS - | Solution: Utilize a simple data representation, such as JSON or Cap'n Proto, that supports versioned up- and downgrading and is easily debuggable by developers. -6. | Requirement 6: KVS integrity checking - | Solution: Ensure the KVS maintains a consistent state, providing either the currently stored data or the previous snapshot if data retrieval is not possible. - -Backwards Compatibility -======================= - -The API for the specific language tries to represent the language specific -implementation like hashmaps or dictionaries to be mostly backwards compatible -to already existing key-value-storage usage cases. Access without a safe error -handling path, like the array-operator in Rust which can panic, must be -avoided. - - -Security Impact -=============== - -Access to the key-value-storage would allow a malicious user to control the -behaviour of the device, so it must be secured to prevent unauthorized access. -To achieve this, debug access should only be provided when a debug firmware -image is installed. - - -Safety Impact -============= - -The expected ASIL level is ASIL-B. To reach this goal we will apply the S-CORE -development process. Key elements of it are listed in the process descriptions -of safety management and safety analysis. In the safety analysis we will -analyze the impact of the feature. - -:need:`doc__persistency_fmea` - -We use an iterative development process and apply results from the next steps -back to the feature request. For TinyJSON we will perform a software component -classification. - -:need:`doc__persistency_component_classification` - -To ensure the freedom of interference the feature key-value storage should not -be used within different processes. - - -License Impact -============== - - .. note:: - The key-value storage itself uses the Apache-2.0 license. Licenses of - used libraries are need to be checked. diff --git a/docs/features/persistency/kvs/requirements/index.rst b/docs/features/persistency/kvs/requirements/index.rst deleted file mode 100644 index 8c61b8edabc..00000000000 --- a/docs/features/persistency/kvs/requirements/index.rst +++ /dev/null @@ -1,340 +0,0 @@ -.. - # ******************************************************************************* - # Copyright (c) 2025 Contributors to the Eclipse Foundation - # - # See the NOTICE file(s) distributed with this work for additional - # information regarding copyright ownership. - # - # This program and the accompanying materials are made available under the - # terms of the Apache License Version 2.0 which is available at - # https://www.apache.org/licenses/LICENSE-2.0 - # - # SPDX-License-Identifier: Apache-2.0 - # ******************************************************************************* - - -.. _feature_requirements_PersistencyKvs: - -Requirements -############ - -.. document:: Persistency KVS Feature Requirements - :id: doc__persistency_requirements - :status: valid - :safety: ASIL_B - :security: NO - :realizes: wp__requirements_feat - :tags: persistency - -.. feat_req:: C++ & Rust Interoperability - :id: feat_req__persistency__cpp_rust_interop - :reqtype: Non-Functional - :security: NO - :safety: QM - :satisfies: stkh_req__dev_experience__prog_languages - :status: valid - - The Key-Value-Storage shall provide access through both C++ and Rust - interfaces. - -.. feat_req:: Maximum Size - :id: feat_req__persistency__maximum_size - :reqtype: Functional - :security: NO - :safety: ASIL_B - :satisfies: stkh_req__functiona_req__support_of_store - :status: valid - - The Key-Value-Storage shall support specification of its maximum size at - compile time. - -.. feat_req:: Multiple KVS per Software Architecture Element - :id: feat_req__persistency__multiple_kvs - :reqtype: Functional - :security: NO - :safety: ASIL_B - :satisfies: stkh_req__functiona_req__support_of_store - :status: valid - - The Key-Value-Storage shall allow instantiating multiple independent stores - per software architecture element. - -.. feat_req:: Supported Datatypes (Keys) - :id: feat_req__persistency__support_datatype_keys - :reqtype: Functional - :security: NO - :safety: ASIL_B - :satisfies: stkh_req__functiona_req__support_of_store - :status: valid - - The Key-Value-Storage shall support UTF-8 encoded strings as valid key - types. - -.. feat_req:: Supported Datatypes (Values) - :id: feat_req__persistency__support_datatype_value - :reqtype: Functional - :security: NO - :safety: ASIL_B - :satisfies: stkh_req__functiona_req__support_of_store - :status: valid - :tags: persistency - - The Key-Value-Storage shall support storing both primitive and non-primitive - datatypes as values. The supported datatypes shall match those used by the - IPC feature. - -.. feat_req:: Default Values - :id: feat_req__persistency__default_values - :reqtype: Functional - :security: NO - :safety: ASIL_B - :satisfies: stkh_req__functiona_req__support_of_store - :status: valid - - The Key-Value-Storage shall support predefined default values for keys. - -.. feat_req:: Default Value Retrieval - :id: feat_req__persistency__default_value_get - :reqtype: Functional - :security: NO - :safety: ASIL_B - :satisfies: stkh_req__functiona_req__support_of_store - :status: valid - - The Key-Value-Storage shall support retrieving the default value associated - with a key. - -.. feat_req:: Default Value Reset - :id: feat_req__persistency__default_value_reset - :reqtype: Functional - :security: NO - :safety: ASIL_B - :satisfies: stkh_req__functiona_req__support_of_store - :status: valid - - The Key-Value-Storage shall support resetting a single key or all keys to - their respective default values. - -.. feat_req:: Persistency - :id: feat_req__persistency__persistency - :reqtype: Functional - :security: NO - :safety: ASIL_B - :satisfies: stkh_req__functiona_req__support_of_store - :status: valid - - The Key-Value-Storage shall persist stored data and provide an API to - explicitly trigger persistence. - -.. feat_req:: Integrity Check - :id: feat_req__persistency__integrity_check - :reqtype: Functional - :security: NO - :safety: ASIL_B - :satisfies: stkh_req__functiona_req__support_of_store - :status: valid - - The Key-Value-Storage shall detect and report data corruption. - Note: Implementation depends on AoUs. - -.. feat_req:: Versioning - :id: feat_req__persistency__versioning - :reqtype: Functional - :security: NO - :safety: ASIL_B - :satisfies: stkh_req__functiona_req__support_of_store - :status: valid - - The Key-Value-Storage shall support versioning for different layout - configurations. - -.. feat_req:: Update Mechanism - :id: feat_req__persistency__update_mechanism - :reqtype: Functional - :security: NO - :safety: ASIL_B - :satisfies: stkh_req__functiona_req__support_of_store - :status: valid - - The Key-Value-Storage shall implement mechanisms to upgrade from one version - to another, including multi-version jumps. - -.. feat_req:: Snapshots - :id: feat_req__persistency__snapshots - :reqtype: Functional - :security: NO - :safety: ASIL_B - :satisfies: stkh_req__functiona_req__support_of_store - :status: valid - - The Key-Value-Storage shall support explicit creation of snapshots - identified by unique IDs and allow rollback to previous snapshots. Snapshots - shall also be deletable. - -.. feat_req:: Tooling - :id: feat_req__persistency__tooling - :reqtype: Non-Functional - :security: NO - :safety: ASIL_B - :satisfies: stkh_req__functiona_req__support_of_store - :status: valid - - The Key-Value-Storage shall provide tooling support for viewing and - modifying key-value pairs during development and debugging. - -.. feat_req:: Variant management support - :id: feat_req__persistency__variant_management - :reqtype: Non-Functional - :security: NO - :safety: QM - :satisfies: stkh_req__overall_goals__variant_management - :status: valid - - The Key-Value-Storage shall ensure compatibility across different - architectures and versions. - -.. feat_req:: Set default key values via file - :id: feat_req__persistency__default_value_file - :reqtype: Functional - :security: NO - :safety: ASIL_B - :satisfies: stkh_req__functional_req__file_based - :status: valid - - The Key-Value-Storage shall support the configuration of default key values - using an external file. - -.. feat_req:: Configure limits via file - :id: feat_req__persistency__config_file - :reqtype: Functional - :security: NO - :safety: ASIL_B - :satisfies: stkh_req__functional_req__file_based - :status: valid - - The Key-Value-Storage shall support the configuration of memory and other - resource limits via a configuration file. - -.. feat_req:: Store persistent data - :id: feat_req__persistency__persist_data - :reqtype: Functional - :security: NO - :safety: ASIL_B - :satisfies: stkh_req__functional_req__data_persistency - :status: valid - - The Key-Value-Storage shall support storing and loading its data to and from - persistent storage. - -.. feat_req:: Support engineering mode - :id: feat_req__persistency__eng_mode - :reqtype: Functional - :security: NO - :safety: ASIL_B - :satisfies: stkh_req__dependability__safety_features - :status: valid - - The Key-Value-Storage shall an engineering (developer) mode. - The engineering mode shall allow unrestricted data access. - -.. feat_req:: Support field mode - :id: feat_req__persistency__field_mode - :reqtype: Functional - :security: NO - :safety: ASIL_B - :satisfies: stkh_req__dependability__safety_features - :status: valid - - The Key-Value-Storage shall a field mode. - The field mode should enforce the most restrictive data access controls feasible. - -.. feat_req:: Provide an async API - :id: feat_req__persistency__async_api - :reqtype: Functional - :security: NO - :safety: ASIL_B - :satisfies: stkh_req__dependability__availability, stkh_req__app_architectures__support_request - :status: valid - - The Key-Value-Storage shall provide an asynchronous API for accessing and - manipulating data. - -.. feat_req:: Separate data stores - :id: feat_req__persistency__access_control - :reqtype: Functional - :security: NO - :safety: ASIL_B - :satisfies: stkh_req__dependability__security_features - :status: valid - - The Key-Value-Storage shall ensure that only authorized components can - access individual data stores. - -.. feat_req:: Data-change events - :id: feat_req__persistency__events - :reqtype: Functional - :security: NO - :safety: ASIL_B - :satisfies: stkh_req__app_architectures__support_data - :status: valid - - The Key-Value-Storage shall provide an API that allows for the registration - of callback functions. These callbacks shall be invoked in response to - specific events, such as when keys are changed or removed. - -.. feat_req:: Fast access - :id: feat_req__persistency__fast_access - :reqtype: Non-Functional - :security: NO - :safety: QM - :satisfies: stkh_req__execution_model__short_app_cycles - :status: valid - - The Key-Value-Storage shall ensure that key operations are completed within - 5 milliseconds. - -.. feat_req:: Intra-Process Data Access - :id: feat_req__persistency__intra_process_comm - :reqtype: Functional - :security: NO - :safety: ASIL_B - :satisfies: stkh_req__communication__intra_process - :status: valid - - The Key-Value-Storage shall support concurrent intra-process data access. - -.. needextend:: docname is not None and "persistency/kvs/requirements" in docname - :+tags: persistency - -AoU Requirements -################ - -.. aou_req:: Persistency Error handling - :id: aou_req__persistency__error_handling - :reqtype: Functional - :security: NO - :safety: ASIL_B - :status: valid - :tags: environment - - The application shall handle if the feature persistency is not available. - -.. aou_req:: Application deadlock - :id: aou_req__persistency__appl_design - :reqtype: Functional - :security: NO - :safety: ASIL_B - :status: valid - :tags: environment - - The application shall be designed in a way that deadlocks are avoided. - -.. aou_req:: Application execution - :id: aou_req__persistency__appl_exec - :reqtype: Functional - :security: NO - :safety: ASIL_B - :status: valid - :tags: environment - - The execution of persistency shall not be blocked by the application. diff --git a/docs/features/persistency/kvs/requirements/chklst_req_inspection.rst b/docs/features/persistency/requirements/chklst_req_inspection.rst similarity index 83% rename from docs/features/persistency/kvs/requirements/chklst_req_inspection.rst rename to docs/features/persistency/requirements/chklst_req_inspection.rst index 86c883933a9..3500eac586e 100644 --- a/docs/features/persistency/kvs/requirements/chklst_req_inspection.rst +++ b/docs/features/persistency/requirements/chklst_req_inspection.rst @@ -12,11 +12,11 @@ # SPDX-License-Identifier: Apache-2.0 # ******************************************************************************* -Requirement Inspection Checklist Persistency KVS -================================================ +Persistency Requirements Inspection Checklist +############################################# -.. document:: Requirements Inspection Checklist Persistency KVS - :id: doc__req_inspection_persistency +.. document:: Persistency Requirements Inspection Checklist + :id: doc__feature_persistency_requirements_chklst :status: valid :safety: ASIL_B :security: NO @@ -24,11 +24,12 @@ Requirement Inspection Checklist Persistency KVS :realizes: wp__requirements_inspect **Purpose** + The purpose of this requirement inspection checklist is to collect the topics to be checked during requirements inspection. **Checklist** -.. list-table:: Requirement Inspection Checklist Persistency KVS +.. list-table:: Persistency Requirements Inspection Checklist :header-rows: 1 :widths: 10,30,50,6,6,8 @@ -122,3 +123,31 @@ The purpose of this requirement inspection checklist is to collect the topics to - Yes - No remarks - https://github.com/eclipse-score/score/issues/960 + * - REQ_09_01 + - Do the feature requirements defining a safety mechanism contain the error reaction leading to a safe state? + - Alternatively to the safe state there could also be "repair" mechanisms. Also do not forget to consider REQ_05_01 for these. + - + - + - + +The following requirements in "valid" state and with "inspected" tag set are in the scope of this inspection: + +.. needtable:: + :filter: "feature_name" in docname and "requirements" in docname and docname is not None and status == "valid" + :style: table + :types: feat_req + :tags: persistency + :columns: id;status;tags + :colwidths: 25,25,25 + :sort: title + +And also the following AoUs in "valid" state and with "inspected" tag set (for these please answer the questions above as if the AoUs are requirements, except questions REQ_03_01 and REQ_03_02): + +.. needtable:: + :filter: "feature_name" in docname and "requirements" in docname and docname is not None and status == "valid" + :style: table + :types: aou_req + :tags: persistency + :columns: id;status;tags + :colwidths: 25,25,25 + :sort: title diff --git a/docs/features/persistency/requirements/index.rst b/docs/features/persistency/requirements/index.rst new file mode 100644 index 00000000000..a60974d0420 --- /dev/null +++ b/docs/features/persistency/requirements/index.rst @@ -0,0 +1,516 @@ +.. + # ******************************************************************************* + # Copyright (c) 2025 Contributors to the Eclipse Foundation + # + # See the NOTICE file(s) distributed with this work for additional + # information regarding copyright ownership. + # + # This program and the accompanying materials are made available under the + # terms of the Apache License Version 2.0 which is available at + # https://www.apache.org/licenses/LICENSE-2.0 + # + # SPDX-License-Identifier: Apache-2.0 + # ******************************************************************************* + +.. _feature_persistency_requirements: + +Requirements +############ + +.. document:: Persistency Requirements + :id: doc__feature_persistency_requirements + :status: valid + :safety: ASIL_B + :security: YES + :realizes: wp__feat_request + :tags: persistency + +.. feat_req:: C++ and Rust language support + :id: feat_req__persistency__cpp_rust + :reqtype: Non-Functional + :security: NO + :safety: QM + :satisfies: stkh_req__dev_experience__prog_languages + :status: valid + + The Persistency shall provide native API support for both C++ and Rust programming languages. + +.. feat_req:: Operating system agnostic implementation + :id: feat_req__persistency__os_agnostic + :reqtype: Non-Functional + :security: NO + :safety: QM + :satisfies: stkh_req__functional_req__operating_system + :status: valid + + The Persistency shall be operating system agnostic. + +.. feat_req:: Variant management support + :id: feat_req__persistency__variant_management + :reqtype: Non-Functional + :security: NO + :safety: QM + :satisfies: stkh_req__overall_goals__variant_management + :status: valid + + The Persistency shall ensure compatibility across different SW versions. + +.. feat_req:: Dynamic memory allocation during runtime + :id: feat_req__persistency__dynamic_memory_alloc + :reqtype: Non-Functional + :security: NO + :safety: ASIL_B + :satisfies: stkh_req__functional_req__support_of_store + :status: valid + + The Persistency shall not allocate dynamic memory during runtime. All required dynamic memory shall be allocated during initialization. + + .. note:: + + Dynamic memory allocation violates freedom from interference as the `HEAP` is a shared resource on OS process level. + Additionally, fragmentation of the `HEAP` can lead to non-deterministic behavior of the application. + +.. feat_req:: Multiple KVS per application + :id: feat_req__persistency__multiple_kvs + :reqtype: Functional + :security: NO + :safety: QM + :satisfies: stkh_req__functional_req__data_persistency + :status: valid + + The Persistency shall support multiple independent storages per application. + +.. feat_req:: Access from multiple applications + :id: feat_req__persistency__multiple_app + :reqtype: Functional + :security: NO + :safety: ASIL_B + :satisfies: stkh_req__functional_req__support_of_store + :status: valid + + The Persistency shall prevent access to a single KVS instance from multiple OS processes. + + .. note:: + Access from multiple OS processes violates freedom from interference, as applications can modify the same data concurrently. + +.. feat_req:: Separate data stores + :id: feat_req__persistency__access_control + :reqtype: Functional + :security: YES + :safety: ASIL_B + :satisfies: stkh_req__dependability__security_features + :status: valid + + The Persistency shall ensure that only authorized applications can access individual data stores. + + .. note:: + Access control is essential to prevent unauthorized access and modification of sensitive data. + The Persistency shall implement mechanisms to enforce access control policies based on user roles and permissions. + +.. feat_req:: Configuration + :id: feat_req__persistency__cfg + :reqtype: Functional + :security: YES + :safety: ASIL_B + :satisfies: stkh_req__functional_req__file_based + :status: valid + :tags: config + + The Persistency shall support configuration via a configuration file. + The configuration shall include: + + - Global settings: + - Maximum number of KVS instances + - Maximum size of a key + + - Settings for KVS instance: + - Instance identifier + - Storage URI + - Maximum number of Key-Value pairs + - Maximum number of snapshots + - Maximum consumed storage size (Including all metadata and redundant data) + - Security settings + - Redundancy settings + - Backend specific settings + + Configuration file shall be optional and all configuration attributes shall have sensible default values defined at compile time. + + .. note:: + To improve the user experience during rapid prototyping, the Persistency shall also be able to operate without a configuration file. + +.. feat_req:: Supported datatypes (Keys) + :id: feat_req__persistency__support_datatype_keys + :reqtype: Functional + :security: NO + :safety: ASIL_B + :satisfies: stkh_req__functional_req__support_of_store + :status: valid + + The Persistency shall support UTF-8 encoded strings as valid key types. + +.. feat_req:: Supported datatypes (Values) + :id: feat_req__persistency__support_datatype_value + :reqtype: Functional + :security: NO + :safety: ASIL_B + :satisfies: stkh_req__functional_req__support_of_store + :status: valid + :tags: persistency + + The Persistency shall support storing both primitive and non-primitive (composite) datatypes as values. + +.. feat_req:: Default values + :id: feat_req__persistency__default_values + :reqtype: Functional + :security: NO + :safety: ASIL_B + :satisfies: stkh_req__functional_req__support_of_store + :status: valid + + The Persistency shall support predefined default values for keys. + +.. feat_req:: Provisioning of default values via external file + :id: feat_req__persistency__default_value_file + :reqtype: Functional + :security: NO + :safety: ASIL_B + :satisfies: stkh_req__functional_req__file_based + :status: valid + + The Persistency shall support import of default values using an external file. + + .. note:: + Default values are read-only and cannot be modified at runtime. This requirement addresses the provisioning of default values + during initial deployment. See :need:`feat_req__persistency__tooling`. + +.. feat_req:: Retrieval of default values + :id: feat_req__persistency__default_value_get + :reqtype: Functional + :security: NO + :safety: ASIL_B + :satisfies: stkh_req__functional_req__support_of_store + :status: valid + + The Persistency shall support retrieval of the default value associated with a key. + +.. feat_req:: Reset to default values + :id: feat_req__persistency__reset_to_default + :reqtype: Functional + :security: NO + :safety: ASIL_B + :satisfies: stkh_req__functional_req__support_of_store + :status: valid + + The Persistency shall support reset of individual key or all keys to their default values. + This is only applicable for existing keys that have a predefined default value. + +.. feat_req:: Store persistent data + :id: feat_req__persistency__store_data + :reqtype: Functional + :security: NO + :safety: ASIL_B + :satisfies: stkh_req__functional_req__data_persistency + :status: valid + + The Persistency shall support storing of key-value pairs to persistent storage. + +.. feat_req:: Reset resistant storage + :id: feat_req__persistency__reset_resistant + :reqtype: Functional + :security: YES + :safety: ASIL_B + :satisfies: stkh_req__functional_req__support_of_store + :status: valid + + The Persistency shall ensure that write operations are reset resistant to prevent data corruption in case of expected or unexpected interruption. + + .. note:: + As the constant power supply can not be guaranteed in embedded systems, it is essential to ensure that write operations are completed + successfully, or rolled back to the previous state in case of any kind of interruption. + +.. feat_req:: Recovery from reset + :id: feat_req__persistency__recovery_from_reset + :reqtype: Functional + :security: NO + :safety: ASIL_B + :satisfies: stkh_req__functional_req__support_of_store + :status: valid + + The Persistency shall recover to a consistent state after reset. + + .. note:: + After a reset, the Persistency shall ensure that all key-value pairs are in a consistent state, reflecting either the last successful write operation or the previous consistent state. + +.. feat_req:: Atomic store operation + :id: feat_req__persistency__atomic_store + :reqtype: Functional + :security: NO + :safety: ASIL_B + :satisfies: stkh_req__functional_req__support_of_store + :status: valid + + The Persistency shall support atomic write operation for entire storage to ensure data consistency. + + .. note:: + + Atomic write operation guarantee that either all key-value pairs are written, or no changes are made at all. + This is required to prevent malfunctions when individual key-value pairs are dependent on each other. + +.. feat_req:: Write amplification minimization + :id: feat_req__persistency__write_amplification + :reqtype: Non-Functional + :security: NO + :safety: ASIL_B + :satisfies: stkh_req__app_architectures__support_data + :status: valid + + The Persistency shall minimize the write amplification during data storage operations to enhance performance and prolong the lifespan of the underlying storage medium. + + .. note:: + Write amplification refers to the phenomenon where the amount of data written to the storage medium exceeds the amount of user data intended to be written. + Minimizing write amplification is crucial for optimizing performance and reducing wear on storage devices, especially in embedded systems with limited number of program-erase cycles. + +.. feat_req:: Load persistent data + :id: feat_req__persistency__load_data + :reqtype: Functional + :security: NO + :safety: ASIL_B + :satisfies: stkh_req__functional_req__data_persistency + :status: valid + + The Persistency shall support loading of key-value pairs from persistent storage. + +.. feat_req:: Cached access + :id: feat_req__persistency__cached_access + :reqtype: Functional + :security: NO + :safety: ASIL_B + :satisfies: stkh_req__functional_req__support_of_store + :status: valid + + The Persistency shall support caching mechanisms to improve access times for frequently accessed key-value pairs. + +.. feat_req:: Direct access + :id: feat_req__persistency__direct_access + :reqtype: Functional + :security: NO + :safety: ASIL_B + :satisfies: stkh_req__dependability__availability + :status: valid + + The Persistency shall support direct access to key-value pairs without the necessity to load the entire storage to RAM in advance. + + .. note:: + Direct access improves availability of data and reduces memory consumption for large data sets. + +.. feat_req:: Integrity check + :id: feat_req__persistency__integrity_check + :reqtype: Functional + :security: NO + :safety: ASIL_B + :satisfies: stkh_req__functional_req__support_of_store + :status: valid + + The Persistency shall detect and report data integrity issues. + +.. feat_req:: Confidential storage + :id: feat_req__persistency__confidential_storage + :reqtype: Functional + :security: YES + :safety: QM + :satisfies: stkh_req__functional_req__data_persistency + :status: valid + + The Persistency shall support confidential storage of key-value pairs using encryption mechanisms. + + .. note:: + Confidential storage is essential to protect sensitive data from unauthorized access, especially in scenarios where the storage medium may be exposed to potential threats. + +.. feat_req:: Multiple storage backends + :id: feat_req__persistency__storage_backends + :reqtype: Functional + :security: NO + :safety: ASIL_B + :satisfies: stkh_req__functional_req__support_of_store + :status: valid + + The Persistency shall support multiple storage backends. + More than one storage backend of the same type shall be optionally supported for the sake of redundancy. + The storage backends shall be compile time configurable for each KVS instance. + + .. note:: + Storage backend represents an abstraction for the underlying storage format and mechanism. + Configurable storage backends allow the user to select the most suitable solution for their specific use case (Performance, easy of use, resource consumption, ...). + +.. feat_req:: Asynchronous operation + :id: feat_req__persistency__async_api + :reqtype: Functional + :security: NO + :safety: ASIL_B + :satisfies: stkh_req__dependability__availability, stkh_req__app_architectures__support_request + :status: valid + + The Persistency shall provide an asynchronous API for time consuming operations like loading and storing of data. + +.. feat_req:: Signalling completion of asynchronous operation + :id: feat_req__persistency__async_completion + :reqtype: Functional + :security: NO + :safety: ASIL_B + :satisfies: stkh_req__app_architectures__support_data + :status: valid + + The Persistency shall provide a mechanism to signal the completion of an asynchronous operations to the application. + +.. feat_req:: Snapshot create + :id: feat_req__persistency__snapshot_create + :reqtype: Functional + :security: NO + :safety: ASIL_B + :satisfies: stkh_req__functional_req__support_of_store + :status: valid + + The Persistency shall support explicit creation of snapshots. Snapshots are identified by unique IDs. + Snapshots shall also include the version of the data layout. See :need:`feat_req__persistency__versioning`. + + .. note:: + Snapshots are point-in-time, read-only view on all key-value pairs at moment of snapshot creation. They are typically used for backup and rollback purposes. + Implicit snapshots (e.g. created during store operation) shall be prevented to reduce storage consumption. + +.. feat_req:: Snapshot restore + :id: feat_req__persistency__snapshot_restore + :reqtype: Functional + :security: NO + :safety: ASIL_B + :satisfies: stkh_req__functional_req__support_of_store + :status: valid + + The Persistency shall support explicit restoration of snapshots. + +.. feat_req:: Snapshot remove + :id: feat_req__persistency__snapshot_remove + :reqtype: Functional + :security: NO + :safety: ASIL_B + :satisfies: stkh_req__functional_req__support_of_store + :status: valid + + The Persistency shall support explicit removal of snapshots. + +.. feat_req:: Intra-Process data access + :id: feat_req__persistency__concurrency + :reqtype: Functional + :security: NO + :safety: ASIL_B + :satisfies: stkh_req__communication__intra_process + :status: valid + + The Persistency shall support concurrent access to key-value pairs from multiple threads within the same process. + +.. feat_req:: Versioning + :id: feat_req__persistency__versioning + :reqtype: Functional + :security: NO + :safety: ASIL_B + :satisfies: stkh_req__functional_req__support_of_store + :status: valid + + The Persistency shall support versioning for different data representation of KVS. + + .. note:: + Versioning is essential to ensure compatibility between different versions of the Persistency and the stored data. + Each version shall be uniquely identifiable and include information of the data layout and structure. + +.. feat_req:: Update Mechanism + :id: feat_req__persistency__update_mechanism + :reqtype: Functional + :security: NO + :safety: ASIL_B + :satisfies: stkh_req__overall_goals__variant_management + :status: valid + + The Persistency shall implement mechanisms to upgrade from one version to another, including multi-version jumps. + +.. feat_req:: Random access time + :id: feat_req__persistency__fast_access + :reqtype: Non-Functional + :security: NO + :safety: QM + :satisfies: stkh_req__execution_model__short_app_cycles + :status: valid + + The Persistency shall ensure that random read access for key-value pair is completed with constant or logarithmic time complexity relative to the number of stored key-value pairs. + +.. feat_req:: Tooling + :id: feat_req__persistency__tooling + :reqtype: Non-Functional + :security: NO + :safety: ASIL_B + :satisfies: stkh_req__functional_req__support_of_store + :status: valid + + The Persistency shall provide tooling support for: + + - viewing and modifying key-value pairs during development, testing and debugging + - provisioning of default values via external file + +.. feat_req:: Support development mode + :id: feat_req__persistency__dev_mode + :reqtype: Functional + :security: YES + :safety: ASIL_B + :satisfies: stkh_req__dependability__safety_features + :status: valid + + The Persistency shall support the development mode. + The development mode shall allow unrestricted data access and bypass security policies. + +.. feat_req:: Support production mode + :id: feat_req__persistency__prod_mode + :reqtype: Functional + :security: YES + :safety: ASIL_B + :satisfies: stkh_req__dependability__safety_features + :status: valid + + The Persistency shall support the production mode. + The production mode should enforce the most restrictive data access controls feasible. + +.. needextend:: docname is not None and "persistency/requirements" in docname + :+tags: persistency + + +.. _feature_persistency_requirements_aou: + +AoU Requirements +################ + +.. aou_req:: Persistency Error handling + :id: aou_req__persistency__error_handling + :reqtype: Functional + :security: NO + :safety: ASIL_B + :status: valid + :tags: environment + + The application shall handle if the feature persistency is not available. + +.. aou_req:: Application deadlock + :id: aou_req__persistency__appl_design + :reqtype: Functional + :security: NO + :safety: ASIL_B + :status: valid + :tags: environment + + The application shall be designed in a way that deadlocks are avoided. + +.. aou_req:: Application execution + :id: aou_req__persistency__appl_exec + :reqtype: Functional + :security: NO + :safety: ASIL_B + :status: valid + :tags: environment + + The execution of persistency shall not be blocked by the application. diff --git a/docs/features/persistency/kvs/safety_analysis/dfa.rst b/docs/features/persistency/safety_analysis/dfa.rst similarity index 98% rename from docs/features/persistency/kvs/safety_analysis/dfa.rst rename to docs/features/persistency/safety_analysis/dfa.rst index 85cf942fa8f..d12e39acf52 100644 --- a/docs/features/persistency/kvs/safety_analysis/dfa.rst +++ b/docs/features/persistency/safety_analysis/dfa.rst @@ -12,10 +12,10 @@ # SPDX-License-Identifier: Apache-2.0 # ******************************************************************************* -Persistency DFA -############### +DFA (Dependent Failure Analysis) +################################ -.. document:: DFA +.. document:: Persistency DFA :id: doc__persistency_dfa :status: valid :safety: ASIL_B diff --git a/docs/features/persistency/kvs/safety_analysis/fmea.rst b/docs/features/persistency/safety_analysis/fmea.rst similarity index 98% rename from docs/features/persistency/kvs/safety_analysis/fmea.rst rename to docs/features/persistency/safety_analysis/fmea.rst index f74923a411c..98fae6189ed 100644 --- a/docs/features/persistency/kvs/safety_analysis/fmea.rst +++ b/docs/features/persistency/safety_analysis/fmea.rst @@ -12,10 +12,10 @@ # SPDX-License-Identifier: Apache-2.0 # ******************************************************************************* -Persistency FMEA -################ +FMEA (Failure Modes and Effects Analysis) +######################################### -.. document:: FMEA +.. document:: Persistency FMEA :id: doc__persistency_fmea :status: valid :safety: ASIL_B diff --git a/docs/features/persistency/safety_analysis/safety_analysis_fdr.rst b/docs/features/persistency/safety_analysis/safety_analysis_fdr.rst new file mode 100644 index 00000000000..a56b53f356a --- /dev/null +++ b/docs/features/persistency/safety_analysis/safety_analysis_fdr.rst @@ -0,0 +1,83 @@ +.. + # ******************************************************************************* + # Copyright (c) 2025 Contributors to the Eclipse Foundation + # + # See the NOTICE file(s) distributed with this work for additional + # information regarding copyright ownership. + # + # This program and the accompanying materials are made available under the + # terms of the Apache License Version 2.0 which is available at + # https://www.apache.org/licenses/LICENSE-2.0 + # + # SPDX-License-Identifier: Apache-2.0 + # ******************************************************************************* + + +Safety Analysis Checklist +========================= + +.. document:: Persistency Safety Analysis Checklist + :id: doc__persistency_safety_analysis_fdr + :status: valid + :safety: ASIL_B + :security: YES + :realizes: wp__fdr_reports + :tags: persistency + +**Purpose** +The purpose of this Safety Analysis (DFA and FMEA) checklist template is to collect the topics to be checked during verification of the Safety Analysis. + +**Checklist** + +.. list-table:: Safety Analysis Checklist + :header-rows: 1 + :widths: 10,30,30,15,8,8 + + * - Review ID + - Acceptance Criteria + - Guidance + - Passed + - Remarks + - Issue link + * - REQ_01_01 + - Is / are the attribute sufficient set correctly? + - The mitigations shall have a direct influence ont the violation by prevention, detection or mitigation to reduce the risk to an acceptable level. + - The mitigations are sufficient. + - yes + - + * - REQ_01_02 + - Are the templates for DFA and/or FMEA used? + - See :need:`gd_temp__plat_saf_dfa` / :need:`gd_temp__feat_saf_dfa` / :need:`gd_temp__comp_saf_dfa` and also :need:`gd_temp__feat_saf_fmea` / :need:`gd_temp__comp_saf_fmea` + - Templates are used to generate the DFA or / and FMEA. + - yes + - + * - REQ_01_03 + - Were the failure initiators / fault models applied? + - See :need:`gd_guidl__dfa_failure_initiators` / :need:`gd_guidl__fault_models` + - The applicable items of the failure initiators / fault models are used to ensure a structured analysis. For all not applicable items an argument shall be given in the content of the document. + - yes + - + * - REQ_01_04 + - Are the failure effects clearly and completely described? + - Use the generic failure effect descriptions and enlarge the description if it's applicable to the considered element. + - The effects of the failure is described completely. The effect can be recognized easily. + - yes + - + * - REQ_01_06 + - Is the attribute "mitigated by" linked correct? + - Check if the correct failure effect is linked via "mitigated by". + - The "mitigated by" link is correct. + - yes + - + * - REQ_01_07 + - Is the sufficiency of the "mitigated by" (prevention, detection or mitigation) described or can it be recognized easily? + - The sufficiency of the "mitigated by" is described in the content of the document. It can be recognized easily. + - The "mitigated by" shows clearly that a fault / failure can be mitigated by the linked requirement by prevention, detection or mitigation. It shall be described in the contend. + - yes + - + * - REQ_01_08 + - Is the overall result of the Safety Analysis described in the report? + - It shall be shown in the report if the Safety Analysis are finished and if all artifacts are "valid" and "sufficient". + - The results of the Safety Analysis are described in the report. The report is available :need:`wp__verification_platform_ver_report`. + - no + - Platform verification report is missing diff --git a/docs/features/persistency/kvs/safety_planning/index.rst b/docs/features/persistency/safety_planning/index.rst similarity index 68% rename from docs/features/persistency/kvs/safety_planning/index.rst rename to docs/features/persistency/safety_planning/index.rst index bdd62e7e1fa..10b40d507df 100644 --- a/docs/features/persistency/kvs/safety_planning/index.rst +++ b/docs/features/persistency/safety_planning/index.rst @@ -12,10 +12,10 @@ # SPDX-License-Identifier: Apache-2.0 # ******************************************************************************* -Feature Safety Planning -======================= +Feature Safety Work Products List +################################# -.. document:: Persistency KVS Safety WPs +.. document:: Persistency Safety WPs :id: doc__persistency_safety_wp :status: valid :safety: ASIL_B @@ -24,79 +24,84 @@ Feature Safety Planning :tags: persistency -.. list-table:: Feature persistency Workproducts +Tailoring +========= + +Additional to the tailoring in the SW platform project as defined in the project's :need:`wp__platform_safety_plan` we define here the additional tailoring on feature level. + +- Excluded for this feature are additionally the following work products (and their related requirements): + + - no tailoring is used for the feature + +Safety Work products List +========================= + +.. list-table:: Feature persistency Work products :header-rows: 1 * - Workproduct Id - Link to process - Process status - - Link to issue - Link to WP - - WP status * - :need:`wp__feat_request` - :need:`gd_temp__change_feature_request` - :ndf:`copy('status', need_id='gd_temp__change_feature_request')` - - https://github.com/eclipse-score/score/issues/760 - - :need:`doc__persistency_kvs` - - :ndf:`copy('status', need_id='doc__persistency_kvs')` + - :need:`doc__persistency` * - :need:`wp__requirements_feat` - :need:`gd_temp__req_feat_req` - :ndf:`copy('status', need_id='gd_temp__req_feat_req')` - - https://github.com/eclipse-score/score/issues/960 - - :ref:`feature_requirements_PersistencyKvs` - - valid + - :need:`doc__feature_persistency_requirements` * - :need:`wp__requirements_feat_aou` - :need:`gd_temp__req_aou_req` - :ndf:`copy('status', need_id='gd_temp__req_aou_req')` - - https://github.com/eclipse-score/score/issues/960 - - :ref:`feature_requirements_PersistencyKvs` - - valid + - :need:`doc__feature_persistency_requirements` * - :need:`wp__feature_arch` - :need:`gd_temp__arch_feature` - :ndf:`copy('status', need_id='gd_temp__arch_feature')` - - https://github.com/eclipse-score/score/issues/1020 - - :ref:`feature_architecture_PersistencyKvs` - - valid + - :need:`doc__persistency_architecture` * - :need:`wp__feature_fmea` - :need:`gd_guidl__safety_analysis` - :ndf:`copy('status', need_id='gd_guidl__safety_analysis')` - - https://github.com/eclipse-score/score/issues/965 - :need:`doc__persistency_fmea` - - valid * - :need:`wp__feature_dfa` - :need:`gd_guidl__safety_analysis` - :ndf:`copy('status', need_id='gd_guidl__safety_analysis')` - - https://github.com/eclipse-score/score/issues/965 - :need:`doc__persistency_dfa` - - valid * - :need:`wp__requirements_inspect` - :need:`gd_chklst__req_inspection` - :ndf:`copy('status', need_id='gd_chklst__req_inspection')` - - https://github.com/eclipse-score/score/issues/960 - - :need:`doc__req_inspection_persistency` - - valid + - :need:`doc__feature_persistency_requirements_chklst` * - :need:`wp__sw_arch_verification` - :need:`gd_chklst__arch_inspection_checklist` - :ndf:`copy('status', need_id='gd_chklst__arch_inspection_checklist')` - - https://github.com/eclipse-score/score/issues/1020 - - Checklist used in Pull Request Review - - n/a + - :need:`doc__persistency_arc_inspection` * - :need:`wp__verification_feat_int_test` - :need:`gd_guidl__verification_guide` - :ndf:`copy('status', need_id='gd_guidl__verification_guide')` - - https://github.com/eclipse-score/score/issues/964 - - Checklist used in Pull Request Review - - + - +Feature Safety Package +====================== + +To create the safety package (according to :need:`gd_guidl__saf_package`) the following +documents and work products status have to go to "valid" (after the relevant verification were performed). + +Feature Documents Status +------------------------ + +For all the work product documents the status can be seen by following the "Link to WP". +A summary of the status is also documented in the project's documentation management plan. + +See :ref:`documents_docs_features_persistency` Feature Requirements Status --------------------------- @@ -126,7 +131,7 @@ Feature Architecture Status --------------------------- .. needtable:: - :filter: docname is not None and "persistency" in docname and "requirements" in docname + :filter: docname is not None and "persistency" in docname and "architecture" in docname :style: table :types: feat_arc_sta; feat_arc_dyn :tags: persistency diff --git a/docs/features/infrastructure/index.rst b/docs/features/persistency/security_analysis/stride.rst similarity index 61% rename from docs/features/infrastructure/index.rst rename to docs/features/persistency/security_analysis/stride.rst index 2b2b10200f2..bbc48a7b18c 100644 --- a/docs/features/infrastructure/index.rst +++ b/docs/features/persistency/security_analysis/stride.rst @@ -12,29 +12,15 @@ # SPDX-License-Identifier: Apache-2.0 # ******************************************************************************* -.. _infrastructure_feature: - -################ - Infrastructure -################ - -*************** - Documentation -*************** - -Description -=========== - -The infrastructure section describes the setup of the services and tools -that are used for development. - -************* - Subfeatures -************* - -.. toctree:: - :titlesonly: - :maxdepth: 1 - - bazel_registry - config_as_code +Persistency STRIDE +################## + +.. document:: STRIDE + :id: doc__persistency_stride + :status: valid + :safety: ASIL_B + :security: YES + :realizes: wp__feature_security_analysis + :tags: persistency + +STRIDE analysis procedure is required to be defined and applied. This section is created as placeholder and will be updated in future. diff --git a/docs/modules/orchestrator/executor/docs/architecture/executor.rst b/docs/features/persistency/security_planning/index.rst similarity index 51% rename from docs/modules/orchestrator/executor/docs/architecture/executor.rst rename to docs/features/persistency/security_planning/index.rst index b3c03d7a04e..11e2a6dce78 100644 --- a/docs/modules/orchestrator/executor/docs/architecture/executor.rst +++ b/docs/features/persistency/security_planning/index.rst @@ -12,30 +12,31 @@ # SPDX-License-Identifier: Apache-2.0 # ******************************************************************************* -Component Architecture -======================= +Feature Security Planning +========================= -.. document:: Executor Architecture - :id: doc__executor_architecture +.. document:: Persistency KVS Security WPs + :id: doc__persistency_security_wp :status: valid :safety: ASIL_B :security: YES - :realizes: wp__component_arch - :tags: orchestration, executor + :realizes: wp__platform_security_plan + :tags: persistency -.. comp_arc_sta:: Executor - :id: comp_arc_sta__orch__executor - :security: YES - :safety: ASIL_B - :status: valid - :uses: logic_arc_int__logging__logging, logic_arc_int__tracing__tracing - .. needarch:: - :scale: 50 - :align: center +.. list-table:: Feature persistency Workproducts + :header-rows: 1 - {{ draw_component(need(), needs) }} + * - Workproduct Id + - Link to process + - Process status + - Link to issue + - Link to WP + - WP status -.. toctree:: - :maxdepth: 1 - :titlesonly: + * - :need:`wp__feature_security_analysis` + - :need:`gd_guidl__security_analysis` + - :ndf:`copy('status', need_id='gd_guidl__security_analysis')` + - TBD + - :need:`doc__persistency_stride` + - valid diff --git a/docs/handbook/index.rst b/docs/handbook/index.rst index 5e572a15fec..fb1d3cc5ace 100644 --- a/docs/handbook/index.rst +++ b/docs/handbook/index.rst @@ -19,6 +19,13 @@ own_application/index.rst building_simple_application/index.rst +.. document:: Handbook + :id: doc__platform_handbook + :status: valid + :safety: ASIL_B + :security: YES + :realizes: wp__platform_handbook + Handbook ======== diff --git a/docs/handbook/own_application/index.rst b/docs/handbook/own_application/index.rst index edfea1b76e0..52589de88ee 100644 --- a/docs/handbook/own_application/index.rst +++ b/docs/handbook/own_application/index.rst @@ -33,7 +33,7 @@ To integrate the communication module into your project, follow these steps: 1. Setup ----------- -Start by creating a new project in your preferred IDE (e.g., Visual Studio Code). A ready-to-use devcontainer is available under: +Start by creating a new project in your preferred IDE (e.g., Visual Studio Code). A ready-to-use devcontainer is available under: - https://github.com/eclipse-score/devcontainer @@ -54,7 +54,7 @@ Reference documentation for the communication module: module(name = "use_com_test") - bazel_dep(name = "score_toolchains_gcc", version = "0.4", dev_dependency=True) + bazel_dep(name = "score_toolchains_gcc", version = "0.5", dev_dependency=True) gcc = use_extension("@score_toolchains_gcc//extensions:gcc.bzl", "gcc", dev_dependency=True) gcc.toolchain( @@ -84,8 +84,16 @@ Reference documentation for the communication module: ) bazel_dep(name = "boost.program_options", version = "1.87.0") - bazel_dep(name = "score-baselibs", version = "0.1.3") - bazel_dep(name = "communication", version = "0.1.1") + bazel_dep(name = "score_baselibs", version = "0.1.3") + bazel_dep(name = "score_communication", version = "0.1.1") + + # TRLC dependency for requirements traceability + bazel_dep(name = "trlc", version = "0.0.0") + git_override( + module_name = "trlc", + commit = "ede35c4411d41abe42b8f19e78f8989ff79ad3d8", + remote = "https://github.com/bmw-software-engineering/trlc.git", + ) Be aware that the version numbers change over time. Always check the latest versions in the respective bazel registry @@ -108,7 +116,8 @@ Be aware that the version numbers change over time. Always check the latest vers common --@score-baselibs//score/json:base_library=nlohmann common --@communication//score/mw/com/flags:tracing_library=stub - common --registry=https://raw.githubusercontent.com/eclipse-score/bazel_registry/refs/heads/main/ + common --registry=https://raw.githubusercontent.com/eclipse-score/bazel_registry/v0.5.0-beta/ + common --registry=https://bcr.bazel.build ^^^^^^^^^^^^^ @@ -116,7 +125,7 @@ Be aware that the version numbers change over time. Always check the latest vers ^^^^^^^^^^^^^ If you start with an empty project, add an empty file named ``BUILD`` into your project root. -Now you can now run build the project with the command bazel ``bazel build //...`` +Now you can now run build the project with the command bazel ``bazel build //...`` (At this point nothing happens yet, because no targets are defined). You can now either continue with this guide to create a minimal consumer-producer example or start coding your own application @@ -133,9 +142,9 @@ Once your project is set up, you can start sending and receiving messages. ^^^^^^^^^^^^^^^^^^^^ Create a folder named ``src`` in your root project directory. -Inside ``src``, create the following folders: +Inside ``src``, create the following folders: -- ``consumer`` +- ``consumer`` - ``producer`` additional folders if needed. @@ -278,11 +287,11 @@ After that, create the file ``producer.cpp``. The constructor initializes the communication skeleton ``create_result``. -``RunProducer``: +``RunProducer``: - checks if the initialization of ``create_result`` was successful -- offers service -- enters a loop and sends our messages +- offers service +- enters a loop and sends our messages - stops offering the service at the end @@ -298,4 +307,4 @@ Navigate to the ``consumer`` directory and create a new file called ``consumer.h ^^^^^^^^^^^^^^ For a complete example implementation, see the example folder -https://github.com/eclipse-score/communication/tree/main/score/mw/com/example/ipc_bridge \ No newline at end of file +https://github.com/eclipse-score/communication/tree/main/score/mw/com/example/ipc_bridge diff --git a/docs/index.rst b/docs/index.rst index 4adb40408ca..8417fd620e1 100644 --- a/docs/index.rst +++ b/docs/index.rst @@ -60,11 +60,9 @@ Software artifacts .. grid-item-card:: - Features + Features & Modules ^^^ - :ref:`Features ` are the heart of the S-CORE software. - Understand the internal details of :ref:`Infrastructure ` - or :ref:`Integration ` Features. + :ref:`Features ` and :ref:`Modules ` are the heart of the S-CORE software. .. grid-item-card:: @@ -94,7 +92,8 @@ Project structure and processes ^^^ Read about our project and organization structure in the :ref:`Project Handbook `. - And learn how we deal with :need:`doc__platform_safety_plan` or care about :need:`doc__verification_plan`. + And learn how we deal with :ref:`Platform Safety Plan ` or care about :ref:`Software Verification Plan `. + .. dropdown:: Click to see the complete sitemap diff --git a/docs/modules/baselibs/bitmanipulation/docs/architecture/index.rst b/docs/modules/baselibs/bitmanipulation/docs/architecture/index.rst index 31df4e9dbc6..2bc31d307c6 100644 --- a/docs/modules/baselibs/bitmanipulation/docs/architecture/index.rst +++ b/docs/modules/baselibs/bitmanipulation/docs/architecture/index.rst @@ -30,8 +30,8 @@ see :need:`doc__bitmanipulation` Static Architecture ------------------- -.. comp_arc_sta:: Bit Manipulation - :id: comp_arc_sta__baselibs__bit_manipulation +.. comp:: Bit Manipulation + :id: comp__baselibs_bit_manipulation :security: NO :safety: ASIL_B :status: valid diff --git a/docs/modules/baselibs/bitmanipulation/docs/requirements/index.rst b/docs/modules/baselibs/bitmanipulation/docs/requirements/index.rst index f80902c7c6c..204938497b8 100644 --- a/docs/modules/baselibs/bitmanipulation/docs/requirements/index.rst +++ b/docs/modules/baselibs/bitmanipulation/docs/requirements/index.rst @@ -36,6 +36,7 @@ Functional Requirements :safety: ASIL_B :satisfies: feat_req__baselibs__bitmanipulation, feat_req__baselibs__core_utilities :status: valid + :belongs_to: comp__baselibs_bit_manipulation The bit manipulation component shall provide API for setting, clearing, toggling, and checking bits, as well as extracting bytes and manipulating half-bytes and bytes for any integral type up to 64 bits. @@ -46,6 +47,7 @@ Functional Requirements :safety: ASIL_B :satisfies: feat_req__baselibs__bitmanipulation, feat_req__baselibs__core_utilities :status: valid + :belongs_to: comp__baselibs_bit_manipulation The bit manipulation library shall provide type-safe bitmask operations for scoped enumeration types. @@ -56,6 +58,7 @@ Functional Requirements :safety: ASIL_B :satisfies: feat_req__baselibs__bitmanipulation, feat_req__baselibs__safety :status: valid + :belongs_to: comp__baselibs_bit_manipulation All bit manipulation functions shall validate input parameters and prevent data corruption. @@ -69,8 +72,57 @@ Non-Functional Requirements :safety: ASIL_B :satisfies: feat_req__baselibs__bitmanipulation :status: valid + :belongs_to: comp__baselibs_bit_manipulation The bit manipulation API shall be header-only and not require external dependencies. -.. needextend:: "__bitmaipulation__" in id +Assumptions of Use (AoU) +======================== + +.. aou_req:: Valid Bit Positions and Ranges + :id: aou_req__bitmanipulation__valid_bit_positions + :reqtype: Functional + :security: NO + :safety: ASIL_B + :status: valid + + The user shall assume that the API performs bound checking to validate bit positions and ranges provided to the bit manipulation functions. + +.. aou_req:: Integral Type Constraints + :id: aou_req__bitmanipulation__type_constraints + :reqtype: Functional + :security: NO + :safety: ASIL_B + :status: valid + + The user shall only use bit manipulation functions with integral types (integers, enumerations) as specified in the library's type constraints. Operations on floating-point or non-integral types are not supported. + +.. aou_req:: Enum Class Type Safety + :id: aou_req__bitmanipulation__enum_type_safety + :reqtype: Functional + :security: NO + :safety: ASIL_B + :status: valid + + The user shall use scoped enumeration types (enum class) whose enumerators are defined as non-zero power-of-two values (1, 2, 4, 8, 16, etc.) + +.. aou_req:: No Side Effects on Concurrent Access + :id: aou_req__bitmanipulation__concurrent_access + :reqtype: Non-Functional + :security: NO + :safety: ASIL_B + :status: valid + + The user shall implement external synchronization mechanisms (e.g., mutexes, atomic operations, or locks) when accessing or modifying the same integral value from multiple threads concurrently, as the library provides no internal thread safety guarantees. + +.. aou_req:: Bit Extraction Index Validation + :id: aou_req__bitmanipulation__bit_validation + :reqtype: Functional + :security: NO + :safety: ASIL_B + :status: valid + + The user shall validate byte and half-byte extraction indices to ensure they correspond to valid positions within the target integral type to prevent accessing invalid memory ranges. + +.. needextend:: "__bitmanipulation__" in id :+tags: baselibs diff --git a/docs/modules/baselibs/concurrency/docs/architecture/index.rst b/docs/modules/baselibs/concurrency/docs/architecture/index.rst new file mode 100644 index 00000000000..e75498fe5ed --- /dev/null +++ b/docs/modules/baselibs/concurrency/docs/architecture/index.rst @@ -0,0 +1,313 @@ +.. + # ******************************************************************************* + # Copyright (c) 2026 Contributors to the Eclipse Foundation + # + # See the NOTICE file(s) distributed with this work for additional + # information regarding copyright ownership. + # + # This program and the accompanying materials are made available under the + # terms of the Apache License Version 2.0 which is available at + # https://www.apache.org/licenses/LICENSE-2.0 + # + # SPDX-License-Identifier: Apache-2.0 + # ******************************************************************************* + +Concurrency Component Architecture +*********************************** + +.. document:: Concurrency Architecture + :id: doc__concurrency_architecture + :status: valid + :safety: ASIL_B + :security: YES + :realizes: wp__component_arch + +Overview/Description +-------------------- + +see :need:`doc__concurrency` + +Static Architecture +------------------- + +.. comp:: Concurrency + :id: comp__baselibs_concurrency + :security: YES + :safety: ASIL_B + :status: valid + :tags: baselibs_concurrency + :implements: logic_arc_int__baselibs__promise, logic_arc_int__baselibs__future, logic_arc_int__baselibs__shared_future, logic_arc_int__baselibs__executor, logic_arc_int__baselibs__task, logic_arc_int__baselibs__task_result, logic_arc_int__baselibs__synchronized_queue, logic_arc_int__baselibs__condition_variable + + .. needarch:: + :scale: 50 + :align: center + + {{ draw_component(need(), needs) }} + +Interfaces +---------- + +.. logic_arc_int:: Promise + :id: logic_arc_int__baselibs__promise + :security: YES + :safety: ASIL_B + :status: valid + +.. logic_arc_int_op:: Set Value + :id: logic_arc_int_op__conc__promise_setval + :security: YES + :safety: ASIL_B + :status: valid + :included_by: logic_arc_int__baselibs__promise + +.. logic_arc_int_op:: Set Error + :id: logic_arc_int_op__conc__promise_set_error + :security: YES + :safety: ASIL_B + :status: valid + :included_by: logic_arc_int__baselibs__promise + +.. logic_arc_int_op:: Get Future + :id: logic_arc_int_op__conc__promise_get_future + :security: YES + :safety: ASIL_B + :status: valid + :included_by: logic_arc_int__baselibs__promise + +.. logic_arc_int_op:: On Abort + :id: logic_arc_int_op__conc__promise_on_abort + :security: YES + :safety: ASIL_B + :status: valid + :included_by: logic_arc_int__baselibs__promise + +.. logic_arc_int:: Future + :id: logic_arc_int__baselibs__future + :security: YES + :safety: ASIL_B + :status: valid + +.. logic_arc_int_op:: Get + :id: logic_arc_int_op__conc__future_get + :security: YES + :safety: ASIL_B + :status: valid + :included_by: logic_arc_int__baselibs__future + +.. logic_arc_int_op:: Wait + :id: logic_arc_int_op__conc__future_wait + :security: YES + :safety: ASIL_B + :status: valid + :included_by: logic_arc_int__baselibs__future + +.. logic_arc_int_op:: Wait For + :id: logic_arc_int_op__conc__future_wait_for + :security: YES + :safety: ASIL_B + :status: valid + :included_by: logic_arc_int__baselibs__future + +.. logic_arc_int_op:: Wait Until + :id: logic_arc_int_op__conc__future_wait_until + :security: YES + :safety: ASIL_B + :status: valid + :included_by: logic_arc_int__baselibs__future + +.. logic_arc_int_op:: Valid + :id: logic_arc_int_op__conc__future_valid + :security: YES + :safety: ASIL_B + :status: valid + :included_by: logic_arc_int__baselibs__future + +.. logic_arc_int_op:: Share + :id: logic_arc_int_op__conc__future_share + :security: YES + :safety: ASIL_B + :status: valid + :included_by: logic_arc_int__baselibs__future + +.. logic_arc_int_op:: Then + :id: logic_arc_int_op__conc__future_then + :security: YES + :safety: ASIL_B + :status: valid + :included_by: logic_arc_int__baselibs__future + +.. logic_arc_int:: Shared Future + :id: logic_arc_int__baselibs__shared_future + :security: YES + :safety: ASIL_B + :status: valid + +.. logic_arc_int_op:: Get Shared + :id: logic_arc_int_op__conc__shared_future_get + :security: YES + :safety: ASIL_B + :status: valid + :included_by: logic_arc_int__baselibs__shared_future + +.. logic_arc_int_op:: Copy + :id: logic_arc_int_op__conc__shared_future_copy + :security: YES + :safety: ASIL_B + :status: valid + :included_by: logic_arc_int__baselibs__shared_future + +.. logic_arc_int:: Executor + :id: logic_arc_int__baselibs__executor + :security: YES + :safety: ASIL_B + :status: valid + +.. logic_arc_int_op:: Enqueue + :id: logic_arc_int_op__conc__executor_enqueue + :security: YES + :safety: ASIL_B + :status: valid + :included_by: logic_arc_int__baselibs__executor + +.. logic_arc_int_op:: Post + :id: logic_arc_int_op__conc__executor_post + :security: YES + :safety: ASIL_B + :status: valid + :included_by: logic_arc_int__baselibs__executor + +.. logic_arc_int_op:: Submit + :id: logic_arc_int_op__conc__executor_submit + :security: YES + :safety: ASIL_B + :status: valid + :included_by: logic_arc_int__baselibs__executor + +.. logic_arc_int_op:: Shutdown + :id: logic_arc_int_op__conc__executor_shutdown + :security: YES + :safety: ASIL_B + :status: valid + :included_by: logic_arc_int__baselibs__executor + +.. logic_arc_int_op:: Max Concurrency Level + :id: logic_arc_int_op__conc__executor_max_conc + :security: YES + :safety: ASIL_B + :status: valid + :included_by: logic_arc_int__baselibs__executor + +.. logic_arc_int:: Task + :id: logic_arc_int__baselibs__task + :security: YES + :safety: ASIL_B + :status: valid + +.. logic_arc_int_op:: Execute + :id: logic_arc_int_op__conc__task_execute + :security: YES + :safety: ASIL_B + :status: valid + :included_by: logic_arc_int__baselibs__task + +.. logic_arc_int_op:: Get Stop Source + :id: logic_arc_int_op__conc__task_get_stop_source + :security: YES + :safety: ASIL_B + :status: valid + :included_by: logic_arc_int__baselibs__task + +.. logic_arc_int:: Task Result + :id: logic_arc_int__baselibs__task_result + :security: YES + :safety: ASIL_B + :status: valid + +.. logic_arc_int_op:: Abort + :id: logic_arc_int_op__conc__task_result_abort + :security: YES + :safety: ASIL_B + :status: valid + :included_by: logic_arc_int__baselibs__task_result + +.. logic_arc_int_op:: Aborted + :id: logic_arc_int_op__conc__task_result_aborted + :security: YES + :safety: ASIL_B + :status: valid + :included_by: logic_arc_int__baselibs__task_result + +.. logic_arc_int_op:: Get Result + :id: logic_arc_int_op__conc__task_result_get + :security: YES + :safety: ASIL_B + :status: valid + :included_by: logic_arc_int__baselibs__task_result + +.. logic_arc_int:: Synchronized Queue + :id: logic_arc_int__baselibs__synchronized_queue + :security: YES + :safety: ASIL_B + :status: valid + +.. logic_arc_int_op:: Push + :id: logic_arc_int_op__conc__sync_queue_push + :security: YES + :safety: ASIL_B + :status: valid + :included_by: logic_arc_int__baselibs__synchronized_queue + +.. logic_arc_int_op:: Pop + :id: logic_arc_int_op__conc__sync_queue_pop + :security: YES + :safety: ASIL_B + :status: valid + :included_by: logic_arc_int__baselibs__synchronized_queue + +.. logic_arc_int_op:: Try Push + :id: logic_arc_int_op__conc__sync_queue_try_push + :security: YES + :safety: ASIL_B + :status: valid + :included_by: logic_arc_int__baselibs__synchronized_queue + +.. logic_arc_int_op:: Try Pop + :id: logic_arc_int_op__conc__sync_queue_try_pop + :security: YES + :safety: ASIL_B + :status: valid + :included_by: logic_arc_int__baselibs__synchronized_queue + +.. logic_arc_int:: Condition Variable + :id: logic_arc_int__baselibs__condition_variable + :security: YES + :safety: ASIL_B + :status: valid + +.. logic_arc_int_op:: Wait + :id: logic_arc_int_op__conc__cv_wait + :security: YES + :safety: ASIL_B + :status: valid + :included_by: logic_arc_int__baselibs__condition_variable + +.. logic_arc_int_op:: Wait For + :id: logic_arc_int_op__conc__cv_wait_for + :security: YES + :safety: ASIL_B + :status: valid + :included_by: logic_arc_int__baselibs__condition_variable + +.. logic_arc_int_op:: Notify One + :id: logic_arc_int_op__conc__cv_notify_one + :security: YES + :safety: ASIL_B + :status: valid + :included_by: logic_arc_int__baselibs__condition_variable + +.. logic_arc_int_op:: Notify All + :id: logic_arc_int_op__conc__cv_notify_all + :security: YES + :safety: ASIL_B + :status: valid + :included_by: logic_arc_int__baselibs__condition_variable diff --git a/docs/modules/baselibs/concurrency/docs/index.rst b/docs/modules/baselibs/concurrency/docs/index.rst new file mode 100644 index 00000000000..eee90a4cbc2 --- /dev/null +++ b/docs/modules/baselibs/concurrency/docs/index.rst @@ -0,0 +1,41 @@ +.. + # ******************************************************************************* + # Copyright (c) 2026 Contributors to the Eclipse Foundation + # + # See the NOTICE file(s) distributed with this work for additional + # information regarding copyright ownership. + # + # This program and the accompanying materials are made available under the + # terms of the Apache License Version 2.0 which is available at + # https://www.apache.org/licenses/LICENSE-2.0 + # + # SPDX-License-Identifier: Apache-2.0 + # ******************************************************************************* + +concurrency +########### + +.. document:: Concurrency Library + :id: doc__concurrency + :status: draft + :safety: ASIL_B + :tags: baselibs_concurrency + :realizes: wp__cmpt_request + :security: YES + +.. toctree:: + :hidden: + + architecture/index.rst + requirements/index.rst + +Abstract +======== + +This component request proposes a concurrency library that provides abstractions for managing concurrent tasks, threads, and synchronization mechanisms. + +Motivation and Rationale +======================== + +The concurrency library shall provide safe and efficient way to handle concurrent operations. It aims to simplify the development of multi-threaded applications by offering high-level abstractions for task management, synchronization, and inter-thread communication. +The library is designed to improve code readability, maintainability, and portability across different platforms. diff --git a/docs/modules/baselibs/concurrency/docs/requirements/index.rst b/docs/modules/baselibs/concurrency/docs/requirements/index.rst new file mode 100644 index 00000000000..218bb9d5ef4 --- /dev/null +++ b/docs/modules/baselibs/concurrency/docs/requirements/index.rst @@ -0,0 +1,232 @@ + +.. + # ******************************************************************************* + # Copyright (c) 2026 Contributors to the Eclipse Foundation + # + # See the NOTICE file(s) distributed with this work for additional + # information regarding copyright ownership. + # + # This program and the accompanying materials are made available under the + # terms of the Apache License Version 2.0 which is available at + # https://www.apache.org/licenses/LICENSE-2.0 + # + # SPDX-License-Identifier: Apache-2.0 + # ******************************************************************************* + +Requirements +############ + +.. document:: Concurrency Requirements + :id: doc__concurrency_requirements + :status: draft + :safety: ASIL_B + :security: YES + :realizes: wp__requirements_comp + :tags: requirements, concurrency + +Functional Requirements +======================= + +.. comp_req:: Asynchronous Task Execution + :id: comp_req__concurrency__task_interface + :reqtype: Functional + :security: NO + :safety: ASIL_B + :satisfies: feat_req__baselibs__concurrency_library, feat_req__baselibs__core_utilities, feat_req__baselibs__safety + :status: valid + :belongs_to: comp__baselibs_concurrency + + The concurrency module shall allow running tasks asynchronously. + +.. comp_req:: Task Cancellation + :id: comp_req__concurrency__task_cancellation + :reqtype: Functional + :security: NO + :safety: ASIL_B + :satisfies: feat_req__baselibs__concurrency_library, feat_req__baselibs__core_utilities, feat_req__baselibs__safety + :status: valid + :belongs_to: comp__baselibs_concurrency + + The concurrency module shall allow cancelling tasks when needed. + +.. comp_req:: Simple Task Implementation + :id: comp_req__concurrency__simple_task + :reqtype: Functional + :security: NO + :safety: ASIL_B + :satisfies: feat_req__baselibs__concurrency_library, feat_req__baselibs__core_utilities, feat_req__baselibs__safety + :status: valid + :belongs_to: comp__baselibs_concurrency + + The concurrency module shall provide implementation for executing callable objects without returning results, supporting fire-and-forget asynchronous operations. + +.. comp_req:: Task Result Management + :id: comp_req__concurrency__task_result + :reqtype: Functional + :security: NO + :safety: ASIL_B + :satisfies: feat_req__baselibs__concurrency_library, feat_req__baselibs__safety + :status: valid + :belongs_to: comp__baselibs_concurrency + + The concurrency module shall provide implementation to access the result of an asynchronously running task or to request aborting the task when the result is no longer needed. + +.. comp_req:: Periodic Task Execution + :id: comp_req__concurrency__periodic_task + :reqtype: Functional + :security: NO + :safety: ASIL_B + :satisfies: feat_req__baselibs__concurrency_library, feat_req__baselibs__safety + :status: valid + :belongs_to: comp__baselibs_concurrency + + The concurrency module shall provide implementation for executing callable objects at regular intervals with configurable first execution time and period duration. + +.. comp_req:: Delayed Task Execution + :id: comp_req__concurrency__delayed_task + :reqtype: Functional + :security: NO + :safety: ASIL_B + :satisfies: feat_req__baselibs__concurrency_library, feat_req__baselibs__safety + :status: valid + :belongs_to: comp__baselibs_concurrency + + The concurrency module shall provide implementation for executing callable objects after a specified delay with support for early cancellation. + +.. comp_req:: Executor Interface + :id: comp_req__concurrency__executor_interface + :reqtype: Functional + :security: NO + :safety: ASIL_B + :satisfies: feat_req__baselibs__consistent_apis + :status: valid + :belongs_to: comp__baselibs_concurrency + + The concurrency module shall provide interface defining a common API for task submission operations, graceful shutdown, and maximum concurrency level reporting. + +.. comp_req:: Thread Pool Implementation + :id: comp_req__concurrency__thread_pool + :reqtype: Functional + :security: NO + :safety: ASIL_B + :satisfies: feat_req__baselibs__concurrency_library, feat_req__baselibs__safety + :status: valid + :belongs_to: comp__baselibs_concurrency + + The concurrency module shall provide implementation that manages submitted tasks in FIFO order. + +.. comp_req:: Interruptible Condition Variable + :id: comp_req__concurrency__condition_variable + :reqtype: Functional + :security: NO + :safety: ASIL_B + :satisfies: feat_req__baselibs__concurrency_library, feat_req__baselibs__safety + :status: valid + :belongs_to: comp__baselibs_concurrency + + The concurrency module shall provide an abortable mechanism for threads to wait for conditions. + +.. comp_req:: Interruptible Wait Utilities + :id: comp_req__concurrency__interruptible_wait + :reqtype: Functional + :security: NO + :safety: ASIL_B + :satisfies: feat_req__baselibs__concurrency_library, feat_req__baselibs__safety + :status: valid + :belongs_to: comp__baselibs_concurrency + + The concurrency module shall provide utilities offering APIs for sleep operations allowing early cancellation. + +.. comp_req:: Notification Mechanism + :id: comp_req__concurrency__notification + :reqtype: Functional + :security: NO + :safety: ASIL_B + :satisfies: feat_req__baselibs__concurrency_library, feat_req__baselibs__safety + :status: valid + :belongs_to: comp__baselibs_concurrency + + The concurrency module shall allow one thread to notify another thread once, with a timeout option. + +.. comp_req:: Synchronized Queue + :id: comp_req__concurrency__synchronized_queue + :reqtype: Functional + :security: NO + :safety: ASIL_B + :satisfies: feat_req__baselibs__concurrency_library, feat_req__baselibs__safety + :status: valid + :belongs_to: comp__baselibs_concurrency + + The concurrency module shall provide a thread-safe container facilitating FIFO transmission of data in a N:1 communication pattern. + +.. comp_req:: Long-Running Threads Container + :id: comp_req__concurrency__long_running_threads + :reqtype: Functional + :security: NO + :safety: ASIL_B + :satisfies: feat_req__baselibs__concurrency_library, feat_req__baselibs__safety + :status: valid + :belongs_to: comp__baselibs_concurrency + + The concurrency module shall provide a container for managing long-running threads, allowing addition and removal of threads. + +Non-Functional Requirements +=========================== + +.. comp_req:: Memory Usage Control + :id: comp_req__concurrency__memory_usage_control + :reqtype: Non-Functional + :security: NO + :safety: ASIL_B + :satisfies: feat_req__baselibs__concurrency_library + :status: valid + :belongs_to: comp__baselibs_concurrency + + The concurrency module shall limit memory usage to prevent uncontrolled resource consumption. + +.. comp_req:: Memory Reservation + :id: comp_req__concurrency__memory_reservation + :reqtype: Non-Functional + :security: NO + :safety: ASIL_B + :satisfies: feat_req__baselibs__concurrency_library + :status: valid + :belongs_to: comp__baselibs_concurrency + + The concurrency module shall allow reserving memory upfront for tasks to ensure predictable resource allocation. + +.. comp_req:: Thread Count Reporting + :id: comp_req__concurrency__thread_count_reporting + :reqtype: Non-Functional + :security: NO + :safety: ASIL_B + :satisfies: feat_req__baselibs__concurrency_library + :status: valid + :belongs_to: comp__baselibs_concurrency + + The concurrency module shall report the maximum number of concurrent threads available for task execution. + +.. comp_req:: Operation Timeout Protection + :id: comp_req__concurrency__operation_timeout + :reqtype: Non-Functional + :security: NO + :safety: ASIL_B + :satisfies: feat_req__baselibs__concurrency_library + :status: valid + :belongs_to: comp__baselibs_concurrency + + The concurrency module shall avoid indefinitely blocking, unabortable operations. + +.. comp_req:: Future Error Handling + :id: comp_req__concurrency__error_handling + :reqtype: Non-Functional + :security: NO + :safety: ASIL_B + :satisfies: feat_req__baselibs__concurrency_library + :status: valid + :belongs_to: comp__baselibs_concurrency + + The concurrency module shall use error codes instead of throwing exceptions. + +.. needextend:: "__concurrency" in id + :+tags: concurrency diff --git a/docs/modules/baselibs/containers/docs/architecture/index.rst b/docs/modules/baselibs/containers/docs/architecture/index.rst index 49c30994ea8..aee917240af 100644 --- a/docs/modules/baselibs/containers/docs/architecture/index.rst +++ b/docs/modules/baselibs/containers/docs/architecture/index.rst @@ -30,8 +30,8 @@ see :need:`doc__containers_architecture` Static Architecture ------------------- -.. comp_arc_sta:: Containers - :id: comp_arc_sta__baselibs__containers +.. comp:: Containers + :id: comp__baselibs_containers :security: YES :safety: ASIL_B :status: valid diff --git a/docs/modules/baselibs/containers/docs/requirements/index.rst b/docs/modules/baselibs/containers/docs/requirements/index.rst index 697f7e02d79..4a78a1cd2d9 100644 --- a/docs/modules/baselibs/containers/docs/requirements/index.rst +++ b/docs/modules/baselibs/containers/docs/requirements/index.rst @@ -33,6 +33,7 @@ Functional Requirements :safety: ASIL_B :satisfies: feat_req__baselibs__core_utilities, feat_req__baselibs__containers_library, feat_req__baselibs__safety :status: valid + :belongs_to: comp__baselibs_containers The Containers library shall provide a fixed-size array container with construction-time size specification. @@ -43,6 +44,7 @@ Functional Requirements :safety: ASIL_B :satisfies: feat_req__baselibs__core_utilities, feat_req__baselibs__containers_library, feat_req__baselibs__safety :status: valid + :belongs_to: comp__baselibs_containers The Containers library shall provide an intrusive doubly-linked list based on the C++ standardization proposal P0406R1. @@ -53,6 +55,7 @@ Functional Requirements :safety: ASIL_B :satisfies: feat_req__baselibs__consistent_apis, feat_req__baselibs__safety :status: valid + :belongs_to: comp__baselibs_containers The Containers library shall enforce compile-time type safety for all container operations. @@ -63,6 +66,7 @@ Functional Requirements :safety: ASIL_B :satisfies: feat_req__baselibs__core_utilities, feat_req__baselibs__containers_library, feat_req__baselibs__safety :status: valid + :belongs_to: comp__baselibs_containers The Containers library shall provide a non-relocatable vector container that maintains stable element addresses. @@ -77,8 +81,95 @@ Non-Functional Requirements :safety: ASIL_B :satisfies: feat_req__baselibs__core_utilities, feat_req__baselibs__safety :status: valid + :belongs_to: comp__baselibs_containers The Containers library shall provide deterministic behavior with no dynamic memory allocation. +Assumptions of Use (AoU) +======================== + +.. aou_req:: Check Capacity + :id: aou_req__containers__capacity_management + :reqtype: Functional + :security: NO + :safety: ASIL_B + :status: valid + :tags: inspected + + The user shall verify sufficient capacity or handle allocation failures before insertion operations to prevent exceeding container limits and undefined behavior. + +.. aou_req:: Iterator Validity + :id: aou_req__containers__iterator_validity + :reqtype: Functional + :security: NO + :safety: ASIL_B + :status: valid + :tags: inspected + + The user shall ensure that iterators are not used after operations that invalidate them and refresh iterators after modifying operations. + +.. aou_req:: Element Lifetime and Ownership + :id: aou_req__containers__element_lifetime + :reqtype: Functional + :security: NO + :safety: ASIL_B + :status: valid + :tags: inspected + + The user shall ensure that elements stored in containers remain valid throughout their lifetime in the container, and for intrusive containers, that element objects are not destroyed or moved while contained within the container. + +.. aou_req:: Thread Safety + :id: aou_req__containers__thread_safety + :reqtype: Non-Functional + :security: NO + :safety: ASIL_B + :status: valid + :tags: inspected + + The user shall implement external synchronization mechanisms when accessing or modifying container objects from multiple threads concurrently, as the library provides no internal thread safety guarantees. + +.. aou_req:: Index Bounds Checking + :id: aou_req__containers__bounds_checking + :reqtype: Functional + :security: NO + :safety: ASIL_B + :status: valid + :tags: inspected + + The user shall ensure that all index-based access operations use valid indices within the container's current size range to prevent out-of-bounds access and undefined behavior. + +.. aou_req:: Container State Verification + :id: aou_req__containers__state_verification + :reqtype: Functional + :security: NO + :safety: ASIL_B + :status: valid + :tags: inspected + + The user shall verify container state before performing operations that depend on specific states, such as checking if a container is non-empty before accessing elements. + +.. aou_req:: Memory Resource Management + :id: aou_req__containers__memory_management + :reqtype: Non-Functional + :security: NO + :safety: ASIL_B + :status: valid + :tags: inspected + + The user shall provide sufficient memory resources for all container operations. + +.. aou_req:: Element Type Requirements + :id: aou_req__containers__ele_type_requirements + :reqtype: Functional + :security: NO + :safety: ASIL_B + :status: valid + :tags: inspected + + The user shall ensure that element types are copy constructible, move constructible and destructible, and additionally for intrusive containers that they provide the required intrusive node members. + .. needextend:: "__containers__" in id :+tags: baselibs + +.. needextend:: "containers" in id + :+tags: containers diff --git a/docs/modules/baselibs/docs/index.rst b/docs/modules/baselibs/docs/index.rst index d0c2fd1e512..3d2d3802dd8 100644 --- a/docs/modules/baselibs/docs/index.rst +++ b/docs/modules/baselibs/docs/index.rst @@ -1,6 +1,6 @@ .. # ******************************************************************************* - # Copyright (c) 2025 Contributors to the Eclipse Foundation + # Copyright (c) 2026 Contributors to the Eclipse Foundation # # See the NOTICE file(s) distributed with this work for additional # information regarding copyright ownership. @@ -12,9 +12,16 @@ # SPDX-License-Identifier: Apache-2.0 # ******************************************************************************* -.. mod_view_sta:: Baselibs +.. mod:: Baselibs + :id: mod__baselibs + :includes: comp__baselibs_json, comp__baselibs_message_passing, comp__baselibs_memory_shared, comp__baselibs_result, comp__baselibs_bit_manipulation, comp__baselibs_containers, comp__baselibs_filesystem, comp__baselibs_utils, comp__baselibs_concurrency + :status: valid + :safety: ASIL_B + :security: YES + +.. mod_view_sta:: Baselibs Static View :id: mod_view_sta__baselibs__baselibs - :includes: comp_arc_sta__baselibs__json, comp_arc_sta__baselibs__message_passing, comp_arc_sta__baselibs__memory_shared, comp_arc_sta__baselibs__result, comp_arc_sta__baselibs__bit_manipulation, comp_arc_sta__baselibs__containers, comp_arc_sta__baselibs__filesystem + :includes: comp__baselibs_json, comp__baselibs_message_passing, comp__baselibs_memory_shared, comp__baselibs_result, comp__baselibs_bit_manipulation, comp__baselibs_containers, comp__baselibs_filesystem, comp__baselibs_utils, comp__baselibs_concurrency .. needarch:: :scale: 50 diff --git a/docs/modules/baselibs/docs/safety_mgt/index.rst b/docs/modules/baselibs/docs/safety_mgt/index.rst index 04718ba3557..ba72f6019ab 100644 --- a/docs/modules/baselibs/docs/safety_mgt/index.rst +++ b/docs/modules/baselibs/docs/safety_mgt/index.rst @@ -19,5 +19,6 @@ Safety Management :titlesonly: module_safety_plan + module_codeowners module_safety_plan_fdr module_safety_package_fdr diff --git a/docs/modules/baselibs/docs/safety_mgt/module_codeowners.rst b/docs/modules/baselibs/docs/safety_mgt/module_codeowners.rst new file mode 100644 index 00000000000..072ddc85d99 --- /dev/null +++ b/docs/modules/baselibs/docs/safety_mgt/module_codeowners.rst @@ -0,0 +1,52 @@ +.. + # ******************************************************************************* + # Copyright (c) 2025 Contributors to the Eclipse Foundation + # + # See the NOTICE file(s) distributed with this work for additional + # information regarding copyright ownership. + # + # This program and the accompanying materials are made available under the + # terms of the Apache License Version 2.0 which is available at + # https://www.apache.org/licenses/LICENSE-2.0 + # + # SPDX-License-Identifier: Apache-2.0 + # ******************************************************************************* + +Module Codeowners Skill Check +***************************** + +.. document:: Baselibs Codeowners + :id: doc__baselibs_codeowners + :status: valid + :safety: ASIL_B + :security: YES + :realizes: wp__module_safety_plan + +Assigned Committer(s) +===================== + +According to `Baselibs Module Codeowners `_ +the following committers are assigned to guard the Baselibs repository: + +- ``_ +- ``_ +- ``_ +- ``_ +- ``_ +- ``_ + +Skill Check +=========== + +For the CODEOWNERS the required skills, knowledge and experience is defined in ``_. + +The evidences are not published openly due to personal data confidentiality, but will be checked by the module safety manager. + +- ``_: SW developer and team lead for Safe POSIX SW platform at OEM > 2 years +- ``_: SW developer for Safe POSIX SW platform at OEM > 1.5y and safety manager for camera systems at OEM 1y, member of S-CORE process community +- ``_: SW developer for Safe POSIX SW platform at OEM > 2 years +- ``_: SW architect for Safe POSIX SW platform at OEM > 2 years +- ``_: SW developer and tool expert for Safe POSIX SW platform at OEM > 2 years +- ``_: SW developer for safety related application at OEM > 2 years + +The S-CORE processes are trained on the job by the Baselibs module safety manager to the CODEOWNERS. diff --git a/docs/modules/baselibs/docs/safety_mgt/module_safety_plan.rst b/docs/modules/baselibs/docs/safety_mgt/module_safety_plan.rst index 248486e9611..01f87aadaf9 100644 --- a/docs/modules/baselibs/docs/safety_mgt/module_safety_plan.rst +++ b/docs/modules/baselibs/docs/safety_mgt/module_safety_plan.rst @@ -15,8 +15,6 @@ Module Safety Plan ****************** -.. note:: Document header - .. document:: Baselibs Safety Plan :id: doc__baselibs_safety_plan :status: draft @@ -28,7 +26,7 @@ Module Safety Plan Functional Safety Management Context ==================================== -This Safety Plan adds to the :need:`doc__platform_safety_plan` all the module development relevant work products needed for ISO 26262 conformity. +This Safety Plan adds to the :need:`doc__score_platform_safety_plan` all the module development relevant work products needed for ISO 26262 conformity. Functional Safety Management Scope ================================== @@ -46,7 +44,7 @@ Functional Safety Management Roles - Assignee * - Safety Manager - - tbd + - Alexander Schemmel * - Module Project Manager (= Feature team lead) - Andrey Babanin @@ -54,10 +52,7 @@ Functional Safety Management Roles Tailoring ========= -Additional to the tailoring in the SW platform project as defined in the :need:`doc__platform_safety_plan` we define here the additional tailoring on module level. - -- Excluded for this module are additionally the following work products (and their related requirements): - - :need:`wp__module_sw_build_config` - Baselibs is a collection of libraries, so this work product is specific for every component. +Additional to the tailoring in the SW platform project as defined in the :need:`doc__score_platform_safety_plan` we define here the additional tailoring on module level. Functional Safety Module Work products ====================================== @@ -73,72 +68,52 @@ Module Work products List * - Work product Id - Link to process - Process status - - Link to issue - Link to WP - - WP status * - :need:`wp__module_safety_plan` - :need:`gd_guidl__saf_plan_definitions` - :ndf:`copy('status', need_id='gd_guidl__saf_plan_definitions')` - - `#1255 `_ - this document - - see above * - :need:`wp__module_safety_package` - :need:`gd_guidl__saf_package` - :ndf:`copy('status', need_id='gd_guidl__saf_package')` - - `#1255 `_ - this document (including the linked documentation) - - see above (and below) * - :need:`wp__fdr_reports` (module Safety Plan) - :need:`gd_chklst__safety_plan` - :ndf:`copy('status', need_id='gd_chklst__safety_plan')` - - `#1255 `_ - :need:`doc__baselibs_safety_plan_fdr` - - :ndf:`copy('status', need_id='doc__baselibs_safety_plan_fdr')` * - :need:`wp__fdr_reports` (module Safety Package) - :need:`gd_chklst__safety_package` - :ndf:`copy('status', need_id='gd_chklst__safety_package')` - - `#1255 `_ - :need:`doc__baselibs_safety_package_fdr` - - :ndf:`copy('status', need_id='doc__baselibs_safety_package_fdr')` * - :need:`wp__fdr_reports` (module's Safety Analyses & DFA) - - Safety Analysis FDR tbd - - - - + - :need:`gd_chklst__safety_analysis` + - :ndf:`copy('status', need_id='gd_chklst__safety_analysis')` - - - * - :need:`wp__audit_report` - performed by external experts - n/a - - `#77 `_ - - - * - :need:`wp__module_safety_manual` - :need:`gd_temp__safety_manual` - :ndf:`copy('status', need_id='gd_temp__safety_manual')` - - `#1255 `_ - :need:`doc__baselibs_safety_manual` - - :ndf:`copy('status', need_id='doc__baselibs_safety_manual')` * - :need:`wp__verification_module_ver_report` - :need:`gd_temp__mod_ver_report` - :ndf:`copy('status', need_id='gd_temp__mod_ver_report')` - - `#1255 `_ - :need:`doc__baselibs_verification_report` - - :ndf:`copy('status', need_id='doc__baselibs_verification_report')` * - :need:`wp__module_sw_release_note` - :need:`gd_temp__rel_mod_rel_note` - :ndf:`copy('status', need_id='gd_temp__rel_mod_rel_note')` - - `#1255 `_ - :need:`doc__baselibs_release_note` - - :ndf:`copy('status', need_id='doc__baselibs_release_note')` Component bitmanipulation Work products List @@ -150,94 +125,62 @@ Component bitmanipulation Work products List * - Work product Id - Link to process - Process status - - Link to issue - Link to WP - - WP/doc status * - :need:`wp__requirements_comp` - :need:`gd_temp__req_comp_req` - :ndf:`copy('status', need_id='gd_temp__req_comp_req')` - - `#1719 `_ - :need:`doc__bitmanipulation_requirements` - - :ndf:`copy('status', need_id='doc__bitmanipulation_requirements')` * - :need:`wp__requirements_comp_aou` - :need:`gd_temp__req_aou_req` - :ndf:`copy('status', need_id='gd_temp__req_aou_req')` - - - :need:`doc__bitmanipulation_requirements` - - :ndf:`copy('status', need_id='doc__bitmanipulation_requirements')` * - :need:`wp__requirements_inspect` - :need:`gd_chklst__req_inspection` - :ndf:`copy('status', need_id='gd_chklst__req_inspection')` - - - - - * - :need:`wp__component_arch` - :need:`gd_temp__arch_comp` - :ndf:`copy('status', need_id='gd_temp__arch_comp')` - - `#1822 `_ - :need:`doc__bitmanipulation_architecture` - - :ndf:`copy('status', need_id='doc__bitmanipulation_architecture')` * - :need:`wp__sw_arch_verification` - :need:`gd_chklst__arch_inspection_checklist` - :ndf:`copy('status', need_id='gd_chklst__arch_inspection_checklist')` - - - - - * - :need:`wp__sw_component_fmea` - :need:`gd_temp__comp_saf_fmea` - :ndf:`copy('status', need_id='gd_temp__comp_saf_fmea')` - - - :need:`doc__bitmanipulation_fmea` - - :ndf:`copy('status', need_id='doc__bitmanipulation_fmea')` * - :need:`wp__sw_component_dfa` - :need:`gd_temp__comp_saf_dfa` - :ndf:`copy('status', need_id='gd_temp__comp_saf_dfa')` - - - :need:`doc__bitmanipulation_dfa` - - :ndf:`copy('status', need_id='doc__bitmanipulation_dfa')` * - :need:`wp__sw_implementation` - :need:`gd_guidl__implementation` - :ndf:`copy('status', need_id='gd_guidl__implementation')` - - n/a - `.h/.cpp `_, `design `_ - - valid * - :need:`wp__verification_sw_unit_test` - :need:`gd_guidl__verification_guide` - :ndf:`copy('status', need_id='gd_guidl__verification_guide')` - - n/a - `test.cpp `_ - - valid * - :need:`wp__sw_implementation_inspection` - :need:`gd_chklst__impl_inspection_checklist` - :ndf:`copy('status', need_id='gd_chklst__impl_inspection_checklist')` - - - - - * - :need:`wp__verification_comp_int_test` - :need:`gd_guidl__verification_guide` - :ndf:`copy('status', need_id='gd_guidl__verification_guide')` - - n/a - component integration not needed (no sub-components and units are independent) - - n/a - - * - :need:`wp__module_sw_build_config` - - :need:`gd_temp__software_development_plan` - - :ndf:`copy('status', need_id='gd_temp__software_development_plan')` - - n/a - - `BUILD `_ - - valid - Component containers Work products List --------------------------------------- @@ -248,94 +191,62 @@ Component containers Work products List * - Work product Id - Link to process - Process status - - Link to issue - Link to WP - - WP/doc status * - :need:`wp__requirements_comp` - :need:`gd_temp__req_comp_req` - :ndf:`copy('status', need_id='gd_temp__req_comp_req')` - - `#1718 `_ - :need:`doc__containers_lib_requirements` - - :ndf:`copy('status', need_id='doc__containers_lib_requirements')` * - :need:`wp__requirements_comp_aou` - :need:`gd_temp__req_aou_req` - :ndf:`copy('status', need_id='gd_temp__req_aou_req')` - - - :need:`doc__containers_lib_requirements` - - :ndf:`copy('status', need_id='doc__containers_lib_requirements')` * - :need:`wp__requirements_inspect` - :need:`gd_chklst__req_inspection` - :ndf:`copy('status', need_id='gd_chklst__req_inspection')` - - - - - * - :need:`wp__component_arch` - :need:`gd_temp__arch_comp` - :ndf:`copy('status', need_id='gd_temp__arch_comp')` - - `#1824 `_ - :need:`doc__containers_architecture` - - :ndf:`copy('status', need_id='doc__containers_architecture')` * - :need:`wp__sw_arch_verification` - :need:`gd_chklst__arch_inspection_checklist` - :ndf:`copy('status', need_id='gd_chklst__arch_inspection_checklist')` - - - - - * - :need:`wp__sw_component_fmea` - :need:`gd_temp__comp_saf_fmea` - :ndf:`copy('status', need_id='gd_temp__comp_saf_fmea')` - - - :need:`doc__containers_fmea` - - :ndf:`copy('status', need_id='doc__containers_fmea')` * - :need:`wp__sw_component_dfa` - :need:`gd_temp__comp_saf_dfa` - :ndf:`copy('status', need_id='gd_temp__comp_saf_dfa')` - - - :need:`doc__containers_dfa` - - :ndf:`copy('status', need_id='doc__containers_dfa')` * - :need:`wp__sw_implementation` - :need:`gd_guidl__implementation` - :ndf:`copy('status', need_id='gd_guidl__implementation')` - - n/a - `containers .h/.cpp `_, `containers/design `_ - - draft * - :need:`wp__verification_sw_unit_test` - :need:`gd_guidl__verification_guide` - :ndf:`copy('status', need_id='gd_guidl__verification_guide')` - - n/a - `containers/test.cpp `_ - - valid * - :need:`wp__sw_implementation_inspection` - :need:`gd_chklst__impl_inspection_checklist` - :ndf:`copy('status', need_id='gd_chklst__impl_inspection_checklist')` - - - - - * - :need:`wp__verification_comp_int_test` - :need:`gd_guidl__verification_guide` - :ndf:`copy('status', need_id='gd_guidl__verification_guide')` - - n/a - component integration not needed (no sub-components and units are independent) - - n/a - - * - :need:`wp__module_sw_build_config` - - :need:`gd_temp__software_development_plan` - - :ndf:`copy('status', need_id='gd_temp__software_development_plan')` - - n/a - - `containers/BUILD `_ - - valid - Component filesystem Work products List --------------------------------------- @@ -346,97 +257,65 @@ Component filesystem Work products List * - Work product Id - Link to process - Process status - - Link to issue - Link to WP - - WP/doc status * - :need:`wp__requirements_comp` - :need:`gd_temp__req_comp_req` - :ndf:`copy('status', need_id='gd_temp__req_comp_req')` - - `#1720 `_ - :need:`doc__filesystem_lib_requirements` - - :ndf:`copy('status', need_id='doc__filesystem_lib_requirements')` * - :need:`wp__requirements_comp_aou` - :need:`gd_temp__req_aou_req` - :ndf:`copy('status', need_id='gd_temp__req_aou_req')` - - - :need:`doc__filesystem_lib_requirements` - - :ndf:`copy('status', need_id='doc__filesystem_lib_requirements')` * - :need:`wp__requirements_inspect` - :need:`gd_chklst__req_inspection` - :ndf:`copy('status', need_id='gd_chklst__req_inspection')` - - - - - * - :need:`wp__component_arch` - :need:`gd_temp__arch_comp` - :ndf:`copy('status', need_id='gd_temp__arch_comp')` - - `#1823 `_ - :need:`doc__filesystem_architecture` - - :ndf:`copy('status', need_id='doc__filesystem_architecture')` * - :need:`wp__sw_arch_verification` - :need:`gd_chklst__arch_inspection_checklist` - :ndf:`copy('status', need_id='gd_chklst__arch_inspection_checklist')` - - - - - * - :need:`wp__sw_component_fmea` - :need:`gd_temp__comp_saf_fmea` - :ndf:`copy('status', need_id='gd_temp__comp_saf_fmea')` - - - :need:`doc__filesystem_fmea` - - :ndf:`copy('status', need_id='doc__filesystem_fmea')` * - :need:`wp__sw_component_dfa` - :need:`gd_temp__comp_saf_dfa` - :ndf:`copy('status', need_id='gd_temp__comp_saf_dfa')` - - - :need:`doc__filesystem_dfa` - - :ndf:`copy('status', need_id='doc__filesystem_dfa')` * - :need:`wp__sw_implementation` - :need:`gd_guidl__implementation` - :ndf:`copy('status', need_id='gd_guidl__implementation')` - - n/a - `filesystem .h/.cpp `_, `filesystem/design `_ - - valid * - :need:`wp__verification_sw_unit_test` - :need:`gd_guidl__verification_guide` - :ndf:`copy('status', need_id='gd_guidl__verification_guide')` - - n/a - `filesystem/test.cpp `_ - - valid * - :need:`wp__sw_implementation_inspection` - :need:`gd_chklst__impl_inspection_checklist` - :ndf:`copy('status', need_id='gd_chklst__impl_inspection_checklist')` - - - - - * - :need:`wp__verification_comp_int_test` - :need:`gd_guidl__verification_guide` - :ndf:`copy('status', need_id='gd_guidl__verification_guide')` - - n/a - component integration not needed (no sub-components and units are independent) - - n/a - - * - :need:`wp__module_sw_build_config` - - :need:`gd_temp__software_development_plan` - - :ndf:`copy('status', need_id='gd_temp__software_development_plan')` - - n/a - - `filesystem/BUILD `_ - - valid - Component result Work products List ---------------------------------------- +----------------------------------- .. list-table:: Component result Work products :header-rows: 1 @@ -444,97 +323,65 @@ Component result Work products List * - Work product Id - Link to process - Process status - - Link to issue - Link to WP - - WP/doc status * - :need:`wp__requirements_comp` - :need:`gd_temp__req_comp_req` - :ndf:`copy('status', need_id='gd_temp__req_comp_req')` - - n/a - :need:`doc__result_lib_requirements` - - :ndf:`copy('status', need_id='doc__result_lib_requirements')` * - :need:`wp__requirements_comp_aou` - :need:`gd_temp__req_aou_req` - :ndf:`copy('status', need_id='gd_temp__req_aou_req')` - - - :need:`doc__result_lib_requirements` - - :ndf:`copy('status', need_id='doc__result_lib_requirements')` * - :need:`wp__requirements_inspect` - :need:`gd_chklst__req_inspection` - :ndf:`copy('status', need_id='gd_chklst__req_inspection')` - - - - - * - :need:`wp__component_arch` - :need:`gd_temp__arch_comp` - :ndf:`copy('status', need_id='gd_temp__arch_comp')` - - `#1821 `_ - :need:`doc__result_architecture` - - :ndf:`copy('status', need_id='doc__result_architecture')` * - :need:`wp__sw_arch_verification` - :need:`gd_chklst__arch_inspection_checklist` - :ndf:`copy('status', need_id='gd_chklst__arch_inspection_checklist')` - - - - - * - :need:`wp__sw_component_fmea` - :need:`gd_temp__comp_saf_fmea` - :ndf:`copy('status', need_id='gd_temp__comp_saf_fmea')` - - - :need:`doc__result_fmea` - - :ndf:`copy('status', need_id='doc__result_fmea')` * - :need:`wp__sw_component_dfa` - :need:`gd_temp__comp_saf_dfa` - :ndf:`copy('status', need_id='gd_temp__comp_saf_dfa')` - - - :need:`doc__result_dfa` - - :ndf:`copy('status', need_id='doc__result_dfa')` * - :need:`wp__sw_implementation` - :need:`gd_guidl__implementation` - :ndf:`copy('status', need_id='gd_guidl__implementation')` - - n/a - `result .h/.cpp `_, `result/design `_ - - draft * - :need:`wp__verification_sw_unit_test` - :need:`gd_guidl__verification_guide` - :ndf:`copy('status', need_id='gd_guidl__verification_guide')` - - n/a - `result/test.cpp `_ - - valid * - :need:`wp__sw_implementation_inspection` - :need:`gd_chklst__impl_inspection_checklist` - :ndf:`copy('status', need_id='gd_chklst__impl_inspection_checklist')` - - - - - * - :need:`wp__verification_comp_int_test` - :need:`gd_guidl__verification_guide` - :ndf:`copy('status', need_id='gd_guidl__verification_guide')` - - n/a - component integration not needed (no sub-components and units are independent) - - n/a - - * - :need:`wp__module_sw_build_config` - - :need:`gd_temp__software_development_plan` - - :ndf:`copy('status', need_id='gd_temp__software_development_plan')` - - n/a - - `result/BUILD `_ - - valid - Component json Work products List ---------------------------------------- +--------------------------------- .. list-table:: Component json Work products :header-rows: 1 @@ -542,103 +389,128 @@ Component json Work products List * - Work product Id - Link to process - Process status - - Link to issue - Link to WP - - WP/doc status * - :need:`wp__requirements_comp` - :need:`gd_temp__req_comp_req` - :ndf:`copy('status', need_id='gd_temp__req_comp_req')` - - `#1432 `_ - :need:`doc__json_requirements` - - :ndf:`copy('status', need_id='doc__json_requirements')` * - :need:`wp__requirements_comp_aou` - :need:`gd_temp__req_aou_req` - :ndf:`copy('status', need_id='gd_temp__req_aou_req')` - - - :need:`doc__json_requirements` - - :ndf:`copy('status', need_id='doc__json_requirements')` * - :need:`wp__requirements_inspect` - :need:`gd_chklst__req_inspection` - :ndf:`copy('status', need_id='gd_chklst__req_inspection')` - - - - - * - :need:`wp__component_arch` - :need:`gd_temp__arch_comp` - :ndf:`copy('status', need_id='gd_temp__arch_comp')` - - n/a - :need:`doc__json_architecture` - - :ndf:`copy('status', need_id='doc__json_architecture')` * - :need:`wp__sw_arch_verification` - :need:`gd_chklst__arch_inspection_checklist` - :ndf:`copy('status', need_id='gd_chklst__arch_inspection_checklist')` - - - - - * - :need:`wp__sw_component_fmea` - :need:`gd_temp__comp_saf_fmea` - :ndf:`copy('status', need_id='gd_temp__comp_saf_fmea')` - - - :need:`doc__json_fmea` - - :ndf:`copy('status', need_id='doc__json_fmea')` * - :need:`wp__sw_component_dfa` - :need:`gd_temp__comp_saf_dfa` - :ndf:`copy('status', need_id='gd_temp__comp_saf_dfa')` - - - :need:`doc__json_dfa` - - :ndf:`copy('status', need_id='doc__json_dfa')` * - :need:`wp__sw_implementation` - :need:`gd_guidl__implementation` - :ndf:`copy('status', need_id='gd_guidl__implementation')` - - n/a - `json .h/.cpp `_, `json/design `_ - - valid * - :need:`wp__verification_sw_unit_test` - :need:`gd_guidl__verification_guide` - :ndf:`copy('status', need_id='gd_guidl__verification_guide')` - - n/a - `json/test.cpp `_ - - valid * - :need:`wp__sw_implementation_inspection` - :need:`gd_chklst__impl_inspection_checklist` - :ndf:`copy('status', need_id='gd_chklst__impl_inspection_checklist')` - - - - - * - :need:`wp__verification_comp_int_test` - :need:`gd_guidl__verification_guide` - :ndf:`copy('status', need_id='gd_guidl__verification_guide')` - - - - - - - * - :need:`wp__module_sw_build_config` - - :need:`gd_temp__software_development_plan` - - :ndf:`copy('status', need_id='gd_temp__software_development_plan')` - - n/a - - `json/BUILD `_ - - valid * - :need:`wp__sw_component_class` - :need:`tsf__trust__trustable-software` - :ndf:`copy('status', need_id='gd_guidl__component_classification')` - - `#1460 `_ - `TSF Report on nlohman/json `_ - - draft All other components of the baselibs module as released in the :need:`doc__baselibs_release_note` are not planned to be qualifiable stand alone (as SEooC), but only in context, for example as they are used in other S-CORE modules (e.g. communication). To be qualifiable in context those come with unit tests, are implemented according to defined coding and detailed design guidelines, achieve the required structural coverage and fulfill the AoUs of the reference OS (e.g. don’t use banned functions). + +Module Safety Package +===================== + +To create the safety package (according to :need:`gd_guidl__saf_package`) the following +documents and work products status have to go to "valid" (after the relevant verification were performed). + +Module Documents Status +----------------------- + +For all the work product documents the status can be seen by following the "Link to WP". +A summary of the status is also documented in the project's documentation management plan. + +See :ref:`documents_docs_modules_baselibs_docs` + +Component Documents Status +-------------------------- + +For all the work product documents the status can be seen by following the "Link to WP". +A summary of the status is also documented in the project's documentation management plan. + +See :ref:`documents_docs_modules_baselibs_components` + +Component Requirements Status +----------------------------- + +.. needtable:: + :filter: docname is not None and "baselibs" in docname and "requirements" in docname + :style: table + :types: comp_req + :tags: baselibs + :columns: id;status;tags + :colwidths: 25,25,25 + :sort: title + +Component AoU Status +-------------------- + +.. needtable:: + :filter: docname is not None and "baselibs" in docname and "requirements" in docname + :style: table + :types: aou_req + :tags: baselibs + :columns: id;status;tags + :colwidths: 25,25,25 + :sort: title + +Component Architecture Status +----------------------------- + +.. needtable:: + :filter: docname is not None and "baselibs" in docname and "architecture" in docname + :style: table + :types: comp_arc_sta; comp_arc_dyn + :tags: baselibs + :columns: id;status;tags + :colwidths: 25,25,25 + :sort: title diff --git a/docs/modules/baselibs/filesystem/docs/architecture/index.rst b/docs/modules/baselibs/filesystem/docs/architecture/index.rst index a6c3ba211e3..a2f52544a0b 100644 --- a/docs/modules/baselibs/filesystem/docs/architecture/index.rst +++ b/docs/modules/baselibs/filesystem/docs/architecture/index.rst @@ -29,8 +29,8 @@ see :need:`doc__filesystem` Static Architecture ------------------- -.. comp_arc_sta:: Filesystem - :id: comp_arc_sta__baselibs__filesystem +.. comp:: Filesystem + :id: comp__baselibs_filesystem :security: YES :safety: ASIL_B :status: valid diff --git a/docs/modules/baselibs/filesystem/docs/requirements/index.rst b/docs/modules/baselibs/filesystem/docs/requirements/index.rst index 3f10cf4d890..6dc1ec83f98 100644 --- a/docs/modules/baselibs/filesystem/docs/requirements/index.rst +++ b/docs/modules/baselibs/filesystem/docs/requirements/index.rst @@ -33,6 +33,7 @@ Functional Requirements :safety: ASIL_B :satisfies: feat_req__baselibs__consistent_apis, feat_req__baselibs__filesystem_library :status: valid + :belongs_to: comp__baselibs_filesystem The Filesystem library shall provide filesystem API based on the C++ standardization. @@ -43,6 +44,7 @@ Functional Requirements :safety: ASIL_B :satisfies: feat_req__baselibs__consistent_apis, feat_req__baselibs__filesystem_library :status: valid + :belongs_to: comp__baselibs_filesystem The Filesystem library shall provide type-safe utilities for path construction and manipulation. @@ -53,6 +55,7 @@ Functional Requirements :safety: ASIL_B :satisfies: feat_req__baselibs__filesystem_library :status: valid + :belongs_to: comp__baselibs_filesystem The Filesystem library shall provide directory iterator types for traversing directory contents. @@ -63,6 +66,7 @@ Functional Requirements :safety: ASIL_B :satisfies: feat_req__baselibs__filesystem_library :status: valid + :belongs_to: comp__baselibs_filesystem The Filesystem library shall provide functionality for reading from and writing to files, including buffered I/O operations. @@ -73,6 +77,7 @@ Functional Requirements :safety: ASIL_B :satisfies: feat_req__baselibs__filesystem_library :status: valid + :belongs_to: comp__baselibs_filesystem The public API of the library shall support dependency injection with test doubles. @@ -85,6 +90,7 @@ Functional Requirements :safety: ASIL_B :satisfies: feat_req__baselibs__filesystem_library :status: valid + :belongs_to: comp__baselibs_filesystem The Filesystem library shall provide additional file utility functions, such as temporary file handling and file comparison. @@ -95,8 +101,59 @@ Functional Requirements :safety: ASIL_B :satisfies: feat_req__baselibs__filesystem_library :status: valid + :belongs_to: comp__baselibs_filesystem The Filesystem library shall provide mock and fake implementations for unit testing and validation. +Assumptions of Use (AoU) +======================== + +.. aou_req:: Low-Level Use Only + :id: aou_req__filesystem__low_level_use_only + :reqtype: Functional + :security: NO + :safety: ASIL_B + :status: valid + + Users shall use this library only when they need to manipulate files, directories, and paths at the operating system level beyond what higher-level storage abstractions provide, accepting reduced portability to other platforms. + +.. aou_req:: Supported Path Formats + :id: aou_req__filesystem__supported_path_formats + :reqtype: Functional + :security: NO + :safety: ASIL_B + :status: valid + + Users shall not use Windows paths with this library. + +.. aou_req:: Error Handling + :id: aou_req__filesystem__error_handling + :reqtype: Functional + :security: NO + :safety: ASIL_B + :status: valid + + Users shall handle all function return values and take appropriate action on errors. + +.. aou_req:: Thread Safety + :id: aou_req__filesystem__thread_safety + :reqtype: Non-Functional + :security: NO + :safety: ASIL_B + :status: valid + + Users shall implement appropriate synchronization mechanisms when accessing shared filesystem resources concurrently. + +.. aou_req:: Performance + :id: aou_req__filesystem__performance + :reqtype: Non-Functional + :security: NO + :safety: ASIL_B + :status: valid + + Users shall not assume any performance characteristics. + + Note: Filesystem operations are subject to underlying OS and storage performance. + .. needextend:: "__filesystem__" in id :+tags: baselibs diff --git a/docs/modules/baselibs/index.rst b/docs/modules/baselibs/index.rst index 61741f356af..c9de56d580f 100644 --- a/docs/modules/baselibs/index.rst +++ b/docs/modules/baselibs/index.rst @@ -20,6 +20,7 @@ Baselibs Module :maxdepth: 2 ./docs/index + language/index Components ========== diff --git a/docs/modules/baselibs/json/docs/architecture/index.rst b/docs/modules/baselibs/json/docs/architecture/index.rst index c0efce84bf7..3a499af247f 100644 --- a/docs/modules/baselibs/json/docs/architecture/index.rst +++ b/docs/modules/baselibs/json/docs/architecture/index.rst @@ -58,14 +58,22 @@ the main driver is to re-use existing implementation(s), enable switch of implem Static Architecture ------------------- -.. comp_arc_sta:: JSON - :id: comp_arc_sta__baselibs__json +.. comp:: JSON + :id: comp__baselibs_json :security: YES :safety: ASIL_B :status: valid :implements: logic_arc_int__baselibs__json - :includes: comp_arc_sta__baselibs__json_wrapper, comp_arc_sta__baselibs__nlohman_json + :consists_of: comp__baselibs_json_wrapper, comp__baselibs_nlohman_json + + +.. comp_arc_sta:: JSON Static view + :id: comp_arc_sta__baselibs__json + :security: YES + :safety: ASIL_B + :status: valid :fulfils: comp_req__json__deserialization, comp_req__json__serialization, comp_req__json__user_format, comp_req__json__lang_idioms, comp_req__json__lang_infra, comp_req__json__type_compatibility, comp_req__json__full_testability, comp_req__json__asil + :belongs_to: comp__baselibs_json .. needarch:: :scale: 50 @@ -83,6 +91,7 @@ Dynamic Architecture :safety: ASIL_B :status: invalid :fulfils: comp_req__json__deserialization, comp_req__json__serialization, comp_req__json__user_format, comp_req__json__lang_idioms, comp_req__json__lang_infra, comp_req__json__type_compatibility, comp_req__json__full_testability, comp_req__json__asil + :belongs_to: comp__baselibs_json put here a sequence diagram (TBD) @@ -119,17 +128,16 @@ Interfaces Lower Level Components ---------------------- -.. comp_arc_sta:: JSON-Wrapper - :id: comp_arc_sta__baselibs__json_wrapper +.. comp:: JSON-Wrapper + :id: comp__baselibs_json_wrapper :security: YES :safety: ASIL_B :status: valid :implements: logic_arc_int__baselibs__json - :fulfils: comp_req__json__user_format, comp_req__json__lang_idioms, comp_req__json__lang_infra, comp_req__json__type_compatibility, comp_req__json__full_testability, comp_req__json__serialization, comp_req__json__asil -.. comp_arc_sta:: nlohman-JSON - :id: comp_arc_sta__baselibs__nlohman_json + +.. comp:: nlohman-JSON + :id: comp__baselibs_nlohman_json :security: YES :safety: ASIL_B :status: valid - :fulfils: comp_req__json__deserialization, comp_req__json__asil diff --git a/docs/modules/baselibs/json/docs/json_wrapper/requirements/index.rst b/docs/modules/baselibs/json/docs/json_wrapper/requirements/index.rst index 7833ce180e1..115ef6d5d7e 100644 --- a/docs/modules/baselibs/json/docs/json_wrapper/requirements/index.rst +++ b/docs/modules/baselibs/json/docs/json_wrapper/requirements/index.rst @@ -28,4 +28,4 @@ The component split was done nevertheless, because "JSON Wrapper" is implemented "nlohman_json" is reused from open source. So the requirements for "JSON Wrapper" are documented in :need:`doc__json_requirements` -(all requirements which are "fulfilled_by" :need:`comp_arc_sta__baselibs__json_wrapper`) +(all requirements which are "fulfilled_by" :need:`comp__baselibs_json_wrapper`) diff --git a/docs/modules/baselibs/json/docs/requirements/index.rst b/docs/modules/baselibs/json/docs/requirements/index.rst index 5c725b4143f..0b1b8c8524b 100644 --- a/docs/modules/baselibs/json/docs/requirements/index.rst +++ b/docs/modules/baselibs/json/docs/requirements/index.rst @@ -32,6 +32,7 @@ General Requirements :safety: ASIL_B :satisfies: feat_req__baselibs__json_library :status: valid + :belongs_to: comp__baselibs_json The JSON-Library shall provide a service to deserialize JSON data according to RFC8259, i.e. parse and check for well-formedness. @@ -43,6 +44,7 @@ General Requirements :safety: ASIL_B :satisfies: feat_req__baselibs__json_library :status: valid + :belongs_to: comp__baselibs_json The JSON-Library shall provide a service to serialize user format into JSON data according to RFC8259. @@ -53,6 +55,7 @@ General Requirements :safety: ASIL_B :satisfies: feat_req__baselibs__json_library :status: valid + :belongs_to: comp__baselibs_json The JSON-Library shall return parsed data in a compatible user format. @@ -68,6 +71,7 @@ User friendly API for information exchange :safety: ASIL_B :satisfies: feat_req__baselibs__json_library, feat_req__baselibs__consistent_apis :status: valid + :belongs_to: comp__baselibs_json The public API shall support the idioms of the programming language it is written in. @@ -78,6 +82,7 @@ User friendly API for information exchange :safety: ASIL_B :satisfies: feat_req__baselibs__json_library :status: valid + :belongs_to: comp__baselibs_json The public API shall use core infrastructure of its programming language and accompanying standard libraries, whenever possible and meaningful. @@ -91,6 +96,7 @@ User friendly API for information exchange :safety: ASIL_B :satisfies: feat_req__baselibs__json_library :status: valid + :belongs_to: comp__baselibs_json The public API shall enforce strict type compatibility. When a user requests a value, the API shall validate that the requested return type is compatible with the type and value of the stored JSON data. @@ -107,6 +113,7 @@ Full testability for the user facing API :safety: ASIL_B :satisfies: feat_req__baselibs__json_library :status: valid + :belongs_to: comp__baselibs_json The public API of the library shall support dependency injection with test doubles. @@ -122,6 +129,7 @@ Safety Impact :safety: ASIL_B :satisfies: feat_req__baselibs__json_library, feat_req__baselibs__safety :status: valid + :belongs_to: comp__baselibs_json The JSON library shall be ASIL-B compliant. diff --git a/docs/modules/baselibs/language/futurecpp/docs/index.rst b/docs/modules/baselibs/language/futurecpp/docs/index.rst new file mode 100644 index 00000000000..881d015bafb --- /dev/null +++ b/docs/modules/baselibs/language/futurecpp/docs/index.rst @@ -0,0 +1,50 @@ +.. + # ******************************************************************************* + # Copyright (c) 2025 Contributors to the Eclipse Foundation + # + # See the NOTICE file(s) distributed with this work for additional + # information regarding copyright ownership. + # + # This program and the accompanying materials are made available under the + # terms of the Apache License Version 2.0 which is available at + # https://www.apache.org/licenses/LICENSE-2.0 + # + # SPDX-License-Identifier: Apache-2.0 + # ******************************************************************************* + +futurecpp +######### + +.. document:: FutureCPP Library + :id: doc__futurecpp + :status: draft + :safety: ASIL_B + :tags: baselibs_futurecpp + :realizes: wp__cmpt_request + :security: YES + +.. toctree:: + :hidden: + +Abstract +======== + +FutureCPP extends the C++ Standard Library with features from newer standards up to C++26 and selected proposals, offering an STL-like API. + +Motivation and Rationale +======================== + +Adopting the latest C++ standards is often challenging in safety-critical environments, which can delay access to modern language and library features. +FutureCPP addresses this by providing forward-compatible extensions that mirror upcoming Standard Library capabilities, allowing developers to benefit +from modern APIs without waiting for full compiler support. This approach ensures smoother transitions to future standards. + +Following components are provided by FutureCPP: + +- **Containers library**: Provides data structures such as fixed-size circular buffers, multi-dimensional array views, and containers for optional or variant types. +- **Functional library**: Provides APIs for function wrappers and error handling. +- **Numeric and Math library**: Provides mathematical utilities such as angle conversions, safe numeric casts, interpolation, and angle wrapping. +- **Memory management library**: Provides polymorphic allocators and related utilities which allow flexible memory allocation. +- **Meta Programming**: Provides compile-time utilities for generic programming, enabling type-safe abstractions and reducing code duplication. +- **Threading Support**: Provides API for thread management. +- **Utilities library**: Provides APIs for type safe conversion. +- **String Utilities**: Provides APIs for managing string related functionality. diff --git a/docs/modules/persistency/index.rst b/docs/modules/baselibs/language/index.rst similarity index 76% rename from docs/modules/persistency/index.rst rename to docs/modules/baselibs/language/index.rst index b7e498ec7c6..3dd570ccb2e 100644 --- a/docs/modules/persistency/index.rst +++ b/docs/modules/baselibs/language/index.rst @@ -12,21 +12,10 @@ # SPDX-License-Identifier: Apache-2.0 # ******************************************************************************* -Persistency KVS Module -###################### +language +######## .. toctree:: - :titlesonly: - :maxdepth: 2 + :hidden: - ./docs/index - -Components -========== - -.. toctree:: - :titlesonly: - :maxdepth: 1 - :glob: - - ./*/docs/index + futurecpp/docs/index.rst diff --git a/docs/modules/baselibs/memory_shared/docs/architecture/index.rst b/docs/modules/baselibs/memory_shared/docs/architecture/index.rst index 19ac0bb81e0..d5f0167b5ef 100644 --- a/docs/modules/baselibs/memory_shared/docs/architecture/index.rst +++ b/docs/modules/baselibs/memory_shared/docs/architecture/index.rst @@ -15,8 +15,8 @@ Memory Shared Component Architecture ************************************ -.. comp_arc_sta:: Memory Shared - :id: comp_arc_sta__baselibs__memory_shared +.. comp:: Memory Shared + :id: comp__baselibs_memory_shared :security: YES :safety: ASIL_B :status: valid diff --git a/docs/modules/baselibs/memory_shared/docs/index.rst b/docs/modules/baselibs/memory_shared/docs/index.rst index b5b99cbc537..bbb4250a8c1 100644 --- a/docs/modules/baselibs/memory_shared/docs/index.rst +++ b/docs/modules/baselibs/memory_shared/docs/index.rst @@ -14,10 +14,56 @@ .. _comp_doc_memory_shared: -memory_shared -############# +memory +###### + +.. document:: Memory Library + :id: doc__memory + :status: draft + :safety: ASIL_B + :tags: baselibs_memory + :realizes: wp__cmpt_request + :security: YES .. toctree:: :hidden: architecture/index + requirements/index.rst + +Abstract +======== + +The Memory library provides APIs for memory management to facilitate inter-process communication (IPC) in the S-CORE software platform. + +Motivation and Rationale +======================== + +The Memory library shall provide mechanisms for creating, accessing, and managing shared memory between different processes. +It includes support for polymorphic memory resource allocators using offset pointers and additional utilities to deal with memory use-cases. + +The Memory library is needed in the S-CORE software platform because subsystems like Communication and Logging rely on shared memory for inter-process communication. + +Specification +============= + +The following details and requirements describe the aspects of the current feature in the context of S-CORE. + +General considerations +---------------------- + +The Memory Library should provide APIs for memory management: + +* :need:`comp_req__memory__shared_memory` +* :need:`comp_req__memory__offset_ptr` +* :need:`comp_req__memory__shared_containers` +* :need:`comp_req__memory__ipc_sync` +* :need:`comp_req__memory__bounds_check` +* :need:`comp_req__memory__endianness` +* :need:`comp_req__memory__sealed_shm` +* :need:`comp_req__memory__typed_memory` +* :need:`comp_req__memory__resource_registry` +* :need:`comp_req__memory__string_utils` +* :need:`comp_req__memory__atomic_ops` + +The library should ensure that all memory operations are performed safely, with appropriate bounds checking and synchronization mechanisms to prevent memory corruption. diff --git a/docs/modules/baselibs/memory_shared/docs/requirements/index.rst b/docs/modules/baselibs/memory_shared/docs/requirements/index.rst new file mode 100644 index 00000000000..e127778c19c --- /dev/null +++ b/docs/modules/baselibs/memory_shared/docs/requirements/index.rst @@ -0,0 +1,174 @@ +.. + # ******************************************************************************* + # Copyright (c) 2025 Contributors to the Eclipse Foundation + # + # See the NOTICE file(s) distributed with this work for additional + # information regarding copyright ownership. + # + # This program and the accompanying materials are made available under the + # terms of the Apache License Version 2.0 which is available at + # https://www.apache.org/licenses/LICENSE-2.0 + # + # SPDX-License-Identifier: Apache-2.0 + # ******************************************************************************* + +Requirements +############ + +.. document:: Memory Library Requirements + :id: doc__memory_lib_requirements + :status: draft + :safety: ASIL_B + :security: YES + :realizes: wp__requirements_comp + :tags: requirements, memory_library + +Functional Requirements +======================= + +.. comp_req:: Shared Memory Management + :id: comp_req__memory__shared_memory + :reqtype: Functional + :security: YES + :safety: ASIL_B + :satisfies: feat_req__baselibs__core_utilities, feat_req__baselibs__memory_library, feat_req__baselibs__safety + :status: valid + :belongs_to: comp__baselibs_memory_shared + + The Memory library shall provide capabilities for creating, opening and managing shared memory. + +.. comp_req:: Polymorphic OffsetPtr Allocator + :id: comp_req__memory__offset_ptr + :reqtype: Functional + :security: YES + :safety: ASIL_B + :satisfies: feat_req__baselibs__core_utilities, feat_req__baselibs__memory_library, feat_req__baselibs__safety + :status: valid + :belongs_to: comp__baselibs_memory_shared + + The Memory library shall provide polymorphic memory resource allocators using offset pointers instead of raw pointers to enable allocation in shared memory regions accessible across multiple processes. The standard library's std::pmr::polymorphic_allocator is not applicable as it uses raw pointers that are invalid when shared memory is mapped at different virtual addresses in different processes. + +.. comp_req:: Shared Memory Containers + :id: comp_req__memory__shared_containers + :reqtype: Functional + :security: YES + :safety: ASIL_B + :satisfies: feat_req__baselibs__core_utilities, feat_req__baselibs__memory_library, feat_req__baselibs__safety + :status: valid + :belongs_to: comp__baselibs_memory_shared + + The Memory library shall provide type aliases for STL containers (vector, map, string) that use offset pointers for shared memory storage. + +.. comp_req:: Inter-Process Synchronization + :id: comp_req__memory__ipc_sync + :reqtype: Functional + :security: YES + :safety: ASIL_B + :satisfies: feat_req__baselibs__core_utilities, feat_req__baselibs__memory_library, feat_req__baselibs__safety + :status: valid + :belongs_to: comp__baselibs_memory_shared + + The Memory library shall provide file-based locking mechanisms for inter-process synchronization and mutual exclusion. + +.. comp_req:: Memory Region Bounds Checking + :id: comp_req__memory__bounds_check + :reqtype: Functional + :security: YES + :safety: ASIL_B + :satisfies: feat_req__baselibs__safety, feat_req__baselibs__memory_library + :status: valid + :belongs_to: comp__baselibs_memory_shared + + The Memory library shall track and validate memory region boundaries to prevent out-of-bounds access in shared memory. + +.. comp_req:: Endianness Conversion + :id: comp_req__memory__endianness + :reqtype: Functional + :security: NO + :safety: ASIL_B + :satisfies: feat_req__baselibs__core_utilities, feat_req__baselibs__memory_library + :status: valid + :belongs_to: comp__baselibs_memory_shared + + The Memory library shall provide byte order conversion between host and network byte order (big/little endian). + +.. comp_req:: Sealed Shared Memory + :id: comp_req__memory__sealed_shm + :reqtype: Functional + :security: YES + :safety: ASIL_B + :satisfies: feat_req__baselibs__safety, feat_req__baselibs__memory_library, feat_req__baselibs__security + :status: valid + :belongs_to: comp__baselibs_memory_shared + + The Memory library shall provide immutable shared memory segments that become read-only after initialization. + +.. comp_req:: Typed Memory + :id: comp_req__memory__typed_memory + :reqtype: Functional + :security: YES + :safety: ASIL_B + :satisfies: feat_req__baselibs__safety, feat_req__baselibs__memory_library + :status: valid + :belongs_to: comp__baselibs_memory_shared + + The Memory library shall provide an interface to allocate shared memory from typed memory regions. + +.. comp_req:: Memory Resource Registry + :id: comp_req__memory__resource_registry + :reqtype: Functional + :security: NO + :safety: ASIL_B + :satisfies: feat_req__baselibs__core_utilities, feat_req__baselibs__memory_library + :status: valid + :belongs_to: comp__baselibs_memory_shared + + The Memory library shall provide a global registry for memory resource lookup and management. + +.. comp_req:: String Utilities + :id: comp_req__memory__string_utils + :reqtype: Functional + :security: NO + :safety: ASIL_B + :satisfies: feat_req__baselibs__core_utilities, feat_req__baselibs__memory_library + :status: valid + :belongs_to: comp__baselibs_memory_shared + + The Memory library shall provide zero-allocation string utilities including splitting, comparison, and compile-time literals. + +.. comp_req:: Atomic Operations in Shared Memory + :id: comp_req__memory__atomic_ops + :reqtype: Functional + :security: YES + :safety: ASIL_B + :satisfies: feat_req__baselibs__memory_library, feat_req__baselibs__safety + :status: valid + :belongs_to: comp__baselibs_memory_shared + + The Memory library shall provide atomic operations on shared memory data for lock-free inter-process communication. + + +Non-Functional Requirements +=========================== + +.. comp_req:: Deterministic Memory Allocation + :id: comp_req__memory__deterministic_alloc + :reqtype: Non-Functional + :security: NO + :safety: ASIL_B + :satisfies: feat_req__baselibs__core_utilities, feat_req__baselibs__safety + :status: valid + :belongs_to: comp__baselibs_memory_shared + + The shared memory allocation shall provide deterministic behavior with predictable execution time suitable for real-time automotive systems. + +.. comp_req:: Process Address Space Independence + :id: comp_req__memory__address_independence + :reqtype: Non-Functional + :security: YES + :safety: ASIL_B + :satisfies: feat_req__baselibs__safety, feat_req__baselibs__memory_library + :status: valid + :belongs_to: comp__baselibs_memory_shared + + The Memory library shall ensure shared memory data structures remain valid regardless of process virtual address space mappings. diff --git a/docs/modules/baselibs/message_passing/docs/architecture/index.rst b/docs/modules/baselibs/message_passing/docs/architecture/index.rst index 9a5c760d7e5..cb791c123df 100644 --- a/docs/modules/baselibs/message_passing/docs/architecture/index.rst +++ b/docs/modules/baselibs/message_passing/docs/architecture/index.rst @@ -15,8 +15,8 @@ Message Passing Component Architecture ************************************** -.. comp_arc_sta:: Message Passing - :id: comp_arc_sta__baselibs__message_passing +.. comp:: Message Passing + :id: comp__baselibs_message_passing :security: YES :safety: ASIL_B :status: valid diff --git a/docs/modules/baselibs/result/docs/architecture/index.rst b/docs/modules/baselibs/result/docs/architecture/index.rst index 3699bc35bb1..ef02b36de68 100644 --- a/docs/modules/baselibs/result/docs/architecture/index.rst +++ b/docs/modules/baselibs/result/docs/architecture/index.rst @@ -30,8 +30,8 @@ see :need:`doc__result` Static Architecture ------------------- -.. comp_arc_sta:: Result - :id: comp_arc_sta__baselibs__result +.. comp:: Result + :id: comp__baselibs_result :security: YES :safety: ASIL_B :status: valid diff --git a/docs/modules/baselibs/result/docs/requirements/chklst_req_inspection.rst b/docs/modules/baselibs/result/docs/requirements/chklst_req_inspection.rst index b98ed33512f..339fbd41bb9 100644 --- a/docs/modules/baselibs/result/docs/requirements/chklst_req_inspection.rst +++ b/docs/modules/baselibs/result/docs/requirements/chklst_req_inspection.rst @@ -15,7 +15,7 @@ .. document:: Result Library Requirements Inspection Checklist :id: doc__result_library_req_inspection - :status: draft + :status: valid :safety: ASIL_B :security: YES :realizes: wp__requirements_inspect @@ -31,10 +31,10 @@ Requirement Inspection Checklist As described in the concept :need:`doc_concept__wp_inspections` the following "inspection roles" are expected to be filled: - - author: these are the persons who did the last commits on the requirements in scope (can be derived from version mgt tool) - - reviewer: these are all persons committing into this inspection document or giving a pull request verdict on it (can be derived from version mgt tool) + - author: ``_ + - reviewer: ``_ - moderator: only needed for conflict resolution between author and reviewers, is the safety manager, security manager or quality manager called in as a reviewer (can be derived from version mgt tool) - - test expert: + - test expert: ``_ **Checklist** @@ -57,21 +57,21 @@ Requirement Inspection Checklist * - REQ_02_01 - Is the requirement description *comprehensible* ? - If you think the requirement is hard to understand, comment here. - - NO - - :need:`comp_req__result__std_integration` : it is not clear what "standard library optional type, with enforced error handling" means. + - YES + - Fixed: :need:`comp_req__result__std_integration` : it is not clear what "standard library optional type, with enforced error handling" means. - `#2229 `_ * - REQ_02_02 - Is the requirement description *unambiguous* ? - Especially search for "weak words" like "about", "etc.", "relevant" and others (see the internet documentation on this). This check shall be supported by tooling. - - NO - - :need:`aou_req__result__thread_safety` : uses "appropriate" + - YES + - Fixed: :need:`aou_req__result__thread_safety` : uses "appropriate" - `#2229 `_ * - REQ_02_03 - Is the requirement description *atomic* ? - A good way to think about this is to consider if the requirement may be tested by one (positive) test case or needs more of these. The sentence template should also avoid being non-atomic already. Note that there are cases where also non-atomic requirements are the better ones, for example if those are better understandable. - - NO - - :need:`comp_req__result__error_handling` : "without using C++ exceptions" sound like a scond part of the requirement - - `#2229 `_ + - YES + - (old) finding explained + - none * - REQ_02_04 - Is the requirement description *feasible* ? - If at the time of the inspection the requirement has already some implementation, the answer is yes. This can be checked via traces, but also :need:`gd_req__req_attr_impl` shows this. In case the requirement has no implementationat the time of inspection (i.e. not implemented at least as "proof-of-concept"), a development expert shall be invited to the inspection to explicitly check this item. @@ -85,13 +85,7 @@ Requirement Inspection Checklist - This is appropriate for the component level. No use of exceptions and standard library relation is a S-CORE platform condition. - none * - REQ_03_01 - - For stakeholder requirements: Is the *rationale* correct? - - Rationales explain why the top level requirements were created. Do those cover the requirement? - - n/a - - no stakeholder requirements in scope - - n/a - * - REQ_03_02 - - For other requirements: Is the *linkage to the parent requirement* correct? + - Is the *linkage to the parent requirement* correct? - Linkage to correct levels and ASIL attributes is checked automatically, but it needs checking if the child requirement implements (at least) a part of the parent requirement. - YES - linking is appropriate, that it exists is checked automatically @@ -109,10 +103,10 @@ Requirement Inspection Checklist - No timing requirements found and also no timing problems expected - none * - REQ_06_01 - - Does the requirement set consider *external interfaces*? + - Does the requirement consider *external interfaces*? - The SW platform's external interfaces (to the user) are defined in the Feature Architecture, so the Feature and Component Requirements should determine the input data use and setting of output data for these interfaces. Are all output values defined? - - NO - - This could be improved by using the interfaces defined in :need:`comp_arc_sta__baselibs__result` + - YES + - Fixed: This could be improved by using the interfaces defined in :need:`comp__baselibs_result` - `#2229 `_ * - REQ_07_01 - Is the *safety* attribute set correctly? @@ -122,30 +116,30 @@ Requirement Inspection Checklist - none * - REQ_07_02 - Is the attribute *security* set correctly? - - Stakeholder requirements security attribute should be set based on Threat Analysis and Risk Assessment (TARA) (process is TBD). For feature/component requirements this checklist item is supported by automated check: "Every requirement which satisfies a requirement with security attribute set to YES inherits this". But the feature/component requirements/architecture may additionally also be subject to a Software Security Criticality Analysis (process is TBD). + - For component requirements this checklist item is supported by automated check: "Every requirement which satisfies a feature requirement with security attribute set to YES inherits this". But the component requirements/architecture may additionally also be subject to a :need:`wp__sw_component_security_analysis`. - YES - all requirements have no security implication as expected (no security impact analysis done) - none * - REQ_08_01 - Is the requirement *verifiable*? - - If at the time of the inspection already tests are created for the requirement, the answer is yes. This can be checked via traces, but also :need:`gd_req__req_attr_test_covered` shows this. In case the requirement is not sufficiently traced to test cases already, a test expert is invited to the inspection to give his opinion whether the requirement is formulated in a way that supports test development and the available test infrastructure is sufficient to perform the test. - - TBD - - - - - * - REQ_09_01 - - For stakeholder requirements: Do those cover assumed safety mechanisms needed by the hardware and system? - - Note that stakeholder requirements covering safety mechanisms come from rationales, whereas feature/component requirements are covering safety mechanisms coming from :need:`gd_chklst__safety_analysis` - - n/a - - no stakeholder requirements in scope + - If at the time of the inspection already tests are created for the requirement, the answer is yes. This can be checked via traces, but also :need:`gd_req__req_attr_test_covered` shows this. In case the requirement is not sufficiently traced to test cases already, a test expert is invited to the inspection to give their opinion whether the requirement is formulated in a way that supports test development and the available test infrastructure is sufficient to perform the test. + - YES + - all requirements have test cases implemented + - none + * - REQ_08_02 + - Is the requirement verifiable by design or code review in case it is not feasibly testable? + - In very rare cases a requirement may not be verifiable by test cases, for example a specific non-functional requirement. In this case a requirement analysis verifies the requirement by design/code review. If such a requirement is in scope of this inspection, please check this here and link to the respective review record. A test expert is invited to the inspection to confirm their opinion that the requirement is not testable. - n/a - * - REQ_09_02 - - For feature/component requirements: Do the requirements defining a safety mechanism contain the error reaction leading to a safe state? + - Requirement is testable (see REQ_08_01) + - none + * - REQ_09_01 + - Do the requirements defining a safety mechanism contain the error reaction leading to a safe state? - Alternatively to the safe state there could also be "repair" mechanisms. Also do not forget to consider REQ_05_01 for these. - - NO - - There should be an AoU covering this, :need:`aou_req__result__value_handling` is not. + - YES + - Fixed: There should be an AoU covering this, :need:`aou_req__result__value_handling` is not. - `#2229 `_ -Note: If a Review ID is not applicable for your requirement, then state "n/a" in status and comment accordingly in remarks. For example "no stakeholder requirement (no rationale needed)" +Note: If a Review ID is not applicable for your requirement, then state "n/a" in status and comment accordingly in remarks. The following requirements in "valid" state and with "inspected" tag set are in the scope of this inspection: diff --git a/docs/modules/baselibs/result/docs/requirements/index.rst b/docs/modules/baselibs/result/docs/requirements/index.rst index 7519d56bb9f..4f9849cd2cf 100644 --- a/docs/modules/baselibs/result/docs/requirements/index.rst +++ b/docs/modules/baselibs/result/docs/requirements/index.rst @@ -34,8 +34,21 @@ Functional Requirements :satisfies: feat_req__baselibs__core_utilities, feat_req__baselibs__result_library, feat_req__baselibs__safety :status: valid :tags: inspected + :belongs_to: comp__baselibs_result - The Result library shall provide an error handling mechanism that enables functions to return either successful values or error information without using C++ exceptions. + The Result library shall provide an error handling mechanism that enables functions to return either successful values ("Get Value") or error information ("Get Error") without using C++ exceptions. + +.. comp_req:: Set Result + :id: comp_req__result__set_result + :reqtype: Functional + :security: NO + :safety: ASIL_B + :satisfies: feat_req__baselibs__result_library + :status: valid + :tags: inspected + :belongs_to: comp__baselibs_result + + The Result library shall provide a "Set Result" operation that accepts either a successful value of type T or an Error object. .. comp_req:: Domain-Specific Error Information :id: comp_req__result__domain_error_information @@ -45,6 +58,7 @@ Functional Requirements :satisfies: feat_req__baselibs__core_utilities, feat_req__baselibs__result_library, feat_req__baselibs__safety :status: valid :tags: inspected + :belongs_to: comp__baselibs_result The Result library shall support user-defined error domains and error codes. @@ -56,6 +70,7 @@ Functional Requirements :satisfies: feat_req__baselibs__consistent_apis, feat_req__baselibs__safety :status: valid :tags: inspected + :belongs_to: comp__baselibs_result The Result library shall enforce compile-time type safety for error handling operations. @@ -67,8 +82,9 @@ Functional Requirements :satisfies: feat_req__baselibs__consistent_apis, feat_req__baselibs__safety :status: valid :tags: inspected + :belongs_to: comp__baselibs_result - The Result library shall provide conversion utilities to transform Result objects into standard library optional type, with enforced error handling. + The Result library shall provide conversion utilities to transform Result objects into std::optional types. The conversion shall require explicit handling of error cases before discarding error information, ensuring that errors cannot be silently ignored. Non-Functional Requirements =========================== @@ -81,6 +97,7 @@ Non-Functional Requirements :satisfies: feat_req__baselibs__core_utilities, feat_req__baselibs__safety :status: valid :tags: inspected + :belongs_to: comp__baselibs_result The Result library shall provide deterministic behavior with no dynamic memory allocation. @@ -92,6 +109,7 @@ Non-Functional Requirements :satisfies: feat_req__baselibs__core_utilities, feat_req__baselibs__safety :status: valid :tags: inspected + :belongs_to: comp__baselibs_result The Result library shall operate without throwing C++ exceptions. @@ -118,6 +136,16 @@ Assumptions of Use (AoU) The user shall check and handle both successful and error states of Result objects before accessing contained values to prevent undefined behavior. +.. aou_req:: Error Reaction and Safe State + :id: aou_req__result__error_reaction + :reqtype: Functional + :security: NO + :safety: ASIL_B + :status: valid + :tags: inspected + + The user shall implement error reaction mechanisms that transition the system to a safe state when error conditions are detected in Result objects. + .. aou_req:: Thread Safety :id: aou_req__result__thread_safety :reqtype: Non-Functional @@ -126,7 +154,7 @@ Assumptions of Use (AoU) :status: valid :tags: inspected - The user shall ensure appropriate synchronization mechanisms when using Result objects in multi-threaded environments, as the library provides no internal thread safety guarantees. + The user shall implement external synchronization mechanisms (e.g., mutexes, atomic operations, or locks) when accessing or modifying Result objects from multiple threads concurrently, as the library provides no internal thread safety guarantees. .. aou_req:: Resource Lifetime :id: aou_req__result__resource_lifetime diff --git a/docs/modules/baselibs/static_reflection_with_serialization/docs/index.rst b/docs/modules/baselibs/static_reflection_with_serialization/docs/index.rst new file mode 100644 index 00000000000..3fc2907a443 --- /dev/null +++ b/docs/modules/baselibs/static_reflection_with_serialization/docs/index.rst @@ -0,0 +1,44 @@ +.. + # ******************************************************************************* + # Copyright (c) 2025 Contributors to the Eclipse Foundation + # + # See the NOTICE file(s) distributed with this work for additional + # information regarding copyright ownership. + # + # This program and the accompanying materials are made available under the + # terms of the Apache License Version 2.0 which is available at + # https://www.apache.org/licenses/LICENSE-2.0 + # + # SPDX-License-Identifier: Apache-2.0 + # ******************************************************************************* + +static_reflection_with_serialization +#################################### + +.. document:: Static Reflection With Serialization Library + :id: doc__static_reflection_with_serialization + :status: draft + :safety: ASIL_B + :tags: baselibs_static_reflection_with_serialization + :realizes: wp__cmpt_request + :security: YES + +.. toctree:: + :hidden: + +Abstract +========= + +This component request proposes a static reflection with serialization library, which provides compile-time visitor pattern +mechanisms and binary serialization capabilities for the S-CORE software platform. The library enables type-safe object +traversal, struct introspection, and efficient data serialization or deserialization. + +Motivation and Rationale +========================= + +The static reflection with serialization library shall provide mechanism for: + +- **Compile-time visitor pattern**: Type-safe traversal of heterogeneous data structures and their nested members using template metaprogramming. +- **Struct introspection**: Automatic field enumeration and metadata extraction for aggregate types. +- **Binary serialization**: Efficient serialization and deserialization of C++ objects with size calculation and type safety. +- **Extensible processing**: Custom visitor implementations for domain-specific operations (logging, IPC, persistence). diff --git a/docs/modules/baselibs/utils/docs/architecture/index.rst b/docs/modules/baselibs/utils/docs/architecture/index.rst new file mode 100644 index 00000000000..5338606f6d3 --- /dev/null +++ b/docs/modules/baselibs/utils/docs/architecture/index.rst @@ -0,0 +1,87 @@ +.. + # ******************************************************************************* + # Copyright (c) 2025 Contributors to the Eclipse Foundation + # + # See the NOTICE file(s) distributed with this work for additional + # information regarding copyright ownership. + # + # This program and the accompanying materials are made available under the + # terms of the Apache License Version 2.0 which is available at + # https://www.apache.org/licenses/LICENSE-2.0 + # + # SPDX-License-Identifier: Apache-2.0 + # ******************************************************************************* + +Utils Component Architecture +********************************** + +.. document:: Utils Architecture + :id: doc__utils_architecture + :status: valid + :security: YES + :safety: ASIL_B + :realizes: wp__component_arch + +Overview/Description +-------------------- +see :need:`doc__utils` + +Static Architecture +------------------- + +.. comp:: Utils + :id: comp__baselibs_utils + :security: YES + :safety: ASIL_B + :status: valid + :tags: baselibs_utils + :implements: logic_arc_int__baselibs__utils_base64,logic_arc_int__baselibs__utils_scoped_op + + .. needarch:: + :scale: 50 + :align: center + + {{ draw_component(need(), needs) }} + +Interfaces +---------- + +.. logic_arc_int:: Base64 + :id: logic_arc_int__baselibs__utils_base64 + :security: YES + :safety: ASIL_B + :status: valid + +.. logic_arc_int_op:: Encode + :id: logic_arc_int_op__utils__base64_encode + :security: YES + :safety: ASIL_B + :status: valid + :included_by: logic_arc_int__baselibs__utils_base64 + +.. logic_arc_int_op:: Decode + :id: logic_arc_int_op__utils__base64_decode + :security: YES + :safety: ASIL_B + :status: valid + :included_by: logic_arc_int__baselibs__utils_base64 + +.. logic_arc_int:: Scoped Operation + :id: logic_arc_int__baselibs__utils_scoped_op + :security: YES + :safety: ASIL_B + :status: valid + +.. logic_arc_int_op:: Constructor + :id: logic_arc_int_op__utils__scoped_op_construct + :security: YES + :safety: ASIL_B + :status: valid + :included_by: logic_arc_int__baselibs__utils_scoped_op + +.. logic_arc_int_op:: Destructor + :id: logic_arc_int_op__utils__scoped_op_destruct + :security: YES + :safety: ASIL_B + :status: valid + :included_by: logic_arc_int__baselibs__utils_scoped_op diff --git a/docs/modules/baselibs/utils/docs/index.rst b/docs/modules/baselibs/utils/docs/index.rst index 29cc4349912..3cc37f124d1 100644 --- a/docs/modules/baselibs/utils/docs/index.rst +++ b/docs/modules/baselibs/utils/docs/index.rst @@ -27,6 +27,7 @@ utils :hidden: requirements/index.rst + architecture/index.rst Abstract ======== @@ -52,7 +53,6 @@ General considerations The Utils library should provide type-safe utility functions and efficient algorithms: * :need:`comp_req__utils__base64` -* :need:`comp_req__utils__pimpl_ptr` * :need:`comp_req__utils__scoped_operation` * :need:`comp_req__utils__deterministic_behavior` diff --git a/docs/modules/baselibs/utils/docs/requirements/index.rst b/docs/modules/baselibs/utils/docs/requirements/index.rst index dde7e4704e5..aeb84ba126b 100644 --- a/docs/modules/baselibs/utils/docs/requirements/index.rst +++ b/docs/modules/baselibs/utils/docs/requirements/index.rst @@ -33,19 +33,10 @@ Functional Requirements :safety: ASIL_B :satisfies: feat_req__baselibs__core_utilities, feat_req__baselibs__safety :status: valid + :belongs_to: comp__baselibs_utils The Utils component shall provide functions for encoding data to Base64 format and decoding Base64 data back to its original form. -.. comp_req:: PIMPL Pointer Implementation - :id: comp_req__utils__pimpl_ptr - :reqtype: Functional - :security: NO - :safety: ASIL_B - :satisfies: feat_req__baselibs__consistent_apis, feat_req__baselibs__safety - :status: valid - - The Utils component shall provide a stack-based Pointer-to-Implementation Idiom implementation that avoids dynamic memory allocation by using fixed-size, aligned storage buffers. - .. comp_req:: Scoped Operation Management :id: comp_req__utils__scoped_operation :reqtype: Functional @@ -53,6 +44,7 @@ Functional Requirements :safety: ASIL_B :satisfies: feat_req__baselibs__core_utilities, feat_req__baselibs__safety :status: valid + :belongs_to: comp__baselibs_utils The Utils component shall provide a functionality that stores a callback and executes it automatically when the class is destructed @@ -66,5 +58,6 @@ Non-Functional Requirements :safety: ASIL_B :satisfies: feat_req__baselibs__core_utilities, feat_req__baselibs__safety :status: valid + :belongs_to: comp__baselibs_utils The Utils component shall ensure that all operations complete in a predictable manner and without dynamic memory allocation. diff --git a/docs/modules/communication/configuration/docs/architecture/index.rst b/docs/modules/communication/configuration/docs/architecture/index.rst index a16c31e423d..85c7414caa3 100644 --- a/docs/modules/communication/configuration/docs/architecture/index.rst +++ b/docs/modules/communication/configuration/docs/architecture/index.rst @@ -15,8 +15,8 @@ Configuration Component Architecture ************************************ -.. comp_arc_sta:: Lola Configuration - :id: comp_arc_sta__com__configuration +.. comp:: Lola Configuration + :id: comp__com_configuration :security: YES :safety: ASIL_B :status: valid diff --git a/docs/modules/communication/docs/index.rst b/docs/modules/communication/docs/index.rst index d8d596038ca..7a5322656a0 100644 --- a/docs/modules/communication/docs/index.rst +++ b/docs/modules/communication/docs/index.rst @@ -12,18 +12,18 @@ # SPDX-License-Identifier: Apache-2.0 # ******************************************************************************* -.. mod_view_sta:: Communication - :id: mod_view_sta__com__communication - :includes: comp_arc_sta__com__configuration, comp_arc_sta__com__ipc_binding, comp_arc_sta__com__mock_binding, comp_arc_sta__com__frontend +.. mod:: Communication + :id: mod__com_communication + :includes: comp__com_configuration, comp__com_ipc_binding, comp__com_mock_binding, comp__com_frontend .. needarch:: :scale: 50 :align: center {{ draw_module(need(), needs) }} - comp_arc_sta__com__ipc_binding -r[hidden]-> comp_arc_sta__com__frontend - comp_arc_sta__com__frontend -r[hidden]-> comp_arc_sta__com__mock_binding - comp_arc_sta__com__mock_binding -r[hidden]-> comp_arc_sta__com__configuration + comp__com_ipc_binding -r[hidden]-> comp__com_frontend + comp__com_frontend -r[hidden]-> comp__com_mock_binding + comp__com_mock_binding -r[hidden]-> comp__com_configuration logic_arc_int__tracing__tracing -r[hidden]-> logic_arc_int__logging__logging diff --git a/docs/modules/communication/docs/requirements/aou_req.rst b/docs/modules/communication/docs/requirements/aou_req.rst index 7c8517a83de..6f59e31a898 100644 --- a/docs/modules/communication/docs/requirements/aou_req.rst +++ b/docs/modules/communication/docs/requirements/aou_req.rst @@ -328,3 +328,6 @@ Assumptions of Use It shall be ensured that all safety relevant events/fields in the service type, are the same in all configurations. + +.. needextend:: "__communication_" in id + :+tags: communication diff --git a/docs/modules/communication/docs/safety_mgt/index.rst b/docs/modules/communication/docs/safety_mgt/index.rst index 04718ba3557..ba72f6019ab 100644 --- a/docs/modules/communication/docs/safety_mgt/index.rst +++ b/docs/modules/communication/docs/safety_mgt/index.rst @@ -19,5 +19,6 @@ Safety Management :titlesonly: module_safety_plan + module_codeowners module_safety_plan_fdr module_safety_package_fdr diff --git a/docs/modules/communication/docs/safety_mgt/module_codeowners.rst b/docs/modules/communication/docs/safety_mgt/module_codeowners.rst new file mode 100644 index 00000000000..66b3146fff1 --- /dev/null +++ b/docs/modules/communication/docs/safety_mgt/module_codeowners.rst @@ -0,0 +1,46 @@ +.. + # ******************************************************************************* + # Copyright (c) 2025 Contributors to the Eclipse Foundation + # + # See the NOTICE file(s) distributed with this work for additional + # information regarding copyright ownership. + # + # This program and the accompanying materials are made available under the + # terms of the Apache License Version 2.0 which is available at + # https://www.apache.org/licenses/LICENSE-2.0 + # + # SPDX-License-Identifier: Apache-2.0 + # ******************************************************************************* + +Module Codeowners Skill Check +***************************** + +.. document:: Communication Codeowners + :id: doc__communication_codeowners + :status: valid + :safety: ASIL_B + :security: YES + :realizes: wp__module_safety_plan + +Assigned Committer(s) +===================== + +According to `Communication Module Codeowners `_ +the following committers are assigned to guard the Communication repository: + +- ``_ +- ``_ +- ``_ + +Skill Check +=========== + +For the CODEOWNERS the required skills, knowledge and experience is defined in ``_. + +The evidences are not published openly due to personal data confidentiality, but will be checked by the module safety manager. + +- ``_: SW developer and team lead for Safe POSIX SW platform at OEM > 2 years +- ``_: SW developer for Safe POSIX SW platform at OEM > 1.5y and safety manager for camera systems at OEM 1y, member of S-CORE process community +- ``_: SW developer for Safe POSIX SW platform at OEM > 2 years + +The S-CORE processes are trained on the job by the Communication module safety manager to the CODEOWNERS. diff --git a/docs/modules/communication/docs/safety_mgt/module_safety_plan.rst b/docs/modules/communication/docs/safety_mgt/module_safety_plan.rst index 9b10cc8a151..631d00bb31b 100644 --- a/docs/modules/communication/docs/safety_mgt/module_safety_plan.rst +++ b/docs/modules/communication/docs/safety_mgt/module_safety_plan.rst @@ -15,8 +15,6 @@ Module Safety Plan ****************** -.. note:: Document header - .. document:: Communication Safety Plan :id: doc__communication_safety_plan :status: draft @@ -29,7 +27,7 @@ Module Safety Plan Functional Safety Management Context ==================================== -This Safety Plan adds to the :need:`doc__platform_safety_plan` all the module development relevant work products needed for ISO 26262 conformity. +This Safety Plan adds to the :need:`doc__score_platform_safety_plan` all the module development relevant work products needed for ISO 26262 conformity. Functional Safety Management Scope ================================== @@ -47,7 +45,7 @@ Functional Safety Management Roles - Assignee * - Safety Manager - - tbd + - Alexander Schemmel * - Module Project Manager (= Feature team lead) - Committers of feature team see `Communication FT `_ @@ -55,7 +53,7 @@ Functional Safety Management Roles Tailoring ========= -Additional to the tailoring in the SW platform project as defined in the :need:`doc__platform_safety_plan` we define here the additional tailoring on module level. +Additional to the tailoring in the SW platform project as defined in the :need:`doc__score_platform_safety_plan` we define here the additional tailoring on module level. - Excluded for this module are additionally the following work products (and their related requirements): @@ -77,79 +75,52 @@ Module Work products List * - Work product Id - Link to process - Process status - - Link to issue - Link to WP - - WP status * - :need:`wp__module_safety_plan` - :need:`gd_guidl__saf_plan_definitions` - :ndf:`copy('status', need_id='gd_guidl__saf_plan_definitions')` - - n/a - this document - - see above * - :need:`wp__module_safety_package` - :need:`gd_guidl__saf_package` - :ndf:`copy('status', need_id='gd_guidl__saf_package')` - - n/a - this document (including the linked documentation) - - see above (and below) * - :need:`wp__fdr_reports` (module Safety Plan) - :need:`gd_chklst__safety_plan` - :ndf:`copy('status', need_id='gd_chklst__safety_plan')` - - - :need:`doc__communication_safety_plan_fdr` - - :ndf:`copy('status', need_id='doc__communication_safety_plan_fdr')` * - :need:`wp__fdr_reports` (module Safety Package) - :need:`gd_chklst__safety_package` - :ndf:`copy('status', need_id='gd_chklst__safety_package')` - - - :need:`doc__communication_safety_package_fdr` - - :ndf:`copy('status', need_id='doc__communication_safety_package_fdr')` * - :need:`wp__fdr_reports` (module's Safety Analyses & DFA) - - Safety Analysis FDR tbd - - + - :need:`gd_chklst__safety_analysis` + - :ndf:`copy('status', need_id='gd_chklst__safety_analysis')` - tailored - - n/a - - n/a * - :need:`wp__audit_report` - performed by external experts - n/a - - `#77 `_ - - - - - * - :need:`wp__module_sw_build_config` - - :need:`gd_temp__software_development_plan` - - :ndf:`copy('status', need_id='gd_temp__software_development_plan')` - - n/a - - `com/BUILD `_ - - valid * - :need:`wp__module_safety_manual` - :need:`gd_temp__safety_manual` - :ndf:`copy('status', need_id='gd_temp__safety_manual')` - - - :need:`doc__communication_safety_manual` - - :ndf:`copy('status', need_id='doc__communication_safety_manual')` * - :need:`wp__verification_module_ver_report` - :need:`gd_temp__mod_ver_report` - :ndf:`copy('status', need_id='gd_temp__mod_ver_report')` - - - :need:`doc__communication_verification_report` - - :ndf:`copy('status', need_id='doc__communication_verification_report')` * - :need:`wp__module_sw_release_note` - :need:`gd_temp__rel_mod_rel_note` - :ndf:`copy('status', need_id='gd_temp__rel_mod_rel_note')` - - `#1925 `_ - :need:`doc__communication_release_note` - - :ndf:`copy('status', need_id='doc__communication_release_note')` Component lola Work products List --------------------------------- @@ -160,90 +131,109 @@ Component lola Work products List * - Work product Id - Link to process - Process status - - Link to issue - Link to WP - - WP/doc status * - :need:`wp__requirements_comp` - :need:`gd_temp__req_comp_req` - :ndf:`copy('status', need_id='gd_temp__req_comp_req')` - - n/a - - `lola trlc `_ - - valid + - :need:`doc__lola_requirements` * - :need:`wp__requirements_comp_aou` - :need:`gd_temp__req_aou_req` - :ndf:`copy('status', need_id='gd_temp__req_aou_req')` - - `#1987 `_ - - `lola/aou `_ - - in progress + - :need:`doc__communication_aou` * - :need:`wp__requirements_inspect` - :need:`gd_chklst__req_inspection` - :ndf:`copy('status', need_id='gd_chklst__req_inspection')` - tailored - - n/a - - n/a * - :need:`wp__component_arch` - :need:`gd_temp__arch_comp` - :ndf:`copy('status', need_id='gd_temp__arch_comp')` - - n/a - :need:`doc__lola_architecture` - - :ndf:`copy('status', need_id='doc__lola_architecture')` * - :need:`wp__sw_arch_verification` - :need:`gd_chklst__arch_inspection_checklist` - :ndf:`copy('status', need_id='gd_chklst__arch_inspection_checklist')` - tailored - - n/a - - n/a * - :need:`wp__sw_component_fmea` - :need:`gd_temp__comp_saf_fmea` - :ndf:`copy('status', need_id='gd_temp__comp_saf_fmea')` - - - :need:`doc__lola_fmea` - - :ndf:`copy('status', need_id='doc__lola_fmea')` * - :need:`wp__sw_component_dfa` - :need:`gd_temp__comp_saf_dfa` - :ndf:`copy('status', need_id='gd_temp__comp_saf_dfa')` - - - :need:`doc__lola_dfa` - - :ndf:`copy('status', need_id='doc__lola_dfa')` * - :need:`wp__sw_implementation` - :need:`gd_guidl__implementation` - :ndf:`copy('status', need_id='gd_guidl__implementation')` - - n/a - - `lola/.h/.cpp `_, `lola/design `_ - - valid + - `lola/.h/.cpp `_, :need:`doc__lola_detailed_design` * - :need:`wp__verification_sw_unit_test` - :need:`gd_guidl__verification_guide` - :ndf:`copy('status', need_id='gd_guidl__verification_guide')` - - n/a - `lola/test.cpp `_ - - valid * - :need:`wp__sw_implementation_inspection` - :need:`gd_chklst__impl_inspection_checklist` - :ndf:`copy('status', need_id='gd_chklst__impl_inspection_checklist')` - - n/a - External process - - n/a * - :need:`wp__verification_comp_int_test` - :need:`gd_guidl__verification_guide` - :ndf:`copy('status', need_id='gd_guidl__verification_guide')` - - - - - * - :need:`wp__sw_component_class` - :need:`gd_guidl__component_classification` - :ndf:`copy('status', need_id='gd_guidl__component_classification')` - - n/a - :need:`doc__lola_comp_class` - - :ndf:`copy('status', need_id='doc__lola_comp_class')` + +Module Safety Package +===================== + +To create the safety package (according to :need:`gd_guidl__saf_package`) the following +documents and work products status have to go to "valid" (after the relevant verification were performed). + +Module Documents Status +----------------------- + +For all the work product documents the status can be seen by following the "Link to WP". +A summary of the status is also documented in the project's documentation management plan. + +See :ref:`documents_docs_modules_communication_docs` + +Component Documents Status +-------------------------- + +For all the work product documents the status can be seen by following the "Link to WP". +A summary of the status is also documented in the project's documentation management plan. + +See :ref:`documents_docs_modules_communication_components` + +Component Requirements Status +----------------------------- + +not documented as needs, `lola trlc `_ +shows no status attribute + +Component AoU Status +-------------------- + +.. needtable:: + :filter: "communication" in docname and "requirements" in docname and docname is not None + :style: table + :types: aou_req + :tags: communication + :columns: id;status;tags + :colwidths: 25,25,25 + :sort: title + +Component Architecture Status +----------------------------- + +see document link :need:`doc__lola_architecture` (as above) diff --git a/docs/modules/communication/frontent/docs/architecture/index.rst b/docs/modules/communication/frontent/docs/architecture/index.rst index 09d0222d24f..78ac02ed139 100644 --- a/docs/modules/communication/frontent/docs/architecture/index.rst +++ b/docs/modules/communication/frontent/docs/architecture/index.rst @@ -15,14 +15,24 @@ Frontend Component Architecture ******************************* -.. comp_arc_sta:: mw::com Frontend - :id: comp_arc_sta__com__frontend +.. comp:: mw::com Frontend + :id: comp__com_frontend :security: YES :safety: ASIL_B :status: valid :implements: logic_arc_int__communication__user :uses: logic_arc_int__logging__logging, logic_arc_int__tracing__tracing + +.. comp_arc_sta:: mw::com Frontend Architecture + :id: comp_arc_sta__com__frontend + :security: YES + :safety: ASIL_B + :status: valid + :uses: logic_arc_int__logging__logging, logic_arc_int__tracing__tracing + :belongs_to: comp__com_frontend + :fulfils: comp_req__component_name__some_title + .. needarch:: :scale: 50 :align: center diff --git a/docs/modules/communication/ipc_binding/docs/architecture/index.rst b/docs/modules/communication/ipc_binding/docs/architecture/index.rst index 0bbc7a6f8b3..34da4de8f66 100644 --- a/docs/modules/communication/ipc_binding/docs/architecture/index.rst +++ b/docs/modules/communication/ipc_binding/docs/architecture/index.rst @@ -15,8 +15,8 @@ IPC Binding Component Architecture ********************************** -.. comp_arc_sta:: IPC Binding - :id: comp_arc_sta__com__ipc_binding +.. comp:: IPC Binding + :id: comp__com_ipc_binding :security: YES :safety: ASIL_B :status: valid diff --git a/docs/modules/communication/lola/docs/component_classification.rst b/docs/modules/communication/lola/docs/component_classification.rst index 0c52fe8130c..d554333d0e4 100644 --- a/docs/modules/communication/lola/docs/component_classification.rst +++ b/docs/modules/communication/lola/docs/component_classification.rst @@ -62,7 +62,7 @@ Step 1: Determine (P): the uncertainty of the Processes applied * - 3 - Are specifications for functionalities and properties available (architecture)? - HE - - Created using S-CORE process: :need:`mod_view_sta__com__communication` + - Created using S-CORE process: :need:`mod__com_communication` * - 4 - Are design specifications available? diff --git a/docs/modules/communication/mock_binding/docs/architecture/index.rst b/docs/modules/communication/mock_binding/docs/architecture/index.rst index 5fa3ccc7832..9156e62e944 100644 --- a/docs/modules/communication/mock_binding/docs/architecture/index.rst +++ b/docs/modules/communication/mock_binding/docs/architecture/index.rst @@ -15,8 +15,8 @@ Mock Binding Component Architecture *********************************** -.. comp_arc_sta:: Mock binding - :id: comp_arc_sta__com__mock_binding +.. comp:: Mock binding + :id: comp__com_mock_binding :security: YES :safety: ASIL_B :status: valid diff --git a/docs/modules/feo/docs/release/release_note.rst b/docs/modules/feo/docs/release/release_note.rst index 4d8ddeab94f..e5b185db4e3 100644 --- a/docs/modules/feo/docs/release/release_note.rst +++ b/docs/modules/feo/docs/release/release_note.rst @@ -14,7 +14,7 @@ .. document:: FEO Module Release Note :id: doc__feo_release_note - :status: draft + :status: valid :security: NO :safety: ASIL_B :realizes: wp__module_sw_release_note @@ -25,70 +25,6 @@ FEO Module Release Note ======================= -| Module Name: FEO -| Release Tag: vX.Y.Z -| Origin Release Tag: vU.V.W -| Release Commit Hash: a1b2c3d4e5f6g7h8i9j0 -| Release Date: YYYY-MM-DD -| -| Overview -| -------- -| -| This document provides an overview of the changes, improvements, and bug fixes included in the software module release version vX.Y.Z -| as compared to the module's origin release (which is usually the previous release). -| -| Disclaimer -| ---------- -| This release note does not "release for production", as it does not come with a safety argumentation and a performed safety assessment. -| The work products compiled in the safety package are created with care according to a process satisfying standards, but the as the project, -| being a non-profit and open source organization, can not take over any liability for its content. -| -| New Features -| ------------ -| -| - **Feature 1**: Brief description of the new feature. -| - **Feature 2**: Brief description of the new feature. -| - **Feature 3**: Brief description of the new feature. -| -| Improvements -| ------------ -| -| - **Improvement 1**: Brief description of the improvement. -| - **Improvement 2**: Brief description of the improvement. -| - **Improvement 3**: Brief description of the improvement. -| -| Bug Fixes -| --------- -| -| - **Bug 1**: Brief description of the bug fix. -| - **Bug 2**: Brief description of the bug fix. -| - **Bug 3**: Brief description of the bug fix. -| -| Compatibility -| ------------- -| -| - **Dependencies**: List any dependencies and their versions. -| -| Performed Verification -| ---------------------- -| This release note is based on the verification as documented in module verification report -| :need:`doc__feo_verification_report`. -| -| Known Issues -| ------------ -| -| - **Issue 1**: Brief description of the known issue. Justification regarding safety impact. -| - **Issue 2**: Brief description of the known issue. Justification regarding safety impact. -| - **Issue 3**: Brief description of the known issue. Justification regarding safety impact. -| -| Upgrade Instructions -| -------------------- -| -| 1. **Step 1**: Description of the first step. -| 2. **Step 2**: Description of the second step. -| 3. **Step 3**: Description of the third step. -| -| Contact Information -| ------------------- -| -| For any questions or support, please contact the *Project lead* or raise an issue/discussion. +The release notes for FEO module version 1.0.2 can be found at: + +`v1.0.2 `_ diff --git a/docs/modules/feo/docs/safety_mgt/module_safety_plan.rst b/docs/modules/feo/docs/safety_mgt/module_safety_plan.rst index 91e30ddabdc..ff941c6199b 100644 --- a/docs/modules/feo/docs/safety_mgt/module_safety_plan.rst +++ b/docs/modules/feo/docs/safety_mgt/module_safety_plan.rst @@ -27,7 +27,7 @@ FEO Module Safety Plan Functional Safety Management Context ==================================== -This Safety Plan adds to the :need:`doc__platform_safety_plan` all the module development relevant work products needed for ISO 26262 conformity. +This Safety Plan adds to the :need:`doc__score_platform_safety_plan` all the module development relevant work products needed for ISO 26262 conformity. Functional Safety Management Scope ================================== @@ -45,7 +45,7 @@ Functional Safety Management Roles - Assignee * - Safety Manager - - tbd + - Markus Schu * - Module Project Manager (= Feature team lead) - Johannes Glamsch @@ -53,7 +53,7 @@ Functional Safety Management Roles Tailoring ========= -Additional to the tailoring in the SW platform project as defined in the :need:`doc__platform_safety_plan` we define here the additional tailoring on module level. +Additional to the tailoring in the SW platform project as defined in the :need:`doc__score_platform_safety_plan` we define here the additional tailoring on module level. - Excluded for this module are additionally the following work products (and their related requirements): - No work products excluded @@ -72,79 +72,52 @@ FEO Module Work Products List * - Work product Id - Link to process - Process status - - Link to issue - Link to WP - - WP status * - :need:`wp__module_safety_plan` - :need:`gd_guidl__saf_plan_definitions`, :need:`gd_temp__module_safety_plan` - :ndf:`copy('status', need_id='gd_guidl__saf_plan_definitions')` - - https://github.com/eclipse-score/score/issues/1658 - this document - - see above * - :need:`wp__module_safety_package` - :need:`gd_guidl__saf_package` - :ndf:`copy('status', need_id='gd_guidl__saf_package')` - - https://github.com/eclipse-score/score/issues/1659 - this document (including the linked documentation) - - see above (and below), safety manual * - :need:`wp__fdr_reports` (module Safety Plan) - :need:`gd_chklst__safety_plan` - :ndf:`copy('status', need_id='gd_chklst__safety_plan')` - - https://github.com/eclipse-score/score/issues/1660 - :need:`doc__feo_safety_plan_fdr` - - :ndf:`copy('status', need_id='doc__feo_safety_plan_fdr')` * - :need:`wp__fdr_reports` (module Safety Package) - :need:`gd_chklst__safety_package` - :ndf:`copy('status', need_id='gd_chklst__safety_package')` - - https://github.com/eclipse-score/score/issues/1660 - :need:`doc__feo_safety_package_fdr` - - :ndf:`copy('status', need_id='doc__feo_safety_package_fdr')` * - :need:`wp__fdr_reports` (module's Safety Analyses & DFA) - :need:`gd_chklst__safety_analysis` - :ndf:`copy('status', need_id='gd_chklst__safety_analysis')` - - https://github.com/eclipse-score/score/issues/1660 - :need:`doc__safety_analysis_inspection_component_feo` - - :ndf:`copy('status', need_id='doc__safety_analysis_inspection_component_feo')` * - :need:`wp__audit_report` - performed by external experts - n/a - - https://github.com/eclipse-score/score/issues/1661 - - - - - * - :need:`wp__module_sw_build_config` - - :need:`gd_temp__software_development_plan` - - :ndf:`copy('status', need_id='gd_temp__software_development_plan')` - - https://github.com/eclipse-score/score/issues/1662 - - - - * - :need:`wp__module_safety_manual` - :need:`gd_temp__safety_manual` - :ndf:`copy('status', need_id='gd_temp__safety_manual')` - - https://github.com/eclipse-score/score/issues/1663 - :need:`doc__feo_safety_manual` - - :ndf:`copy('status', need_id='doc__feo_safety_manual')` * - :need:`wp__verification_module_ver_report` - :need:`gd_temp__mod_ver_report` - :ndf:`copy('status', need_id='gd_temp__mod_ver_report')` - - https://github.com/eclipse-score/score/issues/1665 - :need:`doc__feo_verification_report` - - :ndf:`copy('status', need_id='doc__feo_verification_report')` * - :need:`wp__module_sw_release_note` - :need:`gd_temp__rel_mod_rel_note` - :ndf:`copy('status', need_id='gd_temp__rel_mod_rel_note')` - - https://github.com/eclipse-score/score/issues/1666 - :need:`doc__feo_release_note` - - :ndf:`copy('status', need_id='doc__feo_release_note')` FEO Component Work Products List -------------------------------- @@ -155,99 +128,71 @@ FEO Component Work Products List * - Work product Id - Link to process - Process status - - Link to issue - Link to WP - - WP/doc status * - :need:`wp__requirements_comp` - :need:`gd_temp__req_comp_req` - :ndf:`copy('status', need_id='gd_temp__req_comp_req')` - - https://github.com/eclipse-score/score/issues/1668 - :need:`doc__component_feo_requirements` - - doc :ndf:`copy('status', need_id='doc__component_feo_requirements')` & WP below * - :need:`wp__requirements_comp_aou` - :need:`gd_temp__req_aou_req` - :ndf:`copy('status', need_id='gd_temp__req_aou_req')` - - https://github.com/eclipse-score/score/issues/1669 - :need:`doc__component_feo_aou_reqs` - - doc :ndf:`copy('status', need_id='doc__component_feo_aou_reqs')` & WP below * - :need:`wp__requirements_inspect` - :need:`gd_chklst__req_inspection` - :ndf:`copy('status', need_id='gd_chklst__req_inspection')` - - https://github.com/eclipse-score/score/issues/1670 - :need:`doc__req_inspection_component_feo` - - doc :ndf:`copy('status', need_id='doc__req_inspection_component_feo')` * - :need:`wp__component_arch` - :need:`gd_temp__arch_comp` - :ndf:`copy('status', need_id='gd_temp__arch_comp')` - - https://github.com/eclipse-score/score/issues/1671 - :need:`doc__component_feo_architecture` - - doc :ndf:`copy('status', need_id='doc__component_feo_architecture')` & WP below * - :need:`wp__sw_arch_verification` - :need:`gd_chklst__arch_inspection_checklist` - :ndf:`copy('status', need_id='gd_chklst__arch_inspection_checklist')` - - https://github.com/eclipse-score/score/issues/1672 - :need:`doc__arch_inspection_component_feo` - - doc :ndf:`copy('status', need_id='doc__arch_inspection_component_feo')` * - :need:`wp__sw_component_fmea` - :need:`gd_temp__comp_saf_fmea` - :ndf:`copy('status', need_id='gd_temp__comp_saf_fmea')` - - https://github.com/eclipse-score/score/issues/1673 - :need:`doc__component_feo_fmea` - - doc :ndf:`copy('status', need_id='doc__component_feo_fmea')` & WP below * - :need:`wp__sw_component_dfa` - :need:`gd_temp__comp_saf_fmea` - :ndf:`copy('status', need_id='gd_temp__comp_saf_fmea')` - - https://github.com/eclipse-score/score/issues/1674 - :need:`doc__component_feo_dfa` - - doc :ndf:`copy('status', need_id='doc__component_feo_dfa')` & WP below * - :need:`wp__sw_implementation` - :need:`gd_guidl__implementation` - :ndf:`copy('status', need_id='gd_guidl__implementation')` - - https://github.com/eclipse-score/score/issues/1675 - - - * - :need:`wp__verification_sw_unit_test` - :need:`gd_guidl__verification_guide` - :ndf:`copy('status', need_id='gd_guidl__verification_guide')` - - https://github.com/eclipse-score/score/issues/1676 - - - * - :need:`wp__sw_implementation_inspection` - :need:`gd_chklst__impl_inspection_checklist` - :ndf:`copy('status', need_id='gd_chklst__impl_inspection_checklist')` - - https://github.com/eclipse-score/score/issues/1677 - :need:`doc__impl_inspection_component_feo` - - :ndf:`copy('status', need_id='doc__impl_inspection_component_feo')` * - :need:`wp__verification_comp_int_test` - :need:`gd_guidl__verification_guide` - :ndf:`copy('status', need_id='gd_guidl__verification_guide')` - - https://github.com/eclipse-score/score/issues/1667 - - - - * - :need:`wp__sw_component_class` - - :need:`gd_guidl__component_classification` - - :ndf:`copy('status', need_id='gd_guidl__component_classification')` - - https://github.com/eclipse-score/score/issues/1679 - - :need:`doc__feo_comp_class` - - :ndf:`copy('status', need_id='doc__feo_comp_class')` -Note: In case the component is a new development, :need:`wp__sw_component_class` shall be removed from the above list (and also from the folders). -In case an OSS element is used in the module, part 6 has to be filled out, depending on the component classification results. +As feo is using score-crates as OSS component, the following section should be filled out +accordingly. +This section is currently only a placeholder and needs to be adapted based on the progress of the +OSS qualification. -OSS (sub-)component qualification plan -====================================== +OSS score-crates component qualification plan +============================================= For the selected OSS component the following work products will be implemented (and why): @@ -255,59 +200,66 @@ If the OSS element is classified as a - component, then the below table shall match the above, adding the reasoning for tailoring of work products according to the OSS component classification. - lower level component, then no work products additional to the component’s will be planned and activities below are part of the component’s issues. -.. list-table:: OSS (sub-)component Work products +.. list-table:: OSS (sub-)component score-crates Work products :header-rows: 1 * - Work product Id - - Link to issue - Reasoning for tailoring * - :need:`wp__requirements_comp` - - - Always needed (for Q and QR classification) and also improves process Id 2 * - :need:`wp__requirements_comp_aou` - - - Always needed (for Q and QR classification) and also improves process Id 5 * - :need:`wp__requirements_inspect` - - n/a - - Checklist used in Pull Request Review + - * - :need:`wf__cr_mt_comparch` - - - * - :need:`wp__sw_component_fmea` - - - * - :need:`wp__sw_arch_verification` - - - * - :need:`wp__sw_implementation` - - n/a - - If source code is modified, this is not a OSS qualification any more. + - Tailored - If source code is modified, this is not a OSS qualification any more. * - :need:`wp__verification_sw_unit_test` - - - * - :need:`wp__sw_implementation_inspection` - - - * - :need:`wp__verification_comp_int_test` - - - Always needed (for Q and QR classification) * - :need:`wp__sw_component_class` - - - Always needed as basis for tailoring. -Work Product Status (for Safety Package) -======================================== +Module Safety Package +===================== + +To create the safety package (according to :need:`gd_guidl__saf_package`) the following +documents and work products status have to go to "valid" (after the relevant verification were performed). + +Module Documents Status +----------------------- + +For all the work product documents the status can be seen by following the "Link to WP". +A summary of the status is also documented in the project's documentation management plan. + +See :ref:`documents_docs_modules_feo_docs` + +Component Documents Status +-------------------------- + +For all the work product documents the status can be seen by following the "Link to WP". +A summary of the status is also documented in the project's documentation management plan. + +See :ref:`documents_docs_modules_feo_components` Component Requirements Status ----------------------------- diff --git a/docs/modules/feo/feo/docs/architecture/component_architecture.rst b/docs/modules/feo/feo/docs/architecture/component_architecture.rst index dd15a51f281..f50a7e63c6e 100644 --- a/docs/modules/feo/feo/docs/architecture/component_architecture.rst +++ b/docs/modules/feo/feo/docs/architecture/component_architecture.rst @@ -58,12 +58,19 @@ considerations and Rust compiler constraints. (Rust proc-macros must reside in t Static Architecture ------------------- +.. comp:: FEO Main + :id: comp__feo_main + :security: YES + :safety: ASIL_B + :status: valid + .. comp_arc_sta:: Static Architecture :id: comp_arc_sta__feo__main :security: YES :safety: ASIL_B :status: valid - :fulfils: comp_req__feo__application, comp_req__feo__scheduler, comp_req__feo__task_chain, comp_req__feo__agent, comp_req__feo__comp_cfg, comp_req__feo__act_map_cfg + :belongs_to: comp__feo_main + :fulfils: comp_req__feo__application .. uml:: _assets/stat_arch.puml @@ -80,6 +87,7 @@ Dynamic Architecture :safety: ASIL_B :fulfils: comp_req__feo__application, comp_req__feo__application_lifecycle, comp_req__feo__scheduler, comp_req__feo__task_chain, comp_req__feo__agent, comp_req__feo__activity_init, comp_req__feo__activitiy_step, comp_req__feo__activity_shutdown :status: valid + :belongs_to: comp__feo_main The actual dynamic call sequence during the execution of a FEO application depends on the distribution of activities to processes as well as on the activity dependency graph defining the task chain. diff --git a/docs/modules/feo/feo/docs/requirements/aou_req.rst b/docs/modules/feo/feo/docs/requirements/aou_req.rst index a854d46778f..e97251bcb8e 100644 --- a/docs/modules/feo/feo/docs/requirements/aou_req.rst +++ b/docs/modules/feo/feo/docs/requirements/aou_req.rst @@ -14,7 +14,7 @@ .. document:: FEO Component Assumptions of Use Requirements :id: doc__component_feo_aou_reqs - :status: valid + :status: draft :security: NO :safety: ASIL_B :realizes: wp__requirements_comp_aou @@ -29,7 +29,7 @@ FEO Component Assumption of Use Requirements :reqtype: Functional :security: NO :safety: ASIL_B - :status: valid + :status: invalid Anything shall be done. diff --git a/docs/modules/feo/feo/docs/requirements/component_requirements.rst b/docs/modules/feo/feo/docs/requirements/component_requirements.rst index 43fb461f0f4..30fb8148c0f 100644 --- a/docs/modules/feo/feo/docs/requirements/component_requirements.rst +++ b/docs/modules/feo/feo/docs/requirements/component_requirements.rst @@ -377,3 +377,6 @@ Error Handling for S-CORE v0.5 .. needextend:: docname is not None and "feo/docs/requirements" in docname :+tags: component_feo + +.. needextend:: docname is not None and "feo/docs/requirements" in docname and type == "comp_req" + :+belongs_to: comp__feo_main diff --git a/docs/modules/index.rst b/docs/modules/index.rst index 9949b019c7d..f7ef453165c 100644 --- a/docs/modules/index.rst +++ b/docs/modules/index.rst @@ -33,3 +33,12 @@ It is the physically compiled and packaged unit that results from the build proc :glob: ./*/index + +Modules List +------------ + +.. needtable:: + :style: table + :types: mod + :columns: id;status + :filter: id != "mod__example_feature_archex_module_1" diff --git a/docs/modules/lifecycle/index.rst b/docs/modules/lifecycle/index.rst index 7f6078aafd8..19e38733887 100644 --- a/docs/modules/lifecycle/index.rst +++ b/docs/modules/lifecycle/index.rst @@ -18,7 +18,7 @@ Lifecycle .. mod_view_sta:: Lifecycle :id: mod_view_sta__lifecycle__modules - :includes: comp_arc_sta__lifecycle__launch_manager, comp_arc_sta__lifecycle__healthmonitor + :includes: comp__lifecycle_launch_manager, comp__lifecycle_healthmonitor .. needarch:: :scale: 50 @@ -26,15 +26,34 @@ Lifecycle {{ draw_module(need(), needs) }} -.. comp_arc_sta:: Launch Manager - :id: comp_arc_sta__lifecycle__launch_manager +.. comp_req:: Lifecycle + :id: comp_req__lifecycle__launch + :reqtype: Functional + :status: invalid + :security: NO + :safety: ASIL_B + :tags: lifecycle + :satisfies: feat_req__lifecycle__launch_support + :belongs_to: comp__lifecycle_launch_manager + + Dummy requirement + +.. comp:: Launch Manager + :id: comp__lifecycle_launch_manager :status: valid :safety: ASIL_B :implements: logic_arc_int__lifecycle__controlif, logic_arc_int__lifecycle__alive_if :uses: logic_arc_int__logging__logging, logic_arc_int__baselibs__json, logic_arc_int__os__fork, logic_arc_int__lifecycle__lifecycle_if :security: NO - :includes: - :fulfils: + + +.. comp_arc_sta:: Launch Manager Static View + :id: comp_arc_sta__lifecycle__launch_manager + :status: valid + :safety: ASIL_B + :security: NO + :belongs_to: comp__lifecycle_launch_manager + :fulfils: comp_req__lifecycle__launch .. needarch:: :scale: 50 @@ -42,15 +61,22 @@ Lifecycle {{ draw_component(need(), needs) }} -.. comp_arc_sta:: Health Monitor - :id: comp_arc_sta__lifecycle__healthmonitor +.. comp:: Health Monitor + :id: comp__lifecycle_healthmonitor :status: valid :safety: ASIL_B + :security: NO :implements: logic_arc_int__lifecycle__deadline_monitor_if,logic_arc_int__lifecycle__logical_monitor_if :uses: logic_arc_int__lifecycle__alive_if + +.. comp_arc_sta:: Health Monitor Static View + :id: comp_arc_sta__lifecycle__healthmonitor + :status: valid + :safety: ASIL_B :security: NO - :includes: - :fulfils: + :uses: logic_arc_int__lifecycle__alive_if + :belongs_to: comp__lifecycle_healthmonitor + :fulfils: comp_req__lifecycle__launch .. needarch:: :scale: 50 diff --git a/docs/modules/logging/docs/index.rst b/docs/modules/logging/docs/index.rst index 439678c1014..720f1be636f 100644 --- a/docs/modules/logging/docs/index.rst +++ b/docs/modules/logging/docs/index.rst @@ -12,9 +12,17 @@ # SPDX-License-Identifier: Apache-2.0 # ******************************************************************************* +.. mod:: Logging + :id: mod__logging + :status: valid + :safety: ASIL_B + :security: YES + :includes: comp__logging + .. mod_view_sta:: Logging :id: mod_view_sta__logging__logging - :includes: comp_arc_sta__logging__logging + :includes: comp__logging + :belongs_to: mod__logging .. needarch:: :scale: 50 diff --git a/docs/modules/logging/logging/docs/architecture/index.rst b/docs/modules/logging/logging/docs/architecture/index.rst index 5f0882f82f9..50f789d0b1c 100644 --- a/docs/modules/logging/logging/docs/architecture/index.rst +++ b/docs/modules/logging/logging/docs/architecture/index.rst @@ -14,13 +14,20 @@ Component Architecture ********************** +.. comp:: Logging + :id: comp__logging + :security: YES + :safety: ASIL_B + :status: valid + :implements: logic_arc_int__logging__logging .. comp_arc_sta:: Logging :id: comp_arc_sta__logging__logging :security: YES :safety: ASIL_B :status: valid - :implements: logic_arc_int__logging__logging + :belongs_to: comp__logging + :fulfils: comp_req__component_name__some_title .. needarch:: :scale: 50 diff --git a/docs/modules/orchestrator/docs/index.rst b/docs/modules/orchestrator/docs/index.rst index d7fb4780d2b..3717c601990 100644 --- a/docs/modules/orchestrator/docs/index.rst +++ b/docs/modules/orchestrator/docs/index.rst @@ -12,19 +12,32 @@ # SPDX-License-Identifier: Apache-2.0 # ******************************************************************************* +Module Documents Orchestrator +############################# + + +.. toctree:: + :maxdepth: 1 + :glob: + + manual/index.rst + safety_mgt/index.rst + verification/module_verification_report.rst + release/release_note.rst + +.. mod:: Orchestrator + :id: mod__orchestrator + :includes: comp__orchestrator, comp__orch_executor + :status: valid + :safety: ASIL_B + :security: YES + .. mod_view_sta:: Orchestrator :id: mod_view_sta__orch__orchestrator - :includes: comp_arc_sta__orch__orchestrator, comp_arc_sta__orch__executor + :includes: comp__orchestrator, comp__orch_executor .. needarch:: :scale: 50 :align: center {{ draw_module(need(), needs) }} - -Module Documents -================ - -.. toctree:: - :maxdepth: 1 - :titlesonly: diff --git a/docs/modules/persistency/docs/manual/index.rst b/docs/modules/orchestrator/docs/manual/index.rst similarity index 100% rename from docs/modules/persistency/docs/manual/index.rst rename to docs/modules/orchestrator/docs/manual/index.rst diff --git a/docs/modules/persistency/docs/manual/safety_manual.rst b/docs/modules/orchestrator/docs/manual/safety_manual.rst similarity index 60% rename from docs/modules/persistency/docs/manual/safety_manual.rst rename to docs/modules/orchestrator/docs/manual/safety_manual.rst index b2515225fd5..70f50ffd3c7 100644 --- a/docs/modules/persistency/docs/manual/safety_manual.rst +++ b/docs/modules/orchestrator/docs/manual/safety_manual.rst @@ -15,45 +15,33 @@ Safety Manual ============= -.. document:: Persistency Safety Manual - :id: doc__persistency_safety_manual - :status: valid +.. document:: Orchestrator Safety Manual + :id: doc__orchestrator_safety_manual + :status: draft :safety: ASIL_B - :security: NO - :tags: persistency + :security: YES :realizes: wp__module_safety_manual + :tags: orchestrator + Introduction/Scope ------------------ -| This manual will cover the Feature Persistency. It's based on the components KVS and Tiny JSON. +| Assumed Platform Safety Requirements ------------------------------------ -| For the module persistency the following safety related stakeholder requirements are assumed to define the top level functionality (purpose) of the module persistency. I.e. from these all the feature and component requirements implemented are derived. -| List of stakeholder requirements, with ASIL B, the module's components requirements are derived from. - -.. needtable:: - :style: table - :columns: title;id;status - :colwidths: 25,25,15 - :sort: title - - results = [] - - for need in needs.filter_types(["stkh_req"]): - if need and "persistency" in need["tags"]: - if need["safety"] == "ASIL_B": - results.append(need) - +| For the the following safety related stakeholder requirements are assumed to define the top level functionality (purpose) of the . I.e. from these all the feature and component requirements implemented are derived. +| Assumptions of Use ------------------ Assumptions on the Environment ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ -| Generally the assumption of the S-CORE platform SEooC is that it is integrated in a safe system, i.e. the POSIX OS it runs on is qualified and also the HW related failures are taken into account by the system integrator, if not otherwise stated in the module's safety concept. +| Generally the assumption of the project platform SEooC is that it is integrated in a safe system, i.e. the POSIX OS it runs on is qualified and also the HW related failures are taken into account by the system integrator, if not otherwise stated in the module's safety concept. +| -List of AoUs expected from the environment the module runs on: +List of AoUs expected from the environment the platform / module runs on: .. needtable:: :style: table @@ -64,16 +52,15 @@ List of AoUs expected from the environment the module runs on: results = [] for need in needs.filter_types(["aou_req"]): - if need and "persistency" in need["tags"]: - if need and "environment" in need["tags"]: + if need and "environment" in need["tags"]: results.append(need) Assumptions on the User ^^^^^^^^^^^^^^^^^^^^^^^ | As there is no assumption on which specific OS and HW is used, the integration testing of the stakeholder and feature requirements is expected to be performed by the user of the platform SEooC. Tests covering all stakeholder and feature requirements performed on a reference platform (tbd link to reference platform specification), reviewed and passed are included in the platform SEooC safety case. -| Additionally the components of the platform may have additional specific assumptions how they are used. These are part of every module documentation: :ref:`module_documentation`. Assumptions from components to their users can be fulfilled in two ways: +| Additionally the components of the platform may have additional specific assumptions how they are used. These are part of every module documentation: . Assumptions from components to their users can be fulfilled in two ways: | 1. There are assumption which need to be fulfilled by all SW components, e.g. "every user of an IPC mechanism needs to make sure that he provides correct data (including appropriate ASIL level)" - in this case the AoU is marked as "platform". -| 2. There are assumption which can be fulfilled by a safety mechanism realized by some other S-CORE platform component and are therefore not relevant for an user who uses the whole platform. But those are relevant if you chose to use the module SEooC stand-alone - in this case the AoU is marked as "module". An example would be the "JSON read" which requires "The user shall provide a string as input which is not corrupted due to HW or QM SW errors." - which is covered when using together with safe S-CORE platform persistency feature. +| 2. There are assumption which can be fulfilled by a safety mechanism realized by some other project platform component and are therefore not relevant for an user who uses the whole platform. But those are relevant if you chose to use the module SEooC stand-alone - in this case the AoU is marked as "module". An example would be the "JSON read" which requires "The user shall provide a string as input which is not corrupted due to HW or QM SW errors." - which is covered when using together with safe project platform persistency feature. List of AoUs on the user of the platform features or the module of this safety manual: @@ -87,7 +74,6 @@ List of AoUs on the user of the platform features or the module of this safety m for need in needs.filter_types(["aou_req"]): if need and "environment" not in need["tags"]: - if need and "persistency" in need["tags"]: results.append(need) Safety concept of the SEooC diff --git a/docs/modules/persistency/docs/release/release_note.rst b/docs/modules/orchestrator/docs/release/release_note.rst similarity index 58% rename from docs/modules/persistency/docs/release/release_note.rst rename to docs/modules/orchestrator/docs/release/release_note.rst index e966523ce98..4a064f8fd3a 100644 --- a/docs/modules/persistency/docs/release/release_note.rst +++ b/docs/modules/orchestrator/docs/release/release_note.rst @@ -15,23 +15,34 @@ Release Note ============ -.. document:: Persistency Release Note - :id: doc__persistency_release_note - :status: valid +.. document:: Orchestrator Release Note + :id: doc__orchestrator_release_note + :status: draft :safety: ASIL_B - :security: NO + :security: YES :realizes: wp__module_sw_release_note - :tags: persistency + :tags: orchestrator -| Module Name: Persistency + +| Module Name: Orchestrator | Release Tag: vX.Y.Z +| Origin Release Tag: vU.V.W | Release Commit Hash: a1b2c3d4e5f6g7h8i9j0 | Release Date: YYYY-MM-DD +| Safety: [QM | ASIL_B] +| Security: [NO | YES] | | Overview | -------- | -| This document provides an overview of the changes, improvements, and bug fixes included in the software module release version vX.Y.Z. +| This document provides an overview of the changes, improvements, and bug fixes included in the software module release version vX.Y.Z +| as compared to the module's origin release (which is usually the previous release). +| +| Disclaimer +| ---------- +| This release note does not "release for production", as it does not come with a safety argumentation and a performed safety assessment. +| The work products compiled in the safety package are created with care according to a process satisfying standards, but the as the project, +| being a non-profit and open source organization, can not take over any liability for its content. | | New Features | ------------ @@ -54,11 +65,23 @@ Release Note | - **Bug 2**: Brief description of the bug fix. | - **Bug 3**: Brief description of the bug fix. | +| Other changes by Label +| ---------------------- +| +| - **Label 1/Refactor 1**: Brief description of the change. +| - **Label 2/Refactor 2**: Brief description of the change. +| - **Label 3/Refactor 3**: Brief description of the change. +| | Compatibility | ------------- | | - **Dependencies**: List any dependencies and their versions. | +| Performed Verification +| ---------------------- +| This release note is based on the verification as documented in module verification report +| :need:`doc__module_name_verification_report`. +| | Known Issues | ------------ | @@ -66,6 +89,13 @@ Release Note | - **Issue 2**: Brief description of the known issue. Justification regarding safety impact. | - **Issue 3**: Brief description of the known issue. Justification regarding safety impact. | +| Known Vulnerabilities +| --------------------- +| +| - **CVE 1**: Brief description of the known CVE. Justification regarding security impact. +| - **CVE 2**: Brief description of the known CVE. Justification regarding security impact. +| - **CVE 3**: Brief description of the known CVE. Justification regarding security impact. +| | Upgrade Instructions | -------------------- | @@ -73,6 +103,17 @@ Release Note | 2. **Step 2**: Description of the second step. | 3. **Step 3**: Description of the third step. | +| Contributors +| ------------ +| +| Thanks to everyone who contributed to this release: +| +| Contributor 1 +| Contributor 2 +| + +--- + | Contact Information | ------------------- | diff --git a/docs/modules/persistency/docs/safety_mgt/index.rst b/docs/modules/orchestrator/docs/safety_mgt/index.rst similarity index 97% rename from docs/modules/persistency/docs/safety_mgt/index.rst rename to docs/modules/orchestrator/docs/safety_mgt/index.rst index 04718ba3557..f67104c9b63 100644 --- a/docs/modules/persistency/docs/safety_mgt/index.rst +++ b/docs/modules/orchestrator/docs/safety_mgt/index.rst @@ -18,6 +18,7 @@ Safety Management .. toctree:: :titlesonly: + module_codeowners module_safety_plan module_safety_plan_fdr module_safety_package_fdr diff --git a/docs/modules/orchestrator/docs/safety_mgt/module_codeowners.rst b/docs/modules/orchestrator/docs/safety_mgt/module_codeowners.rst new file mode 100644 index 00000000000..997499fa493 --- /dev/null +++ b/docs/modules/orchestrator/docs/safety_mgt/module_codeowners.rst @@ -0,0 +1,45 @@ +.. + # ******************************************************************************* + # Copyright (c) 2025 Contributors to the Eclipse Foundation + # + # See the NOTICE file(s) distributed with this work for additional + # information regarding copyright ownership. + # + # This program and the accompanying materials are made available under the + # terms of the Apache License Version 2.0 which is available at + # https://www.apache.org/licenses/LICENSE-2.0 + # + # SPDX-License-Identifier: Apache-2.0 + # ******************************************************************************* + +Module Codeowners Skill Check +***************************** + +.. document:: Orchestrator Codeowners + :id: doc__orchestrator_codeowners + :status: valid + :safety: ASIL_B + :security: YES + :realizes: wp__module_safety_plan + +Assigned Committer(s) +===================== + +According to `Orchestrator Module Codeowners `_ +the following committers are assigned to guard the Orchestrator repository: + +- ``_ +- ``_ + +Skill Check +=========== + +For the CODEOWNERS the required skills, knowledge and experience is defined in ``_. + +The evidences are not published openly due to personal data confidentiality, but will be checked by the module safety manager. + +- ``_: SW developer and architect at Tier 1 > 10 years for safety related SW. Contribution to process community. +- ``_: SW developer and architect at Tier 1 > 2 years for safety related SW. Project lead for safety related SW > 3 years. Lead of architecture community and member of S-CORE project lead circle. + + +The S-CORE processes are trained on the job by the Orchestrator module safety manager to the CODEOWNERS. diff --git a/docs/modules/persistency/docs/safety_mgt/module_safety_package_fdr.rst b/docs/modules/orchestrator/docs/safety_mgt/module_safety_package_fdr.rst similarity index 86% rename from docs/modules/persistency/docs/safety_mgt/module_safety_package_fdr.rst rename to docs/modules/orchestrator/docs/safety_mgt/module_safety_package_fdr.rst index 678f4e756ae..5004f01d014 100644 --- a/docs/modules/persistency/docs/safety_mgt/module_safety_package_fdr.rst +++ b/docs/modules/orchestrator/docs/safety_mgt/module_safety_package_fdr.rst @@ -15,13 +15,14 @@ Safety Package Formal Review Report =================================== -.. document:: Persistency Safety Package Formal Review - :id: doc__persistency_safety_package_fdr - :status: valid +.. document:: Orchestrator Safety Package Formal Review + :id: doc__orchestrator_safety_package_fdr + :status: draft :safety: ASIL_B - :security: NO + :security: YES :realizes: wp__fdr_reports - :tags: persistency + :tags: orchestrator + **1. Purpose** @@ -38,14 +39,14 @@ The purpose of this review checklist is to report status of the formal review fo - Comment * - 1 - - Is a safety package provided which matches the safety plan (i.e. all planned workproducts referenced)? + - Is a safety package provided which matches the safety plan (i.e. all planned work products referenced)? - [YES | NO ] - * - 2 - Is the argument how functional safety is achieved, provided in the safety package, plausible and sufficient? - NO - - The argument is intentionally not provided by S-CORE. + - The argument is intentionally not provided by the project. * - 3 - Are the referenced work products available? diff --git a/docs/modules/persistency/docs/safety_mgt/module_safety_plan.rst b/docs/modules/orchestrator/docs/safety_mgt/module_safety_plan.rst similarity index 54% rename from docs/modules/persistency/docs/safety_mgt/module_safety_plan.rst rename to docs/modules/orchestrator/docs/safety_mgt/module_safety_plan.rst index 48e93377447..47a2e9e3ebc 100644 --- a/docs/modules/persistency/docs/safety_mgt/module_safety_plan.rst +++ b/docs/modules/orchestrator/docs/safety_mgt/module_safety_plan.rst @@ -15,23 +15,23 @@ Module Safety Plan ****************** -.. document:: Persistency Safety Plan - :id: doc__persistency_safety_plan - :status: valid +.. document:: Orchestrator Safety Plan + :id: doc__orchestrator_safety_plan + :status: draft :safety: ASIL_B - :security: NO + :security: YES :realizes: wp__module_safety_plan - :tags: persistency + :tags: orchestrator Functional Safety Management Context ==================================== -This Safety Plan adds to the :need:`gd_guidl__saf_plan_definitions` all the module development relevant workproducts needed for ISO 26262 conformity. +This Safety Plan adds to the project's :need:`wp__platform_safety_plan` all the module development relevant work products needed for ISO 26262 conformity. Functional Safety Management Scope ================================== -This Safety Plan's scope is a SW module of the SW platform :ref:`module_documentation`. +This Safety Plan's scope is a SW module of the SW platform /index.rst>. The module consists of one or more SW components and will be qualified as a SEooC. Functional Safety Management Roles @@ -44,31 +44,32 @@ Functional Safety Management Roles - Assignee * - Safety Manager - - tbd + - Volker Häussler - * - Module Project Manager (= Feature team lead) - - Lars Bauhofer + * - Module Project Manager + - Naveen Mohanan Tailoring ========= -Additional to the tailoring in the SW platform project as defined in the :need:`gd_guidl__saf_plan_definitions` we define here the additional tailoring on module level. +Additional to the tailoring in the SW platform project as defined in the project's :need:`wp__platform_safety_plan` we define here the additional tailoring on module level. -| - Excluded for this module are additionally the following workproducts (and their related requirements): -| - No work products excluded +- Excluded for this module are additionally the following work products (and their related requirements): -Functional Safety Module Workproducts -===================================== + - - -One set of workproducts for the module and one set for each component of the module: +Functional Safety Module Work products +====================================== + +One set of work products for the module and one set for each component of the module: -Module Workproducts List ------------------------- +Module Work products List +------------------------- -.. list-table:: Module Workproducts +.. list-table:: Module Work products :header-rows: 1 - * - Workproduct Id + * - Work product Id - Link to process - Process status - Link to issue @@ -78,37 +79,37 @@ Module Workproducts List * - :need:`wp__module_safety_plan` - :need:`gd_guidl__saf_plan_definitions` - :ndf:`copy('status', need_id='gd_guidl__saf_plan_definitions')` - - https://github.com/eclipse-score/score/issues/952?issue=eclipse-score%7Cscore%7C963 + - - this document - - valid + - see above * - :need:`wp__module_safety_package` - :need:`gd_guidl__saf_package` - :ndf:`copy('status', need_id='gd_guidl__saf_package')` - - https://github.com/eclipse-score/score/issues/952?issue=eclipse-score%7Cscore%7C963 + - - this document (including the linked documentation) - - valid + - see above (and below) * - :need:`wp__fdr_reports` (module Safety Plan) - :need:`gd_chklst__safety_plan` - :ndf:`copy('status', need_id='gd_chklst__safety_plan')` - - https://github.com/eclipse-score/score/issues/952?issue=eclipse-score%7Cscore%7C963 - - :need:`doc__persistency_safety_plan_fdr` - - :ndf:`copy('status', need_id='doc__persistency_safety_plan_fdr')` + - + - :need:`doc__module_name_safety_plan_fdr` + - :ndf:`copy('status', need_id='doc__module_name_safety_plan_fdr')` * - :need:`wp__fdr_reports` (module Safety Package) - :need:`gd_chklst__safety_package` - :ndf:`copy('status', need_id='gd_chklst__safety_package')` - - https://github.com/eclipse-score/score/issues/952?issue=eclipse-score%7Cscore%7C963 - - :need:`doc__persistency_safety_package_fdr` - - :ndf:`copy('status', need_id='doc__persistency_safety_package_fdr')` + - + - :need:`doc__module_name_safety_package_fdr` + - :ndf:`copy('status', need_id='doc__module_name_safety_package_fdr')` * - :need:`wp__fdr_reports` (module's Safety Analyses & DFA) - - :need:`gd_guidl__safety_analysis` - - :ndf:`copy('status', need_id='gd_guidl__safety_analysis')` - - https://github.com/eclipse-score/score/issues/952?issue=eclipse-score%7Cscore%7C965 - - :need:`doc__persistency_kvs_fmea` - - :ndf:`copy('status', need_id='doc__persistency_kvs_fmea')` + - Safety Analysis FDR tbd + - + - + - + - * - :need:`wp__audit_report` - performed by external experts @@ -117,41 +118,34 @@ Module Workproducts List - - - * - :need:`wp__module_sw_build_config` - - `gd_temp__software_development_plan` - - `copy('status', need_id='doc__software_development_plan')` - - - - - - - * - :need:`wp__module_safety_manual` - :need:`gd_temp__safety_manual` - :ndf:`copy('status', need_id='gd_temp__safety_manual')` - - https://github.com/eclipse-score/score/issues/952?issue=eclipse-score%7Cscore%7C963 - - :need:`doc__persistency_safety_manual` - - :ndf:`copy('status', need_id='doc__persistency_safety_manual')` + - + - :need:`doc__module_name_safety_manual` + - :ndf:`copy('status', need_id='doc__module_name_safety_manual')` * - :need:`wp__verification_module_ver_report` - :need:`gd_temp__mod_ver_report` - :ndf:`copy('status', need_id='gd_temp__mod_ver_report')` - - https://github.com/eclipse-score/score/issues/952?issue=eclipse-score%7Cscore%7C964 - - :need:`doc__persistency_verification_report` - - :ndf:`copy('status', need_id='doc__persistency_verification_report')` + - + - :need:`doc__module_name_verification_report` + - :ndf:`copy('status', need_id='doc__module_name_verification_report')` * - :need:`wp__module_sw_release_note` - :need:`gd_temp__rel_mod_rel_note` - :ndf:`copy('status', need_id='gd_temp__rel_mod_rel_note')` - - - :need:`doc__persistency_release_note` - - :ndf:`copy('status', need_id='doc__persistency_release_note')` + - :need:`doc__module_name_release_note` + - :ndf:`copy('status', need_id='doc__module_name_release_note')` -Component Workproducts List ----------------------------------- +Component Work products List +----------------------------------- -.. list-table:: Component Workproducts +.. list-table:: Component Work products :header-rows: 1 - * - Workproduct Id + * - Work product Id - Link to process - Process status - Link to issue @@ -161,86 +155,86 @@ Component Workproducts List * - :need:`wp__requirements_comp` - :need:`gd_temp__req_comp_req` - :ndf:`copy('status', need_id='gd_temp__req_comp_req')` - - https://github.com/eclipse-score/score/issues/952?issue=eclipse-score%7Cscore%7C960 - - :need:`doc__persistency_kvs_requirements` - - :ndf:`copy('status', need_id='doc__persistency_kvs_requirements')` & WP below + - + - :need:`doc__component_name_requirements` + - doc :ndf:`copy('status', need_id='doc__component_name_requirements')` & WP below * - :need:`wp__requirements_comp_aou` - :need:`gd_temp__req_aou_req` - :ndf:`copy('status', need_id='gd_temp__req_aou_req')` - - https://github.com/eclipse-score/score/issues/952?issue=eclipse-score%7Cscore%7C960 - - :need:`doc__persistency_kvs_requirements` - - :ndf:`copy('status', need_id='doc__persistency_kvs_requirements')` & WP below + - + - :need:`doc__component_name_requirements` + - doc :ndf:`copy('status', need_id='doc__component_name_requirements')` & WP below * - :need:`wp__requirements_inspect` - :need:`gd_chklst__req_inspection` - :ndf:`copy('status', need_id='gd_chklst__req_inspection')` - - n/a - - Checklist used in Pull Request Review - - n/a + - + - :need:`doc__component_name_req_inspection` + - :ndf:`copy('status', need_id='doc__component_name_req_inspection')` * - :need:`wp__component_arch` - :need:`gd_temp__arch_comp` - :ndf:`copy('status', need_id='gd_temp__arch_comp')` - - https://github.com/eclipse-score/score/issues/952?issue=eclipse-score%7Cscore%7C1020 - - :need:`doc__persistency_kvs_architecture` - - :ndf:`copy('status', need_id='doc__persistency_kvs_architecture')` & WP below + - + - :need:`doc__component_name_architecture` + - doc :ndf:`copy('status', need_id='doc__component_name_architecture')` & WP below * - :need:`wp__sw_arch_verification` - :need:`gd_chklst__arch_inspection_checklist` - :ndf:`copy('status', need_id='gd_chklst__arch_inspection_checklist')` - - n/a - - Checklist used in Pull Request Review - - n/a + - + - :need:`doc__component_name_arc_inspection` + - :ndf:`copy('status', need_id='doc__component_name_arc_inspection')` * - :need:`wp__sw_component_fmea` - - :need:`wp__sw_component_fmea` - - :ndf:`copy('status', need_id='gd_guidl__safety_analysis')` - - https://github.com/eclipse-score/score/issues/952?issue=eclipse-score%7Cscore%7C965 - - :need:`doc__persistency_kvs_fmea` - - :ndf:`copy('status', need_id='doc__persistency_kvs_fmea')` & WP below + - :need:`gd_temp__comp_saf_fmea` + - :ndf:`copy('status', need_id='gd_temp__comp_saf_fmea')` + - + - :need:`doc__component_name_fmea` + - doc :ndf:`copy('status', need_id='doc__component_name_fmea')` & WP below * - :need:`wp__sw_component_dfa` - - :need:`wp__sw_component_dfa` - - :ndf:`copy('status', need_id='gd_guidl__safety_analysis')` - - https://github.com/eclipse-score/score/issues/952?issue=eclipse-score%7Cscore%7C965 - - :need:`doc__persistency_kvs_dfa` - - :ndf:`copy('status', need_id='doc__persistency_kvs_dfa')` & WP below + - :need:`gd_temp__comp_saf_dfa` + - :ndf:`copy('status', need_id='gd_temp__comp_saf_dfa')` + - + - :need:`doc__component_name_dfa` + - doc :ndf:`copy('status', need_id='doc__component_name_dfa')` & WP below * - :need:`wp__sw_implementation` - :need:`gd_guidl__implementation` - :ndf:`copy('status', need_id='gd_guidl__implementation')` - - https://github.com/eclipse-score/score/issues/952?issue=eclipse-score%7Cscore%7C961 + - - - * - :need:`wp__verification_sw_unit_test` - :need:`gd_guidl__verification_guide` - :ndf:`copy('status', need_id='gd_guidl__verification_guide')` - - https://github.com/eclipse-score/score/issues/952?issue=eclipse-score%7Cscore%7C964 + - - - * - :need:`wp__sw_implementation_inspection` - :need:`gd_chklst__impl_inspection_checklist` - :ndf:`copy('status', need_id='gd_chklst__impl_inspection_checklist')` - - n/a - - Checklist used in Pull Request Review - - n/a + - + - + - * - :need:`wp__verification_comp_int_test` - :need:`gd_guidl__verification_guide` - :ndf:`copy('status', need_id='gd_guidl__verification_guide')` - - https://github.com/eclipse-score/score/issues/952?issue=eclipse-score%7Cscore%7C964 + - - - * - :need:`wp__sw_component_class` - :need:`gd_guidl__component_classification` - :ndf:`copy('status', need_id='gd_guidl__component_classification')` - - https://github.com/eclipse-score/score/issues/952?issue=eclipse-score%7Cscore%7C963 - - :need:`doc__persistency_component_classification` - - :ndf:`copy('status', need_id='doc__persistency_component_classification')` + - + - :need:`doc__component_name_comp_class` + - :ndf:`copy('status', need_id='doc__component_name_comp_class')` Note: In case the component is a new development, :need:`wp__sw_component_class` shall be removed from the above list (and also from the folders). In case an OSS element is used in the module, part 6 has to be filled out. @@ -248,25 +242,25 @@ In case an OSS element is used in the module, part 6 has to be filled out. OSS (sub-)component qualification plan ====================================== -For the selected OSS component the following workproducts will be implemented (and why): +For the selected OSS component the following work products will be implemented (and why): If the OSS element is classified as a - component, then the below table shall match the above, adding the reasoning for tailoring of work products according to the OSS component classification. - - lower level component, then no workproducts additional to the component’s will be planned and activities below are part of the component’s issues. + - lower level component, then no work products additional to the component’s will be planned and activities below are part of the component’s issues. -.. list-table:: OSS (sub-)component Tiny JSON Workproducts +.. list-table:: OSS (sub-)component Work products :header-rows: 1 - * - Workproduct Id + * - Work product Id - Link to issue - Reasoning for tailoring * - :need:`wp__requirements_comp` - - https://github.com/eclipse-score/score/issues/952?issue=eclipse-score%7Cscore%7C960 + - - Always needed (for Q and QR classification) and also improves process Id 2 * - :need:`wp__requirements_comp_aou` - - https://github.com/eclipse-score/score/issues/952?issue=eclipse-score%7Cscore%7C960 + - - Always needed (for Q and QR classification) and also improves process Id 5 * - :need:`wp__requirements_inspect` @@ -278,11 +272,11 @@ If the OSS element is classified as a - * - :need:`wp__sw_component_fmea` - - https://github.com/eclipse-score/score/issues/952?issue=eclipse-score%7Cscore%7C965 + - - * - :need:`wp__sw_arch_verification` - - https://github.com/eclipse-score/score/issues/952?issue=eclipse-score%7Cscore%7C964 + - - * - :need:`wp__sw_implementation` @@ -290,19 +284,19 @@ If the OSS element is classified as a - If source code is modified, this is not a OSS qualification any more. * - :need:`wp__verification_sw_unit_test` - - https://github.com/eclipse-score/score/issues/952?issue=eclipse-score%7Cscore%7C964 + - - * - :need:`wp__sw_implementation_inspection` - - https://github.com/eclipse-score/score/issues/952?issue=eclipse-score%7Cscore%7C961 + - - * - :need:`wp__verification_comp_int_test` - - https://github.com/eclipse-score/score/issues/952?issue=eclipse-score%7Cscore%7C964 + - - Always needed (for Q and QR classification) * - :need:`wp__sw_component_class` - - https://github.com/eclipse-score/score/issues/952?issue=eclipse-score%7Cscore%7C963 + - - Always needed as basis for tailoring. Work Product Status (for Safety Package) @@ -312,10 +306,10 @@ Component Requirements Status ----------------------------- .. needtable:: - :filter: docname is not None and "persistency" in docname and "requirements" in docname + :filter: "orchestrator" in docname and "requirements" in docname and docname is not None :style: table :types: comp_req - :tags: persistencykvs + :tags: orchestrator :columns: id;status;tags :colwidths: 25,25,25 :sort: title @@ -324,10 +318,10 @@ Component AoU Status -------------------- .. needtable:: - :filter: docname is not None and "persistency" in docname and "requirements" in docname + :filter: "orchestrator" in docname and "requirements" in docname and docname is not None :style: table :types: aou_req - :tags: persistencykvs + :tags: orchestrator :columns: id;status;tags :colwidths: 25,25,25 :sort: title @@ -336,10 +330,10 @@ Component Architecture Status ----------------------------- .. needtable:: - :filter: docname is not None and "persistency" in docname and "requirements" in docname + :filter: "component_name" in docname and "architecture" in docname and docname is not None :style: table :types: comp_arc_sta; comp_arc_dyn - :tags: persistencykvs + :tags: orchestrator :columns: id;status;tags :colwidths: 25,25,25 :sort: title diff --git a/docs/modules/persistency/docs/safety_mgt/module_safety_plan_fdr.rst b/docs/modules/orchestrator/docs/safety_mgt/module_safety_plan_fdr.rst similarity index 94% rename from docs/modules/persistency/docs/safety_mgt/module_safety_plan_fdr.rst rename to docs/modules/orchestrator/docs/safety_mgt/module_safety_plan_fdr.rst index 23f90f2c367..69569b0852a 100644 --- a/docs/modules/persistency/docs/safety_mgt/module_safety_plan_fdr.rst +++ b/docs/modules/orchestrator/docs/safety_mgt/module_safety_plan_fdr.rst @@ -15,13 +15,13 @@ Safety Plan Formal Review Report ================================ -.. document:: Persistency Safety Plan Formal Review - :id: doc__persistency_safety_plan_fdr - :status: valid +.. document:: Orchestrator Safety Plan Formal Review + :id: doc__orchestrator_safety_plan_fdr + :status: draft :safety: ASIL_B - :security: NO + :security: YES :realizes: wp__fdr_reports - :tags: persistency + :tags: orchestrator **1. Purpose** diff --git a/docs/modules/persistency/docs/verification/module_verification_report.rst b/docs/modules/orchestrator/docs/verification/module_verification_report.rst similarity index 94% rename from docs/modules/persistency/docs/verification/module_verification_report.rst rename to docs/modules/orchestrator/docs/verification/module_verification_report.rst index a00ca26e618..88491dfda83 100644 --- a/docs/modules/persistency/docs/verification/module_verification_report.rst +++ b/docs/modules/orchestrator/docs/verification/module_verification_report.rst @@ -15,16 +15,16 @@ Verification Report =================== -.. document:: Persistency Verification Report - :id: doc__persistency_verification_report - :status: valid +.. document:: Orchestrator Verification Report + :id: doc__orchestrator_verification_report + :status: draft :safety: ASIL_B - :security: NO + :security: YES :realizes: wp__verification_module_ver_report - :tags: persistency + :tags: orchestrator -This verification report is based on the verification plan. +This verification report is based on the :need:`gd_temp__verification_plan`. It covers all the components of the above stated module. Verification Report contains: diff --git a/docs/modules/orchestrator/executor/docs/architecture/chklst_arc_inspection.rst b/docs/modules/orchestrator/executor/docs/architecture/chklst_arc_inspection.rst new file mode 100644 index 00000000000..24beb8a7b6a --- /dev/null +++ b/docs/modules/orchestrator/executor/docs/architecture/chklst_arc_inspection.rst @@ -0,0 +1,157 @@ +.. + # ******************************************************************************* + # Copyright (c) 2025 Contributors to the Eclipse Foundation + # + # See the NOTICE file(s) distributed with this work for additional + # information regarding copyright ownership. + # + # This program and the accompanying materials are made available under the + # terms of the Apache License Version 2.0 which is available at + # https://www.apache.org/licenses/LICENSE-2.0 + # + # SPDX-License-Identifier: Apache-2.0 + # ******************************************************************************* + + +.. document:: Executor Architecture Inspection Checklist + :id: doc__executor_arc_inspection + :status: draft + :safety: ASIL_B + :security: YES + :realizes: wp__sw_arch_verification + :tags: executor + + +Architecture Inspection Checklist +================================= + +Purpose +------- + +The purpose of the software architecture checklist is to ensure that the design meets the criteria and quality as +defined per project processes and guidelines for feature and component architectural design elements. +It helps to check the compliance with requirements, identify errors or inconsistencies, and ensure adherence to best +practices. +The checklist guides evaluation of the architecture design, identifies potential problems, and aids in +communication and documentation of architectural decisions to stakeholders. + +Checklist +--------- + +.. list-table:: Architecture Design Review Checklist + :header-rows: 1 + + * - Review Id + - Acceptance criteria + - Type + - Guidance + - passed + - Remarks + - Issue link + * - ARC_01_01 + - Is the traceability from software architectural elements to requirements, and other level architectural + elements (e.g. component to interface) established according to the "Relations between the architectural elements" as described in :need:`doc_concept__arch_process`? + - automated + - Trace should be checked by Sphinx. Will be removed from checklist once requirement is implemented. + - + - + - + * - ARC_01_02 + - If the architectural element is related to any supplier manuals (incl. safety and security) + are the relevant parts covered? + - manual + - If the architecture makes use of supplied elements, their manuals (like safety) have to be considered (i.e. its provided functionality matches the expectation and assumptions are fulfilled). Note that in case of safety component this means that assumed Technical Safety Requirements and AoUs of the safety manual are covered. + - + - + - + * - ARC_01_03 + - Is the architectural element traceable to the lower level artifacts as defined by the workproduct traceability? + - automated + - Will be removed from checklist once requirement is implemented by automated tool check. + Details of possible linking can be depicted from `traceability concept `_ + - + - + - + * - ARC_02_01 + - Is the software architecture design compliant with the (overall) feature architecture? + - manual + - On component level check against the feature architecture, on feature level check other features with common components used. + - + - + - + * - ARC_02_02 + - Is appropriate and comprehensible operation/interface naming present in the architectural design? + - manual + - Check :need:`gd_guidl__arch_design` + - + - + - + * - ARC_02_03 + - Are correctness of data flow and control flow within the architectural elements considered? + - manual + - E.g. examine definitions, transformations, integrity, and interaction of data; check error handling, data + exchange between elements, correct response to inputs and documented decision making. + Note: consistency is ensured by the process/tooling, by defining each interface only once. + - + - + - + * - ARC_02_04 + - Are the interfaces between the software architectural element and other architectural elements well-defined? + - manual + - Check if the interface reacts on non-defined behavior or errors; can established protocols be used; are the + interfaces for inputs, outputs, error codes documented; is loose coupling considered and only limited exposure; + can unit or integration test be written against the interface; data amount transferred; no sensitive data + exposure; + - + - + - + * - ARC_02_05 + - Does the software architectural element consider the timing constraints (from the parent requirement)? + - manual + - If there are hard requirements on the timing a programming time estimation should be performed and also + deadline supervision considered. + - + - + - + * - ARC_02_06 + - Is the documentation of the software architectural element, including textual and graphical descriptions + (e.g., UML diagrams), comprehensible and complete? + - manual + - Use of semi-formal notation is expected for architectural elements with an allocated ASIL level. + Is the architecture template correctly filled? + - + - + - + * - ARC_03_01 + - Is the architectural element modular and encapsulated? + - manual + - Check e.g. that only minimal interfaces are used. Design should be object oriented. Interfaces and interactions are clearly defined. Usage of access types (private, protected) properly set. Limited global variables. + - + - + - + * - ARC_03_02 + - Is the suitability of the software architecture for future modifications and maintainability considered? + - manual + - Check for e.g. loose coupling, separation of concerns, high cohesion, versioning strategy for interfaces, + decision records, use of established design patterns. + - + - + - + * - ARC_03_03 + - Are simplicity and avoidance of unnecessary complexity present in the software architecture? + - manual + - Indicators for complexity are: number of use cases (corresponding to dynamic diagrams) + allocated to single design element, number of interfaces and operations in an interface, + function parameters, global variables, complex types, limited comprehensibility. + + Note: If the "number" above exceeds "3" a design rationale is mandatory (for all types) + - + - + - + * - ARC_03_04 + - Is the software architecture design following best practices and design principles? + - manual + - Refer to architectural guidelines and recommendations within the project documentation. + - + - + - diff --git a/docs/modules/persistency/kvs/docs/architecture/index.rst b/docs/modules/orchestrator/executor/docs/architecture/index.rst similarity index 51% rename from docs/modules/persistency/kvs/docs/architecture/index.rst rename to docs/modules/orchestrator/executor/docs/architecture/index.rst index e04f5bdbfe5..bc284caca0f 100644 --- a/docs/modules/persistency/kvs/docs/architecture/index.rst +++ b/docs/modules/orchestrator/executor/docs/architecture/index.rst @@ -12,17 +12,17 @@ # SPDX-License-Identifier: Apache-2.0 # ******************************************************************************* -.. _component_architecture_PersistencyKvs: +Component Architecture +====================== -Architecture -============ - -.. document:: Persistency KVS Module Architecture - :id: doc__persistency_kvs_architecture +.. document:: Executor Architecture + :id: doc__executor_architecture :status: valid :safety: ASIL_B - :security: NO + :security: YES :realizes: wp__component_arch + :tags: orchestration, executor + Overview -------- @@ -44,13 +44,14 @@ Description General Description -Design Decisions +Design Decisions - For the documentation of the decision the :need:`gd_temp__change_decision_record` can be used. Design Constraints Rationale Behind Architecture Decomposition ******************************************* -mandatory: a motivation for the decomposition or reason for not further splitting it into sub components. + +Mandatory: a motivation for the decomposition or reason for not further splitting it into lower level components. .. note:: Common decisions across components / cross cutting concepts is at the higher level. @@ -60,14 +61,22 @@ Static Architecture The components are designed to cover the expectations from the feature architecture (i.e. if already exists a definition it should be taken over and enriched). -.. comp_arc_sta:: Component Name (Static View) - :id: comp_arc_sta__persistency__static_view +.. comp:: Executor + :id: comp__orch_executor :security: YES - :safety: ASIL_B - :status: invalid - :implements: - :fulfils: - :includes: comp_arc_sta__persistency__2 + :safety: ASIL_B + :status: valid + :uses: logic_arc_int__logging__logging, logic_arc_int__tracing__tracing + + +.. comp_arc_sta:: Executor + :id: comp_arc_sta__orch__executor + :security: YES + :safety: ASIL_B + :status: valid + :uses: logic_arc_int__logging__logging, logic_arc_int__tracing__tracing + :belongs_to: comp__orch_executor + :fulfils: comp_req__component_name__some_title .. needarch:: :scale: 50 @@ -78,14 +87,14 @@ The components are designed to cover the expectations from the feature architect Dynamic Architecture -------------------- -.. comp_arc_dyn:: Dynamic View - :id: comp_arc_dyn__persistency__dynamic_view - :security: YES - :safety: ASIL_B - :status: invalid - :fulfils: +.. .. comp_arc_dyn:: Dynamic View +.. :id: comp_arc_dyn__component_name__dynamic_view +.. :security: YES +.. :safety: ASIL_B +.. :status: invalid +.. :fulfils: comp_req__component_name__some_title - put here a sequence diagram +.. put here a sequence diagram Interfaces @@ -96,27 +105,28 @@ Interfaces .. real_arc_int:: :id: real_arc_int__<component>__<Title> :security: <YES|NO> - :safety: <QM|ASIL_B|ASIL_B> + :safety: <QM|ASIL_B> :fulfils: <link to component requirement id> :language: cpp Lower Level Components ---------------------- -.. comp_arc_sta:: Component Name 2 - :id: comp_arc_sta__persistency__2 - :status: invalid - :safety: ASIL_B - :security: YES - :implements: +.. .. comp_arc_sta:: Component Name 2 +.. :id: comp_arc_sta__component_name__2 +.. :status: invalid +.. :safety: ASIL_B +.. :security: YES +.. :fulfils: comp_req__component_name__some_title +.. :implements: logic_arc_int__feature_name__interface_name - no architecture but detailed design +.. no architecture but detailed design -.. note:: - Architecture can be split into multiple files. At component level the public interfaces to be used by the user and tester to be shown. +.. .. note:: +.. Architecture can be split into multiple files. At component level the public interfaces to be used by the user and tester to be shown. -.. attention:: - The above directives must be updated according to your component architecture. +.. .. attention:: +.. The above directives must be updated according to your component architecture. - - Replace the example content by the real content (according to :need:`gd_guidl__arch_design`) - - Set the status to valid and start the review/merge process +.. - Replace the example content by the real content (according to :need:`gd_guidl__arch_design`) +.. - Set the status to valid and start the review/merge process diff --git a/docs/modules/orchestrator/executor/docs/detailed_design/index.rst b/docs/modules/orchestrator/executor/docs/detailed_design/index.rst new file mode 100644 index 00000000000..4861c94dff8 --- /dev/null +++ b/docs/modules/orchestrator/executor/docs/detailed_design/index.rst @@ -0,0 +1,70 @@ +.. + # ******************************************************************************* + # Copyright (c) 2025 Contributors to the Eclipse Foundation + # + # See the NOTICE file(s) distributed with this work for additional + # information regarding copyright ownership. + # + # This program and the accompanying materials are made available under the + # terms of the Apache License Version 2.0 which is available at + # https://www.apache.org/licenses/LICENSE-2.0 + # + # SPDX-License-Identifier: Apache-2.0 + # ******************************************************************************* + +Detailed Design +############### + +.. document:: Executor Detailed Design + :id: doc__executor_detailed_design + :status: draft + :safety: ASIL_B + :security: YES + :realizes: wp__sw_implementation + :tags: executor + + +Detailed Design for Component: Orchestrator +=========================================== + +Description +----------- + +| Design Decisions - For the documentation of the decision the :need:`gd_temp__change_decision_record` can be used. +| Design Constraints + +Rationale Behind Decomposition into Units +****************************************** +| mandatory: a motivation for the decomposition into one or more units. + +.. note:: Reason for split into multiple units could be- + - Based on design principles like SOLID,DRY etc + - Based on design pattern's etc. + +Static Diagrams for Unit Interactions +------------------------------------- +.. code-block:: rst + + .. dd_sta:: <Title> + :id: dd_sta__<Feature>__<Title> + :security: <YES|NO> + :safety: <QM|ASIL_B> + :status: <valid|invalid> + :implements: <link to component requirement id> + :satisfies: <link to component architecture id> + + .. image:: <link to drawio image> or .. uml:: <link to plantuml> + +Dynamic Diagrams for Unit Interactions +-------------------------------------- +.. code-block:: rst + + .. dd_dyn:: <Title> + :id: dd_dyn__<Feature>__<Title> + :security: <YES|NO> + :safety: <QM|ASIL_B> + :status: <valid|invalid> + :implements: <link to component requirement id> + :satisfies: <link to component architecture id> + + .. image:: <link to drawio image> or .. uml:: <link to plantuml> diff --git a/docs/modules/orchestrator/executor/docs/index.rst b/docs/modules/orchestrator/executor/docs/index.rst index 50d5ad597c6..f69ebe1222a 100644 --- a/docs/modules/orchestrator/executor/docs/index.rst +++ b/docs/modules/orchestrator/executor/docs/index.rst @@ -1,21 +1,174 @@ -.. _comp_doc_executor: +.. + # ******************************************************************************* + # Copyright (c) 2025 Contributors to the Eclipse Foundation + # + # See the NOTICE file(s) distributed with this work for additional + # information regarding copyright ownership. + # + # This program and the accompanying materials are made available under the + # terms of the Apache License Version 2.0 which is available at + # https://www.apache.org/licenses/LICENSE-2.0 + # + # SPDX-License-Identifier: Apache-2.0 + # ******************************************************************************* + Executor -########### +######## .. document:: Executor :id: doc__executor - :status: valid + :status: draft :safety: ASIL_B :security: YES :realizes: wp__cmpt_request - :tags: orchestration, executor + :tags: executor + + +Abstract +======== + +[A short (~200 word) description of the contribution being addressed.] + + +Motivation +========== + +[Clearly explain why the existing platform/project solution is inadequate to address the topic that the CR solves.] + + .. note:: + The motivation is critical for CRs that want to change the existing components. + It should clearly explain why the existing solution is inadequate to address the topic that the CR solves. + Motivation may based on criteria as resource requirements, scheduling issues, risks, benefits, etc. + CRs submissions without sufficient motivation may be rejected. + + + +Rationale +========= + +[Describe why particular design decisions were made.] + + + .. note:: + The rationale should provide evidence of consensus within the community and discuss important objections or concerns raised during discussion. + For the documentation of the decision the :need:`gd_temp__change_decision_record` can be used. + +Specification +============= + +[Describe the requirements, architecture of any new component.] or +[Describe the change to requirements, architecture, implementation, documentation of any change request.] + + .. note:: + A CR shall specify the component requirements as part of our platform/project. + Thereby the :need:`rl__project_lead` will approve these requirements as part of accepting the CR (e.g. merging the PR with the CR). + + + +Backwards Compatibility +======================= + +[Describe potential impact (especially including safety and security impacts) and severity on pre-existing platform/project elements.] + + +Security Impact +=============== + +[How could a malicious user take advantage of this new/modified component?] + + .. note:: + If there are security concerns in relation to the CR, those concerns should be explicitly written out to make sure reviewers of the CR are aware of them. + +Which security requirements are affected or has to be changed? +Could the new/modified component enable new threat scenarios? +Could the new/modified component enable new attack paths? +Could the new/modified component impact functional safety? +If applicable, which additional security measures must be implemented to mitigate the risk? + + .. note:: + Use Security Software Critically Analysis, Vulnerability Analysis. + [Methods will be defined later in Process area Security Analysis] + + +Safety Impact +============= + +[How could the safety be impacted by the new/modified component?] + + .. note:: + If there are safety concerns in relation to the CR, those concerns should be explicitly written out to make sure reviewers of the CR are aware of them. + +Which safety requirements are affected or has to be changed? +Could the new/modified component be a potential common cause or cascading failure initiator? +If applicable, which additional safety measures must be implemented to mitigate the risk? + + .. note:: + Use Dependency Failure Analysis and/or Safety Software Critically Analysis. + [Methods will be defined later in Process area Safety Analysis] + +For new feature/component contributions: + +[What is the expected ASIL level?] +[What is the expected classification of the contribution?] + + .. note:: + Use the component classification method here to classify your component, if it shall to be used in a safety context: :need:`gd_temp__component_classification`. + +License Impact +============== + +[How could the copyright impacted by the license of the new contribution?] + + +How to Teach This +================= + +[How to teach users, new and experienced, how to apply the CR to their work.] + + .. note:: + For a CR that adds new functionality or changes behavior, it is helpful to include a section on how to teach users, new and experienced, how to apply the CR to their work. + + + +Rejected Ideas +============== + +[Why certain ideas that were brought while discussing this CR were not ultimately pursued.] + + .. note:: + Throughout the discussion of a CR, various ideas will be proposed which are not accepted. + Those rejected ideas should be recorded along with the reasoning as to why they were rejected. + This both helps record the thought process behind the final version of the CR as well as preventing people from bringing up the same rejected idea again in subsequent discussions. + In a way this section can be thought of as a breakout section of the Rationale section that is focused specifically on why certain ideas were not ultimately pursued. + + + +Open Issues +=========== + +[Any points that are still being decided/discussed.] + + .. note:: + While a CR is in draft, ideas can come up which warrant further discussion. + Those ideas should be recorded so people know that they are being thought about but do not have a concrete resolution. + This helps make sure all issues required for the CR to be ready for consideration are complete and reduces people duplicating prior discussion. + + + +Footnotes +========= + +[A collection of footnotes cited in the CR, and a place to list non-inline hyperlink targets.] -Component Documents -=================== .. toctree:: - :maxdepth: 1 - :titlesonly: + :hidden: - architecture/executor + architecture/index.rst + architecture/chklst_arc_inspection.rst + detailed_design/index.rst + requirements/index.rst + requirements/chklst_req_inspection.rst + safety_analysis/fmea.rst + safety_analysis/dfa.rst diff --git a/docs/modules/orchestrator/executor/docs/requirements/chklst_req_inspection.rst b/docs/modules/orchestrator/executor/docs/requirements/chklst_req_inspection.rst new file mode 100644 index 00000000000..51c23f6a8ef --- /dev/null +++ b/docs/modules/orchestrator/executor/docs/requirements/chklst_req_inspection.rst @@ -0,0 +1,181 @@ +.. + # ******************************************************************************* + # Copyright (c) 2025 Contributors to the Eclipse Foundation + # + # See the NOTICE file(s) distributed with this work for additional + # information regarding copyright ownership. + # + # This program and the accompanying materials are made available under the + # terms of the Apache License Version 2.0 which is available at + # https://www.apache.org/licenses/LICENSE-2.0 + # + # SPDX-License-Identifier: Apache-2.0 + # ******************************************************************************* + + +.. document:: Executor Requirements Inspection Checklist + :id: doc__executor_req_inspection + :status: draft + :safety: ASIL_B + :security: YES + :realizes: wp__requirements_inspect + :tags: executor + + +Requirement Inspection Checklist +================================ + + **Purpose** + + The purpose of this requirement inspection checklist is to collect the topics to be checked during requirements inspection. + + **Conduct** + + As described in the concept :need:`doc_concept__wp_inspections` the following "inspection roles" are expected to be filled: + + - author: these are the persons who did the last commits on the requirements in scope (can be derived from version mgt tool) + - reviewer: these are all persons committing into this inspection document or giving a pull request verdict on it (can be derived from version mgt tool) + - moderator: only needed for conflict resolution between author and reviewers, is the safety manager, security manager or quality manager called in as a reviewer (can be derived from version mgt tool) + - test expert: <one of the reviewers explicitly named here, to cover REQ_08_01 as described> + + **Checklist** + + .. list-table:: Component Requirement Inspection Checklist + :header-rows: 1 + :widths: 10,30,50,6,6,8 + + * - Review ID + - Acceptance Criteria + - Guidance + - Passed + - Remarks + - Issue link + * - REQ_01_01 + - Is the requirement formulation template used? + - see :need:`gd_temp__req_formulation`, this includes the use of "shall". + - + - + - + * - REQ_02_01 + - Is the requirement description *comprehensible* ? + - If you think the requirement is hard to understand, comment here. + - + - + - + * - REQ_02_02 + - Is the requirement description *unambiguous* ? + - Especially search for "weak words" like "about", "etc.", "relevant" and others (see the internet documentation on this). This check shall be supported by tooling. + - + - + - + * - REQ_02_03 + - Is the requirement description *atomic* ? + - A good way to think about this is to consider if the requirement may be tested by one (positive) test case or needs more of these. The requirement formulation template should also avoid being non-atomic already. Note that there are cases where also non-atomic requirements are the better ones, for example if those are better understandable. + - + - + - + * - REQ_02_04 + - Is the requirement description *feasible* ? + - If at the time of the inspection the requirement has already some implementation, the answer is yes. This can be checked via traces, but also :need:`gd_req__req_attr_impl` shows this. In case the requirement has no implementation at the time of inspection (i.e. not implemented at least as "proof-of-concept"), a development expert should be invited to the Pull-Request review to explicitly check this item. + - + - + - + * - REQ_02_05 + - Is the requirement description *independent from implementation* ? + - This checkpoint should improve requirements definition in the sense that the "what" is described and not the "how" - the latter should be described in architecture/design derived from the requirement. But there can also be a good reason for this, for example we would require using a file format like JSON and even specify the formatting standard already on stakeholder requirement level because we want to be compatible. A finding in this checkpoint does not mean there is a safety problem in the requirement. + - + - + - + * - REQ_03_01 + - For stakeholder requirements: Is the *rationale* correct? + - Rationales explain why the top level requirements were created. Do those cover the requirement? + - + - + - + * - REQ_03_02 + - For feature/component requirements: Is the *linkage to the parent requirement* correct? + - Linkage to correct levels and ASIL attributes is checked automatically, but it needs checking if the child requirement implements (at least) a part of the parent requirement. + - + - + - + * - REQ_04_01 + - Is the requirement *internally and externally consistent*? + - Does the requirement contradict other requirements within the same or higher levels? One may restrict the search to the feature for component requirements, for features to other features using same components. + - + - + - + * - REQ_05_01 + - Do the software requirements consider *timing constraints*? + - This checkpoint encourages to think about timing constraints even if those are not explicitly mentioned in the parent requirement. If the reviewer of a requirement already knows or suspects that the code execution will be consuming a lot of time, one should think of the expectation of a "user". + - + - + - + * - REQ_06_01 + - Does the requirement consider *external interfaces*? + - The SW platform's external interfaces (to the user) are defined in the Feature Architecture, so the Feature and Component Requirements should determine the input data use and setting of output data for these interfaces. Are all output values defined? + - + - + - + * - REQ_07_01 + - Is the *safety* attribute set correctly? + - Derived requirements are checked automatically, see :need:`gd_req__req_linkage_safety`. But for the top level requirements (and also all AoU) this needs to be checked manually for correctness. + - + - + - + * - REQ_07_02 + - Is the attribute *security* set correctly? + - Stakeholder requirements security attribute should be set based on Threat Analysis and Risk Assessment (TARA) (process is TBD). For feature/component requirements this checklist item is supported by automated check: "Every requirement which satisfies a requirement with security attribute set to YES inherits this". But the feature/component requirements/architecture may additionally also be subject to a Software Security Criticality Analysis (process is TBD). + - + - + - + * - REQ_08_01 + - Is the requirement *verifiable*? + - If at the time of the inspection already tests are created for the requirement, the answer is yes. This can be checked via traces, but also :need:`gd_req__req_attr_test_covered` shows this. In case the requirement is not sufficiently traced to test cases already, a test expert is invited to the inspection to give their opinion whether the requirement is formulated in a way that supports test development and the available test infrastructure is sufficient to perform the test. + - + - + - + * - REQ_09_01 + - For stakeholder requirements: Do those cover assumed safety mechanisms needed by the hardware and system? + - Note that stakeholder requirements covering safety mechanisms come from rationales, whereas feature/component requirements are covering safety mechanisms coming from :need:`gd_chklst__safety_analysis` + - + - + - + * - REQ_09_02 + - For feature/component requirements: Do the requirements defining a safety mechanism contain the error reaction leading to a safe state? + - Alternatively to the safe state there could also be "repair" mechanisms. Also do not forget to consider REQ_05_01 for these. + - + - + - + + +.. attention:: + The above checklist entries must be filled according to your component requirements in scope. + +Note: If a Review ID is not applicable for your requirement, then state ""n/a" in status and comment accordingly in remarks. For example "no stakeholder requirement (no rationale needed)" + +The following requirements in "valid" state and with "inspected" tag set are in the scope of this inspection: + +.. needtable:: + :filter: "component_name" in docname and "requirements" in docname and docname is not None and status == "valid" + :style: table + :types: comp_req + :tags: component_name + :columns: id;status;tags + :colwidths: 25,25,25 + :sort: title + +And also the following AoUs in "valid" state and with "inspected" tag set (for these please answer the questions above as if the AoUs are requirements, except questions REQ_03_01 and REQ_03_02): + +.. needtable:: + :filter: "component_name" in docname and "requirements" in docname and docname is not None and status == "valid" + :style: table + :types: aou_req + :tags: component_name + :columns: id;status;tags + :colwidths: 25,25,25 + :sort: title + +.. attention:: + The above tables filtering must be updated according to your Component. + + - Modify ``component_name`` to be your Component Name in lower snake case diff --git a/docs/modules/orchestrator/executor/docs/requirements/index.rst b/docs/modules/orchestrator/executor/docs/requirements/index.rst new file mode 100644 index 00000000000..2d055127515 --- /dev/null +++ b/docs/modules/orchestrator/executor/docs/requirements/index.rst @@ -0,0 +1,66 @@ +.. + # ******************************************************************************* + # Copyright (c) 2025 Contributors to the Eclipse Foundation + # + # See the NOTICE file(s) distributed with this work for additional + # information regarding copyright ownership. + # + # This program and the accompanying materials are made available under the + # terms of the Apache License Version 2.0 which is available at + # https://www.apache.org/licenses/LICENSE-2.0 + # + # SPDX-License-Identifier: Apache-2.0 + # ******************************************************************************* + +Requirements +############ + +.. document:: Executor Requirements + :id: doc__executor_requirements + :status: draft + :safety: ASIL_B + :security: YES + :realizes: wp__requirements_comp + :tags: executor + + +<Headlines (for the list of requirements if structuring is needed)> +=================================================================== + +.. .. comp_req:: Some Title +.. :id: comp_req__component_name__some_title +.. :reqtype: Process +.. :security: YES +.. :safety: ASIL_B +.. :satisfies: feat_req__feature_name__some_title +.. :status: invalid + +.. The Component shall do xyz to another component to bring it to this condition at this time + +.. Note: (optional, not to be verified) + +.. attention:: + The above directive must be updated according to your component requirements. + + - Replace the example content by the real content for your first requirement + - Set the status to valid and start the review/merge process + - Add other needed requirements for your component + +.. .. aou_req:: Next Title +.. :id: aou_req__component_name__next_title +.. :reqtype: Process +.. :security: YES +.. :safety: ASIL_B +.. :status: invalid + +.. The Component User shall do xyz to use the component safely + +.. attention:: + The above directives must be updated according to your feature requirements. + + - Replace the example content by the real content for your first requirement (according to :need:`gd_guidl__req_engineering`) + - Set the status to valid and start the review/merge process + - Add other needed requirements for your feature + +.. needextend:: "component_name" in id + :+tags: component_name diff --git a/docs/modules/orchestrator/executor/docs/safety_analysis/dfa.rst b/docs/modules/orchestrator/executor/docs/safety_analysis/dfa.rst new file mode 100644 index 00000000000..ec74b44bf3a --- /dev/null +++ b/docs/modules/orchestrator/executor/docs/safety_analysis/dfa.rst @@ -0,0 +1,49 @@ +.. + # ******************************************************************************* + # Copyright (c) 2025 Contributors to the Eclipse Foundation + # + # See the NOTICE file(s) distributed with this work for additional + # information regarding copyright ownership. + # + # This program and the accompanying materials are made available under the + # terms of the Apache License Version 2.0 which is available at + # https://www.apache.org/licenses/LICENSE-2.0 + # + # SPDX-License-Identifier: Apache-2.0 + # ******************************************************************************* + + +DFA (Dependent Failure Analysis) +================================ + +.. document:: Executor DFA + :id: doc__executor_dfa + :status: draft + :safety: ASIL_B + :security: YES + :realizes: wp__sw_component_dfa + :tags: executor + + +Dependent Failure Initiators +---------------------------- + +.. code-block:: rst + + .. comp_saf_dfa:: <Title> + :violates: <Component architecture> + :id: comp_saf_dfa__<Component>__<Element descriptor> + :failure_id: <ID from DFA failure initiators :need:`gd_guidl__dfa_failure_initiators`> + :failure_effect: "description of failure effect of the failure initiator on the element" + :mitigated_by: <ID from Component Requirement | ID from AoU Component Requirement> + :mitigation_issue: <ID from Issue Tracker> + :sufficient: <yes|no> + :status: <valid|invalid> + +.. note:: argument is inside the 'content'. Therefore content is mandatory + +.. attention:: + The above directive must be updated according to your component DFA. + + - The above "code-block" directive must be updated + - Fill in all the needed information in the <brackets> diff --git a/docs/modules/orchestrator/executor/docs/safety_analysis/fmea.rst b/docs/modules/orchestrator/executor/docs/safety_analysis/fmea.rst new file mode 100644 index 00000000000..4afb07d21e2 --- /dev/null +++ b/docs/modules/orchestrator/executor/docs/safety_analysis/fmea.rst @@ -0,0 +1,49 @@ +.. + # ******************************************************************************* + # Copyright (c) 2025 Contributors to the Eclipse Foundation + # + # See the NOTICE file(s) distributed with this work for additional + # information regarding copyright ownership. + # + # This program and the accompanying materials are made available under the + # terms of the Apache License Version 2.0 which is available at + # https://www.apache.org/licenses/LICENSE-2.0 + # + # SPDX-License-Identifier: Apache-2.0 + # ******************************************************************************* + + +FMEA (Failure Modes and Effects Analysis) +========================================= + +.. document:: Executor FMEA + :id: doc__executor_fmea + :status: draft + :safety: ASIL_B + :security: YES + :realizes: wp__sw_component_fmea + :tags: executor + + +Failure Mode List +----------------- + +.. code-block:: rst + + .. comp_saf_fmea:: <Title> + :violates: <Component architecture> + :id: comp_saf_fmea__<Component>__<Element descriptor> + :fault_id: <ID from fault model :need:`gd_guidl__fault_models`> + :failure_effect: "description of failure effect of the fault model on the element" + :mitigated_by: <ID from Component Requirement | ID from AoU Component Requirement> + :mitigation_issue: <ID from Issue Tracker> + :sufficient: <yes|no> + :status: <valid|invalid> + +.. note:: argument is inside the 'content'. Therefore content is mandatory + +.. attention:: + The above directive must be updated according to your component FMEA. + + - The above "code-block" directive must be updated + - Fill in all the needed information in the <brackets> diff --git a/docs/modules/orchestrator/index.rst b/docs/modules/orchestrator/index.rst index 7715df9f06f..4d542eca894 100644 --- a/docs/modules/orchestrator/index.rst +++ b/docs/modules/orchestrator/index.rst @@ -12,8 +12,154 @@ # SPDX-License-Identifier: Apache-2.0 # ******************************************************************************* -Orchestrator Module -################### +Orchestrator +############ + +.. document:: Orchestrator + :id: doc__orchestrator + :status: draft + :safety: ASIL_B + :security: YES + :realizes: wp__cmpt_request + :tags: orchestrator + + +Abstract +======== + +[A short (~200 word) description of the contribution being addressed.] + + +Motivation +========== + +[Clearly explain why the existing platform/project solution is inadequate to address the topic that the CR solves.] + + .. note:: + The motivation is critical for CRs that want to change the existing components. + It should clearly explain why the existing solution is inadequate to address the topic that the CR solves. + Motivation may based on criteria as resource requirements, scheduling issues, risks, benefits, etc. + CRs submissions without sufficient motivation may be rejected. + + + +Rationale +========= + +[Describe why particular design decisions were made.] + + + .. note:: + The rationale should provide evidence of consensus within the community and discuss important objections or concerns raised during discussion. + For the documentation of the decision the :need:`gd_temp__change_decision_record` can be used. + +Specification +============= + +[Describe the requirements, architecture of any new component.] or +[Describe the change to requirements, architecture, implementation, documentation of any change request.] + + .. note:: + A CR shall specify the component requirements as part of our platform/project. + Thereby the :need:`rl__project_lead` will approve these requirements as part of accepting the CR (e.g. merging the PR with the CR). + + + +Backwards Compatibility +======================= + +[Describe potential impact (especially including safety and security impacts) and severity on pre-existing platform/project elements.] + + +Security Impact +=============== + +[How could a malicious user take advantage of this new/modified component?] + + .. note:: + If there are security concerns in relation to the CR, those concerns should be explicitly written out to make sure reviewers of the CR are aware of them. + +Which security requirements are affected or has to be changed? +Could the new/modified component enable new threat scenarios? +Could the new/modified component enable new attack paths? +Could the new/modified component impact functional safety? +If applicable, which additional security measures must be implemented to mitigate the risk? + + .. note:: + Use Security Software Critically Analysis, Vulnerability Analysis. + [Methods will be defined later in Process area Security Analysis] + + +Safety Impact +============= + +[How could the safety be impacted by the new/modified component?] + + .. note:: + If there are safety concerns in relation to the CR, those concerns should be explicitly written out to make sure reviewers of the CR are aware of them. + +Which safety requirements are affected or has to be changed? +Could the new/modified component be a potential common cause or cascading failure initiator? +If applicable, which additional safety measures must be implemented to mitigate the risk? + + .. note:: + Use Dependency Failure Analysis and/or Safety Software Critically Analysis. + [Methods will be defined later in Process area Safety Analysis] + +For new feature/component contributions: + +[What is the expected ASIL level?] +[What is the expected classification of the contribution?] + + .. note:: + Use the component classification method here to classify your component, if it shall to be used in a safety context: :need:`gd_temp__component_classification`. + +License Impact +============== + +[How could the copyright impacted by the license of the new contribution?] + + +How to Teach This +================= + +[How to teach users, new and experienced, how to apply the CR to their work.] + + .. note:: + For a CR that adds new functionality or changes behavior, it is helpful to include a section on how to teach users, new and experienced, how to apply the CR to their work. + + + +Rejected Ideas +============== + +[Why certain ideas that were brought while discussing this CR were not ultimately pursued.] + + .. note:: + Throughout the discussion of a CR, various ideas will be proposed which are not accepted. + Those rejected ideas should be recorded along with the reasoning as to why they were rejected. + This both helps record the thought process behind the final version of the CR as well as preventing people from bringing up the same rejected idea again in subsequent discussions. + In a way this section can be thought of as a breakout section of the Rationale section that is focused specifically on why certain ideas were not ultimately pursued. + + + +Open Issues +=========== + +[Any points that are still being decided/discussed.] + + .. note:: + While a CR is in draft, ideas can come up which warrant further discussion. + Those ideas should be recorded so people know that they are being thought about but do not have a concrete resolution. + This helps make sure all issues required for the CR to be ready for consideration are complete and reduces people duplicating prior discussion. + + + +Footnotes +========= + +[A collection of footnotes cited in the CR, and a place to list non-inline hyperlink targets.] + .. toctree:: :titlesonly: diff --git a/docs/modules/orchestrator/orchestrator/docs/architecture/chklst_arc_inspection.rst b/docs/modules/orchestrator/orchestrator/docs/architecture/chklst_arc_inspection.rst new file mode 100644 index 00000000000..6c59d6213b2 --- /dev/null +++ b/docs/modules/orchestrator/orchestrator/docs/architecture/chklst_arc_inspection.rst @@ -0,0 +1,157 @@ +.. + # ******************************************************************************* + # Copyright (c) 2025 Contributors to the Eclipse Foundation + # + # See the NOTICE file(s) distributed with this work for additional + # information regarding copyright ownership. + # + # This program and the accompanying materials are made available under the + # terms of the Apache License Version 2.0 which is available at + # https://www.apache.org/licenses/LICENSE-2.0 + # + # SPDX-License-Identifier: Apache-2.0 + # ******************************************************************************* + + +.. document:: Orchestrator Architecture Inspection Checklist + :id: doc__orchestrator_arc_inspection + :status: draft + :safety: ASIL_B + :security: YES + :realizes: wp__sw_arch_verification + :tags: orchestrator + + +Architecture Inspection Checklist +================================= + +Purpose +------- + +The purpose of the software architecture checklist is to ensure that the design meets the criteria and quality as +defined per project processes and guidelines for feature and component architectural design elements. +It helps to check the compliance with requirements, identify errors or inconsistencies, and ensure adherence to best +practices. +The checklist guides evaluation of the architecture design, identifies potential problems, and aids in +communication and documentation of architectural decisions to stakeholders. + +Checklist +--------- + +.. list-table:: Architecture Design Review Checklist + :header-rows: 1 + + * - Review Id + - Acceptance criteria + - Type + - Guidance + - passed + - Remarks + - Issue link + * - ARC_01_01 + - Is the traceability from software architectural elements to requirements, and other level architectural + elements (e.g. component to interface) established according to the "Relations between the architectural elements" as described in :need:`doc_concept__arch_process`? + - automated + - Trace should be checked by Sphinx. Will be removed from checklist once requirement is implemented. + - + - + - + * - ARC_01_02 + - If the architectural element is related to any supplier manuals (incl. safety and security) + are the relevant parts covered? + - manual + - If the architecture makes use of supplied elements, their manuals (like safety) have to be considered (i.e. its provided functionality matches the expectation and assumptions are fulfilled). Note that in case of safety component this means that assumed Technical Safety Requirements and AoUs of the safety manual are covered. + - + - + - + * - ARC_01_03 + - Is the architectural element traceable to the lower level artifacts as defined by the workproduct traceability? + - automated + - Will be removed from checklist once requirement is implemented by automated tool check. + Details of possible linking can be depicted from `traceability concept <https://eclipse-score.github.io/process_description/main/general_concepts/score_traceability_concept.html>`_ + - + - + - + * - ARC_02_01 + - Is the software architecture design compliant with the (overall) feature architecture? + - manual + - On component level check against the feature architecture, on feature level check other features with common components used. + - + - + - + * - ARC_02_02 + - Is appropriate and comprehensible operation/interface naming present in the architectural design? + - manual + - Check :need:`gd_guidl__arch_design` + - + - + - + * - ARC_02_03 + - Are correctness of data flow and control flow within the architectural elements considered? + - manual + - E.g. examine definitions, transformations, integrity, and interaction of data; check error handling, data + exchange between elements, correct response to inputs and documented decision making. + Note: consistency is ensured by the process/tooling, by defining each interface only once. + - + - + - + * - ARC_02_04 + - Are the interfaces between the software architectural element and other architectural elements well-defined? + - manual + - Check if the interface reacts on non-defined behavior or errors; can established protocols be used; are the + interfaces for inputs, outputs, error codes documented; is loose coupling considered and only limited exposure; + can unit or integration test be written against the interface; data amount transferred; no sensitive data + exposure; + - + - + - + * - ARC_02_05 + - Does the software architectural element consider the timing constraints (from the parent requirement)? + - manual + - If there are hard requirements on the timing a programming time estimation should be performed and also + deadline supervision considered. + - + - + - + * - ARC_02_06 + - Is the documentation of the software architectural element, including textual and graphical descriptions + (e.g., UML diagrams), comprehensible and complete? + - manual + - Use of semi-formal notation is expected for architectural elements with an allocated ASIL level. + Is the architecture template correctly filled? + - + - + - + * - ARC_03_01 + - Is the architectural element modular and encapsulated? + - manual + - Check e.g. that only minimal interfaces are used. Design should be object oriented. Interfaces and interactions are clearly defined. Usage of access types (private, protected) properly set. Limited global variables. + - + - + - + * - ARC_03_02 + - Is the suitability of the software architecture for future modifications and maintainability considered? + - manual + - Check for e.g. loose coupling, separation of concerns, high cohesion, versioning strategy for interfaces, + decision records, use of established design patterns. + - + - + - + * - ARC_03_03 + - Are simplicity and avoidance of unnecessary complexity present in the software architecture? + - manual + - Indicators for complexity are: number of use cases (corresponding to dynamic diagrams) + allocated to single design element, number of interfaces and operations in an interface, + function parameters, global variables, complex types, limited comprehensibility. + + Note: If the "number" above exceeds "3" a design rationale is mandatory (for all types) + - + - + - + * - ARC_03_04 + - Is the software architecture design following best practices and design principles? + - manual + - Refer to architectural guidelines and recommendations within the project documentation. + - + - + - diff --git a/docs/modules/orchestrator/orchestrator/docs/architecture/orchestrator.rst b/docs/modules/orchestrator/orchestrator/docs/architecture/index.rst similarity index 63% rename from docs/modules/orchestrator/orchestrator/docs/architecture/orchestrator.rst rename to docs/modules/orchestrator/orchestrator/docs/architecture/index.rst index 1f2a48c9ef4..01c849af475 100644 --- a/docs/modules/orchestrator/orchestrator/docs/architecture/orchestrator.rst +++ b/docs/modules/orchestrator/orchestrator/docs/architecture/index.rst @@ -1,4 +1,3 @@ - .. # ******************************************************************************* # Copyright (c) 2025 Contributors to the Eclipse Foundation @@ -14,7 +13,7 @@ # ******************************************************************************* Component Architecture -======================= +====================== .. document:: Orchestrator Architecture :id: doc__orchestrator_architecture @@ -24,14 +23,86 @@ Component Architecture :realizes: wp__component_arch :tags: orchestration, orchestrator + +Overview +-------- +Brief summary + +Requirements Linked to Component Architecture +--------------------------------------------- + +.. code-block:: none + + .. needtable:: Overview of Component Requirements + :style: table + :columns: title;id + :filter: search("comp_arch_sta__archdes$", "fulfils_back") + :colwidths: 70,30 + +Description +----------- + +General Description + +Design Decisions - For the documentation of the decision the :need:`gd_temp__change_decision_record` can be used. + +Design Constraints + +Rationale Behind Architecture Decomposition +******************************************* + +Mandatory: a motivation for the decomposition or reason for not further splitting it into lower level components. + +.. note:: Common decisions across components / cross cutting concepts is at the higher level. + + + + + +Component Architecture +======================= + + + + + + + + + + + + +Static Architecture +------------------- + +The components are designed to cover the expectations from the feature architecture +(i.e. if already exists a definition it should be taken over and enriched). + +.. comp:: Orchestrator + :id: comp__orchestrator + :security: YES + :safety: ASIL_B + :status: valid + :implements: logic_arc_int__orchestration__user, logic_arc_int__orchestration__deployment, logic_arc_int__orchestration__design + :uses: logic_arc_int__logging__logging, logic_arc_int__tracing__tracing, logic_arc_int__communication__user + :consists_of: comp__orch_design_impl, comp__orch_deployment_impl + + .. needarch:: + :scale: 50 + :align: center + + {{ draw_component(need(), needs) }} + + .. comp_arc_sta:: Orchestrator :id: comp_arc_sta__orch__orchestrator :security: YES :safety: ASIL_B :status: valid - :includes: comp_arc_sta__orch__design_impl, comp_arc_sta__orch__deployment_impl - :implements: logic_arc_int__orchestration__user, logic_arc_int__orchestration__deployment, logic_arc_int__orchestration__design :uses: logic_arc_int__logging__logging, logic_arc_int__tracing__tracing, logic_arc_int__communication__user + :belongs_to: comp__orchestrator + :fulfils: comp_req__component_name__some_title .. needarch:: :scale: 50 @@ -39,6 +110,24 @@ Component Architecture {{ draw_component(need(), needs) }} + +Dynamic Architecture +-------------------- + +.. .. comp_arc_dyn:: Dynamic View +.. :id: comp_arc_dyn__component_name__dynamic_view +.. :security: YES +.. :safety: ASIL_B +.. :status: invalid +.. :fulfils: comp_req__component_name__some_title + +.. put here a sequence diagram + + +Interfaces +---------- + + .. logic_arc_int_op:: add_design :id: logic_arc_int_op__orch__add_design :security: YES @@ -93,15 +182,15 @@ Component Architecture .. Subcomponents -.. comp_arc_sta:: Design - :id: comp_arc_sta__orch__design_impl +.. comp:: Design + :id: comp__orch_design_impl :status: valid :safety: ASIL_B :security: NO :implements: logic_arc_int__orchestration__design -.. comp_arc_sta:: Deployment - :id: comp_arc_sta__orch__deployment_impl +.. comp:: Deployment + :id: comp__orch_deployment_impl :status: valid :safety: ASIL_B :security: NO @@ -109,7 +198,6 @@ Component Architecture .. Operations - .. logic_arc_int_op:: register_invoke_fn :id: logic_arc_int_op__orch__register_invoke_fn :security: YES @@ -188,6 +276,33 @@ Component Architecture :status: valid :included_by: logic_arc_int__orchestration__deployment -.. toctree:: - :maxdepth: 1 - :titlesonly: +.. .. code-block:: rst + +.. .. real_arc_int:: <Title> +.. :id: real_arc_int__<component>__<Title> +.. :security: <YES|NO> +.. :safety: <QM|ASIL_B> +.. :fulfils: <link to component requirement id> +.. :language: cpp + +Lower Level Components +---------------------- + +.. .. comp_arc_sta:: Component Name 2 +.. :id: comp_arc_sta__component_name__2 +.. :status: invalid +.. :safety: ASIL_B +.. :security: YES +.. :fulfils: comp_req__component_name__some_title +.. :implements: logic_arc_int__feature_name__interface_name + +.. no architecture but detailed design + +.. .. note:: +.. Architecture can be split into multiple files. At component level the public interfaces to be used by the user and tester to be shown. + +.. .. attention:: +.. The above directives must be updated according to your component architecture. + +.. - Replace the example content by the real content (according to :need:`gd_guidl__arch_design`) +.. - Set the status to valid and start the review/merge process diff --git a/docs/modules/orchestrator/orchestrator/docs/detailed_design/index.rst b/docs/modules/orchestrator/orchestrator/docs/detailed_design/index.rst new file mode 100644 index 00000000000..daacf0e9e8f --- /dev/null +++ b/docs/modules/orchestrator/orchestrator/docs/detailed_design/index.rst @@ -0,0 +1,70 @@ +.. + # ******************************************************************************* + # Copyright (c) 2025 Contributors to the Eclipse Foundation + # + # See the NOTICE file(s) distributed with this work for additional + # information regarding copyright ownership. + # + # This program and the accompanying materials are made available under the + # terms of the Apache License Version 2.0 which is available at + # https://www.apache.org/licenses/LICENSE-2.0 + # + # SPDX-License-Identifier: Apache-2.0 + # ******************************************************************************* + +Detailed Design +############### + +.. document:: Orchestrator Detailed Design + :id: doc__orchestrator_detailed_design + :status: draft + :safety: ASIL_B + :security: YES + :realizes: wp__sw_implementation + :tags: orchestrator + + +Detailed Design for Component: <Component Name> +=============================================== + +Description +----------- + +| Design Decisions - For the documentation of the decision the :need:`gd_temp__change_decision_record` can be used. +| Design Constraints + +Rationale Behind Decomposition into Units +****************************************** +| mandatory: a motivation for the decomposition into one or more units. + +.. note:: Reason for split into multiple units could be- + - Based on design principles like SOLID,DRY etc + - Based on design pattern's etc. + +Static Diagrams for Unit Interactions +------------------------------------- +.. code-block:: rst + + .. dd_sta:: <Title> + :id: dd_sta__<Feature>__<Title> + :security: <YES|NO> + :safety: <QM|ASIL_B> + :status: <valid|invalid> + :implements: <link to component requirement id> + :satisfies: <link to component architecture id> + + .. image:: <link to drawio image> or .. uml:: <link to plantuml> + +Dynamic Diagrams for Unit Interactions +-------------------------------------- +.. code-block:: rst + + .. dd_dyn:: <Title> + :id: dd_dyn__<Feature>__<Title> + :security: <YES|NO> + :safety: <QM|ASIL_B> + :status: <valid|invalid> + :implements: <link to component requirement id> + :satisfies: <link to component architecture id> + + .. image:: <link to drawio image> or .. uml:: <link to plantuml> diff --git a/docs/modules/orchestrator/orchestrator/docs/index.rst b/docs/modules/orchestrator/orchestrator/docs/index.rst index a410d019d99..7064028cf42 100644 --- a/docs/modules/orchestrator/orchestrator/docs/index.rst +++ b/docs/modules/orchestrator/orchestrator/docs/index.rst @@ -1,21 +1,173 @@ -.. _comp_doc_orchestrator: +.. + # ******************************************************************************* + # Copyright (c) 2025 Contributors to the Eclipse Foundation + # + # See the NOTICE file(s) distributed with this work for additional + # information regarding copyright ownership. + # + # This program and the accompanying materials are made available under the + # terms of the Apache License Version 2.0 which is available at + # https://www.apache.org/licenses/LICENSE-2.0 + # + # SPDX-License-Identifier: Apache-2.0 + # ******************************************************************************* + Orchestrator ############ .. document:: Orchestrator - :id: doc__orchestrator - :status: valid + :id: doc__orchestrator_component + :status: draft :safety: ASIL_B :security: YES :realizes: wp__cmpt_request - :tags: orchestration, orchestrator + :tags: orchestrator + + +Abstract +======== + +[A short (~200 word) description of the contribution being addressed.] + + +Motivation +========== + +[Clearly explain why the existing platform/project solution is inadequate to address the topic that the CR solves.] + + .. note:: + The motivation is critical for CRs that want to change the existing components. + It should clearly explain why the existing solution is inadequate to address the topic that the CR solves. + Motivation may based on criteria as resource requirements, scheduling issues, risks, benefits, etc. + CRs submissions without sufficient motivation may be rejected. + + + +Rationale +========= + +[Describe why particular design decisions were made.] + + + .. note:: + The rationale should provide evidence of consensus within the community and discuss important objections or concerns raised during discussion. + For the documentation of the decision the :need:`gd_temp__change_decision_record` can be used. + +Specification +============= + +[Describe the requirements, architecture of any new component.] or +[Describe the change to requirements, architecture, implementation, documentation of any change request.] + + .. note:: + A CR shall specify the component requirements as part of our platform/project. + Thereby the :need:`rl__project_lead` will approve these requirements as part of accepting the CR (e.g. merging the PR with the CR). + + + +Backwards Compatibility +======================= + +[Describe potential impact (especially including safety and security impacts) and severity on pre-existing platform/project elements.] + + +Security Impact +=============== + +[How could a malicious user take advantage of this new/modified component?] + + .. note:: + If there are security concerns in relation to the CR, those concerns should be explicitly written out to make sure reviewers of the CR are aware of them. + +Which security requirements are affected or has to be changed? +Could the new/modified component enable new threat scenarios? +Could the new/modified component enable new attack paths? +Could the new/modified component impact functional safety? +If applicable, which additional security measures must be implemented to mitigate the risk? + + .. note:: + Use Security Software Critically Analysis, Vulnerability Analysis. + [Methods will be defined later in Process area Security Analysis] + + +Safety Impact +============= + +[How could the safety be impacted by the new/modified component?] + + .. note:: + If there are safety concerns in relation to the CR, those concerns should be explicitly written out to make sure reviewers of the CR are aware of them. + +Which safety requirements are affected or has to be changed? +Could the new/modified component be a potential common cause or cascading failure initiator? +If applicable, which additional safety measures must be implemented to mitigate the risk? + + .. note:: + Use Dependency Failure Analysis and/or Safety Software Critically Analysis. + [Methods will be defined later in Process area Safety Analysis] + +For new feature/component contributions: + +[What is the expected ASIL level?] +[What is the expected classification of the contribution?] + + .. note:: + Use the component classification method here to classify your component, if it shall to be used in a safety context: :need:`gd_temp__component_classification`. + +License Impact +============== + +[How could the copyright impacted by the license of the new contribution?] + + +How to Teach This +================= + +[How to teach users, new and experienced, how to apply the CR to their work.] + + .. note:: + For a CR that adds new functionality or changes behavior, it is helpful to include a section on how to teach users, new and experienced, how to apply the CR to their work. + + + +Rejected Ideas +============== + +[Why certain ideas that were brought while discussing this CR were not ultimately pursued.] + + .. note:: + Throughout the discussion of a CR, various ideas will be proposed which are not accepted. + Those rejected ideas should be recorded along with the reasoning as to why they were rejected. + This both helps record the thought process behind the final version of the CR as well as preventing people from bringing up the same rejected idea again in subsequent discussions. + In a way this section can be thought of as a breakout section of the Rationale section that is focused specifically on why certain ideas were not ultimately pursued. + + + +Open Issues +=========== + +[Any points that are still being decided/discussed.] + + .. note:: + While a CR is in draft, ideas can come up which warrant further discussion. + Those ideas should be recorded so people know that they are being thought about but do not have a concrete resolution. + This helps make sure all issues required for the CR to be ready for consideration are complete and reduces people duplicating prior discussion. + + + +Footnotes +========= -Component Documents -=================== +[A collection of footnotes cited in the CR, and a place to list non-inline hyperlink targets.] .. toctree:: - :maxdepth: 1 - :titlesonly: + :hidden: - architecture/orchestrator + architecture/index.rst + architecture/chklst_arc_inspection.rst + detailed_design/index.rst + requirements/index.rst + requirements/chklst_req_inspection.rst + safety_analysis/fmea.rst + safety_analysis/dfa.rst diff --git a/docs/modules/orchestrator/orchestrator/docs/requirements/chklst_req_inspection.rst b/docs/modules/orchestrator/orchestrator/docs/requirements/chklst_req_inspection.rst new file mode 100644 index 00000000000..ae92b376b13 --- /dev/null +++ b/docs/modules/orchestrator/orchestrator/docs/requirements/chklst_req_inspection.rst @@ -0,0 +1,181 @@ +.. + # ******************************************************************************* + # Copyright (c) 2025 Contributors to the Eclipse Foundation + # + # See the NOTICE file(s) distributed with this work for additional + # information regarding copyright ownership. + # + # This program and the accompanying materials are made available under the + # terms of the Apache License Version 2.0 which is available at + # https://www.apache.org/licenses/LICENSE-2.0 + # + # SPDX-License-Identifier: Apache-2.0 + # ******************************************************************************* + + +.. document:: Orchestrator Requirements Inspection Checklist + :id: doc__orchestrator_req_inspection + :status: draft + :safety: ASIL_B + :security: YES + :realizes: wp__requirements_inspect + :tags: orchestrator + + +Requirement Inspection Checklist +================================ + + **Purpose** + + The purpose of this requirement inspection checklist is to collect the topics to be checked during requirements inspection. + + **Conduct** + + As described in the concept :need:`doc_concept__wp_inspections` the following "inspection roles" are expected to be filled: + + - author: these are the persons who did the last commits on the requirements in scope (can be derived from version mgt tool) + - reviewer: these are all persons committing into this inspection document or giving a pull request verdict on it (can be derived from version mgt tool) + - moderator: only needed for conflict resolution between author and reviewers, is the safety manager, security manager or quality manager called in as a reviewer (can be derived from version mgt tool) + - test expert: <one of the reviewers explicitly named here, to cover REQ_08_01 as described> + + **Checklist** + + .. list-table:: Component Requirement Inspection Checklist + :header-rows: 1 + :widths: 10,30,50,6,6,8 + + * - Review ID + - Acceptance Criteria + - Guidance + - Passed + - Remarks + - Issue link + * - REQ_01_01 + - Is the requirement formulation template used? + - see :need:`gd_temp__req_formulation`, this includes the use of "shall". + - + - + - + * - REQ_02_01 + - Is the requirement description *comprehensible* ? + - If you think the requirement is hard to understand, comment here. + - + - + - + * - REQ_02_02 + - Is the requirement description *unambiguous* ? + - Especially search for "weak words" like "about", "etc.", "relevant" and others (see the internet documentation on this). This check shall be supported by tooling. + - + - + - + * - REQ_02_03 + - Is the requirement description *atomic* ? + - A good way to think about this is to consider if the requirement may be tested by one (positive) test case or needs more of these. The requirement formulation template should also avoid being non-atomic already. Note that there are cases where also non-atomic requirements are the better ones, for example if those are better understandable. + - + - + - + * - REQ_02_04 + - Is the requirement description *feasible* ? + - If at the time of the inspection the requirement has already some implementation, the answer is yes. This can be checked via traces, but also :need:`gd_req__req_attr_impl` shows this. In case the requirement has no implementation at the time of inspection (i.e. not implemented at least as "proof-of-concept"), a development expert should be invited to the Pull-Request review to explicitly check this item. + - + - + - + * - REQ_02_05 + - Is the requirement description *independent from implementation* ? + - This checkpoint should improve requirements definition in the sense that the "what" is described and not the "how" - the latter should be described in architecture/design derived from the requirement. But there can also be a good reason for this, for example we would require using a file format like JSON and even specify the formatting standard already on stakeholder requirement level because we want to be compatible. A finding in this checkpoint does not mean there is a safety problem in the requirement. + - + - + - + * - REQ_03_01 + - For stakeholder requirements: Is the *rationale* correct? + - Rationales explain why the top level requirements were created. Do those cover the requirement? + - + - + - + * - REQ_03_02 + - For feature/component requirements: Is the *linkage to the parent requirement* correct? + - Linkage to correct levels and ASIL attributes is checked automatically, but it needs checking if the child requirement implements (at least) a part of the parent requirement. + - + - + - + * - REQ_04_01 + - Is the requirement *internally and externally consistent*? + - Does the requirement contradict other requirements within the same or higher levels? One may restrict the search to the feature for component requirements, for features to other features using same components. + - + - + - + * - REQ_05_01 + - Do the software requirements consider *timing constraints*? + - This checkpoint encourages to think about timing constraints even if those are not explicitly mentioned in the parent requirement. If the reviewer of a requirement already knows or suspects that the code execution will be consuming a lot of time, one should think of the expectation of a "user". + - + - + - + * - REQ_06_01 + - Does the requirement consider *external interfaces*? + - The SW platform's external interfaces (to the user) are defined in the Feature Architecture, so the Feature and Component Requirements should determine the input data use and setting of output data for these interfaces. Are all output values defined? + - + - + - + * - REQ_07_01 + - Is the *safety* attribute set correctly? + - Derived requirements are checked automatically, see :need:`gd_req__req_linkage_safety`. But for the top level requirements (and also all AoU) this needs to be checked manually for correctness. + - + - + - + * - REQ_07_02 + - Is the attribute *security* set correctly? + - Stakeholder requirements security attribute should be set based on Threat Analysis and Risk Assessment (TARA) (process is TBD). For feature/component requirements this checklist item is supported by automated check: "Every requirement which satisfies a requirement with security attribute set to YES inherits this". But the feature/component requirements/architecture may additionally also be subject to a Software Security Criticality Analysis (process is TBD). + - + - + - + * - REQ_08_01 + - Is the requirement *verifiable*? + - If at the time of the inspection already tests are created for the requirement, the answer is yes. This can be checked via traces, but also :need:`gd_req__req_attr_test_covered` shows this. In case the requirement is not sufficiently traced to test cases already, a test expert is invited to the inspection to give their opinion whether the requirement is formulated in a way that supports test development and the available test infrastructure is sufficient to perform the test. + - + - + - + * - REQ_09_01 + - For stakeholder requirements: Do those cover assumed safety mechanisms needed by the hardware and system? + - Note that stakeholder requirements covering safety mechanisms come from rationales, whereas feature/component requirements are covering safety mechanisms coming from :need:`gd_chklst__safety_analysis` + - + - + - + * - REQ_09_02 + - For feature/component requirements: Do the requirements defining a safety mechanism contain the error reaction leading to a safe state? + - Alternatively to the safe state there could also be "repair" mechanisms. Also do not forget to consider REQ_05_01 for these. + - + - + - + + +.. attention:: + The above checklist entries must be filled according to your component requirements in scope. + +Note: If a Review ID is not applicable for your requirement, then state ""n/a" in status and comment accordingly in remarks. For example "no stakeholder requirement (no rationale needed)" + +The following requirements in "valid" state and with "inspected" tag set are in the scope of this inspection: + +.. needtable:: + :filter: "component_name" in docname and "requirements" in docname and docname is not None and status == "valid" + :style: table + :types: comp_req + :tags: component_name + :columns: id;status;tags + :colwidths: 25,25,25 + :sort: title + +And also the following AoUs in "valid" state and with "inspected" tag set (for these please answer the questions above as if the AoUs are requirements, except questions REQ_03_01 and REQ_03_02): + +.. needtable:: + :filter: "component_name" in docname and "requirements" in docname and docname is not None and status == "valid" + :style: table + :types: aou_req + :tags: component_name + :columns: id;status;tags + :colwidths: 25,25,25 + :sort: title + +.. attention:: + The above tables filtering must be updated according to your Component. + + - Modify ``component_name`` to be your Component Name in lower snake case diff --git a/docs/modules/orchestrator/orchestrator/docs/requirements/index.rst b/docs/modules/orchestrator/orchestrator/docs/requirements/index.rst new file mode 100644 index 00000000000..6a5cfe0ef68 --- /dev/null +++ b/docs/modules/orchestrator/orchestrator/docs/requirements/index.rst @@ -0,0 +1,66 @@ +.. + # ******************************************************************************* + # Copyright (c) 2025 Contributors to the Eclipse Foundation + # + # See the NOTICE file(s) distributed with this work for additional + # information regarding copyright ownership. + # + # This program and the accompanying materials are made available under the + # terms of the Apache License Version 2.0 which is available at + # https://www.apache.org/licenses/LICENSE-2.0 + # + # SPDX-License-Identifier: Apache-2.0 + # ******************************************************************************* + +Requirements +############ + +.. document:: Orchestrator Requirements + :id: doc__orchestrator_requirements + :status: draft + :safety: ASIL_B + :security: YES + :realizes: wp__requirements_comp + :tags: orchestrator + + +<Headlines (for the list of requirements if structuring is needed)> +=================================================================== + +.. .. comp_req:: Some Title +.. :id: comp_req__component_name__some_title +.. :reqtype: Process +.. :security: YES +.. :safety: ASIL_B +.. :satisfies: feat_req__feature_name__some_title +.. :status: invalid + +.. The Component shall do xyz to another component to bring it to this condition at this time + +.. Note: (optional, not to be verified) + +.. attention:: + The above directive must be updated according to your component requirements. + + - Replace the example content by the real content for your first requirement + - Set the status to valid and start the review/merge process + - Add other needed requirements for your component + +.. .. aou_req:: Next Title +.. :id: aou_req__component_name__next_title +.. :reqtype: Process +.. :security: YES +.. :safety: ASIL_B +.. :status: invalid + +.. The Component User shall do xyz to use the component safely + +.. attention:: + The above directives must be updated according to your feature requirements. + + - Replace the example content by the real content for your first requirement (according to :need:`gd_guidl__req_engineering`) + - Set the status to valid and start the review/merge process + - Add other needed requirements for your feature + +.. needextend:: "component_name" in id + :+tags: component_name diff --git a/docs/modules/orchestrator/orchestrator/docs/safety_analysis/dfa.rst b/docs/modules/orchestrator/orchestrator/docs/safety_analysis/dfa.rst new file mode 100644 index 00000000000..d35bfd76163 --- /dev/null +++ b/docs/modules/orchestrator/orchestrator/docs/safety_analysis/dfa.rst @@ -0,0 +1,49 @@ +.. + # ******************************************************************************* + # Copyright (c) 2025 Contributors to the Eclipse Foundation + # + # See the NOTICE file(s) distributed with this work for additional + # information regarding copyright ownership. + # + # This program and the accompanying materials are made available under the + # terms of the Apache License Version 2.0 which is available at + # https://www.apache.org/licenses/LICENSE-2.0 + # + # SPDX-License-Identifier: Apache-2.0 + # ******************************************************************************* + + +DFA (Dependent Failure Analysis) +================================ + +.. document:: Orchestrator DFA + :id: doc__orchestrator_dfa + :status: draft + :safety: ASIL_B + :security: YES + :realizes: wp__sw_component_dfa + :tags: orchestrator + + +Dependent Failure Initiators +---------------------------- + +.. code-block:: rst + + .. comp_saf_dfa:: <Title> + :violates: <Component architecture> + :id: comp_saf_dfa__<Component>__<Element descriptor> + :failure_id: <ID from DFA failure initiators :need:`gd_guidl__dfa_failure_initiators`> + :failure_effect: "description of failure effect of the failure initiator on the element" + :mitigated_by: <ID from Component Requirement | ID from AoU Component Requirement> + :mitigation_issue: <ID from Issue Tracker> + :sufficient: <yes|no> + :status: <valid|invalid> + +.. note:: argument is inside the 'content'. Therefore content is mandatory + +.. attention:: + The above directive must be updated according to your component DFA. + + - The above "code-block" directive must be updated + - Fill in all the needed information in the <brackets> diff --git a/docs/modules/orchestrator/orchestrator/docs/safety_analysis/fmea.rst b/docs/modules/orchestrator/orchestrator/docs/safety_analysis/fmea.rst new file mode 100644 index 00000000000..6cf9f3d054c --- /dev/null +++ b/docs/modules/orchestrator/orchestrator/docs/safety_analysis/fmea.rst @@ -0,0 +1,49 @@ +.. + # ******************************************************************************* + # Copyright (c) 2025 Contributors to the Eclipse Foundation + # + # See the NOTICE file(s) distributed with this work for additional + # information regarding copyright ownership. + # + # This program and the accompanying materials are made available under the + # terms of the Apache License Version 2.0 which is available at + # https://www.apache.org/licenses/LICENSE-2.0 + # + # SPDX-License-Identifier: Apache-2.0 + # ******************************************************************************* + + +FMEA (Failure Modes and Effects Analysis) +========================================= + +.. document:: Orchestrator FMEA + :id: doc__orchestrator_fmea + :status: draft + :safety: ASIL_B + :security: YES + :realizes: wp__sw_component_fmea + :tags: orchestrator + + +Failure Mode List +----------------- + +.. code-block:: rst + + .. comp_saf_fmea:: <Title> + :violates: <Component architecture> + :id: comp_saf_fmea__<Component>__<Element descriptor> + :fault_id: <ID from fault model :need:`gd_guidl__fault_models`> + :failure_effect: "description of failure effect of the fault model on the element" + :mitigated_by: <ID from Component Requirement | ID from AoU Component Requirement> + :mitigation_issue: <ID from Issue Tracker> + :sufficient: <yes|no> + :status: <valid|invalid> + +.. note:: argument is inside the 'content'. Therefore content is mandatory + +.. attention:: + The above directive must be updated according to your component FMEA. + + - The above "code-block" directive must be updated + - Fill in all the needed information in the <brackets> diff --git a/docs/modules/os/docs/index.rst b/docs/modules/os/docs/index.rst index b6d9e933185..70b684d71ff 100644 --- a/docs/modules/os/docs/index.rst +++ b/docs/modules/os/docs/index.rst @@ -12,11 +12,17 @@ # SPDX-License-Identifier: Apache-2.0 # ******************************************************************************* - +.. mod:: OS + :id: mod__os + :status: valid + :safety: ASIL_B + :security: YES + :includes: comp__os_libc, comp__os_message_passing .. mod_view_sta:: OS :id: mod_view_sta__os__os - :includes: comp_arc_sta__os__libc, comp_arc_sta__os__message_passing + :includes: comp__os_libc, comp__os_message_passing + :belongs_to: mod__os .. needarch:: :scale: 50 diff --git a/docs/modules/os/libc/docs/architecture/index.rst b/docs/modules/os/libc/docs/architecture/index.rst index a98af055d32..4968359ca15 100644 --- a/docs/modules/os/libc/docs/architecture/index.rst +++ b/docs/modules/os/libc/docs/architecture/index.rst @@ -15,13 +15,21 @@ libc Component Architecture *************************** +.. comp:: os::libc + :id: comp__os_libc + :security: YES + :safety: ASIL_B + :status: valid + :implements: logic_arc_int__os__fcntl, logic_arc_int__os__stat, logic_arc_int__os__mmap, logic_arc_int__os__fork + .. comp_arc_sta:: libc :id: comp_arc_sta__os__libc :security: YES :safety: ASIL_B :status: valid :satisfies: - :implements: logic_arc_int__os__fcntl, logic_arc_int__os__stat, logic_arc_int__os__mmap, logic_arc_int__os__fork + :belongs_to: comp__os_libc + :fulfils: comp_req__component_name__some_title .. needarch:: :scale: 50 diff --git a/docs/modules/os/message_passing/docs/architecture/index.rst b/docs/modules/os/message_passing/docs/architecture/index.rst index dc8bce3c8de..c26e4235153 100644 --- a/docs/modules/os/message_passing/docs/architecture/index.rst +++ b/docs/modules/os/message_passing/docs/architecture/index.rst @@ -15,13 +15,22 @@ Message Passing Component Architecture ************************************** -.. comp_arc_sta:: QNX::Message Passing - :id: comp_arc_sta__os__message_passing +.. comp:: QNX::Message Passing + :id: comp__os_message_passing :security: YES :safety: ASIL_B :status: valid :implements: logic_arc_int__os__message_passing + +.. comp_arc_sta:: QNX::Message Passing Static View + :id: comp_arc_sta__os__message_passing + :security: YES + :safety: ASIL_B + :status: valid + :belongs_to: comp__os_message_passing + :fulfils: comp_req__component_name__some_title + .. needarch:: :scale: 50 :align: center diff --git a/docs/modules/persistency/docs/index.rst b/docs/modules/persistency/docs/index.rst deleted file mode 100644 index 62a2a1fd061..00000000000 --- a/docs/modules/persistency/docs/index.rst +++ /dev/null @@ -1,27 +0,0 @@ -.. - # ******************************************************************************* - # Copyright (c) 2025 Contributors to the Eclipse Foundation - # - # See the NOTICE file(s) distributed with this work for additional - # information regarding copyright ownership. - # - # This program and the accompanying materials are made available under the - # terms of the Apache License Version 2.0 which is available at - # https://www.apache.org/licenses/LICENSE-2.0 - # - # SPDX-License-Identifier: Apache-2.0 - # ******************************************************************************* - -.. _module_documentation: - -Module Documents Persistency -############################ - -.. toctree:: - :maxdepth: 1 - :glob: - - manual/index.rst - safety_mgt/index.rst - verification/module_verification_report.rst - release/release_note.rst diff --git a/docs/modules/persistency/json/docs/component_classification.rst b/docs/modules/persistency/json/docs/component_classification.rst deleted file mode 100644 index 4350716ae26..00000000000 --- a/docs/modules/persistency/json/docs/component_classification.rst +++ /dev/null @@ -1,182 +0,0 @@ -.. - # ******************************************************************************* - # Copyright (c) 2025 Contributors to the Eclipse Foundation - # - # See the NOTICE file(s) distributed with this work for additional - # information regarding copyright ownership. - # - # This program and the accompanying materials are made available under the - # terms of the Apache License Version 2.0 which is available at - # https://www.apache.org/licenses/LICENSE-2.0 - # - # SPDX-License-Identifier: Apache-2.0 - # ******************************************************************************* - -Component Classification -======================== - -.. document:: Persistency Component Classification - :id: doc__persistency_component_classification - :status: valid - :safety: ASIL_B - :security: NO - :realizes: wp__sw_component_class - :tags: feature_persistency - -| Classification of Tiny JSON -| -| `Tiny JSON <https://github.com/rhysd/tinyjson>`_ V.2.5.1 -| -| Additional documentation considered: -| `Documentation for Tiny JSON <https://docs.rs/tinyjson/latest/tinyjson/>`_ - - -Step 1: Determine (P): the uncertainty of the Processes applied ---------------------------------------------------------------- - -| Apply the process measures to determine (P). -| The result of a process measure shall have as outcome [HE, PE, NE] -| - HE: High Evidence -| - PE: Partly Evidence but Manageable -| - NE: No Evidence - -.. list-table:: Determine (P) - :header-rows: 1 - - * - Id - - Indicator for applying process - - Result - - Rationale for result - - * - 1 - - Are rules, state-of-the art processes applied for the design, implementation and verification? - - PE - - Rules for Safe Rust applied. - - * - 2 - - Are requirements available? - - PE - - n/a. Tiny JSON is a library to parse/generate JSON format document. So this is the main requirement. - - * - 3 - - Are specifications for functionalities and properties available (architecture)? - - PE - - Yes in the documentation of Tiny JSON. - - * - 4 - - Are design specifications available? - - PE - - n/a - - * - 5 - - Are configuration specification and data available, if applicable? - - PE - - Yes in the documentation of Tiny JSON. - - * - 6 - - Are verification measures including tests and reports available? - - HE - - Stored in github repo within folder tests. - - -| (P=1) shall be selected when none of the determined process measures indicate PE or NE. -| (P=2) shall be selected when at least one of the determined process measures indicate PE or NE, but the gaps evaluated are acceptable, means -| the risk of systematic faults due to these gaps is sufficiently low or manageable by mitigating the gaps. -| (P=3) in all other cases. - -Tiny JSON determined as P=2. - - -Step 2: Determine (C): the uncertainty of finding systematic faults based on the Complexity -------------------------------------------------------------------------------------------- - -| Apply the complexity measures to determine (C). -| The result of a complexity measure shall have as outcome [NH, HM, NM] -| - NH: Not High -| - HM: High but Manageable -| - NM: high and Not Manageable -| -| **Complexity measure for programming language: <C++ or RUST>** - -.. list-table:: Determine (C) for RUST - :header-rows: 1 - - * - Id - - Indicator for high Complexity - - Complexity measure Tool - - Result - - Number - - * - 1 - - High amount of Lines of Code - - Lines of Code (without comments) (generated code is excluded, e.g. ProtoCmpl) - - NH - - 2367 loc - - * - 2 - - Unsafe code used / total unsafe code - - Count: - * LoUC+N: lines of unsafe code with safety note - * LoUC : lines of unsafe code, no safety note - - NH. Tiny JSON is written in Safe Rust. - - 0 - - * - 3 - - | Test exists / Coverage (Function, Line) - | (maybe better: testability, but how to measure?) - - Existing Tests Coverage - - NH - - <Number> - - * - 4 - - High amount of public function interfaces - - Number of public function interfaces - - NH - - <Number> - - * - 5 - - High amount of function parameters - - Number of parameters - - NH - - <Number> - - -| (C=1) shall be selected when none of the determined complexity measures indicate HM or NM. -| (C=2) shall be selected when at least one of the determined complexity measures indicate HM or NM, but the gaps evaluated are acceptable, means -| the risk of systematic faults due to these gaps is sufficiently low in the context of S-CORE or manageable by mitigating the gaps. -| (C=3) in all other cases. -| - -Tiny JSON is determined as C=1 - - -Step 3: Determine (CLAS_OUT): the classification outcome --------------------------------------------------------- - -| Select CLAS_OUT depending on the determined values of (C) and (P) - -+-------+-----------------------+ -| ( C ) | ( P ) | -+-------+-------+-------+-------+ -| | 1 | 2 | 3 | -+=======+=======+=======+=======+ -| 1 | Q | Q | QR | -+-------+-------+-------+-------+ -| 2 | QR | QR | QR | -+-------+-------+-------+-------+ -| 3 | QR | QR | NQ | -+-------+-------+-------+-------+ - -Tiny JSON is classified as CLAS_OUT=Q - - -Step 4: Document all results and rationale for choosing (P) and (C) and (CLAS_OUT) ----------------------------------------------------------------------------------- -This document - - -Step 5: Based on (CLAS_OUT) select the activities -------------------------------------------------- - -| As soon as the contribution request containing this is in status "Accepted", the module safety plan for the component development is adapted based on the following: -| - Q: Follow the processes for qualification of software components in a safety context. diff --git a/docs/modules/persistency/json/docs/index.rst b/docs/modules/persistency/json/docs/index.rst deleted file mode 100644 index e974fadc78b..00000000000 --- a/docs/modules/persistency/json/docs/index.rst +++ /dev/null @@ -1,41 +0,0 @@ -.. - # ******************************************************************************* - # Copyright (c) 2025 Contributors to the Eclipse Foundation - # - # See the NOTICE file(s) distributed with this work for additional - # information regarding copyright ownership. - # - # This program and the accompanying materials are made available under the - # terms of the Apache License Version 2.0 which is available at - # https://www.apache.org/licenses/LICENSE-2.0 - # - # SPDX-License-Identifier: Apache-2.0 - # ******************************************************************************* - -.. toctree:: - :titlesonly: - - component_classification - -.. _component_PersistencyJson: - -Tiny JSON -######### - -.. document:: Persistency JSON - :id: doc__persistencyjson - :status: valid - :safety: ASIL_B - :security: NO - :realizes: wp__cmpt_request - :tags: template - - -Abstract -======== - -| The component is implemented in the module: -| `Tiny JSON <https://github.com/rhysd/tinyjson>`_ V.2.5.1 -| -| Additional documentation considered: -| `Documentation for Tiny JSON <https://docs.rs/tinyjson/latest/tinyjson/>`_ diff --git a/docs/modules/persistency/kvs/docs/index.rst b/docs/modules/persistency/kvs/docs/index.rst deleted file mode 100644 index 6886a3e43c6..00000000000 --- a/docs/modules/persistency/kvs/docs/index.rst +++ /dev/null @@ -1,155 +0,0 @@ -.. - # ******************************************************************************* - # Copyright (c) 2025 Contributors to the Eclipse Foundation - # - # See the NOTICE file(s) distributed with this work for additional - # information regarding copyright ownership. - # - # This program and the accompanying materials are made available under the - # terms of the Apache License Version 2.0 which is available at - # https://www.apache.org/licenses/LICENSE-2.0 - # - # SPDX-License-Identifier: Apache-2.0 - # ******************************************************************************* - -.. _component_PersistencyKvs: - -KVS (Key Value Store) -##################### - -.. document:: Persistency KVS - :id: doc__persistencykvs - :status: valid - :safety: ASIL_B - :security: NO - :realizes: wp__cmpt_request - :tags: Persistency KVS - -Abstract -======== - -This feature request describes the key-value storage (KVS) that is needed by -applications to store either temporary or permanent data in an easy way that -conforms to most programming languages that provide a hash, hashmap, dictionary -or similar data structure. Access to the KVS is possible from any support -language through language specific interfaces. - - -Motivation -========== - -The current solutions available mostly don't meet the specific needs of the -S-CORE project like storing specific datatypes without a BASE64 conversation or -having no rollback/replay feature. Also the integration into analysis tools is -simpler when the solution grows with the needs instead having to adapt existing -data structures through wrapppers. Especially in the focus of security it will -be possible to build a system that integrates the layers from scratch and -provide them as API to any language whilst still using Rust as the backend. - -A main USP of the solution will be the integration of a tracing framework that -allows to understand how events also in the context of other events interact. - -A key-value storage is used within many applications to store e.g. -configuration data and is therefore seen crucial for the Eclipse S-CORE -platform. - - -Rationale -========= - -1. | Requirement 1: Multiple key-value storages per application - | Solution: Allow each application to have multiple key-value storages (KVS) to enable data separation and different levels of security. -2. | Requirement 2: Update mechanism for KVS versions - | Solution: Implement an update mechanism to ensure compatibility through updates and rollbacks of different KVS versions. -3. | Requirement 3: Language-agnostic KVS interface - | Solution: Design a flexible interface that allows the KVS to be read and written from multiple programming languages, including C++, Rust, and others. -4. | Requirement 4: Default values for KVS - | Solution: Configure the KVS to store default values for all keys, returning either the default value or an error if the key needs to be written first. -5. | Requirement 5: Simple data representation for KVS - | Solution: Utilize a simple data representation, such as JSON or Cap'n Proto, that supports versioned up- and downgrading and is easily debuggable by developers. -6. | Requirement 6: KVS integrity checking - | Solution: Ensure the KVS maintains a consistent state, providing either the currently stored data or the previous snapshot if data retrieval is not possible. - - -Specification -============= - -[Describe the requirements, architecture of any new component.] or -[Describe the change to requirements, architecture, implementation, documentation of any change request.] - - .. note:: - A CR shall specify the component requirements as part of our platform/project. - Thereby the :need:`Module Lead <rl__committer>` will approve these requirements as part of accepting the CR (e.g. merging the PR with the CR). - - -Backwards Compatibility -======================= - -The API for the specific language tries to represent the language specific -implementation like hashmaps or dictionaries to be mostly backwards compatible -to already existing key-value-storage usage cases. Access without a safe error -handling path, like the array-operator in Rust which can panic, must be -avoided. - - -Security Impact -=============== - -Access to the key-value-storage would allow a malicious user to control the -behaviour of the device, so it must be secured to prevent unauthorized access. -To achieve this, debug access should only be provided when a debug firmware -image is installed. - - -Safety Impact -============= - -The expected ASIL level is ASIL-B. To reach this goal we will apply the S-CORE -development process. Key elements of it are listed in the process descriptions -of safety management and safety analysis. In the safety analysis we will -analyze the impact of the feature. - -:need:`doc__persistency_fmea` - -We use an iterative development process and apply results from the next steps -back to the feature request. For TinyJSON we will perform a software component -classification. - -:need:`doc__persistency_component_classification` - -To ensure the freedom of interference the feature key-value storage should not -be used within different processes. - - -License Impact -============== - - .. note:: - The key-value storage itself uses the Apache-2.0 license. Licenses of - used libraries are need to be checked. - - -Open Issues -=========== - -[Any points that are still being decided/discussed.] - - .. note:: - While a CR is in draft, ideas can come up which warrant further discussion. - Those ideas should be recorded so people know that they are being thought about but do not have a concrete resolution. - This helps make sure all issues required for the CR to be ready for consideration are complete and reduces people duplicating prior discussion. - - - -Footnotes -========= - -[A collection of footnotes cited in the CR, and a place to list non-inline hyperlink targets.] - -.. toctree:: - :hidden: - - requirements/index.rst - architecture/index.rst - safety_analysis/fmea.rst - safety_analysis/dfa.rst diff --git a/docs/modules/persistency/kvs/docs/requirements/index.rst b/docs/modules/persistency/kvs/docs/requirements/index.rst deleted file mode 100644 index d237cea3e10..00000000000 --- a/docs/modules/persistency/kvs/docs/requirements/index.rst +++ /dev/null @@ -1,394 +0,0 @@ -.. - # ******************************************************************************* - # Copyright (c) 2025 Contributors to the Eclipse Foundation - # - # See the NOTICE file(s) distributed with this work for additional - # information regarding copyright ownership. - # - # This program and the accompanying materials are made available under the - # terms of the Apache License Version 2.0 which is available at - # https://www.apache.org/licenses/LICENSE-2.0 - # - # SPDX-License-Identifier: Apache-2.0 - # ******************************************************************************* - -Requirements -############ - -.. document:: Persistency KVS Module Requirements - :id: doc__persistency_kvs_requirements - :status: valid - :safety: ASIL_B - :security: NO - :realizes: wp__requirements_comp - -.. comp_req:: Key Naming - :id: comp_req__persistency__key_naming - :reqtype: Functional - :security: NO - :safety: ASIL_B - :satisfies: feat_req__persistency__support_datatype_keys - :status: valid - - The component shall accept keys that consist solely of alphanumeric characters, underscores, or dashes. - -.. comp_req:: Key Encoding - :id: comp_req__persistency__key_encoding - :reqtype: Functional - :security: NO - :safety: ASIL_B - :satisfies: feat_req__persistency__support_datatype_keys - :status: valid - - The component shall encode each key as valid UTF-8. - -.. comp_req:: Key Uniqueness - :id: comp_req__persistency__key_uniqueness - :reqtype: Functional - :security: NO - :safety: ASIL_B - :satisfies: feat_req__persistency__support_datatype_keys - :status: valid - - The component shall guarantee that each key is unique. - -.. comp_req:: Key Length - :id: comp_req__persistency__key_length - :reqtype: Functional - :security: NO - :safety: ASIL_B - :satisfies: feat_req__persistency__support_datatype_keys - :status: valid - - The component shall limit the maximum length of a key to 32 bytes. - -.. comp_req:: Value Data Types - :id: comp_req__persistency__value_data_types - :reqtype: Functional - :security: NO - :safety: ASIL_B - :satisfies: feat_req__persistency__support_datatype_value - :status: valid - - The component shall accept only values of the following data types: Number, - String, Null, Array[Value], or Dictionary{Key:Value}. - -.. comp_req:: Value Serialization - :id: comp_req__persistency__value_serialize - :reqtype: Functional - :security: NO - :safety: ASIL_B - :satisfies: feat_req__persistency__support_datatype_value - :status: valid - - The component shall serialize and deserialize all values to and from JSON. - -.. comp_req:: Value Length - :id: comp_req__persistency__value_length - :reqtype: Functional - :security: NO - :safety: ASIL_B - :satisfies: feat_req__persistency__support_datatype_value - :status: valid - - The component shall limit the maximum length of a value to 1024 bytes. - -.. comp_req:: Value Default - :id: comp_req__persistency__value_default - :reqtype: Functional - :security: NO - :safety: ASIL_B - :satisfies: feat_req__persistency__support_datatype_value,feat_req__persistency__default_values - :status: valid - - The component shall support unset values and shall provide a default value - when a value is unset. - -.. comp_req:: Value Reset - :id: comp_req__persistency__value_reset - :reqtype: Functional - :security: NO - :safety: ASIL_B - :satisfies: feat_req__persistency__support_datatype_value,feat_req__persistency__default_values - :status: valid - - The component shall allow resetting a value to its default if a default is - defined. - -.. comp_req:: Default Value Datatypes - :id: comp_req__persistency__default_value_types - :reqtype: Functional - :security: NO - :safety: ASIL_B - :satisfies: feat_req__persistency__default_values,feat_req__persistency__default_value_get,feat_req__persistency__default_value_reset,feat_req__persistency__default_value_file - :status: valid - - The component shall accept default values of only permitted value data - types. - -.. comp_req:: Default Value Query - :id: comp_req__persistency__default_value_query - :reqtype: Functional - :security: NO - :safety: ASIL_B - :satisfies: feat_req__persistency__default_values,feat_req__persistency__default_value_get,feat_req__persistency__default_value_reset,feat_req__persistency__default_value_file - :status: valid - - The component shall provide an API to retrieve default values. - -.. comp_req:: Default Value Config - :id: comp_req__persistency__default_value_config - :reqtype: Functional - :security: NO - :safety: ASIL_B - :satisfies: feat_req__persistency__default_values,feat_req__persistency__default_value_get,feat_req__persistency__default_value_reset,feat_req__persistency__default_value_file - :status: valid - - The component shall allow configuration of default values in code or in a - separate configuration file. - -.. comp_req:: Default Value Checksum - :id: comp_req__persistency__default_value_checksum - :reqtype: Functional - :security: NO - :safety: ASIL_B - :satisfies: feat_req__persistency__default_values,feat_req__persistency__default_value_get,feat_req__persistency__default_value_reset,feat_req__persistency__default_value_file - :status: valid - - The component shall secure the configuration file for default values with an - associated checksum file when default values are stored in a file. - -.. comp_req:: Constraint Configuration - :id: comp_req__persistency__constraints - :reqtype: Functional - :security: NO - :safety: ASIL_B - :satisfies: feat_req__persistency__config_file - :status: valid - - The component shall allow configuration of KVS constraints at compile-time - using source code constants or at runtime using a configuration file. - -.. comp_req:: Concurrency - :id: comp_req__persistency__concurrency - :reqtype: Functional - :security: NO - :safety: ASIL_B - :satisfies: feat_req__persistency__intra_process_comm - :status: valid - - The component shall implement thread-safe mechanisms to enable concurrent - access to data without data races. - -.. comp_req:: Multi-Instance - :id: comp_req__persistency__multi_instance - :reqtype: Functional - :security: NO - :safety: ASIL_B - :satisfies: feat_req__persistency__multiple_kvs - :status: valid - - The component shall manage all runtime variables within an instance to - enable creation and use of multiple KVS instances concurrently within a - single software architecture element. - -.. comp_req:: Persistent Data Storage Components - :id: comp_req__persistency__persist_data_store_com - :reqtype: Functional - :security: NO - :safety: ASIL_B - :satisfies: feat_req__persistency__persistency,feat_req__persistency__integrity_check,feat_req__persistency__persist_data - :status: valid - - The component shall use the file API and the JSON data format to persist data. - -.. comp_req:: Persistent Data Storage Checksum Write - :id: comp_req__persistency__pers_data_csum_write - :reqtype: Functional - :security: NO - :safety: ASIL_B - :satisfies: feat_req__persistency__persistency,feat_req__persistency__integrity_check,feat_req__persistency__persist_data - :status: valid - - The component shall generate a checksum for each data file and shall store - it alongside the data. - -.. comp_req:: Persistent Data Storage Checksum Verify - :id: comp_req__persistency__pers_data_csum_verify - :reqtype: Functional - :security: NO - :safety: ASIL_B - :satisfies: feat_req__persistency__persistency,feat_req__persistency__integrity_check,feat_req__persistency__persist_data - :status: valid - - The component shall verify the checksum when loading data. - -.. comp_req:: Persistent Data Storage Backend - :id: comp_req__persistency__pers_data_store_bend - :reqtype: Functional - :security: NO - :safety: ASIL_B - :satisfies: feat_req__persistency__persistency,feat_req__persistency__integrity_check,feat_req__persistency__persist_data - :status: valid - - The component shall use the file API to persist data. - -.. comp_req:: Persistent Data Storage Format - :id: comp_req__persistency__pers_data_store_fmt - :reqtype: Functional - :security: NO - :safety: ASIL_B - :satisfies: feat_req__persistency__persistency,feat_req__persistency__integrity_check,feat_req__persistency__persist_data - :status: valid - - The component shall use the JSON data format to persist data. - -.. comp_req:: Persistent Data Versioning - :id: comp_req__persistency__pers_data_version - :reqtype: Functional - :security: NO - :safety: ASIL_B - :satisfies: feat_req__persistency__versioning,feat_req__persistency__update_mechanism - :status: valid - - The component shall not provide built-in versioning. - -.. comp_req:: Persistent Data Schema - :id: comp_req__persistency__pers_data_schema - :reqtype: Functional - :security: NO - :safety: ASIL_B - :satisfies: feat_req__persistency__versioning,feat_req__persistency__update_mechanism - :status: valid - - The component shall use a JSON file storage format that enables the - application to implement versioning, including upgrade and downgrade paths, - as needed. - -.. comp_req:: Snapshot Creation - :id: comp_req__persistency__snapshot_creation - :reqtype: Functional - :security: NO - :safety: ASIL_B - :satisfies: feat_req__persistency__snapshots - :status: valid - - The component shall create a snapshot each time data is stored. - -.. comp_req:: Snapshot Maximum Number - :id: comp_req__persistency__snapshot_max_num - :reqtype: Functional - :security: NO - :safety: ASIL_B - :satisfies: feat_req__persistency__snapshots - :status: valid - - The component shall maintain a configurable maximum number of snapshots. - -.. comp_req:: Snapshot IDs - :id: comp_req__persistency__snapshot_id - :reqtype: Functional - :security: NO - :safety: ASIL_B - :satisfies: feat_req__persistency__snapshots - :status: valid - - The component shall assign the ID 1 to the newest snapshot and shall increment the IDs of older snapshots accordingly. - -.. comp_req:: Snapshot Rotation - :id: comp_req__persistency__snapshot_rotate - :reqtype: Functional - :security: NO - :safety: ASIL_B - :satisfies: feat_req__persistency__snapshots - :status: valid - - The component shall rotate and delete the oldest snapshot when the maximum number is reached. - -.. comp_req:: Snapshot Restore - :id: comp_req__persistency__snapshot_restore - :reqtype: Functional - :security: NO - :safety: ASIL_B - :satisfies: feat_req__persistency__snapshots - :status: valid - - The component shall allow restoration of a snapshot by its ID. - -.. comp_req:: Snapshot Deletion - :id: comp_req__persistency__snapshot_delete - :reqtype: Functional - :security: NO - :safety: ASIL_B - :satisfies: feat_req__persistency__snapshots - :status: valid - - The component shall allow deletion of individual snapshots. - -.. comp_req:: Engineering Mode - :id: comp_req__persistency__eng_mode - :reqtype: Functional - :security: NO - :safety: ASIL_B - :satisfies: feat_req__persistency__eng_mode - :status: valid - - The component shall provide an engineering mode that can be enabled during - build time to display debugging and internal information. - -.. comp_req:: Field Mode - :id: comp_req__persistency__field_mode - :reqtype: Functional - :security: NO - :safety: ASIL_B - :satisfies: feat_req__persistency__field_mode - :status: valid - - The component shall provide a field mode that can be enabled during build - time to restrict access as much as possible. - -.. comp_req:: Async API - :id: comp_req__persistency__async_api - :reqtype: Functional - :security: NO - :safety: ASIL_B - :satisfies: feat_req__persistency__async_api - :status: valid - - The component shall provide an asynchronous API in addition to the standard API. - -.. comp_req:: Permission Control - :id: comp_req__persistency__permission_control - :reqtype: Functional - :security: NO - :safety: ASIL_B - :satisfies: feat_req__persistency__access_control - :status: valid - - The component shall rely on the underlying filesystem for access and - permission management and shall not implement its own access or permission - controls. - -.. comp_req:: Permission Error Handling - :id: comp_req__persistency__permission_err_handle - :reqtype: Functional - :security: NO - :safety: ASIL_B - :satisfies: feat_req__persistency__access_control - :status: valid - - The component shall report any access or permission errors encountered at - the filesystem level to the application. - -.. comp_req:: Callback Support - :id: comp_req__persistency__callback_support - :reqtype: Functional - :security: NO - :safety: ASIL_B - :satisfies: feat_req__persistency__events - :status: valid - - The component shall provide an API for registering callbacks that are triggered by data change events. - -.. needextend:: docname is not None and "persistency/kvs/requirements" in docname - :+tags: persistencykvs diff --git a/docs/modules/persistency/kvs/docs/safety_analysis/dfa.rst b/docs/modules/persistency/kvs/docs/safety_analysis/dfa.rst deleted file mode 100644 index 491a48c43d3..00000000000 --- a/docs/modules/persistency/kvs/docs/safety_analysis/dfa.rst +++ /dev/null @@ -1,27 +0,0 @@ -.. - # ******************************************************************************* - # Copyright (c) 2025 Contributors to the Eclipse Foundation - # - # See the NOTICE file(s) distributed with this work for additional - # information regarding copyright ownership. - # - # This program and the accompanying materials are made available under the - # terms of the Apache License Version 2.0 which is available at - # https://www.apache.org/licenses/LICENSE-2.0 - # - # SPDX-License-Identifier: Apache-2.0 - # ******************************************************************************* - - -Dependent Failure Analysis -========================== - -.. document:: KVS DFA - :id: doc__persistency_kvs_dfa - :status: valid - :safety: ASIL_B - :security: NO - :realizes: wp__sw_component_dfa - :tags: Persistency KVS - -Because there is no sub-components in KVS, the results of the FMEA are the same as on feature level :need:`doc__persistency_dfa`. diff --git a/docs/modules/persistency/kvs/docs/safety_analysis/fmea.rst b/docs/modules/persistency/kvs/docs/safety_analysis/fmea.rst deleted file mode 100644 index 7cf42304cd2..00000000000 --- a/docs/modules/persistency/kvs/docs/safety_analysis/fmea.rst +++ /dev/null @@ -1,27 +0,0 @@ -.. - # ******************************************************************************* - # Copyright (c) 2025 Contributors to the Eclipse Foundation - # - # See the NOTICE file(s) distributed with this work for additional - # information regarding copyright ownership. - # - # This program and the accompanying materials are made available under the - # terms of the Apache License Version 2.0 which is available at - # https://www.apache.org/licenses/LICENSE-2.0 - # - # SPDX-License-Identifier: Apache-2.0 - # ******************************************************************************* - - -Safety Analysis: FMEA -====================== - -.. document:: KVS FMEA - :id: doc__persistency_kvs_fmea - :status: valid - :safety: ASIL_B - :security: NO - :realizes: wp__sw_component_fmea - :tags: Persistency KVS - -Because there is no sub-components in KVS, the results of the FMEA are the same as on feature level :need:`doc__persistency_fmea`. diff --git a/docs/modules/tracing/docs/index.rst b/docs/modules/tracing/docs/index.rst index e414f228a0c..f5f27db583d 100644 --- a/docs/modules/tracing/docs/index.rst +++ b/docs/modules/tracing/docs/index.rst @@ -12,9 +12,17 @@ # SPDX-License-Identifier: Apache-2.0 # ******************************************************************************* +.. mod:: Tracing + :id: mod__tracing + :status: valid + :safety: ASIL_B + :security: YES + :includes: comp__tracing + .. mod_view_sta:: Tracing :id: mod_view_sta__tracing__tracing - :includes: comp_arc_sta__tracing__tracing + :includes: comp__tracing + :belongs_to: mod__tracing .. needarch:: :scale: 50 diff --git a/docs/modules/tracing/tracing/docs/architecture/index.rst b/docs/modules/tracing/tracing/docs/architecture/index.rst index 87b3ade9f09..c02111cfa43 100644 --- a/docs/modules/tracing/tracing/docs/architecture/index.rst +++ b/docs/modules/tracing/tracing/docs/architecture/index.rst @@ -15,12 +15,21 @@ Tracing Component Architecture ****************************** +.. comp:: Tracing + :id: comp__tracing + :security: YES + :safety: ASIL_B + :status: valid + :implements: logic_arc_int__tracing__tracing + + .. comp_arc_sta:: Tracing :id: comp_arc_sta__tracing__tracing :security: YES :safety: ASIL_B :status: valid - :implements: logic_arc_int__tracing__tracing + :belongs_to: comp__tracing + :fulfils: comp_req__component_name__some_title .. needarch:: :scale: 50 diff --git a/docs/platform_management_plan/change_management.rst b/docs/platform_management_plan/change_management.rst index bd9b68b3ac5..1b7e55fe323 100644 --- a/docs/platform_management_plan/change_management.rst +++ b/docs/platform_management_plan/change_management.rst @@ -274,7 +274,7 @@ If the information is sufficient and it is decided to implement the change reque ISSUE status is kept ``Open`` and the Projects status is set to ``In Progress``. The decision, if the change request is accepted or rejected must be documented. Safety/Security -experts must confirm or disconfirm, if safety/security relevance is set correctly. +experts must confirm or deny, if safety/security relevance is set correctly. :need:`gd_chklst__change_cr_review` can help to verify whether the information is complete. diff --git a/docs/platform_management_plan/config_management.rst b/docs/platform_management_plan/config_management.rst index acbb1f861af..7bce0d230f7 100644 --- a/docs/platform_management_plan/config_management.rst +++ b/docs/platform_management_plan/config_management.rst @@ -70,7 +70,12 @@ The complete list of project documents is defined in the :need:`doc__documentati Ids are checked for uniqueness, see :need:`gd_req__configuration_uid`. sphinx-needs is also used to document the work products properties/attributes defined in the process area descriptions. The work products are stored in text or code files (these are identified by their filenames) within GitHub repositories. -There is one `platform repository <https://GitHub.com/eclipse-score/score/>`_ and one repository for each module. +GitHub repositories are the realization of the Delivery Containers as described in :need:`doc_concept__general_building_blocks`. +There is one `platform repository <https://GitHub.com/eclipse-score/score/>`_ and one repository for each set of Dependable elements +one Delivery Team is responsibel for [TBD add link to role defintion]. + +In S-CORE every repository shall have only one MODULE.bazel file which defines its version and dependencies. +Exceptions from this may be needed for testing reasons only. For other artefacts these are either @@ -125,13 +130,14 @@ Baselines are created by using the GitHub "tag" function. The tag name shall cor the release branch name the tag is created, adding patch version and pre-release tag. See also :need:`doc__platform_release_management_plan`. -As described in "Identification and Properties" above, there are several repositories for the modules and the platform integration. +As described in "Identification and Properties" above, there are several repositories. Baselines are created individually in these repositories, even a different version schema could be adopted. In case of dependent repositories, the repository dependent upon on has to be base-lined first, to be available to refer to this baseline when integrating it. That means that for example a platform baseline also -documents the versions (baselines) of the modules the platform consists of. This can then also be seen in the platform release note. +documents the versions (baselines) of the delivery containers/repositories the platform consists of. +This can then also be seen in the platform release note. -Every change in the release repository is also taken over into the main branch. The module development team +Every change in the release branch is also taken over into the main branch. The Delivery Team can decide how to ensure this (e.g. by development in main and cherry-pick to release branch). diff --git a/docs/platform_management_plan/documentation_management.rst b/docs/platform_management_plan/documentation_management.rst index a626d757e5f..d99fa0ff2d9 100644 --- a/docs/platform_management_plan/documentation_management.rst +++ b/docs/platform_management_plan/documentation_management.rst @@ -46,12 +46,12 @@ Others are modelled as general documents (e.g. the plans which are part of the p This plan deals with these documents, which have the following manually set attributes: -* Title: the name of the document (mandatory) +* Title: The name of the document (mandatory) * Unique Id: Id following the naming pattern of the document Title (mandatory) -* Safety: which ASIL the document supports (mandatory) +* Safety: Which ASIL the document supports (mandatory) * Author: Who is the main committer to the document (mandatory) -* Status: describing where in the lifecycle of the document it currently is (mandatory) -* Tags: can be used to group documents for subsequent filtering (optional) +* Status: Describing where in the lifecycle of the document it currently is (mandatory) +* Tags: Can be used to group documents for subsequent filtering (optional) Also the "Documentation Management" is a document, so an example for a correct document definition can be seen in the header section above, see :need:`doc__documentation_mgt_plan`. @@ -95,12 +95,11 @@ documents are listed as well, so that it is easy to identify missing documents. Platform documentation ++++++++++++++++++++++ +.. _documents_docs_glossary: docs/glossary ############# -.. _documents_docs_glossary: - .. needtable:: :style: table :columns: title;id;safety;security;status @@ -113,12 +112,11 @@ docs/glossary if need["docname"] is not None and "glossary/" in need["docname"]: results.append(need) +.. _documents_docs_contribute: docs/contribute ############### -.. _documents_docs_contribute: - .. needtable:: :style: table :columns: title;id;safety;security;status @@ -133,7 +131,6 @@ docs/contribute .. _doc_platform_management_plan: - docs/platform_management_plan ############################# @@ -149,12 +146,11 @@ docs/platform_management_plan if need["docname"] is not None and "platform_management_plan/" in need["docname"]: results.append(need) +.. _documents_docs_requirements: docs/requirements ################# -.. _documents_docs_requirements: - .. needtable:: :style: table :columns: title;id;safety;security;status @@ -167,12 +163,11 @@ docs/requirements if need["docname"] is not None and "requirements/" in need["docname"] and not "features/" in need["docname"] and not "modules/" in need["docname"]: results.append(need) +.. _documents_docs_quality: docs/quality ############ -.. _documents_docs_quality: - .. needtable:: :style: table :columns: title;id;safety;security;status @@ -185,12 +180,11 @@ docs/quality if need["docname"] is not None and "quality/" in need["docname"]: results.append(need) +.. _documents_docs_safety: docs/safety ########### -.. _documents_docs_safety: - .. needtable:: :style: table :columns: title;id;safety;security;status @@ -203,12 +197,11 @@ docs/safety if need["docname"] is not None and "safety/" in need["docname"]: results.append(need) +.. _documents_docs_security: docs/security ############# -.. _documents_docs_security: - .. needtable:: :style: table :columns: title;id;safety;security;status @@ -221,12 +214,11 @@ docs/security if need["docname"] is not None and "security/" in need["docname"]: results.append(need) +.. _documents_docs_score_tools: docs/score_tools ################ -.. _documents_docs_score_tools: - .. needtable:: :style: table :columns: title;id;safety_affected;security_affected;status @@ -239,12 +231,11 @@ docs/score_tools if need["docname"] is not None and "score_tools/" in need["docname"]: results.append(need) +.. _documents_docs_verification_report: docs/verification_report ######################## -.. _documents_docs_verification_report: - .. needtable:: :style: table :columns: title;id;safety;security;status @@ -257,12 +248,11 @@ docs/verification_report if need["docname"] is not None and "verification_report/" in need["docname"]: results.append(need) +.. _documents_docs_platform_integration_tests: platform_integration_tests ############################### -.. _documents_docs_platform_integration_tests: - .. needtable:: :style: table :columns: title;id;safety;security;status @@ -275,12 +265,11 @@ platform_integration_tests if need["docname"] is not None and "platform_integration_tests/" in need["docname"]: results.append(need) +.. _documents_docs_manuals: docs/manuals ############ -.. _documents_docs_manuals: - .. needtable:: :style: table :columns: title;id;safety;security;status @@ -293,12 +282,11 @@ docs/manuals if need["docname"] is not None and "manuals/" in need["docname"]: results.append(need) +.. _documents_docs_score_releases: docs/score_releases ################### -.. _documents_docs_score_releases: - .. needtable:: :style: table :columns: title;id;safety;security;status @@ -315,7 +303,6 @@ docs/score_releases .. _documents_docs_features: - Feature documentation +++++++++++++++++++++ @@ -392,11 +379,11 @@ planned for release v0.5, are listed. .. need["title"] = need["title"] .. results.append(need) +.. _documents_docs_features_baselibs: + docs/features/baselibs ###################### -.. _documents_docs_features_baselibs: - .. needtable:: :style: table :columns: title;id;safety;security;status @@ -427,11 +414,11 @@ docs/features/baselibs need["title"] = need["title"] results.append(need) +.. _documents_docs_features_communication: + docs/features/communication ########################### -.. _documents_docs_features_communication: - .. needtable:: :style: table :columns: title;id;safety;security;status @@ -497,11 +484,11 @@ docs/features/communication .. need["title"] = need["title"] .. results.append(need) +.. _documents_docs_features_frameworks: + docs/features/frameworks ######################## -.. _documents_docs_features_frameworks: - .. needtable:: :style: table :columns: title;id;safety;security;status @@ -637,11 +624,11 @@ docs/features/frameworks .. need["title"] = need["title"] .. results.append(need) +.. _documents_docs_features_orchestration: + docs/features/orchestration ########################### -.. _documents_docs_features_orchestration: - .. needtable:: :style: table :columns: title;id;safety;security;status @@ -672,11 +659,11 @@ docs/features/orchestration need["title"] = need["title"] results.append(need) +.. _documents_docs_features_persistency: + docs/features/persistency ######################### -.. _documents_docs_features_persistency: - .. needtable:: :style: table :columns: title;id;safety;security;status @@ -748,11 +735,11 @@ docs/features/persistency Modules documentation +++++++++++++++++++++ +.. _documents_docs_modules_baselibs_docs: + docs/modules/baselibs/docs ########################## -.. _documents_docs_modules_baselibs_docs: - .. needtable:: :style: table :columns: title;id;safety;security;status @@ -783,12 +770,11 @@ docs/modules/baselibs/docs need["title"] = need["title"] results.append(need) +.. _documents_docs_modules_communication_docs: docs/modules/communication/docs ############################### -.. _documents_docs_modules_communication_docs: - .. needtable:: :style: table :columns: title;id;safety;security;status @@ -819,12 +805,11 @@ docs/modules/communication/docs need["title"] = need["title"] results.append(need) +.. _documents_docs_modules_feo_docs: docs/modules/feo/docs ##################### -.. _documents_docs_modules_feo_docs: - .. needtable:: :style: table :columns: title;id;safety;security;status @@ -892,11 +877,11 @@ docs/modules/feo/docs .. results.append(need) +.. _documents_docs_modules_logging_docs: + docs/modules/logging/docs ######################### -.. _documents_docs_modules_logging_docs: - .. needtable:: :style: table :columns: title;id;safety;security;status @@ -927,12 +912,11 @@ docs/modules/logging/docs need["title"] = need["title"] results.append(need) +.. _documents_docs_modules_os_docs: docs/modules/os/docs #################### -.. _documents_docs_modules_os_docs: - .. needtable:: :style: table :columns: title;id;safety;security;status @@ -963,12 +947,11 @@ docs/modules/os/docs need["title"] = need["title"] results.append(need) +.. _documents_docs_modules_persistency_docs: docs/modules/persistency/docs ############################# -.. _documents_docs_modules_persistency_docs: - .. needtable:: :style: table :columns: title;id;safety;security;status @@ -999,12 +982,11 @@ docs/modules/persistency/docs need["title"] = need["title"] results.append(need) +.. _documents_docs_modules_tracing_docs: docs/modules/tracing/docs ######################### -.. _documents_docs_modules_tracing_docs: - .. needtable:: :style: table :columns: title;id;safety;security;status @@ -1038,16 +1020,14 @@ docs/modules/tracing/docs .. _documents_docs_modules_components: - Components documentation ++++++++++++++++++++++++ +.. _documents_docs_modules_baselibs_components: docs/modules/baselibs/components ################################ -.. _documents_docs_modules_baselibs_components: - .. needtable:: :style: table :columns: title;id;safety;security;status @@ -1096,12 +1076,11 @@ docs/modules/baselibs/components components.append(component_name) +.. _documents_docs_modules_communication_components: docs/modules/communication/components ##################################### -.. _documents_docs_modules_communication_components: - .. needtable:: :style: table :columns: title;id;safety;security;status @@ -1150,12 +1129,11 @@ docs/modules/communication/components components.append(component_name) +.. _documents_docs_modules_feo_components: docs/modules/feo/components ########################### -.. _documents_docs_modules_feo_components: - .. needtable:: :style: table :columns: title;id;safety;security;status @@ -1259,11 +1237,11 @@ docs/modules/feo/components .. components.append(component_name) +.. _documents_docs_modules_logging_components: + docs/modules/logging/components ############################### -.. _documents_docs_modules_logging_components: - .. needtable:: :style: table :columns: title;id;safety;security;status @@ -1312,12 +1290,11 @@ docs/modules/logging/components components.append(component_name) +.. _documents_docs_modules_os_components: docs/modules/os/components ########################## -.. _documents_docs_modules_os_components: - .. needtable:: :style: table :columns: title;id;safety;security;status @@ -1366,12 +1343,11 @@ docs/modules/os/components components.append(component_name) +.. _documents_docs_modules_persistency_components: docs/modules/persistency/components ################################### -.. _documents_docs_modules_persistency_components: - .. needtable:: :style: table :columns: title;id;safety;security;status @@ -1420,12 +1396,11 @@ docs/modules/persistency/components components.append(component_name) +.. _documents_docs_modules_tracing_components: docs/modules/tracing/components ############################### -.. _documents_docs_modules_tracing_components: - .. needtable:: :style: table :columns: title;id;safety;security;status diff --git a/docs/platform_management_plan/index.rst b/docs/platform_management_plan/index.rst index ca2149dcbcc..dda6b426434 100644 --- a/docs/platform_management_plan/index.rst +++ b/docs/platform_management_plan/index.rst @@ -46,4 +46,6 @@ Platform Management Plan :titlesonly: :caption: Role Assignments + role_assignment/platform_safety_engineer role_assignment/platform_safety_manager + role_assignment/platform_quality_manager diff --git a/docs/platform_management_plan/problem_resolution.rst b/docs/platform_management_plan/problem_resolution.rst index d7dd33c4419..1fc777afc10 100644 --- a/docs/platform_management_plan/problem_resolution.rst +++ b/docs/platform_management_plan/problem_resolution.rst @@ -137,7 +137,7 @@ To provide solutions, use the Solution part of the ISSUE. :need:`[[title]] <gd_req__problem_attr_anaylsis_results>` is provided in the analysis results part of the ISSUE. State here, if the problem is accepted or rejected. Safety/Security -experts must confirm or disconfirm, if safety/security is affected is set correctly +experts must confirm or deny, if safety/security is affected is set correctly :need:`[[title]] <gd_req__problem_attr_stakeholder>` are provided in the Assignees part of the ISSUE. In addition you can use pre-defined labels for Communities or Feature Teams @@ -230,7 +230,7 @@ If the information is sufficient and it is decided to initiate the problem resol ISSUE status is kept ``Open`` and the Projects status is set to ``In Progress``. The decision, if the problem is accepted or rejected must be documented. Safety/Security -experts must confirm or disconfirm, if safety/security is affected is set correctly. +experts must confirm or deny, if safety/security is affected is set correctly. :need:`gd_chklst__problem_cr_review` can help to verify whether the information is complete. diff --git a/docs/platform_management_plan/project_management.rst b/docs/platform_management_plan/project_management.rst index 5dc40f091ca..1f0cb7b1eaa 100644 --- a/docs/platform_management_plan/project_management.rst +++ b/docs/platform_management_plan/project_management.rst @@ -43,7 +43,7 @@ Steering of the project is done by two committees: *project lead circle* and *te * Election of Technical Leads. * Last instance of escalation path. - *Project lead circle* proposes and elects a *Project lead circle Assistant* and his deputy with bare majority, who is responsible for scheduling and announcing meetings, preparing and announcing agenda, writing meeting minutes and protocols. *Project lead circle* can reelect *Project lead circle Assistant* at any time. The *Project lead circle Assistant* and his deputy can resign anytime on their own will. + *Project lead circle* proposes and elects a *Project lead circle Assistant* and their deputy with bare majority, who is responsible for scheduling and announcing meetings, preparing and announcing agenda, writing meeting minutes and protocols. *Project lead circle* can reelect *Project lead circle Assistant* at any time. The *Project lead circle Assistant* and their deputy can resign anytime on their own will. * **Technical lead circle** @@ -54,7 +54,7 @@ Steering of the project is done by two committees: *project lead circle* and *te * High-level project control and coordination between multiple software modules. * Escalation instance for software module project leads and committers. - *Technical lead circle* proposes and elects a *Technical lead circle Assistant* and his deputy with bare majority during *Technical Lead Circle meeting*, who is responsible for scheduling and announcing meetings, preparing and announcing agenda, writing meeting minutes and protocols. *Technical lead circle* can reelect *Technical lead circle Assistant* at any time. The *Technical lead circle Assistant* and his deputy can resign anytime on their own will. + *Technical lead circle* proposes and elects a *Technical lead circle Assistant* and their deputy with bare majority during *Technical Lead Circle meeting*, who is responsible for scheduling and announcing meetings, preparing and announcing agenda, writing meeting minutes and protocols. *Technical lead circle* can reelect *Technical lead circle Assistant* at any time. The *Technical lead circle Assistant* and their deputy can resign anytime on their own will. .. _pmp_pm_technical_committees: @@ -68,8 +68,8 @@ Technical committees is to do a breakdown of platform sagas to the concrete tasks (see `Planning`_) . Currently following *Communities* are defined in the *S-CORE* project: - * *Operational*: *community* for all kind of infra topics: - compiler, IDE, build toolchain and etc. See `GitHub Discussions/Operational Community <https://github.com/orgs/eclipse-score/discussions/categories/operational-community>`_ for more. + * *Infrastructure*: *community* for all kind of infra topics: + compiler, IDE, build toolchain and etc. See `GitHub Discussions/Infrastructure Community <https://github.com/orgs/eclipse-score/discussions/categories/infrastructure-community>`_ for more. * *Testing*: *community* to clarify questions and define testing strategy for the 'S-CORE' project. See `GitHub Discussions/Testing Community <https://github.com/orgs/eclipse-score/discussions/categories/testing-community>`_ for more. * *Software Architecture*: *community* for clarification of software architecture topics, @@ -98,7 +98,7 @@ Technical committees Every *Feature Team* should also have a *Feature Team Lead*. The person with this role is responsible for organizing the meetings, writing meeting protocols and representing the current status of the *Feature Team* - work in various management reporting or plannig calls. *Feature Team Lead* is nominated by *Technical Leads* by election. + work in various management reporting or planning calls. *Feature Team Lead* is nominated by *Technical Leads* by election. Normally, this is the owner of the original *Feature Request*. @@ -107,8 +107,8 @@ Creation of a new Feature Team Decision to create a new *Feature Team* is normally done in *Technical Lead Circle* in case a particular, already *accepted* *Feature Request* can not be assigned to any of already existing *Feature Teams*. -As a first step, the decision to create a new Feature Team is protocolled in the `Tech Lead Circle meeeting minutes <https://github.com/orgs/eclipse-score/discussions/categories/technical-lead-circle>`_. -Afterwards a GitHub Issue is created in the `Technical Lead Cirle LOP project <https://github.com/orgs/eclipse-score/projects/3>`_ +As a first step, the decision to create a new Feature Team is recorded in the `Tech Lead Circle meeting minutes <https://github.com/orgs/eclipse-score/discussions/categories/technical-lead-circle>`_. +Afterwards a GitHub Issue is created in the `Technical Lead Circle LOP project <https://github.com/orgs/eclipse-score/projects/3>`_ using the special *Feature Team Creation* GitHub Issue template and is assigned to one of the Technical Leads. **ToDo**: create such a template. @@ -182,10 +182,10 @@ technical competence of the software developers, e.g. in case during the :ref:`F it was decided to take over already existing source code, then persons who were actively participating in the development of that code are always good candidates to be part of *Codeowner GitHub team*. The decision who should be initially part of the *Codeowner GitHub team* and the reasoning for this -should be protocolled in the GitHub Issue, that is used for creation of the *Feature Team*. +should be recorded in the GitHub Issue, that is used for creation of the *Feature Team*. -In case further software developers should be added to the *Codeowener GitHub team* in the future, -that decision and its reasoning should be protocolled in one of the *Feature Team* GitHub discussions. +In case further software developers should be added to the *Codeowner GitHub team* in the future, +that decision and its reasoning should be recorded in one of the *Feature Team* GitHub discussions. Members of the *Codeowner GitHub team* should also be authorized to merge pull requests (PRs) into the corresponding repository. Therefore, once the *Codeowner GitHub team* has been created, the Technical Lead assigned to the ticket for the *Feature diff --git a/docs/platform_management_plan/quality_management.rst b/docs/platform_management_plan/quality_management.rst index fac7d1161b5..4b6166c8ca9 100644 --- a/docs/platform_management_plan/quality_management.rst +++ b/docs/platform_management_plan/quality_management.rst @@ -182,11 +182,11 @@ The metric for the work products is ensured by the process that contains the wor 3.5 Quality Management Scope ^^^^^^^^^^^^^^^^^^^^^^^^^^^^ -There is no deviation from the scope defined in the :need:`doc__project_mgt_plan`. The platform and its +There is no deviation from the scope defined in the :need:`doc__project_mgt_plan`. The platform and it's components are developed, and integrated for an assumed technical system, for functional safety purposes as Safety Element out of Context (SEooC). -The development of the platform and its components follows the defined processes. Responsibilities for management, +The development of the platform and it's components follows the defined processes. Responsibilities for management, development, implementation, integration, and verification are also defined in the processes. The SW platform consists of features, which are based on a set of requirements and are developed in parallel. @@ -347,9 +347,6 @@ None * - :need:`wp__platform_safety_package` - :ref:`project_documents_list` - * - :need:`wp__platform_sw_build_config` - - :ref:`project_documents_list` - * - :need:`wp__platform_sw_release_note` - :ref:`project_documents_list` @@ -419,7 +416,7 @@ None * - :need:`wp__sw_implementation_inspection` - :ref:`documents_docs_modules_components` - * - :need:`wp__tailoring` + * - :need:`wp__tailoring_work_products` - :ref:`project_documents_list`, :ref:`documents_docs_features`, :ref:`documents_docs_modules_components` * - :need:`wp__tlm_plan` diff --git a/docs/platform_management_plan/release_management.rst b/docs/platform_management_plan/release_management.rst index cb7524f5e42..173512d7791 100644 --- a/docs/platform_management_plan/release_management.rst +++ b/docs/platform_management_plan/release_management.rst @@ -20,7 +20,7 @@ :tags: platform_management :realizes: wp__platform_sw_release_plan -Release management Plan +Release Management Plan ----------------------- This document implements parts of the :need:`wp__platform_mgmt`. @@ -50,7 +50,7 @@ One release contains all the files of one repository. So there is a platform rel It contains also all the verification reports (including their input e.g. test run logs) and documentation collaterals (e.g. the html's for the S-CORE homepage) as created during the CI build based on the release tagged repository files. It does not contain the binary produced in the CI build, as this is not a qualified work product of S-CORE and -the user will need to re-build in the context of his system. Furthermore the binary build with Bazel +the user will need to re-build in the context of their system. Furthermore the binary build with Bazel is reproducible, so this can be re-created from source any time. Release Types @@ -73,7 +73,7 @@ Release Planning and Execution ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ Generally release planning and execution is described in :need:`wf__rel_mod_rel_note` process. -It is part of project planning and therefore also documented with the same means. Generally a Release +It is part of project planning and therefore also documented with the same means. Generally a release is planned as an issue linked to a milestone in the `GitHub Milestone Planning <https://github.com/orgs/eclipse-score/projects/13>`_. And this issue is closed by merging a pull request which creates/updates a release note. diff --git a/docs/platform_management_plan/role_assignment/platform_quality_manager.rst b/docs/platform_management_plan/role_assignment/platform_quality_manager.rst new file mode 100644 index 00000000000..c251798bc3b --- /dev/null +++ b/docs/platform_management_plan/role_assignment/platform_quality_manager.rst @@ -0,0 +1,106 @@ +.. + # ******************************************************************************* + # Copyright (c) 2025 Contributors to the Eclipse Foundation + # + # See the NOTICE file(s) distributed with this work for additional + # information regarding copyright ownership. + # + # This program and the accompanying materials are made available under the + # terms of the Apache License Version 2.0 which is available at + # https://www.apache.org/licenses/LICENSE-2.0 + # + # SPDX-License-Identifier: Apache-2.0 + # ******************************************************************************* + +Platform Quality Manager Election +********************************* + +.. document:: Platform Quality Manager + :id: doc__platform_quality_manager + :status: valid + :safety: ASIL_B + :security: YES + :realizes: wp__qms_plan + +Elected Committer(s) +==================== + +For the platform quality management a pool of quality managers is elected due to complexity of the task: + +`Markus Schu <https://github.com/masc2023>`_ + +`Volker Häussler <https://github.com/PandaDo>`_ + + +Election Reasoning +================== + +For the role :need:`rl__quality_manager` the required skills, knowledge and experience is defined in :need:`rl__quality_manager`. + +The evidences are not published openly due to personal data confidentiality, but will be checked in a dedicated review meeting +and confirmed by the first reviewer of this document's pull requests. + + +Evidences Markus Schu +--------------------- + +Experiences as Quality Manager and Project Manager: + +- Process Manager/Architect for Standard Processes and integrated QMS from 2022 to today +- Participating as Provisional ASPICE Assessor in project assessments from 2022 to today + + +Experiences for Safety and Security Management can be found here: +:need:`doc__platform_safety_manager` and :need:`doc__platform_safety_engineer`. + + +Education and Skills: + +- `Universities degrees <https://www.linkedin.com/in/markus-schu-7a689b5/details/education/>`_ +- `Certifications (ASPICE, Product Safety, Cybersecurity) <https://www.linkedin.com/in/markus-schu-7a689b5/details/certifications/>`_ +- ASPICE Provisional Assessor Training, Further trainings within Gate4Spice community `Gate4SPICE <https://intacs.info/gate4spice>`_ + +S-CORE Commits: + +- major committer in `process_description repository <https://github.com/eclipse-score/process_description>`_ +- major committer in `score repository <https://github.com/eclipse-score/score>`_ + + +Evidences Volker Häussler +------------------------- + +`LinkedIn Profile <https://www.linkedin.com/in/volker-h%C3%A4ussler-58a840111/details/experience/>`_ + +Quality Management Experiences: + +- Head of Competence for Functional Safety from 2018 to 2024 + +Experiences for Safety and Security Management can be found here: +:need:`doc__platform_safety_manager` and :need:`doc__platform_safety_engineer`. + +Education and Skills: + +- Dipl.-Ing. (FH) Electrical Engineering - certificate +- Safety related development at system, software and hardware level > 10 years - letters of recommendation from employers + +S-CORE Commits: + +- committer in `process_description repository <https://github.com/eclipse-score/process_description>`_ +- committer in `score repository <https://github.com/eclipse-score/score>`_ + +Election +======== + +For the election the following Committers already elected as quality managers are asked: + +Elected quality managers: + +- `<https://github.com/masc2023>`_ + +For the election further Committers with similar skills are asked for approval: + +- `<https://github.com/pahmann>`_ + +The election is performed by approving the pull request of this document. +The nominee is elected if more than half of the above committers in the list approved and nobody "request changes". +Nominees are not allowed to vote for themselves. diff --git a/docs/platform_management_plan/role_assignment/platform_safety_engineer.rst b/docs/platform_management_plan/role_assignment/platform_safety_engineer.rst new file mode 100644 index 00000000000..acc8f707db4 --- /dev/null +++ b/docs/platform_management_plan/role_assignment/platform_safety_engineer.rst @@ -0,0 +1,90 @@ +.. + # ******************************************************************************* + # Copyright (c) 2025 Contributors to the Eclipse Foundation + # + # See the NOTICE file(s) distributed with this work for additional + # information regarding copyright ownership. + # + # This program and the accompanying materials are made available under the + # terms of the Apache License Version 2.0 which is available at + # https://www.apache.org/licenses/LICENSE-2.0 + # + # SPDX-License-Identifier: Apache-2.0 + # ******************************************************************************* + +Platform Safety Engineer Election +********************************* + +.. document:: Platform Safety Engineer + :id: doc__platform_safety_engineer + :status: valid + :safety: ASIL_B + :security: YES + :realizes: wp__platform_safety_plan + +Elected Committer(s) +==================== + +For the platform safety management a pool of safety engineers is elected due to complexity of the task: + +`Volker Häussler <https://github.com/PandaeDo>`_ + +`Markus Schu <https://github.com/masc2023>`_ + +Election Reasoning +================== + +For the role :need:`rl__safety_engineer` the required skills, knowledge and experience is defined in :need:`rl__safety_engineer`. + +The evidences are not published openly due to personal data confidentiality, but will be checked in a dedicated review meeting +and confirmed by the first reviewer of this document's pull requests. + +Evidences Volker Häussler +------------------------- + +`LinkedIn Profile <https://www.linkedin.com/in/volker-h%C3%A4ussler-58a840111/details/experience/>`_ + +Safety Management Experience: + +- Project Safety Manager for ESP development at Tier1 from 2010 to 2011 +- Project Lead Functional Safety at OEM from 2013 to 2015 +- Teamlead / Safety Manager at Engineering Service Provider from 2015 to 2018 +- Department Head / Competence Manager Functional Safety & Cyber Security at Engineering Service Provider from 2018 to 2025 +- Compliance Manager / Safety Manager at Tier1 from 2025 to now + +Safety Engineer Experience: + +- Safety Engineer for ESP development at Tier1 from 2007 to 2010 +- Lead Safety Engineer at OEM from 2012 to 2013 + +Education and Skills: + +- Dipl.-Ing. (FH) Electrical Engineering - certificate +- Safety related development at system, software and hardware level > 10 years - letters of recommendation from employers +- Safety trainings by TÜV SÜD (ISO 26262 and IEC 61508) + + +Evidences Markus Schu +--------------------- + +See :need:`doc__platform_safety_manager` for evidences of Markus Schu. + + +Election +======== + +For the election the following Committers already elected as safety managers are asked: + +Elected safety manager: + +- `<https://github.com/aschemmel-tech>`_ + +For the election the following Committers already elected as safety engineers are asked: + +Elected safety engineer: + +- `<https://github.com/PandaeDo>`_ + +The election is performed by approving the pull request of this document. +The nominee is elected if more than half of the above committers in the list approved and nobody "request changes". +Nominees are not allowed to vote for themselves. diff --git a/docs/platform_management_plan/role_assignment/platform_safety_manager.rst b/docs/platform_management_plan/role_assignment/platform_safety_manager.rst index 555895c498f..7e02fa362b0 100644 --- a/docs/platform_management_plan/role_assignment/platform_safety_manager.rst +++ b/docs/platform_management_plan/role_assignment/platform_safety_manager.rst @@ -55,7 +55,7 @@ Education and Skills: - Safety related SW development and project management (in aerospace) > 10 years - letters of recommendation from employers - Trainer for DO-178B SW safety standard - election certificate - Process development CMMI - letters of recommendation from employers -- Safety trainings by Exida (Iso 26262) - part of Safety Case Safe Posix SW platform +- Safety trainings by Exida (ISO 26262) - part of Safety Case Safe Posix SW platform S-CORE Committs: diff --git a/docs/platform_management_plan/safety_management.rst b/docs/platform_management_plan/safety_management.rst index 38a491bdd3c..9b5c35ecdc4 100644 --- a/docs/platform_management_plan/safety_management.rst +++ b/docs/platform_management_plan/safety_management.rst @@ -13,13 +13,16 @@ # ******************************************************************************* .. document:: Platform Safety Plan - :id: doc__platform_safety_plan + :id: doc__score_platform_safety_plan :status: draft :safety: ASIL_B :security: NO - :realizes: wp__platform_safety_plan,wp__tailoring + :realizes: wp__platform_safety_plan, wp__safety_tailoring :tags: platform_management + +.. _score_platform_safety_plan: + Safety management / Platform Safety Plan ---------------------------------------- @@ -60,7 +63,7 @@ Functional Safety Management Scope There is no deviation from the scope presented in the `S-CORE project page <https://eclipse-score.github.io/>`_ . The platform and its components are developed, and integrated for an assumed technical system as Safety Element out of Context (SEooC). The development of the platform and its components follows the defined processes. -Responsibilities for development, implementation, integration and verification are also defined int the processes. +Responsibilities for development, implementation, integration and verification are also defined in the processes. Regarding the platform specifics: @@ -92,18 +95,13 @@ The following ISO 26262 defined safety work products are not relevant for the S Note that stakeholder requirements (:need:`std_wp__iso26262__system_651`) are in scope of the project, to be able to address System and HW related failures which are typically mitigated by SW (e.g. end-to-end protection for ECU external communication). However, these are considered "Assumed Technical Safety Requirements" of the SW platform SEooC and do not require testing by the SEooC supplier. - Thus, system-level testing is out of scope. S-CORE will implement platform tests of stakeholder requirements for demonstration purposes, + Thus, system-level testing is out of scope. S-CORE will implement Platform Integration Tests of stakeholder requirements for demonstration purposes, but these are not intended to provide complete coverage of the stakeholder requirements. There will be SW integration tests of feature requirements as specified in ISO 26262 part 6-10. These tests may be reused by users on their HW platform to address Technical Safety Requirements for the SW platform. Whether these are sufficient to cover the TSRs must be analyzed and decided by the user. - to be able to cover System and HW related failures which are usually covered by SW (e.g. end to end protection for ECU external communication). - But those are the "Assumed Technical Safety Requirements" of the SW platform SEooC and do not need to be tested by SEooC supplier. - I.e. the system testing is out of scope. Note that S-CORE will implement Platform Integration Test of stakeholder requirements for demonstration, - but these are not intended to be completely covering the stakeholder requirements. - There will be SW integration tests of feature requirements, as required by ISO 26262 part 6-10. - These may be reused by the users on their HW platform to cover Technical Safety Requirements towards the SW platform. - But if these are sufficiently also covering the TSRs must be analyzed and decided by the user. + + Therefore and as S-CORE only delivers source code, :need:`std_wp__iso26262__software_1052` is tailored out. * Also tailored out is the SW testing on the target, as the S-CORE project can only test on reference HW (part of SW integration testing). So these are not relevant: :need:`std_wp__iso26262__software_1151`, :need:`std_wp__iso26262__software_1152` @@ -123,7 +121,8 @@ The following ISO 26262 defined safety work products are not relevant for the S * Because in the S-CORE SW platform integration of safety-related systems not developed according to ISO 26262 is not planned: :need:`std_wp__iso26262__support_1651` -* Because in the S-CORE SW platform no ASIL decomposition is planned: :need:`std_wp__iso26262__analysis_551`, :need:`std_wp__iso26262__analysis_552` +* Because in the S-CORE SW platform no ASIL decomposition is planned: :need:`std_wp__iso26262__analysis_551`, :need:`std_wp__iso26262__analysis_552`. + According to that also :need:`std_req__iso26262__analysis_641`, :need:`std_req__iso26262__analysis_642`, :need:`std_req__iso26262__analysis_643`, :need:`std_req__iso26262__analysis_644` are tailored out for safety analyses. * Because HSI is coming from HW (and systems) engineering which are not part of S-CORE and the standard only asks for refinement during SW development. As the input is missing, there is nothing to refine. @@ -185,7 +184,7 @@ The project will be under the Eclipse Foundation and so the `Eclipse Foundation *Project Roles* Roles are defined in every process and in a generic roles section. All those are matched to Eclipse roles. -Project role assignment is done in every feature development Safety Plan. +Project role assignment is documented in dedicated documents. *Critical dependencies* @@ -199,22 +198,22 @@ Organization and management system has not a mature level yet. *Skills* -The main safety related project roles are the project manager and the safety manager and these also have to have the (Eclipse) committer role. +The main safety related project roles are the project manager, the safety manager and the safety engineer, these also have to have the (Eclipse) committer role. As defined in `Committer Training <https://www.eclipse.org/projects/training/>`_ the committers are elected in a meritocratic manner, meaning those have to show their skills and understanding of the project processes in several previous pull requests. -As each project can adopt additional criteria for the committers election, we define the following: +For the :need:`rl__project_lead`, the :need:`rl__safety_manager` and the :need:`rl__safety_engineer` the required skills and experience are described +in these project role definitions. They are also elected in a meritocratic way and this election is documented including the evidences checked to prove the experience. -each committer has to prove his knowledge in functional safety SW development by +Committers in the S-CORE project can work on the development of safety related or non-safety related SW modules. +If they work on safety related modules they have to prove (additionally to their committer election, which already shows they are skilled developers): -* an absolved training in ISO 26262 (or equivalent standard, at least 16h of SW development specific training by a trusted training provider) OR -* by attending the projects's ISO 26262 SW development training (given by a safety team member) +* two years practice of safety related SW development (or management) relevant for the section content (includes trainings in safety standards like ISO 26262) +* training on the S-CORE processes -Additionally the project repository is organized in "CODEOWNER" sections. These "CODEOWNERS" need to approve any pull request modifying a file in their area before it is merged. +To ensure this, the platform and module repositories folders (and files) are protected by "CODEOWNER" sections. +These "CODEOWNERS" need to approve any pull request modifying a file in their area before it is merged. -In case of safety related "CODEOWNER" sections (e.g. a file containing feature requirements with an ASIL level) the persons having "CODEOWNER" rights need to have: -* One year of professional practice of safety related SW development (or management) relevant for the section content - -The successful checking of committers and CODEOWNERS skills is ensured by the safety manager and documented in the role assignment document. +The successful checking of CODEOWNERS experience is ensured by the safety manager and documented in the role assignment document. One important aspect to this is, that we ensure the identity of the committer by applying the GitHub digital signature mechanism. Functional Safety Resources @@ -315,193 +314,172 @@ Functional Safety Quality Criteria ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ The platform management plan defines :doc:`quality_management` -Platform Safety Plan -++++++++++++++++++++ +Platform Safety Plan / Package +++++++++++++++++++++++++++++++ -Functional Safety Management SW Platform Work Products -^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ +.. _sw_platform_wp_list: + +Functional Safety/Security Management SW Platform Work Products +^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ .. list-table:: SW Platform work products :header-rows: 1 * - work product Id - - Link to process - Process status - - Link to issue - Link to WP - WP status * - :need:`wp__policies` - n/a (comes from outside the project) - - n/a - - n/a - `Eclipse Foundation Project Handbook: <https://www.eclipse.org/projects/handbook/>`_ - RELEASED - * - :need:`wp__training_path` - - n/a - - n/a - - n/a - - not open sourced - - to be shown to assessor - * - :need:`wp__qms_plan` - - :need:`wf__platform_cr_mt_platform_mgmt_plan` - - :ndf:`copy('status', need_id='wf__platform_cr_mt_platform_mgmt_plan')` - - `#316 <https://github.com/eclipse-score/score/issues/316>`_ - - :doc:`quality_management` - - not started + - :ndf:`copy('status', need_id='wf__cr_mt_qlm_plan')` + - :need:`doc__platform_quality_plan` + - :ndf:`copy('status', need_id='doc__platform_quality_plan')` * - :need:`wp__issue_track_system` - - :doc:`index` - - :ndf:`copy('status', need_id='doc__platform_mgt_plan')` - - n/a + - :ndf:`copy('status', need_id='wf__platform_mr_im_platform_mgmt_plan')` - `Project issues <https://github.com/eclipse-score/score/issues>`_ - established * - :need:`wp__platform_mgmt` - - :need:`wf__platform_cr_mt_platform_mgmt_plan` - :ndf:`copy('status', need_id='wf__platform_cr_mt_platform_mgmt_plan')` - - `#540 <https://github.com/eclipse-score/score/issues/540>`_ - :doc:`index` - :ndf:`copy('status', need_id='doc__platform_mgt_plan')` * - :need:`wp__process_description` - - :need:`wf__def_app_process_description` - :ndf:`copy('status', need_id='wf__def_app_process_description')` - - `Process community issues <https://github.com/orgs/eclipse-score/projects/7>`_ - `Process description <https://eclipse-score.github.io/process_description/main/index.html>`_ - - <automated> + - Maturity Level 1 * - :need:`wp__process_impr_report` - - :need:`wf__mon_imp_process_description` - :ndf:`copy('status', need_id='wf__mon_imp_process_description')` - - <Link to issue> - - <Link to WP> - - <automated> + - `Process issues <https://github.com/eclipse-score/process_description/issues>`_ + - see issues * - :need:`wp__process_strategy` - - :need:`wf__cr_mt_process_mgt_strategy` - :ndf:`copy('status', need_id='wf__cr_mt_process_mgt_strategy')` - - `#232 <https://github.com/eclipse-score/score/issues/232>`_ - - `Process community issues <https://github.com/orgs/eclipse-score/projects/7>`_ + - `Process community planning <https://github.com/orgs/eclipse-score/projects/21>`_ + - see planning board + + * - :need:`wp__platform_handbook` + - :ndf:`copy('status', need_id='wf__rel_platform_handbook')` + - :need:`doc__platform_handbook` + - :ndf:`copy('status', need_id='doc__platform_handbook')` + + * - :need:`wp__platform_sw_release_note` + - :ndf:`copy('status', need_id='wf__rel_platform_rel_note')` + - :need:`doc__score_v05_alpha_release_note` + - :ndf:`copy('status', need_id='doc__score_v05_alpha_release_note')` + + * - :need:`wp__verification_platform_ver_report` + - :ndf:`copy('status', need_id='wf__verification_platform_ver_report')` + - <Link to WP> - <automated> + * - :need:`wp__requirements_stkh` + - :ndf:`copy('status', need_id='wf__req_stkh_req')` + - :need:`doc__stakeholder_requirements` + - :ndf:`copy('status', need_id='doc__stakeholder_requirements')` + + * - :need:`wp__requirements_sw_platform_aou` + - :ndf:`copy('status', need_id='wf__req_stkh_req')` + - :need:`doc__platform_assumptions` + - :ndf:`copy('status', need_id='doc__platform_assumptions')` + + * - :need:`wp__sw_development_plan` + - :ndf:`copy('status', need_id='wf__sw_development_plan')` + - :need:`doc__software_development_plan` + - :ndf:`copy('status', need_id='doc__software_development_plan')` + + * - :need:`wp__verification_plan` + - :ndf:`copy('status', need_id='wf__verification_plan')` + - :need:`doc__verification_plan` + - :ndf:`copy('status', need_id='doc__verification_plan')` + + * - :need:`wp__tool_verification_report` + - :ndf:`copy('status', need_id='wf__tool_create_tool_verification_report')` + - :ref:`tools` + - see WP link + + +Functional Safety Specific SW Platform Work Products +^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ + +.. list-table:: SW Platform safety work products + :header-rows: 1 + + * - work product Id + - Process status + - Link to WP + - WP status + * - :need:`wp__platform_safety_plan` - - :need:`gd_guidl__saf_plan_definitions` - - :ndf:`copy('status', need_id='gd_guidl__saf_plan_definitions')` - - `#381 <https://github.com/eclipse-score/score/issues/381>`_ + - :ndf:`copy('status', need_id='wf__cr_mt_safety_plan')` - this document - see above * - :need:`wp__platform_safety_package` - - :need:`gd_guidl__saf_package` - - :ndf:`copy('status', need_id='gd_guidl__saf_package')` - - <Link to issue> - - <Link to WP> - - <automated> + - :ndf:`copy('status', need_id='wf__cr_mt_safety_package')` + - this document + - see above * - :need:`wp__fdr_reports` (platform Safety Plan) - - :need:`gd_chklst__safety_plan` - - :ndf:`copy('status', need_id='gd_chklst__safety_plan')` - - <Link to issue> + - :ndf:`copy('status', need_id='wf__p_formal_rv')` - <Link to WP> - <automated> * - :need:`wp__fdr_reports` (platform Safety Package) - - :need:`gd_chklst__safety_package` - - :ndf:`copy('status', need_id='gd_chklst__safety_package')` - - <Link to issue> + - :ndf:`copy('status', need_id='wf__p_formal_rv')` - <Link to WP> - <automated> * - :need:`wp__fdr_reports` (feature's Safety Analyses & DFA) - - Safety Analysis FDR tbd - - <automated> - - <Link to issue> + - :ndf:`copy('status', need_id='wf__p_formal_rv')` - <Link to WP> - <automated> * - :need:`wp__audit_report` - performed by external experts - - n/a - - `#470 <https://github.com/eclipse-score/score/issues/470>`_ - <Link to WP> - intermediate - * - :need:`wp__feature_dfa` - - <Link to process> - - <Process status> - - <Link to issue> - - <Link to WP> - - <automated> - - * - :need:`wp__platform_sw_build_config` - - :need:`doc__software_development_plan` - - :ndf:`copy('status', need_id='doc__software_development_plan')` - - <Link to issue> + * - :need:`wp__platform_dfa` + - :ndf:`copy('status', need_id='wf__analyse_platform_featarch')` - <Link to WP> - <automated> * - :need:`wp__platform_safety_manual` - - :need:`gd_temp__safety_manual` - - :ndf:`copy('status', need_id='gd_temp__safety_manual')` - - <Link to issue> + - :ndf:`copy('status', need_id='wf__cr_mt_safety_manual')` - <Link to WP> - <automated> - * - :need:`wp__platform_sw_release_note` - - :need:`gd_temp__rel_plat_rel_note` - - :ndf:`copy('status', need_id='gd_temp__rel_plat_rel_note')` - - <Link to issue> - - <Link to WP> - - <automated> + * - :need:`wp__safety_tailoring` (generic) + - :ndf:`copy('status', need_id='wf__def_app_process_description')` + - :need:`wp__tailoring_work_products` & :need:`doc__score_platform_safety_plan` + - valid - * - :need:`wp__verification_platform_ver_report` - - :need:`gd_temp__mod_ver_report` - - :ndf:`copy('status', need_id='gd_temp__mod_ver_report')` - - <Link to issue> - - <Link to WP> - - <automated> +Process status: Status of the workflow which "outputs" the work product, derived from the docs it "has" and guidances it "contains". - * - :need:`wp__requirements_stkh` - - :need:`gd_temp__req_stkh_req` - - :ndf:`copy('status', need_id='gd_temp__req_stkh_req')` - - n/a (done already) - - :ref:`stakeholder_requirements` - - <automated> - * - :need:`wp__sw_development_plan` - - :need:`wf__platform_cr_mt_platform_mgmt_plan` - - :ndf:`copy('status', need_id='wf__platform_cr_mt_platform_mgmt_plan')` - - `#583 <https://github.com/eclipse-score/score/issues/583>`_ - - :need:`doc__software_development_plan` - - :ndf:`copy('status', need_id='doc__software_development_plan')` +Platform Management Plan - Feature Work Product Lists +^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ - * - :need:`wp__verification_plan` - - :need:`wf__platform_cr_mt_platform_mgmt_plan` - - :ndf:`copy('status', need_id='wf__platform_cr_mt_platform_mgmt_plan')` - - `#611 <https://github.com/eclipse-score/score/issues/611>`_ - - :need:`doc__verification_plan` - - :ndf:`copy('status', need_id='doc__verification_plan')` +:need:`doc__baselibs_safety_wp` - * - :need:`wp__tool_verification_report` - - :need:`doc__platform_tool_management_plan` - - :ndf:`copy('status', need_id='doc__platform_tool_management_plan')` - - <Link to issue> - - <Link to WP> - - <automated> +:need:`doc__com_ipc_safety_wp` - * - :need:`wp__tailoring` (generic) - - :need:`gd_guidl__saf_plan_definitions` - - :ndf:`copy('status', need_id='gd_guidl__saf_plan_definitions')` - - `#307 <https://github.com/eclipse-score/score/issues/307>`_ - - :need:`std_req__iso26262__management_5421` & :need:`doc__platform_safety_plan` - - valid +:need:`doc__feo_safety_wp` + +:need:`doc__orchestration_safety_wp` + +:need:`doc__persistency_safety_wp` +Note: list of features according to :ref:`releases` -Note: list of features for v0.5 according to `S-CORE Roadmap <https://github.com/orgs/eclipse-score/projects/17>`_ -and :ref:`releases` Platform Management Plan - Documents Status Chart ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ diff --git a/docs/platform_management_plan/security_management.rst b/docs/platform_management_plan/security_management.rst index b3956dace61..7b40cf793a5 100644 --- a/docs/platform_management_plan/security_management.rst +++ b/docs/platform_management_plan/security_management.rst @@ -17,7 +17,7 @@ :status: draft :safety: ASIL_B :security: YES - :realizes: wp__platform_security_plan, wp__tailoring + :realizes: wp__platform_security_plan, wp__tailoring_work_products :tags: platform_management Security management / Platform Security Plan @@ -91,7 +91,7 @@ Because these are in responsibility of the system integrator: :need:`std_wp__iso :need:`std_wp__isosae21434__assessment_15331`, :need:`std_wp__isosae21434__assessment_15332`, :need:`std_wp__isosae21434__assessment_15431`, :need:`std_wp__isosae21434__assessment_15531` -Summary: :need:`wp__tailoring` links to all the work products which are tailored out in the platform security plan, +Summary: :need:`wp__tailoring_work_products` links to all the work products which are tailored out in the platform security plan, to be able to demonstrate completeness in `REPLACE_external_standards` @@ -143,7 +143,7 @@ As defined in `Committer Training <https://www.eclipse.org/projects/training/>`_ As each project can adopt additional criteria for the committers election, we define the following: -each committer has to prove his knowledge in security SW development by +each committer has to prove their knowledge in security SW development by * an absolved training in ISO SAE 21434 (or equivalent standard, at least 16h of SW development specific training by a trusted training provider) OR * by attending the projects's ISO SAE 21434 SW development training (given by a security team member) @@ -254,180 +254,69 @@ The platform management plan defines :doc:`quality_management` Platform Security Plan ++++++++++++++++++++++ -Security Management SW Platform Work Products -^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ +Functional Safety/Security Management SW Platform Work Products +^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ -.. list-table:: SW Platform work products +see :ref:`sw_platform_wp_list` + +Security Specific SW Platform Work Products +^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ + +.. list-table:: SW Platform security work products :header-rows: 1 * - work product Id - - Link to process - Process status - - Link to issue - Link to WP - WP status - * - :need:`wp__training_path` - - n/a - - n/a - - n/a - - not open sourced - - to be shown to assessor - - * - :need:`wp__platform_mgmt` - - :need:`wf__platform_cr_mt_platform_mgmt_plan` - - :ndf:`copy('status', need_id='wf__platform_cr_mt_platform_mgmt_plan')` - - `#540 <https://github.com/eclipse-score/score/issues/540>`_ - - :doc:`index` - - :ndf:`copy('status', need_id='doc__platform_mgt_plan')` - - * - :need:`wp__qms_plan` - - :need:`wf__platform_cr_mt_platform_mgmt_plan` - - :ndf:`copy('status', need_id='wf__platform_cr_mt_platform_mgmt_plan')` - - `#316 <https://github.com/eclipse-score/score/issues/316>`_ - - :doc:`quality_management` - - not started - * - :need:`wp__platform_security_plan` - - :need:`gd_guidl__security_plan_definitions` - - :ndf:`copy('status', need_id='gd_guidl__security_plan_definitions')` - - `#TBD <https://github.com/eclipse-score/score/issues/381>`_ + - :ndf:`copy('status', need_id='wf__cr_mt_security_plan')` - this document - see above * - :need:`wp__platform_security_package` - - :need:`gd_guidl__security_package` - - :ndf:`copy('status', need_id='gd_guidl__security_package')` - - <Link to issue> + - :ndf:`copy('status', need_id='wf__cr_mt_security_package')` - <Link to WP> - <automated> - * - :need:`wp__issue_track_system` - - :doc:`index` - - :ndf:`copy('status', need_id='doc__platform_mgt_plan')` - - n/a - - `Project issues <https://github.com/eclipse-score/score/issues>`_ - - established - - * - :need:`wp__process_description` - - :need:`wf__def_app_process_description` - - :ndf:`copy('status', need_id='wf__def_app_process_description')` - - `Process community issues <https://github.com/orgs/eclipse-score/projects/7>`_ - - `REPLACE_process_description` - - <automated> - - * - :need:`wp__process_impr_report` - - :need:`wf__mon_imp_process_description` - - :ndf:`copy('status', need_id='wf__mon_imp_process_description')` - - <Link to issue> - - <Link to WP> - - <automated> - - * - :need:`wp__process_strategy` - - :need:`wf__cr_mt_process_mgt_strategy` - - :ndf:`copy('status', need_id='wf__cr_mt_process_mgt_strategy')` - - `#232 <https://github.com/eclipse-score/score/issues/232>`_ - - `Process community issues <https://github.com/orgs/eclipse-score/projects/7>`_ - - <automated> - * - :need:`wp__fdr_reports_security` (platform Security Plan) - - :need:`gd_chklst__security_plan` - - :ndf:`copy('status', need_id='gd_chklst__security_plan')` - - <Link to issue> + - :ndf:`copy('status', need_id='wf__p_formal_security_rv')` - <Link to WP> - <automated> * - :need:`wp__fdr_reports_security` (platform Security Package) - - :need:`gd_chklst__security_package` - - :ndf:`copy('status', need_id='gd_chklst__security_package')` - - <Link to issue> + - :ndf:`copy('status', need_id='wf__p_formal_security_rv')` - <Link to WP> - <automated> * - :need:`wp__fdr_reports_security` (feature's Security Analyses) - - Security Analysis FDR tbd - - <automated> - - <Link to issue> + - <Process Status> - <Link to WP> - <automated> * - :need:`wp__audit_report_security` - performed by external experts - n/a - - `#TBD1 <https://github.com/eclipse-score/score/issues/470>`_ - - <Link to WP> - currently tailored out - * - :need:`wp__platform_sw_build_config` - - :need:`doc__software_development_plan` - - :ndf:`copy('status', need_id='doc__software_development_plan')` - - <Link to issue> - - <Link to WP> - - <automated> - * - :need:`wp__platform_security_manual` - - :need:`gd_temp__security_manual` - - :ndf:`copy('status', need_id='gd_temp__security_manual')` - - <Link to issue> + - :ndf:`copy('status', need_id='wf__cr_mt_security_manual')` - <Link to WP> - <automated> - * - :need:`wp__platform_sw_release_note` - - :doc:`release_management` - - not started - - <Link to issue> - - <Link to WP> - - <automated> - - * - :need:`wp__verification_platform_ver_report` - - :need:`gd_temp__mod_ver_report` - - :ndf:`copy('status', need_id='gd_temp__mod_ver_report')` - - <Link to issue> - - <Link to WP> - - <automated> - - * - :need:`wp__requirements_stkh` - - :need:`gd_temp__req_stkh_req` - - :ndf:`copy('status', need_id='gd_temp__req_stkh_req')` - - n/a (done already) - - :ref:`stakeholder_requirements` - - <automated> - - * - :need:`wp__sw_development_plan` - - :need:`wf__platform_cr_mt_platform_mgmt_plan` - - :ndf:`copy('status', need_id='wf__platform_cr_mt_platform_mgmt_plan')` - - <Link to issue> - - :doc:`software_development` - - not started - - * - :need:`wp__verification_plan` - - :need:`wf__platform_cr_mt_platform_mgmt_plan` - - :ndf:`copy('status', need_id='wf__platform_cr_mt_platform_mgmt_plan')` - - <Link to issue> - - :doc:`software_verification` - - not started - - * - :need:`wp__tool_verification_report` - - :doc:`tool_management` - - not started - - <Link to issue> - - <Link to WP> - - <automated> - - * - :need:`wp__tailoring` (generic) - - :need:`gd_guidl__security_plan_definitions` - - :ndf:`copy('status', need_id='gd_guidl__security_plan_definitions')` - - `#TBD2 <https://github.com/eclipse-score/score/issues/307>`_ - - `REPLACEstandard_iso26262` & :need:`doc__platform_safety_plan` - - valid + * - :need:`wp__tailoring_work_products` (generic) + - :ndf:`copy('status', need_id='wf__def_app_process_description')` + - :need:`doc__platform_security_plan` + - :ndf:`copy('status', need_id='doc__platform_security_plan')` * - :need:`wp__sw_platform_sbom` - - :need:`wf__cr_mt_security_sbom` - - not started - - <Link to issue> + - :ndf:`copy('status', need_id='wf__cr_mt_security_sbom')` - <Link to WP> - <automated> +Process status: Status of the workflow which "outputs" the work product, derived from the docs it "has" and guidances it "contains". + Security Management Feature Specific Work Products ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ diff --git a/docs/platform_management_plan/software_verification.rst b/docs/platform_management_plan/software_verification.rst index ca7fbf69a5b..eb86887c41a 100644 --- a/docs/platform_management_plan/software_verification.rst +++ b/docs/platform_management_plan/software_verification.rst @@ -20,6 +20,9 @@ :tags: platform_management :realizes: wp__verification_plan + +.. _software_verification_plan: + Software verification ********************* @@ -103,35 +106,47 @@ The following types of integrations are applicable: #. **Changes** get integrated based on the :need:`wf__change_create_cr` and will follow the :need:`doc__pull_request_guideline` as any other artifact. +The test methods and techniques shall be selected based on the characteristics and specified behavior +of the software element under test. This shall ensure proper testing from unit level to feature integration level. +Specific recommendations for each test level are provided in the following sections of this verification plan. + +The following examples serve as illustration and inspiration for test selection: +Resource Usage Evaluation is selected when requirements address resource management or when data +corruption may occur. Interface Testing is applied when requirements target external API behavior. +Boundary Value Analysis is used for buffers where overflow is deemed possible or when requirements specify +input ranges and boundaries covering incorrect input values. This list is not complete, and additional tests +may be selected based on the specific requirements of each software element. + Levels of integration and verification -------------------------------------- There are the following different levels of integration and verification defined: -1. Software unit (incl. detailed design) and component verification to verify the integration of +1. **Software unit verification** (incl. detailed design) and component verification to verify the integration of units to a component and also the integration of smaller component(s) to a complex component based on #. detailed design and #. component architecture and #. component requirements -2. Software feature verification to verify the integration of components to a feature based on +2. **Software integration verification** on feature level to verify the integration of components to a feature based on #. feature architecture and #. feature requirements -3. Platform testing (on reference hardware) +3. **Software platform verification** as Platform Integration Testing of the integrated software element (on reference hardware) based on #. Stakeholder requirements - **Note:** These three levels translate to the levels of ISO 26262 part 6 clauses 9 to 11. The platform - testing will be executed by the integrator. S-CORE project only executes tests on reference hardware. + **Note:** These three levels translate to the levels of ISO 26262 part 6 clauses 9 to 11, where compliant testing with full coverage is tailored out for the embedded software. + The specific tailoring is described in the :need:`doc__score_platform_safety_plan`. + The full Platform Integration Testing will be executed by the integrator. S-CORE project only executes tests on reference hardware. These tests serve as an optional base for the integrator and will also be part of the :need:`wp__verification_platform_ver_report`, but more on an informative character. The full scope - of clause 11 is tailored out accordingly for S-CORE. Practically, this means S-CORE will implement - Platform Integration Test of stakeholder requirements for demonstration, but these are not intended to completely - covering all stakeholder requirements. + of clause 11 is tailored out accordingly for S-CORE (see: :need:`gd_guidl__verification_req_tailored`). + Practically, this means S-CORE will implement Platform Integration Tests for stakeholder requirements for demonstration, + but these are not intended to completely covering all stakeholder requirements. Verification Methods -------------------- @@ -156,35 +171,35 @@ method is to be used as meta data (*TestType* and *DerivationTechnique*). - Applicable for QM / ASIL B * - Static Code Analysis - static-code-analysis - - 1, -, - + - 1 Unit/Component, -, - - QM & ASIL B * - Structural Statement Coverage (Code coverage) - structural-statement-coverage - - 1, -, - + - 1 Unit/Component, -, - - QM & ASIL B * - Structural Branch Coverage (Code coverage) - structural-branch-coverage - - 1, -, - + - 1 Unit/Component, -, - - QM & ASIL B * - Walkthrough - walkthrough - - 1, 2, 3 + - All level 1, 2, 3 - QM * - Inspection - inspection - - 1, 2, 3 + - 1 Unit/Component, 2 Feature Integration, - - ASIL B * - Interface Test - interface-test - - 1, 2, - + - 1 Unit/Component, 2 Feature Integration, - - QM & ASIL B * - Requirements-based Test - requirements-based - - 1, 2, - + - All level 1, 2, 3 - QM & ASIL B * - Resource Usage Evaluation (only on reference environment) - resource-usage - - -, 2, - + - -, 2 Feature Integration, - - QM & ASIL B @@ -233,19 +248,19 @@ Test Derivation Methods - Applicable for QM / ASIL B * - Analysis of Requirements - requirements-analysis - - 1, 2, 3 + - All level 1, 2, 3 - QM, ASIL B * - Analysis of Boundary Values - boundary-values - - 1, 2, - + - 1 Unit/Component, 2 Feature Integration, - - ASIL B * - Analysis of Equivalence Classes - equivalence-classes - - 1, 2, - + - All level 1, 2, 3 - ASIL B * - Fuzzy Testing (focus security) - fuzz-testing - - 1, 2, - + - 1 Unit/Component, 2 Feature Integration, - - QM, ASIL B The ``fuzz-testing`` should especially be taken into account to increase security of the software. @@ -303,12 +318,23 @@ to be reached with every contribution. - 100% - 100% * - 7 - - Relative amount of failed tests - - 0% - - 0% + - Relative amount of passed tests + - 100% + - 100% + * - 8 + - Compliance with rules for static code analysis + - only minor violation based on tool rating + - 100% + * - 9 + - Freedom from compiler warnings & errors + - 100% + - 100% Further quality goals are defined in section :doc:`quality_management`. +The confirmation or any deviation of the coverage percentage value is documented in this section. +This shall also be part of the module documentation with a reasoning when percentage numbers deviate for an official release. + Coverage of detailed design ^^^^^^^^^^^^^^^^^^^^^^^^^^^ @@ -329,8 +355,8 @@ following aspects define the coverage of the architectural design. - :need:`wp__sw_component_fmea` and :need:`wp__sw_component_dfa` for safety-critical parts - :need:`wp__feature_fmea` and :need:`wp__feature_dfa` for safety-critical parts -Each architectural element has at least one test case linked with attribute "fully verified" or -multiple test cases with attribute "partially verified". +Each architectural element has at least one test case linked with attribute ``FullyVerified`` or +multiple test cases with attribute ``PartiallyVerified``. Coverage of software requirements specifications ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ @@ -359,7 +385,26 @@ Test execution and result analysis ---------------------------------- The execution of the tests is based on a full automation defined by build pipelines. The analysis of the test results -needs to be performed by the contributor. +needs to be performed by the :need:`rl__contributor`. + +Manual test execution +^^^^^^^^^^^^^^^^^^^^^ + +The automation rate for test case execution is expected to be above 99%. + +Automated tests can be executed locally by the contributor before pushing code to the repository. +To support local test execution respective `bazel test ...` commands are provided as part of the module and feature documentation. + +When a manual test is considered to verify a requirement or architectural element, the respective links need to be established as for any other automated test case. +The script for manual testing uses the same templates as any other automated test including the Record Properties. +Therefore, these test cases require a script to be provided which describes how to execute the test case manually step by step. +The script and its execution will be part of the test reporting and traceability and need to be reviewed in the PR as part of the verification activities. +Within the review an approver confirms that automation is not feasible for the specific test case. + +In contrast to automated result comparison of an automated test case, the feedback from the test executor is logged for manual tests. +The script will wait for the user input to proceed to the next step and describe the expected result after each step. +The user input can be judged as confirmation that the expected result is achieved. +The final result will be `PASSED` or `FAILED`, based on the test executors confirmation. Test selection and regression testing ------------------------------------- @@ -392,7 +437,7 @@ document: #. The :need:`rl__contributor` needs to make sure that the objectives of the software integration and verification are fulfilled when contributing to the project. -#. The :need:`rl__committer` needs to verify that the contributor has fulfilled the expected objectives. +#. The :need:`rl__committer` needs to verify that the :need:`rl__contributor` has fulfilled the expected objectives. In this way roles are followed as defined in :need:`doc_concept__verification_process`. @@ -485,8 +530,8 @@ Test execution environment and reference hardware ------------------------------------------------- The platform is consisting solely on features that are considered as "middleware" as the layer -above the hardware abstraction layer. The platform itself doe not require to be running on -a specific hardware. It integrates with an Posix Operating System which is the first level of +above the hardware abstraction layer. The platform itself does not require to be running on +a specific hardware. It integrates with an POSIX Operating System which is the first level of abstraction to the physical hardware. The simulation environment will be based on x86 and arm64 architecture, to be close to later diff --git a/docs/requirements/platform_assumptions/index.rst b/docs/requirements/platform_assumptions/index.rst index c526629d441..3d6d16a4e82 100644 --- a/docs/requirements/platform_assumptions/index.rst +++ b/docs/requirements/platform_assumptions/index.rst @@ -33,7 +33,7 @@ the operating system, programming language libraries, hypervisor or processing h For "organizations" two roles are used in the AoU text: - Supplier: is the provider of an element the S-CORE SW-platform is using but which is developed and maintained externally. -- System Integrator: uses the S-CORE SW-platform as a part of a system he provides to a customer. The system integrator can be for example a Tier1 providing an electronic control unit to a OEM or an OEM providing a car to his end-customer. S-CORE does not know which. +- System Integrator: uses the S-CORE SW-platform as a part of a system they provide to a customer. The system integrator can be for example a Tier1 providing an electronic control unit to a OEM or an OEM providing a car to their end-customer. S-CORE does not know which. To fulfill these assumptions is the responsibility of the mentioned roles. @@ -113,7 +113,7 @@ It is the level where the S-CORE SW-platform will functionally "work" with the e :safety: QM :status: valid - The system integrator shall run the tests provided by S-CORE (platform, feature, component and Unit level for his selected S-CORE modules) on his selected OS/Hypervisor/HW combination, + The system integrator shall run the tests provided by S-CORE (platform, feature, component and Unit level for their selected S-CORE modules) on their selected OS/Hypervisor/HW combination, or provide equivalent argumentation. Note1: S-CORE will run these tests for one or more reference OS/Hypervisor/HW combination, if not all passing, remaining issues are documented in release notes. In case the selected combination is equal to a S-CORE reference and the complete S-CORE SW-platform is used, this AoU may be skipped. @@ -127,7 +127,7 @@ It is the level where the S-CORE SW-platform will functionally "work" with the e :safety: QM :status: valid - The system integrator shall report the bugs found during integration of the S-CORE SW-platform on his selected OS/Hypervisor/HW combination to the external SW element supplier and S-CORE for analysis. + The system integrator shall report the bugs found during integration of the S-CORE SW-platform on their selected OS/Hypervisor/HW combination to the external SW element supplier and S-CORE for analysis. Assumptions on the external SW element integration - Certifiable Level ---------------------------------------------------------------------- @@ -207,6 +207,18 @@ This is the highest level of integraton. This is the level where the S-CORE SW-p Note3: This applies also if the system integrator would replace a S-CORE SW-platform element with another SW element which is external to S-CORE. +.. aou_req:: SW-platform test completion + :id: aou_req__platform__test_completion + :reqtype: Non-Functional + :security: YES + :safety: ASIL_B + :status: valid + + If the system using the SW-platform has safety goals, the system integrator shall check for correctness and completeness of SW-platform testing and add verification where needed. + + Note: The SW-platform integtion tests provided by S-CORE for :need:`aou_req__platform__testing` are for demonstration purpose only, + as described in the tailoring section of :need:`doc__score_platform_safety_plan` and thus do not claim correctness and completeness. + .. aou_req:: Integrator safety anomaly reporting :id: aou_req__platform__integration_safety_anomaly :reqtype: Non-Functional @@ -214,7 +226,7 @@ This is the highest level of integraton. This is the level where the S-CORE SW-p :safety: ASIL_B :status: valid - If the system using the SW-platform has safety goals, the system integrator shall perform safety anomaly reporting taking into account also the reporting of all the components he integrates. + If the system using the SW-platform has safety goals, the system integrator shall perform safety anomaly reporting taking into account also the reporting of all the components they integrate. Note: This includes all the modules of the S-CORE SW platform used by the system integrator. The relevant safety critical bugs or safety anomalies are published by S-CORE as defined in the :need:`doc__platform_problem_resolution_plan`. diff --git a/docs/requirements/stakeholder/index.rst b/docs/requirements/stakeholder/index.rst index f65c5a5d2bc..e9cc34b272f 100644 --- a/docs/requirements/stakeholder/index.rst +++ b/docs/requirements/stakeholder/index.rst @@ -17,6 +17,13 @@ Stakeholder Requirements ======================== +.. document:: SW-platform stakeholder requirements + :id: doc__stakeholder_requirements + :status: draft + :security: YES + :safety: ASIL_B + :realizes: wp__requirements_stkh + Overall goals ------------- @@ -85,7 +92,7 @@ Functional requirements The SW-platform shall support configuration of applications via files (e.g. yaml, json) .. stkh_req:: Support of safe Key/Value store - :id: stkh_req__functiona_req__support_of_store + :id: stkh_req__functional_req__support_of_store :reqtype: Functional :security: NO :safety: ASIL_B @@ -246,7 +253,7 @@ Dependability .. stkh_req:: Safety features :id: stkh_req__dependability__safety_features :reqtype: Functional - :security: NO + :security: YES :safety: ASIL_B :rationale: There are state-of-the-art safety mechanisms to check HW and SW errors. These are expected to be supported either by the SW-platform alone or by using HW or OS provided safety features. :status: valid @@ -557,6 +564,17 @@ Communication The SW-platform shall support intra-process communication. +.. stkh_req:: Cross-VM Communication + :id: stkh_req__communication__vm + :reqtype: Functional + :security: NO + :safety: QM + :rationale: Different VMs in a system involved. Sometimes they interact. + :status: valid + :valid_from: v1.0.0 + + The platform shall support not only IPC but also inter Virtual Machine (VM) communication. + .. stkh_req:: Stable application interfaces :id: stkh_req__communication__stable_app_inter :reqtype: Functional @@ -1200,7 +1218,7 @@ Requirements Engineering :rationale: This is a usability constraint needed for long term maintenance support :status: valid - he SW-platform infrastructure shall support linking all requirements from lower to upper level, whereby on the top-level are the stakeholder requirements. + The SW-platform infrastructure shall support linking all requirements from lower to upper level, whereby on the top-level are the stakeholder requirements. .. stkh_req:: Document requirements as code :id: stkh_req__requirements__as_code diff --git a/docs/score_releases/_assets/score_process_area_overview.drawio.svg b/docs/score_releases/_assets/score_process_area_overview.drawio.svg new file mode 100644 index 00000000000..6bfc2a76b5f --- /dev/null +++ b/docs/score_releases/_assets/score_process_area_overview.drawio.svg @@ -0,0 +1,4 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!-- Do not edit this file with editors other than draw.io --> +<!DOCTYPE svg PUBLIC "-//W3C//DTD SVG 1.1//EN" "http://www.w3.org/Graphics/SVG/1.1/DTD/svg11.dtd"> +<svg xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" version="1.1" width="1019px" height="1111px" viewBox="-0.5 -0.5 1019 1111" content="<mxfile host="Electron" modified="2025-12-16T09:59:37.869Z" agent="Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) draw.io/21.6.5 Chrome/114.0.5735.243 Electron/25.3.1 Safari/537.36" etag="z4vkbFWl28wgfiui7sJG" version="21.6.5" type="device"> <diagram id="9aBNZYUphsUlN37Ga501" name="Page-1"> <mxGraphModel dx="2734" dy="1800" grid="1" gridSize="10" guides="1" tooltips="1" connect="1" arrows="1" fold="1" page="1" pageScale="1" pageWidth="850" pageHeight="1100" math="0" shadow="0"> <root> <mxCell id="0" /> <mxCell id="1" parent="0" /> <mxCell id="3" value="&lt;b&gt;&lt;br&gt;&lt;br&gt;&lt;br&gt;&lt;br&gt;&lt;br&gt;&lt;br&gt;&lt;br&gt;Process Areas - Support&lt;br&gt;&lt;br&gt;&lt;br&gt;&lt;br&gt;&lt;br&gt;&lt;br&gt;&lt;br&gt;&lt;br&gt;&lt;br&gt;&lt;br&gt;&lt;br&gt;&amp;nbsp;&lt;/b&gt;" style="rounded=0;whiteSpace=wrap;html=1;" parent="1" vertex="1"> <mxGeometry x="-1658" y="-329" width="970" height="90" as="geometry" /> </mxCell> <mxCell id="4" value="&lt;b&gt;&lt;br&gt;&lt;br&gt;&lt;br&gt;&lt;br&gt;Process Areas - Development&lt;br&gt;&lt;br&gt;&lt;br&gt;&lt;br&gt;&lt;br&gt;&lt;br&gt;&lt;br&gt;&lt;br&gt;&lt;br&gt;&lt;br&gt;&lt;br&gt;&amp;nbsp;&lt;/b&gt;" style="rounded=0;whiteSpace=wrap;html=1;" parent="1" vertex="1"> <mxGeometry x="-1658" y="-455" width="970" height="120" as="geometry" /> </mxCell> <mxCell id="5" value="&lt;span style=&quot;&quot;&gt;Introduction&lt;/span&gt;" style="rounded=0;whiteSpace=wrap;html=1;fontStyle=1;fillColor=#e1d5e7;strokeColor=#9673a6;" parent="1" vertex="1"> <mxGeometry x="-1658" y="-620" width="970" height="30" as="geometry" /> </mxCell> <mxCell id="6" value="&lt;b&gt;&lt;br&gt;&lt;br&gt;&lt;br&gt;&lt;br&gt;&lt;br&gt;&lt;br&gt;&lt;br&gt;&lt;br&gt;&lt;br&gt;Process Areas - Management&lt;br&gt;&lt;br&gt;&lt;br&gt;&lt;br&gt;&lt;br&gt;&lt;br&gt;&lt;br&gt;&lt;br&gt;&lt;br&gt;&lt;br&gt;&lt;br&gt;&lt;br&gt;&lt;br&gt;&amp;nbsp;&lt;/b&gt;" style="rounded=0;whiteSpace=wrap;html=1;" parent="1" vertex="1"> <mxGeometry x="-1658" y="-550" width="970" height="90" as="geometry" /> </mxCell> <mxCell id="7" value="Requirements&lt;br style=&quot;font-size: 10px;&quot;&gt;Engineering" style="rounded=0;whiteSpace=wrap;html=1;fillColor=#e1d5e7;strokeColor=#9673a6;fontSize=10;verticalAlign=middle;" parent="1" vertex="1"> <mxGeometry x="-1648" y="-428" width="70" height="80" as="geometry" /> </mxCell> <mxCell id="8" value="Safety&lt;br style=&quot;font-size: 10px;&quot;&gt;Management" style="rounded=0;whiteSpace=wrap;html=1;fillColor=#e1d5e7;strokeColor=#9673a6;fontSize=10;verticalAlign=middle;" parent="1" vertex="1"> <mxGeometry x="-1568" y="-515" width="70" height="50" as="geometry" /> </mxCell> <mxCell id="9" value="Change Management&lt;br&gt;" style="rounded=0;whiteSpace=wrap;html=1;fillColor=#e1d5e7;strokeColor=#9673a6;fontSize=10;verticalAlign=middle;" parent="1" vertex="1"> <mxGeometry x="-1328" y="-515" width="70" height="50" as="geometry" /> </mxCell> <mxCell id="10" value="Documentation&lt;br style=&quot;font-size: 10px;&quot;&gt;Management" style="rounded=0;whiteSpace=wrap;html=1;fillColor=#e1d5e7;strokeColor=#9673a6;fontSize=10;" parent="1" vertex="1"> <mxGeometry x="-1488" y="-302" width="70" height="50" as="geometry" /> </mxCell> <mxCell id="11" value="&lt;span style=&quot;&quot;&gt;General Concepts&lt;/span&gt;" style="rounded=0;whiteSpace=wrap;html=1;fontStyle=1;fillColor=#e1d5e7;strokeColor=#9673a6;" parent="1" vertex="1"> <mxGeometry x="-1658" y="-586" width="970" height="30" as="geometry" /> </mxCell> <mxCell id="12" value="&lt;span style=&quot;&quot;&gt;Standards&lt;/span&gt;" style="rounded=0;whiteSpace=wrap;html=1;fontStyle=1;fillColor=#e1d5e7;strokeColor=#9673a6;" parent="1" vertex="1"> <mxGeometry x="-1658" y="-129" width="970" height="30" as="geometry" /> </mxCell> <mxCell id="13" value="&lt;span style=&quot;&quot;&gt;Roles&lt;/span&gt;" style="rounded=0;whiteSpace=wrap;html=1;fontStyle=1;fillColor=#e1d5e7;strokeColor=#9673a6;" parent="1" vertex="1"> <mxGeometry x="-1658" y="-233" width="970" height="30" as="geometry" /> </mxCell> <mxCell id="14" value="&lt;br style=&quot;font-size: 10px;&quot;&gt;&lt;br style=&quot;font-size: 10px;&quot;&gt;Architecture&lt;br style=&quot;font-size: 10px;&quot;&gt;&lt;br style=&quot;font-size: 10px;&quot;&gt;&lt;br style=&quot;font-size: 10px;&quot;&gt;&lt;br style=&quot;font-size: 10px;&quot;&gt;" style="rounded=0;whiteSpace=wrap;html=1;fillColor=#fff2cc;strokeColor=#d6b656;verticalAlign=middle;fontSize=10;" parent="1" vertex="1"> <mxGeometry x="-1568" y="-428" width="70" height="80" as="geometry" /> </mxCell> <mxCell id="15" value="&lt;font style=&quot;font-size: 10px;&quot;&gt;&lt;font style=&quot;font-size: 10px;&quot;&gt;&lt;br style=&quot;font-size: 10px;&quot;&gt;Imple-mentation&lt;/font&gt;&lt;br style=&quot;font-size: 10px;&quot;&gt;&lt;span style=&quot;font-size: 10px;&quot;&gt;(Detailed Design, &lt;/span&gt;&lt;br style=&quot;font-size: 10px;&quot;&gt;&lt;span style=&quot;font-size: 10px;&quot;&gt;Coding)&lt;/span&gt;&lt;/font&gt;" style="rounded=0;whiteSpace=wrap;html=1;fillColor=#fff2cc;strokeColor=#d6b656;fontSize=10;" parent="1" vertex="1"> <mxGeometry x="-1488" y="-428" width="70" height="80" as="geometry" /> </mxCell> <mxCell id="16" value="Problem Resolution" style="rounded=0;whiteSpace=wrap;html=1;fontSize=10;fillColor=#e1d5e7;strokeColor=#9673a6;" parent="1" vertex="1"> <mxGeometry x="-1248" y="-515" width="70" height="50" as="geometry" /> </mxCell> <mxCell id="17" value="ML 4" style="rounded=0;whiteSpace=wrap;html=1;fillColor=#008a00;strokeColor=#005700;fontColor=#ffffff;" parent="1" vertex="1"> <mxGeometry x="-1658" y="386" width="60" height="54" as="geometry" /> </mxCell> <mxCell id="18" value="ML 2" style="rounded=0;whiteSpace=wrap;html=1;fillColor=#e1d5e7;strokeColor=#9673a6;" parent="1" vertex="1"> <mxGeometry x="-1658" y="226" width="60" height="54" as="geometry" /> </mxCell> <mxCell id="19" value="ML 1" style="rounded=0;whiteSpace=wrap;html=1;fillColor=#fff2cc;strokeColor=#d6b656;" parent="1" vertex="1"> <mxGeometry x="-1658" y="146" width="60" height="54" as="geometry" /> </mxCell> <mxCell id="20" value="Verification&lt;br style=&quot;font-size: 10px;&quot;&gt;&lt;br style=&quot;font-size: 10px;&quot;&gt;" style="rounded=0;whiteSpace=wrap;html=1;fillColor=#fff2cc;strokeColor=#d6b656;fontSize=10;" parent="1" vertex="1"> <mxGeometry x="-1408" y="-428" width="70" height="80" as="geometry" /> </mxCell> <mxCell id="21" value="Configuration&lt;br style=&quot;font-size: 10px;&quot;&gt;Management" style="rounded=0;whiteSpace=wrap;html=1;fontSize=10;fillColor=#e1d5e7;strokeColor=#9673a6;verticalAlign=middle;" parent="1" vertex="1"> <mxGeometry x="-1648" y="-302" width="70" height="50" as="geometry" /> </mxCell> <mxCell id="22" value="Tool&lt;br style=&quot;font-size: 10px;&quot;&gt;Management" style="rounded=0;whiteSpace=wrap;html=1;fontSize=10;fillColor=#e1d5e7;strokeColor=#9673a6;" parent="1" vertex="1"> <mxGeometry x="-1568" y="-302" width="70" height="50" as="geometry" /> </mxCell> <mxCell id="23" value="Quality&lt;br style=&quot;font-size: 10px;&quot;&gt;Management" style="rounded=0;whiteSpace=wrap;html=1;fontSize=10;fillColor=#e1d5e7;strokeColor=#9673a6;verticalAlign=middle;" parent="1" vertex="1"> <mxGeometry x="-1408" y="-515" width="70" height="50" as="geometry" /> </mxCell> <mxCell id="24" value="Platform&lt;br style=&quot;font-size: 10px;&quot;&gt;Management" style="rounded=0;whiteSpace=wrap;html=1;fontSize=10;fillColor=#e1d5e7;strokeColor=#9673a6;verticalAlign=middle;" parent="1" vertex="1"> <mxGeometry x="-1648" y="-515" width="70" height="50" as="geometry" /> </mxCell> <mxCell id="25" value="&lt;b&gt;Maturity Level&lt;/b&gt;" style="text;html=1;align=center;verticalAlign=middle;resizable=0;points=[];autosize=1;strokeColor=none;fillColor=none;" parent="1" vertex="1"> <mxGeometry x="-1668" y="16" width="100" height="30" as="geometry" /> </mxCell> <mxCell id="26" value="ML 0" style="rounded=0;whiteSpace=wrap;html=1;" parent="1" vertex="1"> <mxGeometry x="-1658" y="66" width="60" height="54" as="geometry" /> </mxCell> <mxCell id="27" value="&lt;br style=&quot;font-size: 10px;&quot;&gt;Safety&lt;br style=&quot;font-size: 10px;&quot;&gt;Analysis&lt;br style=&quot;font-size: 10px;&quot;&gt;&lt;br style=&quot;font-size: 10px;&quot;&gt;" style="rounded=0;whiteSpace=wrap;html=1;fillColor=#e1d5e7;strokeColor=#9673a6;fontSize=10;" parent="1" vertex="1"> <mxGeometry x="-1328" y="-428" width="70" height="80" as="geometry" /> </mxCell> <mxCell id="28" value="&lt;span style=&quot;&quot;&gt;Work Products&lt;/span&gt;" style="rounded=0;whiteSpace=wrap;html=1;fontStyle=1;fillColor=#e1d5e7;strokeColor=#9673a6;" parent="1" vertex="1"> <mxGeometry x="-1658" y="-199" width="970" height="30" as="geometry" /> </mxCell> <mxCell id="29" value="&lt;span style=&quot;&quot;&gt;Workflows&lt;/span&gt;" style="rounded=0;whiteSpace=wrap;html=1;fontStyle=1;fillColor=#e1d5e7;strokeColor=#9673a6;" parent="1" vertex="1"> <mxGeometry x="-1658" y="-165" width="970" height="30" as="geometry" /> </mxCell> <mxCell id="30" value="ML 3" style="rounded=0;whiteSpace=wrap;html=1;fillColor=#d5e8d4;strokeColor=#82b366;" parent="1" vertex="1"> <mxGeometry x="-1658" y="306" width="60" height="54" as="geometry" /> </mxCell> <mxCell id="31" value="&lt;b&gt;Plan&lt;/b&gt; -&amp;nbsp;&lt;br&gt;&lt;span style=&quot;color: rgb(51, 51, 51);&quot;&gt;Process definition&amp;nbsp;planned&lt;br&gt;Documents not available&amp;nbsp;&lt;/span&gt;or most empty" style="rounded=0;whiteSpace=wrap;html=1;align=left;" parent="1" vertex="1"> <mxGeometry x="-1578" y="66" width="920" height="54" as="geometry" /> </mxCell> <mxCell id="32" value="&lt;b&gt;Initial&lt;/b&gt; -&amp;nbsp;&lt;br&gt;&lt;span style=&quot;background-color: initial;&quot;&gt;Process definition in&amp;nbsp;&lt;/span&gt;&lt;span style=&quot;background-color: initial;&quot;&gt;place, but not yet compliant,&amp;nbsp;&lt;/span&gt;&lt;span style=&quot;text-align: center;&quot;&gt;consistency across S-CORE platform, modules and repeatability of processes may not be possible.&lt;br&gt;Documents are mostly available, main parts done, principles clear, all top level questions addressed, well structured.&lt;br&gt;&lt;/span&gt;" style="rounded=0;whiteSpace=wrap;html=1;fillColor=#fff2cc;strokeColor=#d6b656;align=left;" parent="1" vertex="1"> <mxGeometry x="-1578" y="146" width="928" height="54" as="geometry" /> </mxCell> <mxCell id="33" value="&lt;b&gt;Managed&lt;/b&gt; -&lt;br&gt;&lt;span style=&quot;color: rgb(0, 0, 0); background-color: initial;&quot;&gt;Process definition in place but not&amp;nbsp;&lt;/span&gt;&lt;span style=&quot;color: rgb(0, 0, 0); background-color: initial;&quot;&gt;yet deployed in S-CORE, but&amp;nbsp;&lt;/span&gt;&lt;span style=&quot;text-align: center;&quot;&gt;execution would allow consistency across S-CORE platform and modules, repeatability of processes possible&lt;br&gt;Documents are complete, documented on a comprehensible systematic approach, verified, only minor questions open, Process requirements (of highest priority) enforced by implemented Tool Requirements (or a feasible manual work around is defined).&lt;br&gt;&lt;/span&gt;" style="rounded=0;whiteSpace=wrap;html=1;fillColor=#e1d5e7;strokeColor=#9673a6;align=left;" parent="1" vertex="1"> <mxGeometry x="-1578" y="226" width="928" height="54" as="geometry" /> </mxCell> <mxCell id="34" value="&lt;b&gt;Defined/Practiced&lt;/b&gt; -&amp;nbsp;&lt;br&gt;&lt;span style=&quot;color: rgb(0, 0, 0); background-color: initial;&quot;&gt;Deployed (at least once) in S-CORE platform or one Module,&amp;nbsp;&lt;/span&gt;&lt;font color=&quot;#000000&quot;&gt;The processes have been practiced, and evidence exists to demonstrate that this has occurred.&amp;nbsp;&lt;/font&gt;&lt;br&gt;&lt;font color=&quot;#000000&quot;&gt;Documents are complete, verified and released, Process Requirements (of high/ medium priority)&amp;nbsp;&lt;/font&gt;&lt;span style=&quot;text-align: center;&quot;&gt;enforced by implemented Tool Requirements, Tool evaluation performed&lt;/span&gt;&lt;span style=&quot;text-align: center;&quot;&gt;&lt;font color=&quot;#000000&quot;&gt;&lt;br&gt;&amp;nbsp;Initial Safety Audit passed.&lt;/font&gt;&lt;br&gt;&lt;/span&gt;" style="rounded=0;whiteSpace=wrap;html=1;fillColor=#d5e8d4;strokeColor=#82b366;align=left;" parent="1" vertex="1"> <mxGeometry x="-1578" y="306" width="928" height="54" as="geometry" /> </mxCell> <mxCell id="35" value="Improving -&amp;nbsp;&lt;br&gt;&lt;span style=&quot;background-color: initial;&quot;&gt;Deployed on S-CORE platform and various S-CORE Modules and&amp;nbsp;&lt;/span&gt;&lt;span style=&quot;background-color: initial;&quot;&gt;constantly improving, u&lt;/span&gt;&lt;span style=&quot;text-align: center;&quot;&gt;sing suitable process metrics, S-CORE commiter control the effectiveness and performance of the platform and modules and demonstrate continuous improvement in these areas. Tool qualification available.&lt;/span&gt;" style="rounded=0;whiteSpace=wrap;html=1;fillColor=#008a00;strokeColor=#005700;fontColor=#FFFFFF;align=left;" parent="1" vertex="1"> <mxGeometry x="-1578" y="386" width="928" height="54" as="geometry" /> </mxCell> <mxCell id="36" value="Release&lt;br style=&quot;font-size: 10px;&quot;&gt;Management" style="rounded=0;whiteSpace=wrap;html=1;fontSize=10;fillColor=#e1d5e7;strokeColor=#9673a6;" parent="1" vertex="1"> <mxGeometry x="-1168" y="-515" width="70" height="50" as="geometry" /> </mxCell> <mxCell id="37" value="&lt;span style=&quot;&quot;&gt;Trustable&lt;/span&gt;" style="rounded=0;whiteSpace=wrap;html=1;fontStyle=1;fillColor=#fff2cc;strokeColor=#d6b656;" parent="1" vertex="1"> <mxGeometry x="-1658" y="-95" width="970" height="30" as="geometry" /> </mxCell> <mxCell id="38" value="&lt;span style=&quot;&quot;&gt;Folder Templates&lt;/span&gt;" style="rounded=0;whiteSpace=wrap;html=1;fontStyle=1;fillColor=#e1d5e7;strokeColor=#9673a6;" parent="1" vertex="1"> <mxGeometry x="-1658" y="-61" width="970" height="30" as="geometry" /> </mxCell> <mxCell id="39" value="Security&lt;br style=&quot;font-size: 10px;&quot;&gt;Management" style="rounded=0;whiteSpace=wrap;html=1;fontSize=10;fillColor=#fff2cc;strokeColor=#d6b656;verticalAlign=middle;" parent="1" vertex="1"> <mxGeometry x="-1488" y="-515" width="70" height="50" as="geometry" /> </mxCell> <mxCell id="40" value="Security&lt;br style=&quot;font-size: 10px;&quot;&gt;Analysis" style="rounded=0;whiteSpace=wrap;html=1;fillColor=#fff2cc;strokeColor=#d6b656;fontSize=10;" parent="1" vertex="1"> <mxGeometry x="-1248" y="-428" width="70" height="80" as="geometry" /> </mxCell> </root> </mxGraphModel> </diagram> </mxfile> "><defs/><g><rect x="10" y="341" width="970" height="90" fill="rgb(255, 255, 255)" stroke="rgb(0, 0, 0)" pointer-events="all"/><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 968px; height: 1px; padding-top: 386px; margin-left: 11px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;"><b><br /><br /><br /><br /><br /><br /><br />Process Areas - Support<br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /> </b></div></div></div></foreignObject><text x="495" y="390" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="12px" text-anchor="middle">Process Areas - Support...</text></switch></g><rect x="10" y="215" width="970" height="120" fill="rgb(255, 255, 255)" stroke="rgb(0, 0, 0)" pointer-events="all"/><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 968px; height: 1px; padding-top: 275px; margin-left: 11px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;"><b><br /><br /><br /><br />Process Areas - Development<br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /> </b></div></div></div></foreignObject><text x="495" y="279" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="12px" text-anchor="middle">Process Areas - Development...</text></switch></g><rect x="10" y="50" width="970" height="30" fill="#e1d5e7" stroke="#9673a6" pointer-events="all"/><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 968px; height: 1px; padding-top: 65px; margin-left: 11px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; font-weight: bold; white-space: normal; overflow-wrap: normal;"><span style="">Introduction</span></div></div></div></foreignObject><text x="495" y="69" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="12px" text-anchor="middle" font-weight="bold">Introduction</text></switch></g><rect x="10" y="120" width="970" height="90" fill="rgb(255, 255, 255)" stroke="rgb(0, 0, 0)" pointer-events="all"/><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 968px; height: 1px; padding-top: 165px; margin-left: 11px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;"><b><br /><br /><br /><br /><br /><br /><br /><br /><br />Process Areas - Management<br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /> </b></div></div></div></foreignObject><text x="495" y="169" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="12px" text-anchor="middle">Process Areas - Management...</text></switch></g><rect x="20" y="242" width="70" height="80" fill="#e1d5e7" stroke="#9673a6" pointer-events="all"/><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 68px; height: 1px; padding-top: 282px; margin-left: 21px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 10px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">Requirements<br style="font-size: 10px;" />Engineering</div></div></div></foreignObject><text x="55" y="285" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="10px" text-anchor="middle">Requirements...</text></switch></g><rect x="100" y="155" width="70" height="50" fill="#e1d5e7" stroke="#9673a6" pointer-events="all"/><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 68px; height: 1px; padding-top: 180px; margin-left: 101px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 10px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">Safety<br style="font-size: 10px;" />Management</div></div></div></foreignObject><text x="135" y="183" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="10px" text-anchor="middle">Safety...</text></switch></g><rect x="340" y="155" width="70" height="50" fill="#e1d5e7" stroke="#9673a6" pointer-events="all"/><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 68px; height: 1px; padding-top: 180px; margin-left: 341px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 10px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">Change Management<br /></div></div></div></foreignObject><text x="375" y="183" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="10px" text-anchor="middle">Change Managem...</text></switch></g><rect x="180" y="368" width="70" height="50" fill="#e1d5e7" stroke="#9673a6" pointer-events="all"/><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 68px; height: 1px; padding-top: 393px; margin-left: 181px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 10px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">Documentation<br style="font-size: 10px;" />Management</div></div></div></foreignObject><text x="215" y="396" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="10px" text-anchor="middle">Documentation...</text></switch></g><rect x="10" y="84" width="970" height="30" fill="#e1d5e7" stroke="#9673a6" pointer-events="all"/><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 968px; height: 1px; padding-top: 99px; margin-left: 11px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; font-weight: bold; white-space: normal; overflow-wrap: normal;"><span style="">General Concepts</span></div></div></div></foreignObject><text x="495" y="103" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="12px" text-anchor="middle" font-weight="bold">General Concepts</text></switch></g><rect x="10" y="541" width="970" height="30" fill="#e1d5e7" stroke="#9673a6" pointer-events="all"/><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 968px; height: 1px; padding-top: 556px; margin-left: 11px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; font-weight: bold; white-space: normal; overflow-wrap: normal;"><span style="">Standards</span></div></div></div></foreignObject><text x="495" y="560" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="12px" text-anchor="middle" font-weight="bold">Standards</text></switch></g><rect x="10" y="437" width="970" height="30" fill="#e1d5e7" stroke="#9673a6" pointer-events="all"/><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 968px; height: 1px; padding-top: 452px; margin-left: 11px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; font-weight: bold; white-space: normal; overflow-wrap: normal;"><span style="">Roles</span></div></div></div></foreignObject><text x="495" y="456" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="12px" text-anchor="middle" font-weight="bold">Roles</text></switch></g><rect x="100" y="242" width="70" height="80" fill="#fff2cc" stroke="#d6b656" pointer-events="all"/><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 68px; height: 1px; padding-top: 282px; margin-left: 101px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 10px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;"><br style="font-size: 10px;" /><br style="font-size: 10px;" />Architecture<br style="font-size: 10px;" /><br style="font-size: 10px;" /><br style="font-size: 10px;" /><br style="font-size: 10px;" /></div></div></div></foreignObject><text x="135" y="285" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="10px" text-anchor="middle">Architecture...</text></switch></g><rect x="180" y="242" width="70" height="80" fill="#fff2cc" stroke="#d6b656" pointer-events="all"/><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 68px; height: 1px; padding-top: 282px; margin-left: 181px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 10px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;"><font style="font-size: 10px;"><font style="font-size: 10px;"><br style="font-size: 10px;" />Imple-mentation</font><br style="font-size: 10px;" /><span style="font-size: 10px;">(Detailed Design, </span><br style="font-size: 10px;" /><span style="font-size: 10px;">Coding)</span></font></div></div></div></foreignObject><text x="215" y="285" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="10px" text-anchor="middle">Imple-mentatio...</text></switch></g><rect x="420" y="155" width="70" height="50" fill="#e1d5e7" stroke="#9673a6" pointer-events="all"/><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 68px; height: 1px; padding-top: 180px; margin-left: 421px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 10px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">Problem Resolution</div></div></div></foreignObject><text x="455" y="183" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="10px" text-anchor="middle">Problem Resolu...</text></switch></g><rect x="10" y="1056" width="60" height="54" fill="#008a00" stroke="#005700" pointer-events="all"/><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 58px; height: 1px; padding-top: 1083px; margin-left: 11px;"><div data-drawio-colors="color: #ffffff; " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(255, 255, 255); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">ML 4</div></div></div></foreignObject><text x="40" y="1087" fill="#ffffff" font-family="Helvetica" font-size="12px" text-anchor="middle">ML 4</text></switch></g><rect x="10" y="896" width="60" height="54" fill="#e1d5e7" stroke="#9673a6" pointer-events="all"/><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 58px; height: 1px; padding-top: 923px; margin-left: 11px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">ML 2</div></div></div></foreignObject><text x="40" y="927" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="12px" text-anchor="middle">ML 2</text></switch></g><rect x="10" y="816" width="60" height="54" fill="#fff2cc" stroke="#d6b656" pointer-events="all"/><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 58px; height: 1px; padding-top: 843px; margin-left: 11px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">ML 1</div></div></div></foreignObject><text x="40" y="847" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="12px" text-anchor="middle">ML 1</text></switch></g><rect x="260" y="242" width="70" height="80" fill="#fff2cc" stroke="#d6b656" pointer-events="all"/><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 68px; height: 1px; padding-top: 282px; margin-left: 261px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 10px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">Verification<br style="font-size: 10px;" /><br style="font-size: 10px;" /></div></div></div></foreignObject><text x="295" y="285" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="10px" text-anchor="middle">Verification...</text></switch></g><rect x="20" y="368" width="70" height="50" fill="#e1d5e7" stroke="#9673a6" pointer-events="all"/><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 68px; height: 1px; padding-top: 393px; margin-left: 21px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 10px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">Configuration<br style="font-size: 10px;" />Management</div></div></div></foreignObject><text x="55" y="396" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="10px" text-anchor="middle">Configuration...</text></switch></g><rect x="100" y="368" width="70" height="50" fill="#e1d5e7" stroke="#9673a6" pointer-events="all"/><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 68px; height: 1px; padding-top: 393px; margin-left: 101px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 10px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">Tool<br style="font-size: 10px;" />Management</div></div></div></foreignObject><text x="135" y="396" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="10px" text-anchor="middle">Tool...</text></switch></g><rect x="260" y="155" width="70" height="50" fill="#e1d5e7" stroke="#9673a6" pointer-events="all"/><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 68px; height: 1px; padding-top: 180px; margin-left: 261px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 10px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">Quality<br style="font-size: 10px;" />Management</div></div></div></foreignObject><text x="295" y="183" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="10px" text-anchor="middle">Quality...</text></switch></g><rect x="20" y="155" width="70" height="50" fill="#e1d5e7" stroke="#9673a6" pointer-events="all"/><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 68px; height: 1px; padding-top: 180px; margin-left: 21px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 10px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">Platform<br style="font-size: 10px;" />Management</div></div></div></foreignObject><text x="55" y="183" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="10px" text-anchor="middle">Platform...</text></switch></g><rect x="0" y="686" width="100" height="30" fill="none" stroke="none" pointer-events="all"/><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 1px; height: 1px; padding-top: 701px; margin-left: 50px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: nowrap;"><b>Maturity Level</b></div></div></div></foreignObject><text x="50" y="705" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="12px" text-anchor="middle">Maturity Level</text></switch></g><rect x="10" y="736" width="60" height="54" fill="rgb(255, 255, 255)" stroke="rgb(0, 0, 0)" pointer-events="all"/><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 58px; height: 1px; padding-top: 763px; margin-left: 11px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">ML 0</div></div></div></foreignObject><text x="40" y="767" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="12px" text-anchor="middle">ML 0</text></switch></g><rect x="340" y="242" width="70" height="80" fill="#e1d5e7" stroke="#9673a6" pointer-events="all"/><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 68px; height: 1px; padding-top: 282px; margin-left: 341px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 10px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;"><br style="font-size: 10px;" />Safety<br style="font-size: 10px;" />Analysis<br style="font-size: 10px;" /><br style="font-size: 10px;" /></div></div></div></foreignObject><text x="375" y="285" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="10px" text-anchor="middle">Safety...</text></switch></g><rect x="10" y="471" width="970" height="30" fill="#e1d5e7" stroke="#9673a6" pointer-events="all"/><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 968px; height: 1px; padding-top: 486px; margin-left: 11px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; font-weight: bold; white-space: normal; overflow-wrap: normal;"><span style="">Work Products</span></div></div></div></foreignObject><text x="495" y="490" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="12px" text-anchor="middle" font-weight="bold">Work Products</text></switch></g><rect x="10" y="505" width="970" height="30" fill="#e1d5e7" stroke="#9673a6" pointer-events="all"/><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 968px; height: 1px; padding-top: 520px; margin-left: 11px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; font-weight: bold; white-space: normal; overflow-wrap: normal;"><span style="">Workflows</span></div></div></div></foreignObject><text x="495" y="524" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="12px" text-anchor="middle" font-weight="bold">Workflows</text></switch></g><rect x="10" y="976" width="60" height="54" fill="#d5e8d4" stroke="#82b366" pointer-events="all"/><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 58px; height: 1px; padding-top: 1003px; margin-left: 11px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">ML 3</div></div></div></foreignObject><text x="40" y="1007" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="12px" text-anchor="middle">ML 3</text></switch></g><rect x="90" y="736" width="920" height="54" fill="rgb(255, 255, 255)" stroke="rgb(0, 0, 0)" pointer-events="all"/><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe flex-start; width: 918px; height: 1px; padding-top: 763px; margin-left: 92px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: left;"><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;"><b>Plan</b> - <br /><span style="color: rgb(51, 51, 51);">Process definition planned<br />Documents not available </span>or most empty</div></div></div></foreignObject><text x="92" y="767" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="12px">Plan -...</text></switch></g><rect x="90" y="816" width="928" height="54" fill="#fff2cc" stroke="#d6b656" pointer-events="all"/><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe flex-start; width: 926px; height: 1px; padding-top: 843px; margin-left: 92px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: left;"><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;"><b>Initial</b> - <br /><span style="background-color: initial;">Process definition in </span><span style="background-color: initial;">place, but not yet compliant, </span><span style="text-align: center;">consistency across S-CORE platform, modules and repeatability of processes may not be possible.<br />Documents are mostly available, main parts done, principles clear, all top level questions addressed, well structured.<br /></span></div></div></div></foreignObject><text x="92" y="847" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="12px">Initial -...</text></switch></g><rect x="90" y="896" width="928" height="54" fill="#e1d5e7" stroke="#9673a6" pointer-events="all"/><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe flex-start; width: 926px; height: 1px; padding-top: 923px; margin-left: 92px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: left;"><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;"><b>Managed</b> -<br /><span style="color: rgb(0, 0, 0); background-color: initial;">Process definition in place but not </span><span style="color: rgb(0, 0, 0); background-color: initial;">yet deployed in S-CORE, but </span><span style="text-align: center;">execution would allow consistency across S-CORE platform and modules, repeatability of processes possible<br />Documents are complete, documented on a comprehensible systematic approach, verified, only minor questions open, Process requirements (of highest priority) enforced by implemented Tool Requirements (or a feasible manual work around is defined).<br /></span></div></div></div></foreignObject><text x="92" y="927" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="12px">Managed -...</text></switch></g><rect x="90" y="976" width="928" height="54" fill="#d5e8d4" stroke="#82b366" pointer-events="all"/><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe flex-start; width: 926px; height: 1px; padding-top: 1003px; margin-left: 92px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: left;"><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;"><b>Defined/Practiced</b> - <br /><span style="color: rgb(0, 0, 0); background-color: initial;">Deployed (at least once) in S-CORE platform or one Module, </span><font color="#000000">The processes have been practiced, and evidence exists to demonstrate that this has occurred. </font><br /><font color="#000000">Documents are complete, verified and released, Process Requirements (of high/ medium priority) </font><span style="text-align: center;">enforced by implemented Tool Requirements, Tool evaluation performed</span><span style="text-align: center;"><font color="#000000"><br /> Initial Safety Audit passed.</font><br /></span></div></div></div></foreignObject><text x="92" y="1007" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="12px">Defined/Practiced -...</text></switch></g><rect x="90" y="1056" width="928" height="54" fill="#008a00" stroke="#005700" pointer-events="all"/><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe flex-start; width: 926px; height: 1px; padding-top: 1083px; margin-left: 92px;"><div data-drawio-colors="color: #FFFFFF; " style="box-sizing: border-box; font-size: 0px; text-align: left;"><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(255, 255, 255); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">Improving - <br /><span style="background-color: initial;">Deployed on S-CORE platform and various S-CORE Modules and </span><span style="background-color: initial;">constantly improving, u</span><span style="text-align: center;">sing suitable process metrics, S-CORE commiter control the effectiveness and performance of the platform and modules and demonstrate continuous improvement in these areas. Tool qualification available.</span></div></div></div></foreignObject><text x="92" y="1087" fill="#FFFFFF" font-family="Helvetica" font-size="12px">Improving -...</text></switch></g><rect x="500" y="155" width="70" height="50" fill="#e1d5e7" stroke="#9673a6" pointer-events="all"/><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 68px; height: 1px; padding-top: 180px; margin-left: 501px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 10px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">Release<br style="font-size: 10px;" />Management</div></div></div></foreignObject><text x="535" y="183" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="10px" text-anchor="middle">Release...</text></switch></g><rect x="10" y="575" width="970" height="30" fill="#fff2cc" stroke="#d6b656" pointer-events="all"/><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 968px; height: 1px; padding-top: 590px; margin-left: 11px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; font-weight: bold; white-space: normal; overflow-wrap: normal;"><span style="">Trustable</span></div></div></div></foreignObject><text x="495" y="594" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="12px" text-anchor="middle" font-weight="bold">Trustable</text></switch></g><rect x="10" y="609" width="970" height="30" fill="#e1d5e7" stroke="#9673a6" pointer-events="all"/><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 968px; height: 1px; padding-top: 624px; margin-left: 11px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; font-weight: bold; white-space: normal; overflow-wrap: normal;"><span style="">Folder Templates</span></div></div></div></foreignObject><text x="495" y="628" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="12px" text-anchor="middle" font-weight="bold">Folder Templates</text></switch></g><rect x="180" y="155" width="70" height="50" fill="#fff2cc" stroke="#d6b656" pointer-events="all"/><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 68px; height: 1px; padding-top: 180px; margin-left: 181px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 10px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">Security<br style="font-size: 10px;" />Management</div></div></div></foreignObject><text x="215" y="183" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="10px" text-anchor="middle">Security...</text></switch></g><rect x="420" y="242" width="70" height="80" fill="#fff2cc" stroke="#d6b656" pointer-events="all"/><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 68px; height: 1px; padding-top: 282px; margin-left: 421px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 10px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">Security<br style="font-size: 10px;" />Analysis</div></div></div></foreignObject><text x="455" y="285" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="10px" text-anchor="middle">Security...</text></switch></g></g><switch><g requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility"/><a transform="translate(0,-5)" xlink:href="https://www.drawio.com/doc/faq/svg-export-text-problems" target="_blank"><text text-anchor="middle" font-size="10px" x="50%" y="100%">Text is not SVG - cannot display</text></a></switch></svg> diff --git a/docs/score_releases/index.rst b/docs/score_releases/index.rst index 035bba0399a..4a841321d57 100644 --- a/docs/score_releases/index.rst +++ b/docs/score_releases/index.rst @@ -24,7 +24,23 @@ See also the project life cycle within the `Eclipse Development Process <https:/ S-CORE Releases Overview ======================== +Timeline +--------- +The current timeline for Eclipse S-CORE releases is shown below. + +.. image:: ./_assets/score_release_plan.drawio.svg + :width: 800 + :alt: Architecture overview + :align: center + +| + +For a detailed and always up-to-date planning view, see the `GitHub project <https://github.com/orgs/eclipse-score/projects/17/views/26>`_. + +List of S-CORE released versions +--------------------------------- + .. toctree:: - :maxdepth: 1 + :maxdepth: 2 score_releases/index.rst diff --git a/docs/score_releases/score_releases/index.rst b/docs/score_releases/score_releases/index.rst index af5ec410fd5..69e7290bb87 100644 --- a/docs/score_releases/score_releases/index.rst +++ b/docs/score_releases/score_releases/index.rst @@ -6,3 +6,4 @@ S-CORE Releases :maxdepth: 1 score_v0_5_alpha.rst + score_v0_5_beta.rst diff --git a/docs/score_releases/score_releases/score_v0_5_alpha.rst b/docs/score_releases/score_releases/score_v0_5_alpha.rst index 88b0f2c4aa8..c10a5782c8d 100644 --- a/docs/score_releases/score_releases/score_v0_5_alpha.rst +++ b/docs/score_releases/score_releases/score_v0_5_alpha.rst @@ -17,7 +17,7 @@ S-Core v0.5-alpha release notes .. document:: S-Core v0.5-alpha release note :id: doc__score_v05_alpha_release_note - :status: draft + :status: valid :safety: ASIL_B :security: YES :realizes: wp__platform_sw_release_note @@ -52,19 +52,6 @@ Highlights - Initial set of communication, persistency, orchestration, and base utility modules. - Experimental reference images for QNX, Red Hat AutoSD Linux, and EB corbos Linux for Safety Applications. -Timeline ---------- -The current timeline for Eclipse S-CORE releases is shown below. - -.. image:: ../_assets/score_release_plan.drawio.svg - :width: 800 - :alt: Architecture overview - :align: center - -| - -For a detailed and always up-to-date planning view, see the `GitHub project <https://github.com/orgs/eclipse-score/projects/17/views/26>`_. - Eclipse S-CORE book ------------------- The first version of the `Eclipse S-CORE book <https://eclipse-score.github.io/score/main/handbook/index.html>`_ diff --git a/docs/score_releases/score_releases/score_v0_5_beta.rst b/docs/score_releases/score_releases/score_v0_5_beta.rst new file mode 100644 index 00000000000..2267d8100aa --- /dev/null +++ b/docs/score_releases/score_releases/score_v0_5_beta.rst @@ -0,0 +1,330 @@ +.. + # ******************************************************************************* + # Copyright (c) 2025 Contributors to the Eclipse Foundation + # + # See the NOTICE file(s) distributed with this work for additional + # information regarding copyright ownership. + # + # This program and the accompanying materials are made available under the + # terms of the Apache License Version 2.0 which is available at + # https://www.apache.org/licenses/LICENSE-2.0 + # + # SPDX-License-Identifier: Apache-2.0 + # ******************************************************************************* + +S-Core v0.5-beta release notes +=============================== + +.. document:: S-Core v0.5-beta release note + :id: doc__score_v05_beta_release_note + :status: draft + :safety: ASIL_B + :security: YES + :realizes: wp__platform_sw_release_note + +| **Platform Name**: S-CORE +| **Release Tag**: v0.5.0-beta +| **Origin Release Tag**: v0.5.0-alpha +| **Release Date**: 2025-12-19 + +Overview +^^^^^^^^^ +This is the second milestone build of the **Eclipse S-CORE platform** (v0.5.0-beta). It brings +together the initial set of core modules, reference integrations, and supporting infrastructure needed to +build and run example applications such as the `scrample <https://github.com/eclipse-score/scrample>`_ +demo on multiple target images. The software architecture and implemented modules are illustrated in the diagram below. + +This release of Eclipse S-CORE is an early beta version intended solely for experimentation, test driving project processes, gaining experience in release creation and soliciting feedback. +Please be aware, that features may be incomplete, the software may exhibit instability or unexpected behavior, and breaking changes and alterations in scope are likely as development progresses. + + +.. image:: ../_assets/architecture.drawio.svg + :width: 1000 + :alt: Architecture overview + :align: center + + +| + +Highlights +----------- + +Eclipse S-CORE book +------------------- +The `Eclipse S-CORE book <https://eclipse-score.github.io/score/main/handbook/index.html>`_ +is a “how-to” guide for users getting started with the project or who want to contribute new modules. +It introduces the core concepts of Eclipse S-CORE and walks through building +the ``scrample`` application step by step on top of the platform modules. +It also includes a tutorial for the first application on top of the existing modules. + + +Improvements +^^^^^^^^^^^^^ +Main focus of this release is to improve the overall stability and performance of the platform, as well as to enhance the usability. +This does include + +- Static code analysis with CodeQL MISRA C++ 2023: `release link <https://github.com/eclipse-score/reference_integration/releases/tag/v0.5.0-beta>`. +- Execution of Unit tests as part of the Reference Integration `test_integration workflow <https://github.com/eclipse-score/reference_integration/blob/main/.github/workflows/test_integration.yml>`_. +- Unit-test coverage measurement results are now automatically part of Release Assests for every component: **//TODO:** link to an example. +- A new combined build toolchain of qcc and gcc, see :ref:`bazel-cpp-toolchain <bazel_cpp_toolchain>`. +- Improved doc-as-code and process description +- `bazel_tools_cc <https://github.com/eclipse-score/bazel-tools-cc>`_ introduces a clang-tidy integration into S-CORE bazel infrasturture: + + - Check exhaustive `bazel_tools_cc README <https://github.com/eclipse-score/bazel-tools-cc/blob/main/README.md>`_ and an + `example project <https://github.com/eclipse-score/bazel-tools-cc/tree/main/test>`_ for instructions how to set-up + clang-tidy checks for your module + - In the upcoming releases clang-tidy will be extended with custom S-CORE checks to meet necessary process requirements. +- Platform functionality was extended with :ref:`logging daemon <logging_daemon>`. + + +S-CORE Platform +^^^^^^^^^^^^^^^^^^ + +- **Version:** ``score v0.5.2`` +- **Source / tag:** `S-CORE Platform GitHub release <https://github.com/eclipse-score/score/archive/refs/tags/v0.5.2.tar.gz>`_ +- **Release notes**: `S-CORE Platform release notes <https://github.com/eclipse-score/score/releases/tag/v0.5.2>`_ + + + +Integrated Software Modules +----------------------------- + +Baselibs +~~~~~~~~~~~~~ +Selection of basic C++ utility libraries for common use in the S-CORE project + +- **Version:** ``baselibs v0.2.2`` +- **Source / tag:** `Baselibs GitHub release <https://github.com/eclipse-score/baselibs/archive/refs/tags/v0.2.2.tar.gz>`_ +- **Release notes**: `Baselibs release notes <https://github.com/eclipse-score/baselibs/releases/tag/v0.2.2>`_ + + +Communication +~~~~~~~~~~~~~ +Zero-copy, shared-memory based inter-process communication for minimal-latency intra-ECU messaging. + +- **Version:** ``communication v0.1.2`` +- **Source / tag:** `Communication GitHub release <https://github.com/eclipse-score/communication/archive/refs/tags/v0.1.2.tar.gz>`_ +- **Release notes:** :need:`doc__communication_release_note` + +**Improvements** + +- Enabled various code quality tools +- Extension of the Rust API (expect further extensive work on this API) +- Support explicit setting of application id in configuration (with fallback to PID) + +Fixed Execution Order Framework(FEO) +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +- **Version:** ``feo v0.1.2`` +- **Source / tag:** `Communication GitHub release <https://github.com/eclipse-score/communication/archive/refs/tags/v0.1.2.tar.gz>`_ +- **Stays at v0.5-alpha** + + +Persistency +~~~~~~~~~~~~~ +Ensures long-term storage and retrieval of data and provides a reliable mechanism for +preserving application state and data integrity over time. + +- **Version:** ``persistency v0.2.2`` +- **Source / tag:** `Persistency GitHub release <https://github.com/eclipse-score/persistency/archive/refs/tags/v0.2.2.tar.gz>`_ + +.. _logging_daemon: + +Logging Daemon +~~~~~~~~~~~~~~~~~~ + +**Improvements** + +The Eclipse SCORE Logging module provides a comprehensive logging framework for automotive embedded systems, +featuring remote DLT (Diagnostic Log and Trace) capabilities with +lock-free communication between applications and the datarouter daemon. + +This is the initial open-source release of the logging framework, +consolidating the complete project structure with build system, dependencies, +and tooling for integration into Eclipse SCORE projects. + +The module is designed for Bazel-based builds and provides both the middleware logging +library (score/mw/log) that includes all supported recorders with respective backends and +the datarouter daemon (score/datarouter). The shared memory implementation between the middleware +library and datarouter daemon guarantees Freedom From Interference (FFI), +enabling safe logging from real-time and safety-critical contexts. + +- **Version:** ``logging v0.0.3`` +- **VSource / tag:** `logging release <https://github.com/eclipse-score/logging/archive/refs/tags/v0.0.3.tar.gz>`__ +- **Further reading:**: See below + + - `Logging release notes <https://github.com/eclipse-score/logging/releases/tag/v0.0.3>`__ + - `Logging ReadMe <https://github.com/eclipse-score/logging/tree/main/score/datarouter>`__ + + +Orchestrator +~~~~~~~~~~~~~ + +**Improvements** + +- Support `log` frontend exchange to: `log`, `tracing` or `score-log` (not yet implemented in this release) +- Increased CIT coverage and stability improvements +- Split of kyron into separate repositories: `orchestrator` and `kyron` + +:Version: ``orchestrator v0.0.4`` +:Source / tag: `Orchestrator GitHub release <https://github.com/eclipse-score/orchestrator/releases/tag/v0.0.4>`__ +:Further reading: See below + + - `Orchestrator scope and design <https://github.com/eclipse-score/orchestrator/blob/main/src/orchestration/doc/features.md>`__ + - `Orchestrator examples <https://github.com/eclipse-score/orchestrator/tree/main/src/orchestration/examples>`__ + + +Kyron +~~~~~~~~~~~~~~ + +**Improvements** + +- Support `log` frontend exchange to: `log`, `tracing` or `score-log` (not yet implemented in this release) +- Increased CIT coverage and stability improvements +- Split of kyron into separate repositories: `orchestrator` and `kyron` + +:Version: ``kyron v0.0.3`` +:Source / tag: `Kyron GitHub release <https://github.com/eclipse-score/kyron/releases/tag/v0.0.3>`__ +:Further reading: See below + + - `Kyron scope and design <https://github.com/eclipse-score/kyron/blob/main/src/kyron/doc/features.md>`__ + - `Kyron examples <https://github.com/eclipse-score/kyron/tree/main/src/kyron/examples>`__ + + +Reference integration +~~~~~~~~~~~~~~~~~~~~~~ +Central integration of Eclipse S-CORE modules + +- **Version:** ``reference integration v0.5.0-beta`` +- **Source / tag:** `Reference Integration GitHub release <https://github.com/eclipse-score/reference_integration/releases/tag/v0.5.0-beta>`_ + + +Reference QNX image ++++++++++++++++++++++ +- No changes compared to the previous software version. + +Reference Red Hat AutoSD Linux image (Experimental) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ +- Uses AutoSD's toolchain to build and generate Lola RPMs +- Deploy RPMs into an AutoSD Image + +Pull requests: + +https://github.com/eclipse-score/reference_integration/pull/56 +https://github.com/eclipse-score/inc_os_autosd/pull/16 + + +Reference Elektrobit corbos Linux for Safety Applications Linux image (Experimental) +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ + +**Improvements** + +- New ``fastdev`` base image snapshot and corresponding toolchain which include latest security patches and updates. +- Updated packages avoid misleading errors during image start and shutdown, which could be confusing for users. + +Associated Infrastructure Modules +----------------------------------- + +process_description +~~~~~~~~~~~~~~~~~~~ +Provides a process model establishing organizational rules for developing open source software +in the automotive domain, suitable for safety and security contexts. + +- **Version:** ``process description v1.4.0`` +- **Standards alignment:** + + - ASPICE 4.0 + - ISO 26262 + - ISO 21434 + - ISO PAS 8926 + +- **Release notes**: `process_description release notes <https://github.com/eclipse-score/process_description/releases/tag/v1.4.0>`_ +- **Process maturity overview**: + +.. figure:: ../_assets/score_process_area_overview.drawio.svg + :width: 100% + :align: center + :alt: Process area overview for the **Project** + +For more details please refer to +`Documentation Management Plan <https://eclipse-score.github.io/score/main/platform_management_plan/documentation_management.html>`_, that +provides process workproduct level overview for every software module and process area. + + +docs-as-code +~~~~~~~~~~~~~~ +Tooling for linking and generation of documentation. + +- **Version:** ``docs-as-code v2.2.0`` +- **Source / tag:** `docs-as-code GitHub release <https://github.com/eclipse-score/docs-as-code/releases/tag/v2.2.0>`_ + +tooling +~~~~~~~~~~~~~~ +Tooling for S-CORE development. + +- **Version:** ``tooling v1.0.4`` +- **Source / tag:** `tooling GitHub release <https://github.com/eclipse-score/tooling/releases/tag/v1.0.4>`_ + + +ITF (Integration Testing Framework) +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +- **Improvements** + + - Improved ITF `user documentation <https://github.com/eclipse-score/itf/blob/main/README.md>`_ + +- **Version:** ``itf v0.1.0`` +- **Source / tag:** `ITF GitHub release <https://github.com/eclipse-score/itf/archive/refs/tags/0.1.0.tar.gz>`_ + +Test Scenarios +~~~~~~~~~~~~~~~ +- **Improvements** + + - Refactor tracing subscriber by externalizing it's initialization + - Remove baselibs dependency from C++ scenarios in JSON parsing + +- **Version:** ``Test Scenarios v0.3.1`` +- **Source / tag:** `Test Scenarios GitHub release <https://github.com/eclipse-score/testing_tools/releases/tag/v0.3.1>`_ + +.. _bazel_cpp_toolchain: + +Bazel CPP Toolchain +~~~~~~~~~~~~~~~~~~~~ +- **What is in** + + - support for following platform configurations: *x86_64_linux*, *x86_64_qnx*, *arm64_qnx* + - complete feature flag set for the host toolchain (*x86_64_linux*): *minimal*, *strict*, *all_warnings* + +- **What is not in** + + - feature flag set for the target toolchain (infrastructure is already set-up) + - arm64_linux configuration is missing + +- **Version:** ``bazel_cpp_toolchains v0.1.0`` +- **Source / tag:** `Bazel CPP Toolchain release <https://github.com/eclipse-score/bazel_cpp_toolchains/archive/refs/tags/v0.1.0.tar.gz>`_ +- **Release notes**: `Bazel CPP Toolchain release notes <https://github.com/eclipse-score/bazel_cpp_toolchains/releases/tag/v0.1.0>`_ + +Performed Verification +---------------------- +The following tests were executed as part of this release: + +- All C++ modules built successfully with GCC and QCC toolchains. +- All Rust modules built successfully with the Rust toolchain. +- Each module executed its unit tests. +- Basic integration tests were executed on the reference QNX image in QEMU via the + `release verification <https://github.com/eclipse-score/reference_integration/blob/37aa2fc1409f6907bf5d9f3c2643489bb937f90e/.github/workflows/release_verification.yml#L56>`_ workflow +- for **persistency** and **orchestration** modules, component and feature integration tests were executed using the ``score-test-scenarios`` framework; see + `feature_showcase <https://github.com/eclipse-score/reference_integration/tree/main/feature_showcase>`_ and + `feature_integration_tests <https://github.com/eclipse-score/reference_integration/tree/main/feature_integration_tests>`_ for more details. +- Static code analysis of all dependencies with CodeQL MISRA C++2023 package. The results you can find here: https://github.com/eclipse-score/reference_integration/actions/workflows/codeql-multiple-repo-scan.yml + +Known Issues +---------------------- +- see release notes of every module separately + +Upgrade Instructions +---------------------- +- Increase to newest bazel registry versions: https://github.com/eclipse-score/bazel_registry/tree/main/modules + + +Contact Information +---------------------- +For any questions or support, please contact the *Project lead* or raise an issue/discussion. diff --git a/docs/score_tools/_assets/clippy.drawio.svg b/docs/score_tools/_assets/clippy.drawio.svg new file mode 100644 index 00000000000..d39263047c6 --- /dev/null +++ b/docs/score_tools/_assets/clippy.drawio.svg @@ -0,0 +1,197 @@ +<svg host="65bd71144e" xmlns="http://www.w3.org/2000/svg" style="background: #ffffff; background-color: light-dark(#ffffff, #121212);" xmlns:xlink="http://www.w3.org/1999/xlink" version="1.1" width="641px" height="190px" viewBox="-0.5 -0.5 641 190" content="<mxfile scale="1" border="0"><diagram name="Page-1" id="T3BMX8OljUpALTbiXzM3">7Vndk9IwEP9rmNGHY/pJ4fFAOcfR0RGdU99Cm7YZ06amKVD/epMm6QctdxwHeufIA5PdbDbL7m8/Wkb2ItndUJDF70kA8cgygt3IfjWyrJln8G/BKCXDtieSEVEUSJbZMFboF1RMdS4qUADzjiAjBDOUdZk+SVPosw4PUEq2XbGQ4O6tGYhgj7HyAe5zb1HAYsmdukbDfwNRFOubTUPtrIH/I6KkSNV9I8sOq4/cToDWpeTzGARk22LZr0f2ghLC5CrZLSAWrtVuk+eWB3ZruylM2TEHbsENW34vjaWHIGSzePk2/HJlulLNBuAC6t8xwVzhPEAbvozEUrNCwq/iPga+lJ38LIT18zcQbyBDPmhY+uiKhGzLbeQ0SDLOSNd51lLJ7ZVauzdx9sD95zEpJwX1OeQs48WnImcvH2hKFUtWavzwsGZimewikR/jEJOtHwPKxknBUXwVEL9IqhDNG8R8KBhGqThmcv4GUmEpvsYoSoUqFARC/TxmCVYy1TEoQmlwCoM1xPNa3YJgQvlWSoTOec4o+QE1k+PSmLrmzBfeQhi3+AGE69CrT2j8i/sCkMf1dbnMWsvha6CM9PlvglRFYAkShEUBaNwuN1S+m5ai9eUBDEGBG4e2YayQLbwCdy2WgvUNJAlktOQiatdyVIqVurSoErRtEtq0lUzcSmZnquqIqiFRrbrJI75QqTScVrW5/QxS2GzAopEoNq6kU6+5gOlkOwm4Gql9QH9GicDsIocUhR1Rvw5ow7SN6tMHv49RlpUHIb8H7gZ1AhPbGDG4yqRlW472LkT3wCVK4XQ6BEd7Ys/s4Dyxd8wjYm8OxN41Hx97x+15DAa8uyhSpWPLRXCH2FeRVGNXUd9aO692Kt8qolTEQSfJOqbdoFonoBHU6LYkT5h0pyspxIChTbchPsovs4GceJCjugXJeqZueF6lYQ5+idHuX6kMXrcw6B7Rrgs6f9t1QY+vjwq8dV/gHzKvzL+/EycQFkEenqLWVAu/oEUlZwA+l4op1KckPzziPIVh5qLjSs5BidLoHQxFfK+mZ8KWN3b/3sjhTE5sO3r9rdOChtuOID7ygsKtE2Oe5KXc0q9toqVJkI2qiirb1L6yU0u81S/xdz7a/Pm6r58dj4/PiX490YV3uqvtV334L7jQ/BMQfwJwPr+L1dGPBFWdRlUs1512C5buh1qFNEqdar9G2Fc02Ru4bVPXQq1KQqinqop5/YuOg4F9sJG2nslXPkgrD2WEsqoG8xj0OmPAg+UzKLoiyvOiaqb/H/CfxQN+D3ND3da9ULd1+6/IFiQNUVRQnpAk/Q+YiwCmh44BDB3/Rmg6MP1fajxzvRN7V/etgDGunpGe4IS216uOHNnO3tIso9vS6r8UHtrS9tHSU3SgoV1TCsqWWCYE8sMGm449eE+DK6nx5G45O3nuHLsTr4uY2cy7BzN9eAyi6HjM9EfPs2PG9u4J9bGY2X/vaJnmRTDjeNY5McPJ5h8nKd78q2e//g0=</diagram></mxfile>"> + <defs/> + <rect fill="#ffffff" width="100%" height="100%" x="0" y="0" style="fill: light-dark(rgb(255, 255, 255), rgb(18, 18, 18));"/> + <g> + <g> + <path d="M 184.77 69.98 C 184.77 68.93 185.55 67.91 186.94 67.17 C 188.32 66.42 190.2 66 192.16 66 L 292.61 66 C 294.57 66 296.45 66.42 297.84 67.17 C 299.22 67.91 300 68.93 300 69.98 L 300 101.83 C 281.59 97.63 260.8 97.63 242.39 101.83 C 223.97 106.04 203.19 106.04 184.77 101.83 Z" fill="#deebf7" stroke="#08519c" stroke-miterlimit="10" pointer-events="all" style="fill: light-dark(rgb(222, 235, 247), rgb(27, 38, 48)); stroke: light-dark(rgb(8, 81, 156), rgb(122, 185, 249));"/> + <path d="M 177.39 73.96 C 177.39 71.76 180.69 69.98 184.77 69.98 L 285.23 69.98 C 289.31 69.98 292.61 71.76 292.61 73.96 L 292.61 105.81 C 274.2 101.61 253.41 101.61 235 105.81 C 216.59 110.02 195.8 110.02 177.39 105.81 Z" fill="#deebf7" stroke="#08519c" stroke-miterlimit="10" pointer-events="all" style="fill: light-dark(rgb(222, 235, 247), rgb(27, 38, 48)); stroke: light-dark(rgb(8, 81, 156), rgb(122, 185, 249));"/> + <path d="M 170 77.94 C 170 76.89 170.78 75.88 172.16 75.13 C 173.55 74.38 175.43 73.96 177.39 73.96 L 277.84 73.96 C 279.8 73.96 281.68 74.38 283.06 75.13 C 284.45 75.88 285.23 76.89 285.23 77.94 L 285.23 109.8 C 266.81 105.59 246.03 105.59 227.61 109.8 C 209.2 114 188.41 114 170 109.8 Z" fill="#deebf7" stroke="#08519c" stroke-miterlimit="10" pointer-events="all" style="fill: light-dark(rgb(222, 235, 247), rgb(27, 38, 48)); stroke: light-dark(rgb(8, 81, 156), rgb(122, 185, 249));"/> + </g> + <g> + <g transform="translate(-0.5 -0.5)"> + <switch> + <foreignObject style="overflow: visible; text-align: left;" pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility"> + <div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 1px; height: 1px; padding-top: 90px; margin-left: 235px;"> + <div style="box-sizing: border-box; font-size: 0; text-align: center; color: #000000; "> + <div style="display: inline-block; font-size: 12px; font-family: "Helvetica"; color: light-dark(#000000, #ffffff); line-height: 1.2; pointer-events: all; white-space: nowrap; "> + <div> + <font face="Helvetica"> + Software + </font> + </div> + <div> + <font face="Helvetica"> + sources (Rust) + </font> + </div> + </div> + </div> + </div> + </foreignObject> + <text x="235" y="94" fill="light-dark(#000000, #ffffff)" font-family=""Helvetica"" font-size="12px" text-anchor="middle"> + Software... + </text> + </switch> + </g> + </g> + <g> + <rect x="340" y="66" width="110" height="51" rx="7.65" ry="7.65" fill="#ffff88" stroke="#36393d" pointer-events="all" style="fill: light-dark(rgb(255, 255, 136), rgb(33, 33, 0)); stroke: light-dark(rgb(54, 57, 61), rgb(186, 189, 192));"/> + </g> + <g> + <g transform="translate(-0.5 -0.5)"> + <switch> + <foreignObject style="overflow: visible; text-align: left;" pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility"> + <div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 108px; height: 1px; padding-top: 92px; margin-left: 341px;"> + <div style="box-sizing: border-box; font-size: 0; text-align: center; color: #000000; "> + <div style="display: inline-block; font-size: 12px; font-family: "Helvetica"; color: light-dark(#000000, #ffffff); line-height: 1.2; pointer-events: all; white-space: normal; word-wrap: normal; "> + <font color="#000000" face="Times,serif" style="font-size: 14px; color: light-dark(rgb(0, 0, 0), rgb(237, 237, 237));"> + clippy + </font> + </div> + </div> + </div> + </foreignObject> + <text x="395" y="95" fill="light-dark(#000000, #ffffff)" font-family=""Helvetica"" font-size="12px" text-anchor="middle"> + clippy + </text> + </switch> + </g> + </g> + <g> + <path d="M 72.5 36 L 72.5 59.63" fill="none" stroke="#000000" stroke-miterlimit="10" pointer-events="stroke" style="stroke: light-dark(rgb(0, 0, 0), rgb(255, 255, 255));"/> + <path d="M 72.5 64.88 L 69 57.88 L 72.5 59.63 L 76 57.88 Z" fill="#000000" stroke="#000000" stroke-miterlimit="10" pointer-events="all" style="fill: light-dark(rgb(0, 0, 0), rgb(255, 255, 255)); stroke: light-dark(rgb(0, 0, 0), rgb(255, 255, 255));"/> + </g> + <g> + <path d="M 72.5 36 L 72.5 57.76" fill="none" stroke="#000000" stroke-width="2" stroke-miterlimit="10" pointer-events="stroke" style="stroke: light-dark(rgb(0, 0, 0), rgb(255, 255, 255));"/> + <path d="M 72.5 63.76 L 68.5 55.76 L 72.5 57.76 L 76.5 55.76 Z" fill="#000000" stroke="#000000" stroke-width="2" stroke-miterlimit="10" pointer-events="all" style="fill: light-dark(rgb(0, 0, 0), rgb(255, 255, 255)); stroke: light-dark(rgb(0, 0, 0), rgb(255, 255, 255));"/> + </g> + <g> + <rect x="0" y="0" width="145" height="36" rx="5.4" ry="5.4" fill="#ffff88" stroke="#36393d" pointer-events="all" style="fill: light-dark(rgb(255, 255, 136), rgb(33, 33, 0)); stroke: light-dark(rgb(54, 57, 61), rgb(186, 189, 192));"/> + </g> + <g> + <g transform="translate(-0.5 -0.5)"> + <switch> + <foreignObject style="overflow: visible; text-align: left;" pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility"> + <div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 143px; height: 1px; padding-top: 18px; margin-left: 1px;"> + <div style="box-sizing: border-box; font-size: 0; text-align: center; color: #000000; "> + <div style="display: inline-block; font-size: 12px; font-family: "Helvetica"; color: light-dark(#000000, #ffffff); line-height: 1.2; pointer-events: all; white-space: normal; word-wrap: normal; "> + <font color="#000000" face="Times,serif" style="font-size: 14px; color: light-dark(rgb(0, 0, 0), rgb(237, 237, 237));"> + Bazel + </font> + </div> + </div> + </div> + </foreignObject> + <text x="73" y="22" fill="light-dark(#000000, #ffffff)" font-family=""Helvetica"" font-size="12px" text-anchor="middle"> + Bazel + </text> + </switch> + </g> + </g> + <g> + <path d="M 22.27 69.98 C 22.27 68.93 23.05 67.91 24.44 67.17 C 25.82 66.42 27.7 66 29.66 66 L 130.11 66 C 132.07 66 133.95 66.42 135.34 67.17 C 136.72 67.91 137.5 68.93 137.5 69.98 L 137.5 101.83 C 119.09 97.63 98.3 97.63 79.89 101.83 C 61.47 106.04 40.69 106.04 22.27 101.83 Z" fill="#deebf7" stroke="#08519c" stroke-miterlimit="10" pointer-events="all" style="fill: light-dark(rgb(222, 235, 247), rgb(27, 38, 48)); stroke: light-dark(rgb(8, 81, 156), rgb(122, 185, 249));"/> + <path d="M 14.89 73.96 C 14.89 71.76 18.19 69.98 22.27 69.98 L 122.73 69.98 C 126.81 69.98 130.11 71.76 130.11 73.96 L 130.11 105.81 C 111.7 101.61 90.91 101.61 72.5 105.81 C 54.09 110.02 33.3 110.02 14.89 105.81 Z" fill="#deebf7" stroke="#08519c" stroke-miterlimit="10" pointer-events="all" style="fill: light-dark(rgb(222, 235, 247), rgb(27, 38, 48)); stroke: light-dark(rgb(8, 81, 156), rgb(122, 185, 249));"/> + <path d="M 7.5 77.94 C 7.5 76.89 8.28 75.88 9.66 75.13 C 11.05 74.38 12.93 73.96 14.89 73.96 L 115.34 73.96 C 117.3 73.96 119.18 74.38 120.56 75.13 C 121.95 75.88 122.73 76.89 122.73 77.94 L 122.73 109.8 C 104.31 105.59 83.53 105.59 65.11 109.8 C 46.7 114 25.91 114 7.5 109.8 Z" fill="#deebf7" stroke="#08519c" stroke-miterlimit="10" pointer-events="all" style="fill: light-dark(rgb(222, 235, 247), rgb(27, 38, 48)); stroke: light-dark(rgb(8, 81, 156), rgb(122, 185, 249));"/> + </g> + <g> + <g transform="translate(-0.5 -0.5)"> + <switch> + <foreignObject style="overflow: visible; text-align: left;" pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility"> + <div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 1px; height: 1px; padding-top: 90px; margin-left: 69px;"> + <div style="box-sizing: border-box; font-size: 0; text-align: center; color: #000000; "> + <div style="display: inline-block; font-size: 12px; font-family: "Helvetica"; color: light-dark(#000000, #ffffff); line-height: 1.2; pointer-events: all; white-space: nowrap; "> + <font face="Helvetica"> + BZL files + <br/> + (rules and macros) + </font> + </div> + </div> + </div> + </foreignObject> + <text x="69" y="94" fill="light-dark(#000000, #ffffff)" font-family=""Helvetica"" font-size="12px" text-anchor="middle"> + BZL files... + </text> + </switch> + </g> + </g> + <g> + <path d="M 137.5 90 L 161.76 90" fill="none" stroke="#000000" stroke-width="2" stroke-miterlimit="10" pointer-events="stroke" style="stroke: light-dark(rgb(0, 0, 0), rgb(255, 255, 255));"/> + <path d="M 167.76 90 L 159.76 94 L 161.76 90 L 159.76 86 Z" fill="#000000" stroke="#000000" stroke-width="2" stroke-miterlimit="10" pointer-events="all" style="fill: light-dark(rgb(0, 0, 0), rgb(255, 255, 255)); stroke: light-dark(rgb(0, 0, 0), rgb(255, 255, 255));"/> + </g> + <g> + <path d="M 300 90.93 L 331.76 91.38" fill="none" stroke="#000000" stroke-width="2" stroke-miterlimit="10" pointer-events="stroke" style="stroke: light-dark(rgb(0, 0, 0), rgb(255, 255, 255));"/> + <path d="M 337.76 91.47 L 329.71 95.35 L 331.76 91.38 L 329.82 87.35 Z" fill="#000000" stroke="#000000" stroke-width="2" stroke-miterlimit="10" pointer-events="all" style="fill: light-dark(rgb(0, 0, 0), rgb(255, 255, 255)); stroke: light-dark(rgb(0, 0, 0), rgb(255, 255, 255));"/> + </g> + <g> + <path d="M 450 91.5 L 481.76 91.5" fill="none" stroke="#000000" stroke-width="2" stroke-miterlimit="10" pointer-events="stroke" style="stroke: light-dark(rgb(0, 0, 0), rgb(255, 255, 255));"/> + <path d="M 487.76 91.5 L 479.76 95.5 L 481.76 91.5 L 479.76 87.5 Z" fill="#000000" stroke="#000000" stroke-width="2" stroke-miterlimit="10" pointer-events="all" style="fill: light-dark(rgb(0, 0, 0), rgb(255, 255, 255)); stroke: light-dark(rgb(0, 0, 0), rgb(255, 255, 255));"/> + </g> + <g> + <path d="M 507.05 69.98 C 507.05 68.93 507.94 67.91 509.54 67.17 C 511.14 66.42 513.31 66 515.57 66 L 631.48 66 C 633.74 66 635.91 66.42 637.5 67.17 C 639.1 67.91 640 68.93 640 69.98 L 640 101.83 C 618.75 97.63 594.77 97.63 573.52 101.83 C 552.28 106.04 528.29 106.04 507.05 101.83 Z" fill="#deebf7" stroke="#08519c" stroke-miterlimit="10" pointer-events="all" style="fill: light-dark(rgb(222, 235, 247), rgb(27, 38, 48)); stroke: light-dark(rgb(8, 81, 156), rgb(122, 185, 249));"/> + <path d="M 498.52 73.96 C 498.52 71.76 502.34 69.98 507.05 69.98 L 622.95 69.98 C 627.66 69.98 631.48 71.76 631.48 73.96 L 631.48 105.81 C 610.23 101.61 586.25 101.61 565 105.81 C 543.75 110.02 519.77 110.02 498.52 105.81 Z" fill="#deebf7" stroke="#08519c" stroke-miterlimit="10" pointer-events="all" style="fill: light-dark(rgb(222, 235, 247), rgb(27, 38, 48)); stroke: light-dark(rgb(8, 81, 156), rgb(122, 185, 249));"/> + <path d="M 490 77.94 C 490 76.89 490.9 75.88 492.5 75.13 C 494.09 74.38 496.26 73.96 498.52 73.96 L 614.43 73.96 C 616.69 73.96 618.86 74.38 620.46 75.13 C 622.06 75.88 622.95 76.89 622.95 77.94 L 622.95 109.8 C 601.71 105.59 577.72 105.59 556.48 109.8 C 535.23 114 511.25 114 490 109.8 Z" fill="#deebf7" stroke="#08519c" stroke-miterlimit="10" pointer-events="all" style="fill: light-dark(rgb(222, 235, 247), rgb(27, 38, 48)); stroke: light-dark(rgb(8, 81, 156), rgb(122, 185, 249));"/> + </g> + <g> + <g transform="translate(-0.5 -0.5)"> + <switch> + <foreignObject style="overflow: visible; text-align: left;" pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility"> + <div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 1px; height: 1px; padding-top: 90px; margin-left: 565px;"> + <div style="box-sizing: border-box; font-size: 0; text-align: center; color: #000000; "> + <div style="display: inline-block; font-size: 12px; font-family: "Helvetica"; color: light-dark(#000000, #ffffff); line-height: 1.2; pointer-events: all; white-space: nowrap; "> + <div> + Scan report with + <br/> + detected issues + </div> + </div> + </div> + </div> + </foreignObject> + <text x="565" y="94" fill="light-dark(#000000, #ffffff)" font-family=""Helvetica"" font-size="12px" text-anchor="middle"> + Scan report with... + </text> + </switch> + </g> + </g> + <g> + <path d="M 184.77 143.98 C 184.77 142.93 185.55 141.91 186.94 141.17 C 188.32 140.42 190.2 140 192.16 140 L 292.61 140 C 294.57 140 296.45 140.42 297.84 141.17 C 299.22 141.91 300 142.93 300 143.98 L 300 175.83 C 281.59 171.63 260.8 171.63 242.39 175.83 C 223.97 180.04 203.19 180.04 184.77 175.83 Z" fill="#deebf7" stroke="#08519c" stroke-miterlimit="10" pointer-events="all" style="fill: light-dark(rgb(222, 235, 247), rgb(27, 38, 48)); stroke: light-dark(rgb(8, 81, 156), rgb(122, 185, 249));"/> + <path d="M 177.39 147.96 C 177.39 145.76 180.69 143.98 184.77 143.98 L 285.23 143.98 C 289.31 143.98 292.61 145.76 292.61 147.96 L 292.61 179.81 C 274.2 175.61 253.41 175.61 235 179.81 C 216.59 184.02 195.8 184.02 177.39 179.81 Z" fill="#deebf7" stroke="#08519c" stroke-miterlimit="10" pointer-events="all" style="fill: light-dark(rgb(222, 235, 247), rgb(27, 38, 48)); stroke: light-dark(rgb(8, 81, 156), rgb(122, 185, 249));"/> + <path d="M 170 151.94 C 170 149.75 173.31 147.96 177.39 147.96 L 277.84 147.96 C 281.92 147.96 285.23 149.75 285.23 151.94 L 285.23 183.8 C 266.81 179.59 246.03 179.59 227.61 183.8 C 209.2 188 188.41 188 170 183.8 Z" fill="#deebf7" stroke="#08519c" stroke-miterlimit="10" pointer-events="all" style="fill: light-dark(rgb(222, 235, 247), rgb(27, 38, 48)); stroke: light-dark(rgb(8, 81, 156), rgb(122, 185, 249));"/> + </g> + <g> + <g transform="translate(-0.5 -0.5)"> + <switch> + <foreignObject style="overflow: visible; text-align: left;" pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility"> + <div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 1px; height: 1px; padding-top: 164px; margin-left: 235px;"> + <div style="box-sizing: border-box; font-size: 0; text-align: center; color: #000000; "> + <div style="display: inline-block; font-size: 12px; font-family: "Helvetica"; color: light-dark(#000000, #ffffff); line-height: 1.2; pointer-events: all; white-space: nowrap; "> + Configuration + </div> + </div> + </div> + </foreignObject> + <text x="235" y="168" fill="light-dark(#000000, #ffffff)" font-family=""Helvetica"" font-size="12px" text-anchor="middle"> + Configuration + </text> + </switch> + </g> + </g> + <g> + <path d="M 72.5 108.24 L 72.92 160 Q 73 170 83 170 L 161.76 170" fill="none" stroke="#000000" stroke-width="2" stroke-miterlimit="10" pointer-events="stroke" style="stroke: light-dark(rgb(0, 0, 0), rgb(255, 255, 255));"/> + <path d="M 167.76 170 L 159.76 174 L 161.76 170 L 159.76 166 Z" fill="#000000" stroke="#000000" stroke-width="2" stroke-miterlimit="10" pointer-events="all" style="fill: light-dark(rgb(0, 0, 0), rgb(255, 255, 255)); stroke: light-dark(rgb(0, 0, 0), rgb(255, 255, 255));"/> + </g> + <g> + <path d="M 300 170 L 392 170 Q 402 170 402.07 160 L 402.31 125.08" fill="none" stroke="#000000" stroke-width="2" stroke-miterlimit="10" pointer-events="stroke" style="stroke: light-dark(rgb(0, 0, 0), rgb(255, 255, 255));"/> + <path d="M 402.35 119.08 L 406.3 127.11 L 402.31 125.08 L 398.3 127.05 Z" fill="#000000" stroke="#000000" stroke-width="2" stroke-miterlimit="10" pointer-events="all" style="fill: light-dark(rgb(0, 0, 0), rgb(255, 255, 255)); stroke: light-dark(rgb(0, 0, 0), rgb(255, 255, 255));"/> + </g> + </g> + <switch> + <g requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility"/> + <a transform="translate(0,-5)" xlink:href="https://www.drawio.com/doc/faq/svg-export-text-problems" target="_blank"> + <text text-anchor="middle" font-size="10px" x="50%" y="100%"> + Text is not SVG - cannot display + </text> + </a> + </switch> +</svg> diff --git a/docs/score_tools/_assets/itf.drawio.svg b/docs/score_tools/_assets/itf.drawio.svg new file mode 100644 index 00000000000..822bf100418 --- /dev/null +++ b/docs/score_tools/_assets/itf.drawio.svg @@ -0,0 +1,189 @@ +<svg host="65bd71144e" xmlns="http://www.w3.org/2000/svg" style="background: #ffffff; background-color: light-dark(#ffffff, #121212);" xmlns:xlink="http://www.w3.org/1999/xlink" version="1.1" width="468px" height="231px" viewBox="-0.5 -0.5 468 231" content="<mxfile scale="1" border="0"><diagram name="Page-1" id="T3BMX8OljUpALTbiXzM3">7Vptb9s2EP41BtYPNijJku2PiROnG1asQ9K13ZeBlmiJKCVqFB3b/fUjRVLvshXH7dogBpKIJ/JI3j3P8Y7xyFnG+zsG0+gdDRAZ2SDYj5ybkW27C1v8loKDEjiOqwQhw4ESWaXgHn9FWgi0dIsDlNU6ckoJx2ld6NMkQT6vySBjdFfvtqGkPmsKQ9QS3PuQtKUfccAjJZ27oJS/RTiMzMwW0G/W0P8SMrpN9Hwj29nkH/U6hkaX7p9FMKC7isi5HTlLRilXT/F+iYg0rTGbGrfqeVusm6GEDxnwEd7x1d8HsJphhPgiWv22+TCeKi2PkGyR2YZHhL7rDRVqhT2hr154/27lSq/fIvKIOPZhKcq9Qyir9RPmAPmnKvJC+fcBZVI1Qyll3My3Zua1kYitqEUYcW5FfjCeyzijXwqnWaJLxGOiH4W1U9kv3ocStpMNoTs/goxPAupvY2Ez4YDrXYQ5uk/VHneioxypIAomtltXmfsaSWsC0SJwjch1gYGlNkBCEySV5GtbFlZxwNy1Fr60KyakIg8QWm9mxYjqbgKYRcV0EWX4q7AGLDYoVo2TsN56oGIHN2MLFPaq4kND5hExjvYVkcbLHaIx4uwguui3jqe5rLltaa7vSqJYRhZVSDKdaX5qboaF5hKf4kFD9AlwtdxevAb4sQmgJ0FYDb2nG74TJhNtGEs0JOssPYbJQtwx/2WWhGMZwWzwyxonkB3ePHEpTdL08iLeiqA7NuyQjCzA/ceWEyxxnWNN4keslFwRHCZSFQ4Cqf6H4YpmsD0Vz1Av0hd7Qkx7YAVjTCSmS7OrF/p4smzdNpMHaAO3pDTos1hlTr5DvVkllQM6SDV/PqkcqwUIFIjjUDe1Qyp+RHvMP1WeP+eR0dWtm722eN44VBrvEcNiddLiSpaIlX4qw2re/mwUy0apK28ZZSWQ2m6u4aZ0UR0ddhcIeiE8CB1WLzp6gF5dm6DalUxbqvgXshWWTtMGCEwPn8Asw74S6i5Wmxj6oD2CzoxumQ45tuvoNAuyEOlupp9Ew1EMM0Qgx4/15KkLkvlQsQ94qHRIKU54VtH8XgpKathgXuPGYt5At1LYPdiagq7BxeTKBnpQgzPFDgfRqOB8b9pUEsyEc/lirCLTlehgTdO9itplEtU6FR4Eh4S1lplg0+b8fOvXh9XQnKpOt670qBIcGiiUue983hXQHc9ZOMFloqcNTodPuyN8ukewOjR8mqJgePgswl415ukAeiTqtUPYIGYfzZm+Ld0Hm9D+TibMW81jqG3Xcw64Qb4oitmK2Y+VYBeOvK3oOJ3VeeNaE88CM2duuy4QRfv0WwVLc9wcz9nfH7ioCsdrmIno0598H8+yuSosRVzKE+b0wCOavHnNjH/SzHg2/X6ZsduuLIXvA1ULNpCSO+308Xgy61xTzmk8Kqr339GGG0cpybXucTM1heBVU2ku/auhmct7AF05Ojc4DsX2fYKFcwQ/VncIsn8se74XP5M0CS/huZlTP5Vn7WN50eE60+1ZrvNarvvz9t2HV7cNSKZm7v/mNm/WcS40XCajYvryqsC+8o1RLo54mpzKM1oOLq7H4dqYDhx3vN3IorvSaHAJL3fdMDcTwK6CtzMFnHhgUbs9mAAwOycRfGGAGnitcNYNguHpyQS1Ah23qwDTsmfnsYMS1d5xGvDjph6Vp18i4fW6LqnPh3ztugycAPsrrp+M62qBZrLAHwTrLjgP63bjJqyppwfrQ2/rOq/jziFKO3F7JcpPQhTvRRClWXBeliflLLX/zD+VN6JZfktAdS+/ieHc/gc=</diagram></mxfile>"> + <defs/> + <rect fill="#ffffff" width="100%" height="100%" x="0" y="0" style="fill: light-dark(rgb(255, 255, 255), rgb(18, 18, 18));"/> + <g> + <g> + <path d="M 462 2 C 464.76 2 467 4.24 467 7 L 467 43.13 Q 439 32.55 411 43.13 Q 383 53.7 355 43.13 L 355 7.88 L 355 7 C 355 4.24 357.24 2 360 2 Z" fill="#deebf7" stroke="#08519c" stroke-miterlimit="10" pointer-events="all" style="fill: light-dark(rgb(222, 235, 247), rgb(27, 38, 48)); stroke: light-dark(rgb(8, 81, 156), rgb(122, 185, 249));"/> + </g> + <g> + <g transform="translate(-0.5 -0.5)"> + <switch> + <foreignObject style="overflow: visible; text-align: left;" pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility"> + <div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 112px; height: 1px; padding-top: 21px; margin-left: 355px;"> + <div style="box-sizing: border-box; font-size: 0; text-align: center; color: #000000; "> + <div style="display: inline-block; font-size: 12px; font-family: "Helvetica"; color: light-dark(#000000, #ffffff); line-height: 1.2; pointer-events: all; white-space: normal; word-wrap: normal; "> + <font color="#000000" face="Helvetica" style="color: light-dark(rgb(0, 0, 0), rgb(237, 237, 237));"> + Test report + <br/> + </font> + </div> + </div> + </div> + </foreignObject> + <text x="411" y="24" fill="light-dark(#000000, #ffffff)" font-family=""Helvetica"" font-size="12px" text-anchor="middle"> + Test report + </text> + </switch> + </g> + </g> + <g> + <path d="M 14.77 3.98 C 14.77 2.93 15.55 1.91 16.94 1.17 C 18.32 0.42 20.2 0 22.16 0 L 122.61 0 C 124.57 0 126.45 0.42 127.84 1.17 C 129.22 1.91 130 2.93 130 3.98 L 130 35.83 C 111.59 31.63 90.8 31.63 72.39 35.83 C 53.97 40.04 33.19 40.04 14.77 35.83 Z" fill="#deebf7" stroke="#08519c" stroke-miterlimit="10" pointer-events="all" style="fill: light-dark(rgb(222, 235, 247), rgb(27, 38, 48)); stroke: light-dark(rgb(8, 81, 156), rgb(122, 185, 249));"/> + <path d="M 7.39 7.96 C 7.39 5.76 10.69 3.98 14.77 3.98 L 115.23 3.98 C 119.31 3.98 122.61 5.76 122.61 7.96 L 122.61 39.81 C 104.2 35.61 83.41 35.61 65 39.81 C 46.59 44.02 25.8 44.02 7.39 39.81 Z" fill="#deebf7" stroke="#08519c" stroke-miterlimit="10" pointer-events="all" style="fill: light-dark(rgb(222, 235, 247), rgb(27, 38, 48)); stroke: light-dark(rgb(8, 81, 156), rgb(122, 185, 249));"/> + <path d="M 0 11.94 C 0 10.89 0.78 9.88 2.16 9.13 C 3.55 8.38 5.43 7.96 7.39 7.96 L 107.84 7.96 C 109.8 7.96 111.68 8.38 113.06 9.13 C 114.45 9.88 115.23 10.89 115.23 11.94 L 115.23 43.8 C 96.81 39.59 76.03 39.59 57.61 43.8 C 39.2 48 18.41 48 0 43.8 Z" fill="#deebf7" stroke="#08519c" stroke-miterlimit="10" pointer-events="all" style="fill: light-dark(rgb(222, 235, 247), rgb(27, 38, 48)); stroke: light-dark(rgb(8, 81, 156), rgb(122, 185, 249));"/> + </g> + <g> + <g transform="translate(-0.5 -0.5)"> + <switch> + <foreignObject style="overflow: visible; text-align: left;" pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility"> + <div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 1px; height: 1px; padding-top: 24px; margin-left: 65px;"> + <div style="box-sizing: border-box; font-size: 0; text-align: center; color: #000000; "> + <div style="display: inline-block; font-size: 12px; font-family: "Helvetica"; color: light-dark(#000000, #ffffff); line-height: 1.2; pointer-events: all; white-space: nowrap; "> + <div> + <font face="Helvetica"> + Software + </font> + </div> + <div> + <font face="Helvetica"> + image (binary) + </font> + </div> + </div> + </div> + </div> + </foreignObject> + <text x="65" y="28" fill="light-dark(#000000, #ffffff)" font-family=""Helvetica"" font-size="12px" text-anchor="middle"> + Software... + </text> + </switch> + </g> + </g> + <g> + <path d="M 130 88 L 188 88 Q 198 88 203.11 79.4 L 215.79 58.08" fill="none" stroke="#000000" stroke-width="2" stroke-miterlimit="10" pointer-events="stroke" style="stroke: light-dark(rgb(0, 0, 0), rgb(255, 255, 255));"/> + <path d="M 218.86 52.92 L 218.21 61.84 L 215.79 58.08 L 211.33 57.75 Z" fill="#000000" stroke="#000000" stroke-width="2" stroke-miterlimit="10" pointer-events="all" style="fill: light-dark(rgb(0, 0, 0), rgb(255, 255, 255)); stroke: light-dark(rgb(0, 0, 0), rgb(255, 255, 255));"/> + </g> + <g> + <rect x="190" y="0" width="120" height="51" rx="7.65" ry="7.65" fill="#ffff88" stroke="#36393d" pointer-events="all" style="fill: light-dark(rgb(255, 255, 136), rgb(33, 33, 0)); stroke: light-dark(rgb(54, 57, 61), rgb(186, 189, 192));"/> + </g> + <g> + <g transform="translate(-0.5 -0.5)"> + <switch> + <foreignObject style="overflow: visible; text-align: left;" pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility"> + <div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 118px; height: 1px; padding-top: 26px; margin-left: 191px;"> + <div style="box-sizing: border-box; font-size: 0; text-align: center; color: #000000; "> + <div style="display: inline-block; font-size: 12px; font-family: "Helvetica"; color: light-dark(#000000, #ffffff); line-height: 1.2; pointer-events: all; white-space: normal; word-wrap: normal; "> + <font color="#000000" face="Times,serif" style="font-size: 14px; color: light-dark(rgb(0, 0, 0), rgb(237, 237, 237));"> + ITF + </font> + </div> + </div> + </div> + </foreignObject> + <text x="250" y="29" fill="light-dark(#000000, #ffffff)" font-family=""Helvetica"" font-size="12px" text-anchor="middle"> + ITF + </text> + </switch> + </g> + </g> + <g> + <path d="M 130 24.78 L 181.76 25.4" fill="none" stroke="#000000" stroke-width="2" stroke-miterlimit="10" pointer-events="stroke" style="stroke: light-dark(rgb(0, 0, 0), rgb(255, 255, 255));"/> + <path d="M 187.76 25.47 L 179.72 29.38 L 181.76 25.4 L 179.81 21.38 Z" fill="#000000" stroke="#000000" stroke-width="2" stroke-miterlimit="10" pointer-events="all" style="fill: light-dark(rgb(0, 0, 0), rgb(255, 255, 255)); stroke: light-dark(rgb(0, 0, 0), rgb(255, 255, 255));"/> + </g> + <g> + <path d="M 310 25.5 L 346.76 25.5" fill="none" stroke="#000000" stroke-width="2" stroke-miterlimit="10" pointer-events="stroke" style="stroke: light-dark(rgb(0, 0, 0), rgb(255, 255, 255));"/> + <path d="M 352.76 25.5 L 344.76 29.5 L 346.76 25.5 L 344.76 21.5 Z" fill="#000000" stroke="#000000" stroke-width="2" stroke-miterlimit="10" pointer-events="all" style="fill: light-dark(rgb(0, 0, 0), rgb(255, 255, 255)); stroke: light-dark(rgb(0, 0, 0), rgb(255, 255, 255));"/> + </g> + <g> + <path d="M 14.77 67.98 C 14.77 66.93 15.55 65.91 16.94 65.17 C 18.32 64.42 20.2 64 22.16 64 L 122.61 64 C 124.57 64 126.45 64.42 127.84 65.17 C 129.22 65.91 130 66.93 130 67.98 L 130 99.83 C 111.59 95.63 90.8 95.63 72.39 99.83 C 53.97 104.04 33.19 104.04 14.77 99.83 Z" fill="#deebf7" stroke="#08519c" stroke-miterlimit="10" pointer-events="all" style="fill: light-dark(rgb(222, 235, 247), rgb(27, 38, 48)); stroke: light-dark(rgb(8, 81, 156), rgb(122, 185, 249));"/> + <path d="M 7.39 71.96 C 7.39 69.76 10.69 67.98 14.77 67.98 L 115.23 67.98 C 119.31 67.98 122.61 69.76 122.61 71.96 L 122.61 103.81 C 104.2 99.61 83.41 99.61 65 103.81 C 46.59 108.02 25.8 108.02 7.39 103.81 Z" fill="#deebf7" stroke="#08519c" stroke-miterlimit="10" pointer-events="all" style="fill: light-dark(rgb(222, 235, 247), rgb(27, 38, 48)); stroke: light-dark(rgb(8, 81, 156), rgb(122, 185, 249));"/> + <path d="M 0 75.94 C 0 74.89 0.78 73.88 2.16 73.13 C 3.55 72.38 5.43 71.96 7.39 71.96 L 107.84 71.96 C 109.8 71.96 111.68 72.38 113.06 73.13 C 114.45 73.88 115.23 74.89 115.23 75.94 L 115.23 107.8 C 96.81 103.59 76.03 103.59 57.61 107.8 C 39.2 112 18.41 112 0 107.8 Z" fill="#deebf7" stroke="#08519c" stroke-miterlimit="10" pointer-events="all" style="fill: light-dark(rgb(222, 235, 247), rgb(27, 38, 48)); stroke: light-dark(rgb(8, 81, 156), rgb(122, 185, 249));"/> + </g> + <g> + <g transform="translate(-0.5 -0.5)"> + <switch> + <foreignObject style="overflow: visible; text-align: left;" pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility"> + <div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 1px; height: 1px; padding-top: 88px; margin-left: 65px;"> + <div style="box-sizing: border-box; font-size: 0; text-align: center; color: #000000; "> + <div style="display: inline-block; font-size: 12px; font-family: "Helvetica"; color: light-dark(#000000, #ffffff); line-height: 1.2; pointer-events: all; white-space: nowrap; "> + <div> + Pytest-based + </div> + <div> + test file (python) + </div> + </div> + </div> + </div> + </foreignObject> + <text x="65" y="92" fill="light-dark(#000000, #ffffff)" font-family=""Helvetica"" font-size="12px" text-anchor="middle"> + Pytest-based... + </text> + </switch> + </g> + </g> + <g> + <rect x="163" y="160" width="90" height="70" rx="10.5" ry="10.5" fill="#ffffff" stroke="#000000" pointer-events="all" style="fill: light-dark(#ffffff, var(--ge-dark-color, #121212)); stroke: light-dark(rgb(0, 0, 0), rgb(255, 255, 255));"/> + <image x="186.5" y="166.5" width="42" height="42" xlink:href="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAGgAAAB6CAYAAABTAhYxAAAAAXNSR0IArs4c6QAAIABJREFUeF7lnQmUXGd15/9vqb2qq/dFe0vdktqytXiH2JIBGxsbQwCPCQOO2QKcBAabMOAQJsxMcpxAhmPOgXNmTDIDw0zmHJbMYgZjDh4HbCfYYLzIm7aWWr0vVdW1vHr7Mud+772q6lJ1d20tyUodSd2q/b3f+997v/vd734c/hnczjzxpVtjMevv5k/O3bP/Q9/76RvpkLk30pdt9rumnvvyiY5OYdTSDeQzypnMvPz3Qdv5i113fzvX7Huer9f9swCkn/qKY1s2HMuCYxvsZ74QhpKe/40VSv6H0dse+sH5OuGNfs4lD2jql3/yl5u3CQ/oOrcCkE2wLBO2YSKbs5c0yfw/huP8m8vv/u58oydxI59/yQOSjt6XDUaTyWoF+YBg27BNA45toaAIMBX7N3a4429Hbv3GtzfyxNf73pc0oNd+9MnRvVf1nTAtAfUAcmwbjmnAMIJQncBSUXae4Rzhjy+76+GT9Z7Qdj/vkgY0/+yXftHfzx9pFJBNps+yAJODwnfBCfectB37O7tu/tpfthvAeu93SQNSj33J4YMhMDNWFSTUMnG+gkqA2GtsejmiW3fDMm2ohv1juWB+ZfT2b76w3sltx+OXLKCTj91/9649se9bXJiZrVYBDV5zA9T0y9AlHUU9AkMVl5Qi/1/FaPDLo7d/U2sHjFrvcckCyh79t1OxDnELHXSrgLjOzejevgnFmVfcc2g77g/TQVEPW4YqPi8VzK9sxCD4vAMa/8Enkr0Hrjo5+/LzG3b1nXz0M6FdY0nVEaOuclpUUPe+gzBVGfryJBwHcOgf22VFvzu2A8sEikp4wTADPxadwOfbNQg+r4DoxG2+7ECWswphI3MKct5GOmv8ePboxKdv+XePT7bLTMw+++ffHezX7m0HIIgC+vffgMLEs8wHOZarHh8M6L8MkgcOgK7akLTI8ULWePCaT/3oe60c13kFlDv+8GJQlPvM3AQbJJL3pfGHpWtYnNOP62bg/naYCenon9qRrhg7tlYVFBocQbQzCmnmdaYaBoagkJmrAkPwHMcG5wRg2yZ7bnZR16ZOF99+61effLIZUOcNEMGJhqU+LTPlHmQFIBY92ZSGsZHNWAtLk6n/cd1nH/tcMwd08tHPHNo1lnwegSQcxwsOWjBxfQffDGluAkZh0QXDzJurmBVKsgWQmthn0mMMpo25cQlXf/Efmj7PTb+wkZOXefmrryU6k2N65gSDsBYgeKBUmXeWptL/c2nB+Fwj5o8So10D0VGOC7QMyAn2o2dkBPnxZ5if8YMD35yx+5iaBPZZjkPpJNcEwuZhGQ5Ov5J68ciDTx9q5HxVPnfDARGcjt6hMT39spcLqw8QnQzTMmDqNlKz8vNcvP/Lq5m/Uz+77xPdm4bui0SDY+FEJwrprKMXC0j28uz4mg0S4tsPAsYylMXJkjljARxJhKlJcJOvDgdYAhyQWSMTJ8K2HEgLOZydtY40a97ou28oIBrJ927be8TIvOKpxjVj9SjIB+SaFIrEbCyn5KV8wfr6dfc98VVK43Rv7fmbaEff4URfHwc+TCQ8u+P+VHNLyM4tobMb4AShZrK0MhdXOVC17CgG9h/E8vHnYGlKObr24XiqgU3+xmCKcX2eF0TYwNSxdO7N//6pzmbVs6GAKJIa2jV8r5Z6jfkbF0oLgOjE0B8bCA2NoHPbXvDR/vKx00mqAgR2nwVTN5E6O4mgqCES59n3WC+TwHdsRaI3jtypV3zLBliknLJqmFKq4Pi+SStqmDhV+C83f/Xpj110gAhO/66xe830S+xk0IlrF6Dw5t1IbtkJLTeLUOd2INTn2fzVAcExvOdomD+9CN7KIpoIlAIVP5tdqaDOPddBmT8FNZX2ggFSieD+TofEAgU3UrBgg7M4N9T27ls8vWxf/WdPuS9o4dZ2E0fzL0P7rnrAzr5cSq+0C1CgbwTdO0agZZ6FYzoQO0Yhdl5RPyBmg9ysTHo278iZSS6Z4F2z6wUnLJuNJPr37ET6ledgG0TD+wjbZP6lEg6ZtFJE5wMzdEyelFoKDnymbQU0+cyf/9GmkbFvOdKxFY65HYAQH0L/nitKcJgi0YvowCgQ3gTXnK30Qb6JKymoAhA5d7rJmayTmlrkOqIKwAvse4f6hhmS4tnjXCUcCgSYgljytexrfNWQsugmLWQxnUZLwUHbAVFycvjq3/m+UzwLx5JWZJBbBhQdQP/eK6Gln2bKKY3iAQSSIwgk9wCc2BQgCo+ZmdI0zB6fZb9vP7QPmdd/DbOoM3PmQimbtFqqoefZtg7YIubO5loODtoKiKpmtu6/8jFePQPL1Ji5qEzxtwLICfRh4PKrVsApnzAHDteD+OAwEN7SNCDKNmh5xTF1naN0DgqzMBWqXXDB+KphAqxSjg/Qh2OoCiYntZaDg7YBopH78LVHnhf0aZi65B1MewCpYhib9h2GkX0RprJccrWlk0ZRFYBg5wgCnaOuitjZ9EydF8WtZuKUvApDzrMcG4pzMGW95G+qAwEfTmUgUA3Hsi1k56S2BAdtAURjkd033XJCMJdgG8ssKHCvttYBkaMeuOLaFXDKV7ObBwM5bIoQuU7EBjeDj+5cF5CcSZWgcMqCC8W70eRcpUnzlVOpGgbK8PI8bMrB/d3/OX0235bgoC2AzLnvOQKvwzGWS2mVdgDS7QQza0bu5ZJyCA7nCLBJHT4cOjeOe4LFjmGEe3YCYvwcBRUyBcfU8hxvSrCLi7AU1b2QSubKzQzU42+qVVMJR07nMZvj2xIctAWQPPG3iiPPhR1TdSh73A4FKTaPwT1vBuST0IpuBdQKOP5YhECx8NgzawAim/ZATIwwQJRFUAp5+FAcXYfNPLkbuNaCU8vfVIbQa8Gh91ucl9oWHLQFEIXVW3ePfcvOP4biUgiGFUaiv8N974o6gEaChOToDbDkaZjFM6vCcaHRSfZNquvIxUQ/NCfJoDhKCrauVSQ43ehvBRz/9U0EA+RvuArYtqlhckZvW3DQFkD0JqSikLAYhnWavacumcino+jo6yzlv+oFFN9xHWClYOROrIDDeFdET+5JLvsBFgL7WWR2bdConvJCfgTWOJyayqnyNz5s29Gh53XkFVxcCqIv6KvITD/qQ3cFZNpIzXMIR7oRTVA6fu1cXGzb1YBdhJF9yX0fy00+VsJZTTmVqrBMf9i/BhyWfHXfu3p8U/oMLytQK1Ij5fgXBMExZROWZrFjXJS4tqqoLZkEUpFoz4Qt2TVL1bfMEgfBDiPRGzknm01+KzSwF6GQCc3LeteC41/RvnrKobYHpFI5jKpbK+BeGOXnlMziKmatOoz2xzf+RVd5MRAcS7VgauQP3dlW3eHtZSs03MgcVs2T5t3ZFkDjj3/hT3Ye3P9gcWLtlR160UBeSqK7VwR4nvmpQO9uhCMc1JRbZsb8hKce36z5V7UPx7/yV5ysesyaN1VQPQBdK23jh8++z6lUDoXbpuImgiunw7Mq9+KmGw59lL5fq/VzbQFEX4RFdLnXwkZhbq0LwjVZhgUpIyC+ay+6hjZDXXraveIr4FSatsqAYE04VcrxATJ/5ImoGk6tTHRl2obe4xw4pptwNVSTqbMaEB3L2IduAScGMD0unTQN7cvNrqBoGyDKYg/u3P5A7vjj6wICx7GxDBffju7Ra6BM/4IQt6acVeCsUF2VWatHOb6CGCgPDCwHlkFF9xTm1waUvGYftl02AFY4SRmGJTmdnsp+p9FCx7YBogPIv/6QbadPclp2fRX5FLsP3FqO3KpMWymSqgqnS2bGD3MrIrbSWGydQehqcBzo7vSBLZaUw/yQF1AQHJvq4HR3GmI1QKSqvR94C4RwlAGiZS40NybnNczP5H5cb1F+WwGRinq39D+QeeGJ9VXkPcOIDGL79W9zVWSppXC62u/4QUGl36mM2GgQyjn8iqDAN231mrVqOOyzTDfbzT7fg0O+h5m1dQDFdnRj102HYFIZlgeIpjlsw2BLXlLTuYX0gvqFtWrn2grIV5F89iVOX6p/HVTn1bc6kXiEM5aeWXW8Ux21lcY6VaatOkPg+rzaGelSHo0lVb2JN5vye3opr0jlvezmwfHHXPUAoucOv/tGRLvjNQH59RCZBViGZX1ncnzq87c88PiKZZkbA2j2BFeYnATvXX3ryikUxM47PgRl7rewlcXSDKXvP1aF49dIV6Vw/Ak0P7/mj3X8gIBB8wadbjBSNmtlc0b+pUI5frheqZp1FESfG+oIYe9dN6JyhZ+vIB8Qm3I3DVCpWWom9cL8Gfl+vxKorYBoXmjb3uHHCqefYEUZmmRBWlShSUDQcStjVrslrrwe/TuHocw8XZ5CrvA99WQKWETlDTCr4TAR1KgdKMFhQQAHDl5hSxUc35ytMGt1AKLPHbrpELq394MWMVeauGpA/rIXRzdZBZNkJD/fVkC0oiAcsraoS6e8qhl3kEh1I3JaQzFjQ9CLpUmwSlicwGH0Ax+FsXwMZmHmnDxbZWDgp3HW8jt+6S0rcqciQtA6HwccK2JxS7nABREbiMGQDFAmmrkVloAtT9Qx01bhb5oBxPEcrrjnRhimyHzPagoiQLoWZDbVzOS5ieOZF9sGiArjdx7cr5ICTI1sOC3SLQOiqIn91SxIyyqKyzqCenkuhr5UfN+YNXz4JkEa//kKQJXqqQwMShGUl50uBQUVVZ5USOhmFfwSKQHBWBDRTX2I9SSgFHQIwSA4QURxZgKF6QwM2SxfRG0ARF+ha/8ubLtqMzTVOQeQWnDzTnpRg3R6FrmJHJv6yCPyZNsAUalV32D03uLsb12HugogNilmuqGqLlvIpm1wsmTzmsGSb2MffT8EJwt18XR5utkLmVdLgrqDRXL05Zo1N8Vjw3Z48I4FXgghMjCAcG8nlKU58JwBy9BhyIabDRAERLuTiA5shiEXsXxmEer8onssLSrITx+NffAIOI6Dpeus3kHVHFhywVGm0lzm5CK7oMvDhDYDUsYfcmxpCoY8XzcgipB8ZZGfkrI5xDuT2Pcv70Hh1C/hGIVyUpJKbP25H5tOGs3tuAlKhwpkTRr8kuUqp17ItIV7Y4j0b4KSWoA0tcyg9OzpYlcsZQIIDv2lZCcpx1JMhJJxhHdsQXKwB9npFLTpGSjLBfeCaTBI8IcLpO7Qpj5s/50RZj30uRmkjy8y87rCv1ZMgbRNQVTRs3P/Zd8vTv/CDZPrVFAlIM60YTg2LE3E3rveD6rlNrJz5wCiENgpldl6JTfkT6g2umJlAc8HEO7rR258mvkXQeQhRkUMXTvErlICsRogup+AxYdi6NqzGaGuXkz/8nl2XyuACJYYCUAvUO1DOYm74YAoOIhGnS1qhoKD1gCFk73YcfOdKBz/CVMDJU6pvLa0LoeNVyjR6qnHv6rJdHqrC4RAAE4wjvRLpyGEqdbNgTRfZP4vmAxi+1u3QQwJNQFR+M1U10mrI3iYVLgIgI8PIPPb11oGxAbN7jK98qxu5VxWuxXkBwfa0lMwNap5bg3Q5htvcwJBcNrcr1lE5dc/k89yw6zyijZmr9ndbt02AeJ5EaHufiy+dJyZD2lGgkFXvnfjOQ5iREBiawL9B/tKJo4eDiVDEONBdzZYt2EZYIAorRPv24Tl45NQs1I5vVNnmF09hXFeAc08df8j/du23KmlXij5k2ZNnCPyGHnXPSicfgq2mnJ5lAIED5C3eKpyCaIPiOMDiPT3YeoXryI/SeVU5XmgSkCcQEWkPPggj03XDyG5owNCmNIxlpsENaxzAJEKo1tHsPiPv31jAaLgQLAmoBfSLQOKjR1ig1Ua6NJghKnGX3boL5aqWHZYctoOlUtxiPQP4MQPn4Mue9OlFaohKMxUCe5MLY276EYm8IqP7IOlU/i7OiBLtxFKdkPJGVAmp+vKxZWLUMpF9efVxFFwMLJ/+/flBfeq8iOyZhU0fMd7oWfPQEuPr1hNvdqC3RIgy0a4ZzNO/u9fQyt4KxkIBsehEowPhf2kxziOQdn21i1IDnetC4iCmo5du5mKSuZ1lemGyvLkC2bi/ODAKLhjllYACckha/jIzULuxCOASQFAebn7moAsgfmcU488BzWnnQOlUi0EhqOZXKYgsN/91NBlH7ysLkBCOI5gLIT00dPrZrMvqIKo38HOGy7LqpkX2YG1Cmjg+pvd4GD+WW92tQ5ABl+CQ1U166nFh8IA8fTXVRF1D9l07SA6R7tW9UFk4khBtCSzY+d25F46BoMGuBergig4GNzRd6eePca+eCuA6ITtfOeHIU08BUtZqAsQKzZJDmH8J8+xkqdq31JLLZVQwOCQpeNYZpsKP/bevacuQLzAIbZ5K9LPvXrxAvKDA0tbbhlQdOd+FhwUJ55w0yrsqlxbQboRcRaeOcUZBVKO6/ArfctqaiEwPK0tJgWRH6LfOUBJqeg/0IuOnZ1wzBBL/5P5o9ZkIueWCtPNolpwg+LvANInaGqk9pT3BfVBtKp61xU7HtayL7r5rhYVtP2Wu1kW28ieqQsQ+Tpt2cbcb6ZKYKp9y2pqKYEhf1QBiFQYiAWw9wPvZLUHtF7INlSWN3MMHZauur3kNJUB0rMaCrPyxQmIgoOOhLlFV6ZbBuREBqxth28TlNP/i63krkdBtiFg4YVZFhSwk+w5/Grfsppa3NeU1UPRnpbXIUZE7Hn/HW9sQH5wYEgvucppUUE9V77ViURtTp17js3D1APILHKY/tVkCUyjaiGzxsycbxp5DlpWY4B233X7GxsQ9T7o2xQ/YsknWVjdEiAksOOW90CZehyWkqsLkGMJyJ8tIDeZWRGJNaIWAsMiOK+6mMyjmlERiIgYee873riAqGqnuy/6QEBMAU6+ZUDBzZdjcHQnChNPgPMyBOspyLTimP/VcWbaKiOx1XxLLbW4iuPdKM7LLBAgyiqMvPu2NxYgCgg6e+Kfj0RDo4GgWSrZTc8biIVyCIQLTQcJmw/fBTN/Enp2vC5AlMWWlgPIH5+oGYnV8i211FIJhnwRhc3ykgIxGMbOd7314gdE604TPYmHRCF8OBZVOSp0oEQktVOh8QaVtLKfXADZlAwjt4BYLMem+evNZlvRfmx/060ojv+YTSfUoyBq87Xw4izVKHnBwcpIrF61kIJYQoH+YZEcoCwq4MXQBQdEmfclxSuUDISPlqa8X/nBhwe7hrq+HQgG3xwNaj1s8RPPgxcDzBzwosjm7en/dD/HCxDEEAMHkYNasJGfPolQMFvXhF3y8pvc4GDheZZ4rAeQabpzPDRuaUUtlekfd0zEobggs+MZvuMt511BNJ0xXyi3PXUC4aOx3sRnqPSKIxPW0Rl6UHDMHt7IsMGZD4WUwqAIAlNPSUUBkQFiKXsh6o7gRG9poa5jYWIZtjGHsCOVqnr8PJ3bRTeCrW95nxscaIW6AMEJYPn0Moy84gKqEYnV8i211EJQbE6A535YyF1ckAA+gG1vu54d20aPg2jysFot4Ujowdu/9cz3S6NiGnyzXm4d4tj8sZesKG8IHFW4kEKEoJs+aUBFlW9Mvy/PZiEtTiFkZ0uJVAIk9F2Gvl17oc78rNRKcj0FGU4vsi8fY3Bo3FKvb6mlFo5R88wcy0DwSL+eQfcVw0hu2wRTLcKSqRlg0Z2iCIThUHFjiwNVmmqgsZtvwoKxyDgnBP+0Gso5gLp6QmO2/gpbXr44TZX7AjpiKJuzelTkKagaEv2fzN/S+KsQ1AwLywevfy/s4jj07Km6AAFBSBnLrbJhiU7Xb1RHYvWqheMcN9XDTDUHU7ZYqdOudx85p7jQranWYckKDEWFbVKxigM1p7PQvJFUz7KkGZopTK4HZVVAlQ8UFxVksxF0xAUI4TCz+XyA/FHtYMH3RbUA+fcRqOJywUkO9HN66h8ZLL974ZoKMgUsn14qvfU5YLxIrF61sCwCqdDL3xWmJQQiYfRffWBVQOSTWeWnQWW6NrITeba6rhFAZxeNo+/9zy8cWOscVT/GTFyy0xqz1VM1X2dqNmgJo8hHEO8Mr+2LaqiISpoUmXcER+IoTKfV226t9MqmrGsBMooGpLniinFLs2px829sNo9FcHRbemkJw7e/mVmM6vJcX0GVgCjrIM26FbL1AsoXFWihZMM9FEqATMldWb3WrbjogPoYdPX1MrtcHXL7KqKeBFJBZAUB4VCes9UzJbXQfQ0Dkg3Ii25ttz9uaVYt1YNbNaVBy2vY8pYbmI+pB1B+suCVTq29Pqhywm4pr6Vv/eYLveud45oKSiSMMUuuraDqF5BJsjQTmXQYHd1dbGkFRT3gIkwp9PxIpMg5+ri3PNDtaUD/lJe2N6YgUzWhpuQV45ZakVi1b6lWy8ppBp4Ng5ZeTaNnbASxLZvqAmQpGrJn8nUt4PIBkRXJCeGmVn+7UVzCGKMRfaM3Gr8sZwT0j1wHUVBhKUdLPqXcALx1QFQwqGbdORl/3FIrEqv2LdVq8V9LZATOgaFYyI5nseO2W9wuXXUoSJrJs+CgkZqEdFYxbv7mS8FGzy+zEmx/t+7AqJGrT0G1PiS66x7YuX+ArS6whyuXvrsrBlpTEANUMFeMW5pRC/typXkgIH9WghgOoffANXUDWj6WYvV/9S7gomOfy+jjd/zH50eaB9QpjFLI2+wttvveDQVEU9K6ZLjpGW/c0qha3OwHvdjNZNOQIv16GgPXXIlQR1ddgNTlAsj/lFZ211G4KMk6ZDHecHDgs2AKiie4UUpYNntLjH14QwHxwQ5o+WVW8ekXelRGYrV8S7Va/Kw1vZ58Q/bkMjovvw7R3i2QU9MQBLeuYa0gIXs6xeofSpFbHYAWs80FBysBxe1RdXmiWT5I7ttYQEK4k62WVham3LqDioIPNyPg3uf7lmq1+FDZc2wHyyezSI5djWj/sNfr1C1ZVlITDs/r7p4P3kLfUpitqlh6dd5Vj1+HsA4gk3wcF2wqOFgBKBa1R6lYsNlb8sDHNlRBBCg6tA2FM0fdr1gq+HAjsbXUwjIOXtKN/EF+Iof4zivdZrSspZnbW9vvymhqMopL82B98LxdIimTUDibhpzyzFudgLI5GZvffjjcygZQzMRFw9qounS2WT7ouurj5wWQmlmCRT3k6lQLg+MlVungcmfyiG47iOjgmAunBiBq20zTK6YqQV6cZ/Coz8HS0cmGlp9QlDebaj44WKEgAiQvNG/ieq75gw0FFIhGEB4YhSHloGenwQf8eaCyOkr5Ob/2ms2WllM6+akCwoP7Ed20v9zCeQ1AfjdgPZ/F/DOvwSjKbm/TOhdw5QsqClrw99ZKhNajCKagSEAelRem63l+zef0Xr+xCgrGIwj1eYByyxBDCjNblb6lUi2s1s2rHqWflJYRkyNObNu17gN+j+06AC29egLS6QWYVHbVwAq7pXSx6bFP5UnmFp6+/3Qs5gwX590as2Zu/b/zyQ1VEB8QEO3vh6kHoefzLNoSAwoczoIQErwc3UpV0eidljSC70VsaA/Uour2NG0AUOHsNFJHz8A01JJy6lGQqsrIG6FHbvnrZ97dzPk8B1A0ag9Lc80raPDGjQVEg8JITw8gJBgg8gu02Jf2lTMVGTwkBDto1peDodBSlDAC3QchRjvLfsZWy5DqUNDy9DzSv3ZbpDW6iHg5I8EY7Ous7hrSDCymoEhIHy7M1d8AqfqDNt30qQ1VkN9rNNIZg66GWMVnfOtOWCpVgMqwVJlts0bZ6OS+O2urxHZTRUxJXVvXDBKKqSVn9he/4ljdXIOrvGlQvZBRm0qM1gLoAgqow/nZ5gFtftsfbjggsv/BaAS2E4IlF9Exuo9NS1s0+6kqrDTXVlUkD70PAtVNVKvEA+SYEiwnsVJdFWE29dU+8/+eQUikaM5bztnAMvxcVmlLcFCK4ghQiJeHCzP1Nz+qJr3l1j86L4DI/tPEmi7r6B47yAD5Zo7ma0hJQnIzkiM3rAqIwmhDzUEIbwIfjKwYB5G6xh99HOEwrVH1mmw0qKDFRaktwcE5gHJTzSto2zs+fd4A8SLtDQcXkGGcY+ZsVUPPdR9YExCNc3RpGaHuUfc80CZQag5nf/I4CzpKERs91gAgWS62LTgoAaL2/uGA8XeBsHllQJYFRW581+Mdd37mvAFi61J4DvGtYxBCoZpmLrrz2nP9jGfi/IEojXP0goRw7yhMTcPko4+AD9qwdFqU1VyvnnSq0LbgoASo0ly9/qNP/nUkZt8btXN9xayyorneWhHIzt/9V3UDcvutUSMjty1mXTUJ3m6//hJ8+i6BRA/iW3bUNHNUs9B14HdXBgI1ANFoP3N2FvKpSZAyDVV2BdUEIFq2P59W2hYc1ATk30mVpYJRfDjE61ebcp6jnjpr3Ube99m1AdH2L1kNoewsjEwWwjV3g1PH3QYV3iru9cqu/EGiD5UPhFgCVYzGWTMkWsfjR3OGUkTPgXex+0vpnApAFKXlzp5F/sQ0x4kcIp0Jz6z5neybU9B8zmzL2GfFOGi92Pz4Dz/yNwFB+EiUywqFrAJq2VJ92/X++88BREtTaJFTID3tQgkI0OL9sIIJdB14N2zlDNx9Vd0JvkYB0W5ZQiAIx6S+dDLEYAhiNOjuokUOPrGJNaz1AamFLHITJ1A8dZbN/YSTMZYjpQZ+rLrIa0XWrIKoXYBmc23tmU3fpe5uV0f/+++/IygaDyViwm45tcyZRrkXwd7f+2MGyJLnoS2rEJemYRcKUIUk+I44uHjc65LLsc4dXLgfA4feBmXi/8KipYZNAFqx8putYgywMijqVMUFCJ6IvmvfgfzMSRRPnYSeNxDqpFJlwKSyZr8FprfNQDsAsRIAhbuw29P8/K9uTm4a3fHfIhxuD+opQU4XsPUt1wHjTzEofCIBJT6EcDIKk23R7MChzh20es50AdF93ftuhCjaaKQ2u3pj88pGFn4rGLdHncVWYJs6h2B3JwLQ2dJFv5GcI5fZAAAHzElEQVSfTRvTbhAgAj1fFJqeQa22TnUrqJYp/M1/uuv3ewbCX0vGrYFITwhijHNLfL2e0qV67BqADKGHrW6g+mxTzTds4mq1gqncqtlv5Me6lXiO/3wBKpp82zbZaAlQJTTp6H3ZYNhJ2mauLkBk9zv2HmHdfpXZJy8pQDRruyCLn3/71578+no+fr3H2waIxlN7DiZPGPpi3YD8VQ7y1D/BVubqWgJZGZqvZuKYYrxWmBdCQQSoaAttUVHbANFJYc0thgJ30s5ZzOd4fUpr+SC/NaY4tI/1SJAnn7ikAJEJTqlCS/UIDUVx60nRf1x+5V87PL/E+rDVA4haq2x9678Abchu5KbqWuXth+YXs4IIEA010mJ8eytb1bRVQQSJVoHHAsUj1NKFJtpWi+J8BRGgyOAWtuNjbvznbrvkOjqNXMxBgr+TC11AeUtsKexuO6DiS59zzMIi1FwRctZEICog1hM6J8yuBERgtxy+A5Y8AzV18pIClCs0t6phzVRPveas+nm0nHLbsPNwfnLGDRR0t0GeXHCzD/H+MPvp91egLoakIPo/Fx8s9cxmbVfqbUdW1RKzXBPuKvFCBQmk8IKkQdadlvJzbVXQ4rNfTMUDCz1yRloBiLXyMiw2cFRVHpEkh1BCZM1efUAEiVqS0XIVeea1Nzwg2m0so5otwWlrkECrxMeu7J8rzJ11m8tWKMgH5PZco5S+BYkG9kIYvUNiKZiwhU579x138tKpn8KkpkWVW4+t0xKzMpNwocNsKhopFGxj+zsOJ1opWmwrIAoOknHziJKacOGsA8jtqmuxYkBVFFhDc5rJ7Dz0JifZF+Oks78+74DowrFUCWI00fTWAKZqIZNXDGdzX19bikaa9TfVr1OPfcmhTTF0WWkIkAvKBapYJsJDA7j6wx9E4cyvYMpLdTeVbVZBFKzQyolCtsB8Jh8UEE/Quty4e4gNzKhSU0BaC+R09420ElpXntu2+CDaBXLHDjxYXJxyk6ENKKgSEGutaTm49s8+h+IUdVKc3RhANm3Ia8AopCDleQTjAYR7u9AxSFMQNqZfSaG7O9QQILIEqYzcVjhtM3GUh+MdNWkWcy0DSh7aa+++7WY+e+yxtps4Uzag5XKQChbEIO3r0IXeHUlwArUecJvikpkrLCmw0jKCHcG6FER+NZOWmlokvJ4Fa1lBfg5Oyc2y1vutKuiKT38InJmBsnCiLYAM1WITh4acZueC7x7EwJ4k20OBZTp0k434KwFRdDlzLI3upLtqca3CRbYQLFWAbEZarsOuBatlQFS21dVvD+t52tzcbgmQ2NWBA5/4ONu3wTL1pgFZhgktp0FbdnsrmOHkfM9lQ119WyMhN4os5wlXA6RKJqS5JcTi8VUBkTlOLeQ3DE5bTJx16guOri7CUo2WAW1+183o3dqD4iRFcHW0ZfaL2b29G2iSTppJscpTgqJC/MZ19z3xVf/KpIG0aBf/ortH7vMHzKsBcgwTs+M5JGPURMrd+mZF8bztILMoQRHibZlWWM3UtaQgavC3abP1AMtee/sdNGvi6Aseuv/TLDgwpbmmAOWnJSybgYeu++xjn1vLtpNZdjjr68lE4e3RkBOqZeIIkKYB2bMLSHQlVgBi1UALEjQx2nK2ekN9kD9JZyrU3crdkKJZQJ1XXW5te9NhQTr9aFO5ONqLdnFB//uDf/jTu9Y76MrHaVY40Rn4UjKh72FRtW6xDAcBMkwOy3NFRGgVRZB293J3X8mncyhYsQ2H05KJo9Ksnbsjz5vGomvTWwR0xac+3FKyVElpKMYGhy6/+7tN1TBTJsRMLXwrEu9+TzQi8T4gCiSYijrdwWs+lWt79ehaF1TTJo72DYomxB8mk85hgc8mW/FBQk8X2xaNUjxsv+wmphsWxpfnD9z35FAj6lntuaSqIKTPRkPClfSc3KIMwSqyvKGsh1uaPmj0+zUNqPKDaBeUjjj+ipax0L4/9eTi/FQP/dz8zttYekeZea6pCTsa30zPyg9UBgSNnohaz6cKpo6I+JWwI39AXSwMqoidVzgtmbhaB+S31RR09c4gX4CeL7A0Tq1kaSkXx4Vx+R98CvrM46CB7npdf2vVJBRmChj55ONtudhWA/uzLx4+7O8O3A749b7Hhh2UH9ImRKlPyhThqNRev5zN9gElDoxhy5U3Qjn706ZqEqh328Kc9vyBTz12Vb0H/UZ63oYB8k8CqSoa4h+hOm+7IHFqTmKRkg9o7COfYK2ZjWW3+2KjCtIyCqTI9t2X3fVw492g3gCkNhxQ5Tmg1RMhoXhPwCwMSJM58H2b7d3vfA9PrZlZT9AmAGXmpaWxj/28/w1wrpv6iucVkP8N/dUTUTt/TUBfAhcJge/pZs1iG1EQzb1MTWrrDkybOjMXyYsuCKDKY6fVEwlkP85lpxDsiLFie8TcuZj1ZlSL8zKGP/LYBT+GjWR50Ryc76vE/Ow1ATXFYDld1HqTdhj2OzSW91Cl++bOypdscOBDv2gAVY+r4sWpbyAzwQaeBMtO9npJS3dVnp7X8Mpv821bRbCRKmjlvS9KQNUmMKKlPx5QZtnddtcQ2ykrPVu4pIODi1pBta442liKC5k/5zKz19C+dbIYajgx2sqVfKFee9ErqNaJodV+sWD4n3bd/e3chTpx5+tz/z9f12lM5ZJi3gAAAABJRU5ErkJggg==" preserveAspectRatio="none"/> + </g> + <g> + <g transform="translate(-0.5 -0.5)"> + <switch> + <foreignObject style="overflow: visible; text-align: left;" pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility"> + <div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe flex-end; justify-content: unsafe center; width: 88px; height: 1px; padding-top: 223px; margin-left: 164px;"> + <div style="box-sizing: border-box; font-size: 0; text-align: center; color: #000000; "> + <div style="display: inline-block; font-size: 12px; font-family: "Helvetica"; color: light-dark(#000000, #ffffff); line-height: 1.2; pointer-events: all; font-weight: bold; white-space: normal; word-wrap: normal; "> + hardware + </div> + </div> + </div> + </foreignObject> + <text x="208" y="223" fill="light-dark(#000000, #ffffff)" font-family=""Helvetica"" font-size="12px" text-anchor="middle" font-weight="bold"> + hardware + </text> + </switch> + </g> + </g> + <g> + <rect x="265" y="160" width="90" height="70" rx="10.5" ry="10.5" fill="#ffffff" stroke="#000000" pointer-events="all" style="fill: light-dark(#ffffff, var(--ge-dark-color, #121212)); stroke: light-dark(rgb(0, 0, 0), rgb(255, 255, 255));"/> + <image x="288.5" y="166.5" width="42" height="42" xlink:href="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAGgAAAB6CAYAAABTAhYxAAAAAXNSR0IArs4c6QAAIABJREFUeF7lnQmUXGd15/9vqb2qq/dFe0vdktqytXiH2JIBGxsbQwCPCQOO2QKcBAabMOAQJsxMcpxAhmPOgXNmTDIDw0zmHJbMYgZjDh4HbCfYYLzIm7aWWr0vVdW1vHr7Mud+772q6lJ1d20tyUodSd2q/b3f+997v/vd734c/hnczjzxpVtjMevv5k/O3bP/Q9/76RvpkLk30pdt9rumnvvyiY5OYdTSDeQzypnMvPz3Qdv5i113fzvX7Huer9f9swCkn/qKY1s2HMuCYxvsZ74QhpKe/40VSv6H0dse+sH5OuGNfs4lD2jql3/yl5u3CQ/oOrcCkE2wLBO2YSKbs5c0yfw/huP8m8vv/u58oydxI59/yQOSjt6XDUaTyWoF+YBg27BNA45toaAIMBX7N3a4429Hbv3GtzfyxNf73pc0oNd+9MnRvVf1nTAtAfUAcmwbjmnAMIJQncBSUXae4Rzhjy+76+GT9Z7Qdj/vkgY0/+yXftHfzx9pFJBNps+yAJODwnfBCfectB37O7tu/tpfthvAeu93SQNSj33J4YMhMDNWFSTUMnG+gkqA2GtsejmiW3fDMm2ohv1juWB+ZfT2b76w3sltx+OXLKCTj91/9649se9bXJiZrVYBDV5zA9T0y9AlHUU9AkMVl5Qi/1/FaPDLo7d/U2sHjFrvcckCyh79t1OxDnELHXSrgLjOzejevgnFmVfcc2g77g/TQVEPW4YqPi8VzK9sxCD4vAMa/8Enkr0Hrjo5+/LzG3b1nXz0M6FdY0nVEaOuclpUUPe+gzBVGfryJBwHcOgf22VFvzu2A8sEikp4wTADPxadwOfbNQg+r4DoxG2+7ECWswphI3MKct5GOmv8ePboxKdv+XePT7bLTMw+++ffHezX7m0HIIgC+vffgMLEs8wHOZarHh8M6L8MkgcOgK7akLTI8ULWePCaT/3oe60c13kFlDv+8GJQlPvM3AQbJJL3pfGHpWtYnNOP62bg/naYCenon9qRrhg7tlYVFBocQbQzCmnmdaYaBoagkJmrAkPwHMcG5wRg2yZ7bnZR16ZOF99+61effLIZUOcNEMGJhqU+LTPlHmQFIBY92ZSGsZHNWAtLk6n/cd1nH/tcMwd08tHPHNo1lnwegSQcxwsOWjBxfQffDGluAkZh0QXDzJurmBVKsgWQmthn0mMMpo25cQlXf/Efmj7PTb+wkZOXefmrryU6k2N65gSDsBYgeKBUmXeWptL/c2nB+Fwj5o8So10D0VGOC7QMyAn2o2dkBPnxZ5if8YMD35yx+5iaBPZZjkPpJNcEwuZhGQ5Ov5J68ciDTx9q5HxVPnfDARGcjt6hMT39spcLqw8QnQzTMmDqNlKz8vNcvP/Lq5m/Uz+77xPdm4bui0SDY+FEJwrprKMXC0j28uz4mg0S4tsPAsYylMXJkjljARxJhKlJcJOvDgdYAhyQWSMTJ8K2HEgLOZydtY40a97ou28oIBrJ927be8TIvOKpxjVj9SjIB+SaFIrEbCyn5KV8wfr6dfc98VVK43Rv7fmbaEff4URfHwc+TCQ8u+P+VHNLyM4tobMb4AShZrK0MhdXOVC17CgG9h/E8vHnYGlKObr24XiqgU3+xmCKcX2eF0TYwNSxdO7N//6pzmbVs6GAKJIa2jV8r5Z6jfkbF0oLgOjE0B8bCA2NoHPbXvDR/vKx00mqAgR2nwVTN5E6O4mgqCES59n3WC+TwHdsRaI3jtypV3zLBliknLJqmFKq4Pi+SStqmDhV+C83f/Xpj110gAhO/66xe830S+xk0IlrF6Dw5t1IbtkJLTeLUOd2INTn2fzVAcExvOdomD+9CN7KIpoIlAIVP5tdqaDOPddBmT8FNZX2ggFSieD+TofEAgU3UrBgg7M4N9T27ls8vWxf/WdPuS9o4dZ2E0fzL0P7rnrAzr5cSq+0C1CgbwTdO0agZZ6FYzoQO0Yhdl5RPyBmg9ysTHo278iZSS6Z4F2z6wUnLJuNJPr37ET6ledgG0TD+wjbZP6lEg6ZtFJE5wMzdEyelFoKDnymbQU0+cyf/9GmkbFvOdKxFY65HYAQH0L/nitKcJgi0YvowCgQ3gTXnK30Qb6JKymoAhA5d7rJmayTmlrkOqIKwAvse4f6hhmS4tnjXCUcCgSYgljytexrfNWQsugmLWQxnUZLwUHbAVFycvjq3/m+UzwLx5JWZJBbBhQdQP/eK6Gln2bKKY3iAQSSIwgk9wCc2BQgCo+ZmdI0zB6fZb9vP7QPmdd/DbOoM3PmQimbtFqqoefZtg7YIubO5loODtoKiKpmtu6/8jFePQPL1Ji5qEzxtwLICfRh4PKrVsApnzAHDteD+OAwEN7SNCDKNmh5xTF1naN0DgqzMBWqXXDB+KphAqxSjg/Qh2OoCiYntZaDg7YBopH78LVHnhf0aZi65B1MewCpYhib9h2GkX0RprJccrWlk0ZRFYBg5wgCnaOuitjZ9EydF8WtZuKUvApDzrMcG4pzMGW95G+qAwEfTmUgUA3Hsi1k56S2BAdtAURjkd033XJCMJdgG8ssKHCvttYBkaMeuOLaFXDKV7ObBwM5bIoQuU7EBjeDj+5cF5CcSZWgcMqCC8W70eRcpUnzlVOpGgbK8PI8bMrB/d3/OX0235bgoC2AzLnvOQKvwzGWS2mVdgDS7QQza0bu5ZJyCA7nCLBJHT4cOjeOe4LFjmGEe3YCYvwcBRUyBcfU8hxvSrCLi7AU1b2QSubKzQzU42+qVVMJR07nMZvj2xIctAWQPPG3iiPPhR1TdSh73A4FKTaPwT1vBuST0IpuBdQKOP5YhECx8NgzawAim/ZATIwwQJRFUAp5+FAcXYfNPLkbuNaCU8vfVIbQa8Gh91ucl9oWHLQFEIXVW3ePfcvOP4biUgiGFUaiv8N974o6gEaChOToDbDkaZjFM6vCcaHRSfZNquvIxUQ/NCfJoDhKCrauVSQ43ehvBRz/9U0EA+RvuArYtqlhckZvW3DQFkD0JqSikLAYhnWavacumcino+jo6yzlv+oFFN9xHWClYOROrIDDeFdET+5JLvsBFgL7WWR2bdConvJCfgTWOJyayqnyNz5s29Gh53XkFVxcCqIv6KvITD/qQ3cFZNpIzXMIR7oRTVA6fu1cXGzb1YBdhJF9yX0fy00+VsJZTTmVqrBMf9i/BhyWfHXfu3p8U/oMLytQK1Ij5fgXBMExZROWZrFjXJS4tqqoLZkEUpFoz4Qt2TVL1bfMEgfBDiPRGzknm01+KzSwF6GQCc3LeteC41/RvnrKobYHpFI5jKpbK+BeGOXnlMziKmatOoz2xzf+RVd5MRAcS7VgauQP3dlW3eHtZSs03MgcVs2T5t3ZFkDjj3/hT3Ye3P9gcWLtlR160UBeSqK7VwR4nvmpQO9uhCMc1JRbZsb8hKce36z5V7UPx7/yV5ysesyaN1VQPQBdK23jh8++z6lUDoXbpuImgiunw7Mq9+KmGw59lL5fq/VzbQFEX4RFdLnXwkZhbq0LwjVZhgUpIyC+ay+6hjZDXXraveIr4FSatsqAYE04VcrxATJ/5ImoGk6tTHRl2obe4xw4pptwNVSTqbMaEB3L2IduAScGMD0unTQN7cvNrqBoGyDKYg/u3P5A7vjj6wICx7GxDBffju7Ra6BM/4IQt6acVeCsUF2VWatHOb6CGCgPDCwHlkFF9xTm1waUvGYftl02AFY4SRmGJTmdnsp+p9FCx7YBogPIv/6QbadPclp2fRX5FLsP3FqO3KpMWymSqgqnS2bGD3MrIrbSWGydQehqcBzo7vSBLZaUw/yQF1AQHJvq4HR3GmI1QKSqvR94C4RwlAGiZS40NybnNczP5H5cb1F+WwGRinq39D+QeeGJ9VXkPcOIDGL79W9zVWSppXC62u/4QUGl36mM2GgQyjn8iqDAN231mrVqOOyzTDfbzT7fg0O+h5m1dQDFdnRj102HYFIZlgeIpjlsw2BLXlLTuYX0gvqFtWrn2grIV5F89iVOX6p/HVTn1bc6kXiEM5aeWXW8Ux21lcY6VaatOkPg+rzaGelSHo0lVb2JN5vye3opr0jlvezmwfHHXPUAoucOv/tGRLvjNQH59RCZBViGZX1ncnzq87c88PiKZZkbA2j2BFeYnATvXX3ryikUxM47PgRl7rewlcXSDKXvP1aF49dIV6Vw/Ak0P7/mj3X8gIBB8wadbjBSNmtlc0b+pUI5frheqZp1FESfG+oIYe9dN6JyhZ+vIB8Qm3I3DVCpWWom9cL8Gfl+vxKorYBoXmjb3uHHCqefYEUZmmRBWlShSUDQcStjVrslrrwe/TuHocw8XZ5CrvA99WQKWETlDTCr4TAR1KgdKMFhQQAHDl5hSxUc35ytMGt1AKLPHbrpELq394MWMVeauGpA/rIXRzdZBZNkJD/fVkC0oiAcsraoS6e8qhl3kEh1I3JaQzFjQ9CLpUmwSlicwGH0Ax+FsXwMZmHmnDxbZWDgp3HW8jt+6S0rcqciQtA6HwccK2JxS7nABREbiMGQDFAmmrkVloAtT9Qx01bhb5oBxPEcrrjnRhimyHzPagoiQLoWZDbVzOS5ieOZF9sGiArjdx7cr5ICTI1sOC3SLQOiqIn91SxIyyqKyzqCenkuhr5UfN+YNXz4JkEa//kKQJXqqQwMShGUl50uBQUVVZ5USOhmFfwSKQHBWBDRTX2I9SSgFHQIwSA4QURxZgKF6QwM2SxfRG0ARF+ha/8ubLtqMzTVOQeQWnDzTnpRg3R6FrmJHJv6yCPyZNsAUalV32D03uLsb12HugogNilmuqGqLlvIpm1wsmTzmsGSb2MffT8EJwt18XR5utkLmVdLgrqDRXL05Zo1N8Vjw3Z48I4FXgghMjCAcG8nlKU58JwBy9BhyIabDRAERLuTiA5shiEXsXxmEer8onssLSrITx+NffAIOI6Dpeus3kHVHFhywVGm0lzm5CK7oMvDhDYDUsYfcmxpCoY8XzcgipB8ZZGfkrI5xDuT2Pcv70Hh1C/hGIVyUpJKbP25H5tOGs3tuAlKhwpkTRr8kuUqp17ItIV7Y4j0b4KSWoA0tcyg9OzpYlcsZQIIDv2lZCcpx1JMhJJxhHdsQXKwB9npFLTpGSjLBfeCaTBI8IcLpO7Qpj5s/50RZj30uRmkjy8y87rCv1ZMgbRNQVTRs3P/Zd8vTv/CDZPrVFAlIM60YTg2LE3E3rveD6rlNrJz5wCiENgpldl6JTfkT6g2umJlAc8HEO7rR258mvkXQeQhRkUMXTvErlICsRogup+AxYdi6NqzGaGuXkz/8nl2XyuACJYYCUAvUO1DOYm74YAoOIhGnS1qhoKD1gCFk73YcfOdKBz/CVMDJU6pvLa0LoeNVyjR6qnHv6rJdHqrC4RAAE4wjvRLpyGEqdbNgTRfZP4vmAxi+1u3QQwJNQFR+M1U10mrI3iYVLgIgI8PIPPb11oGxAbN7jK98qxu5VxWuxXkBwfa0lMwNap5bg3Q5htvcwJBcNrcr1lE5dc/k89yw6zyijZmr9ndbt02AeJ5EaHufiy+dJyZD2lGgkFXvnfjOQ5iREBiawL9B/tKJo4eDiVDEONBdzZYt2EZYIAorRPv24Tl45NQs1I5vVNnmF09hXFeAc08df8j/du23KmlXij5k2ZNnCPyGHnXPSicfgq2mnJ5lAIED5C3eKpyCaIPiOMDiPT3YeoXryI/SeVU5XmgSkCcQEWkPPggj03XDyG5owNCmNIxlpsENaxzAJEKo1tHsPiPv31jAaLgQLAmoBfSLQOKjR1ig1Ua6NJghKnGX3boL5aqWHZYctoOlUtxiPQP4MQPn4Mue9OlFaohKMxUCe5MLY276EYm8IqP7IOlU/i7OiBLtxFKdkPJGVAmp+vKxZWLUMpF9efVxFFwMLJ/+/flBfeq8iOyZhU0fMd7oWfPQEuPr1hNvdqC3RIgy0a4ZzNO/u9fQyt4KxkIBsehEowPhf2kxziOQdn21i1IDnetC4iCmo5du5mKSuZ1lemGyvLkC2bi/ODAKLhjllYACckha/jIzULuxCOASQFAebn7moAsgfmcU488BzWnnQOlUi0EhqOZXKYgsN/91NBlH7ysLkBCOI5gLIT00dPrZrMvqIKo38HOGy7LqpkX2YG1Cmjg+pvd4GD+WW92tQ5ABl+CQ1U166nFh8IA8fTXVRF1D9l07SA6R7tW9UFk4khBtCSzY+d25F46BoMGuBergig4GNzRd6eePca+eCuA6ITtfOeHIU08BUtZqAsQKzZJDmH8J8+xkqdq31JLLZVQwOCQpeNYZpsKP/bevacuQLzAIbZ5K9LPvXrxAvKDA0tbbhlQdOd+FhwUJ55w0yrsqlxbQboRcRaeOcUZBVKO6/ArfctqaiEwPK0tJgWRH6LfOUBJqeg/0IuOnZ1wzBBL/5P5o9ZkIueWCtPNolpwg+LvANInaGqk9pT3BfVBtKp61xU7HtayL7r5rhYVtP2Wu1kW28ieqQsQ+Tpt2cbcb6ZKYKp9y2pqKYEhf1QBiFQYiAWw9wPvZLUHtF7INlSWN3MMHZauur3kNJUB0rMaCrPyxQmIgoOOhLlFV6ZbBuREBqxth28TlNP/i63krkdBtiFg4YVZFhSwk+w5/Grfsppa3NeU1UPRnpbXIUZE7Hn/HW9sQH5wYEgvucppUUE9V77ViURtTp17js3D1APILHKY/tVkCUyjaiGzxsycbxp5DlpWY4B233X7GxsQ9T7o2xQ/YsknWVjdEiAksOOW90CZehyWkqsLkGMJyJ8tIDeZWRGJNaIWAsMiOK+6mMyjmlERiIgYee873riAqGqnuy/6QEBMAU6+ZUDBzZdjcHQnChNPgPMyBOspyLTimP/VcWbaKiOx1XxLLbW4iuPdKM7LLBAgyiqMvPu2NxYgCgg6e+Kfj0RDo4GgWSrZTc8biIVyCIQLTQcJmw/fBTN/Enp2vC5AlMWWlgPIH5+oGYnV8i211FIJhnwRhc3ykgIxGMbOd7314gdE604TPYmHRCF8OBZVOSp0oEQktVOh8QaVtLKfXADZlAwjt4BYLMem+evNZlvRfmx/060ojv+YTSfUoyBq87Xw4izVKHnBwcpIrF61kIJYQoH+YZEcoCwq4MXQBQdEmfclxSuUDISPlqa8X/nBhwe7hrq+HQgG3xwNaj1s8RPPgxcDzBzwosjm7en/dD/HCxDEEAMHkYNasJGfPolQMFvXhF3y8pvc4GDheZZ4rAeQabpzPDRuaUUtlekfd0zEobggs+MZvuMt511BNJ0xXyi3PXUC4aOx3sRnqPSKIxPW0Rl6UHDMHt7IsMGZD4WUwqAIAlNPSUUBkQFiKXsh6o7gRG9poa5jYWIZtjGHsCOVqnr8PJ3bRTeCrW95nxscaIW6AMEJYPn0Moy84gKqEYnV8i211EJQbE6A535YyF1ckAA+gG1vu54d20aPg2jysFot4Ujowdu/9cz3S6NiGnyzXm4d4tj8sZesKG8IHFW4kEKEoJs+aUBFlW9Mvy/PZiEtTiFkZ0uJVAIk9F2Gvl17oc78rNRKcj0FGU4vsi8fY3Bo3FKvb6mlFo5R88wcy0DwSL+eQfcVw0hu2wRTLcKSqRlg0Z2iCIThUHFjiwNVmmqgsZtvwoKxyDgnBP+0Gso5gLp6QmO2/gpbXr44TZX7AjpiKJuzelTkKagaEv2fzN/S+KsQ1AwLywevfy/s4jj07Km6AAFBSBnLrbJhiU7Xb1RHYvWqheMcN9XDTDUHU7ZYqdOudx85p7jQranWYckKDEWFbVKxigM1p7PQvJFUz7KkGZopTK4HZVVAlQ8UFxVksxF0xAUI4TCz+XyA/FHtYMH3RbUA+fcRqOJywUkO9HN66h8ZLL974ZoKMgUsn14qvfU5YLxIrF61sCwCqdDL3xWmJQQiYfRffWBVQOSTWeWnQWW6NrITeba6rhFAZxeNo+/9zy8cWOscVT/GTFyy0xqz1VM1X2dqNmgJo8hHEO8Mr+2LaqiISpoUmXcER+IoTKfV226t9MqmrGsBMooGpLniinFLs2px829sNo9FcHRbemkJw7e/mVmM6vJcX0GVgCjrIM26FbL1AsoXFWihZMM9FEqATMldWb3WrbjogPoYdPX1MrtcHXL7KqKeBFJBZAUB4VCes9UzJbXQfQ0Dkg3Ii25ttz9uaVYt1YNbNaVBy2vY8pYbmI+pB1B+suCVTq29Pqhywm4pr6Vv/eYLveud45oKSiSMMUuuraDqF5BJsjQTmXQYHd1dbGkFRT3gIkwp9PxIpMg5+ri3PNDtaUD/lJe2N6YgUzWhpuQV45ZakVi1b6lWy8ppBp4Ng5ZeTaNnbASxLZvqAmQpGrJn8nUt4PIBkRXJCeGmVn+7UVzCGKMRfaM3Gr8sZwT0j1wHUVBhKUdLPqXcALx1QFQwqGbdORl/3FIrEqv2LdVq8V9LZATOgaFYyI5nseO2W9wuXXUoSJrJs+CgkZqEdFYxbv7mS8FGzy+zEmx/t+7AqJGrT0G1PiS66x7YuX+ArS6whyuXvrsrBlpTEANUMFeMW5pRC/typXkgIH9WghgOoffANXUDWj6WYvV/9S7gomOfy+jjd/zH50eaB9QpjFLI2+wttvveDQVEU9K6ZLjpGW/c0qha3OwHvdjNZNOQIv16GgPXXIlQR1ddgNTlAsj/lFZ211G4KMk6ZDHecHDgs2AKiie4UUpYNntLjH14QwHxwQ5o+WVW8ekXelRGYrV8S7Va/Kw1vZ58Q/bkMjovvw7R3i2QU9MQBLeuYa0gIXs6xeofSpFbHYAWs80FBysBxe1RdXmiWT5I7ttYQEK4k62WVham3LqDioIPNyPg3uf7lmq1+FDZc2wHyyezSI5djWj/sNfr1C1ZVlITDs/r7p4P3kLfUpitqlh6dd5Vj1+HsA4gk3wcF2wqOFgBKBa1R6lYsNlb8sDHNlRBBCg6tA2FM0fdr1gq+HAjsbXUwjIOXtKN/EF+Iof4zivdZrSspZnbW9vvymhqMopL82B98LxdIimTUDibhpzyzFudgLI5GZvffjjcygZQzMRFw9qounS2WT7ouurj5wWQmlmCRT3k6lQLg+MlVungcmfyiG47iOjgmAunBiBq20zTK6YqQV6cZ/Coz8HS0cmGlp9QlDebaj44WKEgAiQvNG/ieq75gw0FFIhGEB4YhSHloGenwQf8eaCyOkr5Ob/2ms2WllM6+akCwoP7Ed20v9zCeQ1AfjdgPZ/F/DOvwSjKbm/TOhdw5QsqClrw99ZKhNajCKagSEAelRem63l+zef0Xr+xCgrGIwj1eYByyxBDCjNblb6lUi2s1s2rHqWflJYRkyNObNu17gN+j+06AC29egLS6QWYVHbVwAq7pXSx6bFP5UnmFp6+/3Qs5gwX590as2Zu/b/zyQ1VEB8QEO3vh6kHoefzLNoSAwoczoIQErwc3UpV0eidljSC70VsaA/Uour2NG0AUOHsNFJHz8A01JJy6lGQqsrIG6FHbvnrZ97dzPk8B1A0ag9Lc80raPDGjQVEg8JITw8gJBgg8gu02Jf2lTMVGTwkBDto1peDodBSlDAC3QchRjvLfsZWy5DqUNDy9DzSv3ZbpDW6iHg5I8EY7Ous7hrSDCymoEhIHy7M1d8AqfqDNt30qQ1VkN9rNNIZg66GWMVnfOtOWCpVgMqwVJlts0bZ6OS+O2urxHZTRUxJXVvXDBKKqSVn9he/4ljdXIOrvGlQvZBRm0qM1gLoAgqow/nZ5gFtftsfbjggsv/BaAS2E4IlF9Exuo9NS1s0+6kqrDTXVlUkD70PAtVNVKvEA+SYEiwnsVJdFWE29dU+8/+eQUikaM5bztnAMvxcVmlLcFCK4ghQiJeHCzP1Nz+qJr3l1j86L4DI/tPEmi7r6B47yAD5Zo7ma0hJQnIzkiM3rAqIwmhDzUEIbwIfjKwYB5G6xh99HOEwrVH1mmw0qKDFRaktwcE5gHJTzSto2zs+fd4A8SLtDQcXkGGcY+ZsVUPPdR9YExCNc3RpGaHuUfc80CZQag5nf/I4CzpKERs91gAgWS62LTgoAaL2/uGA8XeBsHllQJYFRW581+Mdd37mvAFi61J4DvGtYxBCoZpmLrrz2nP9jGfi/IEojXP0goRw7yhMTcPko4+AD9qwdFqU1VyvnnSq0LbgoASo0ly9/qNP/nUkZt8btXN9xayyorneWhHIzt/9V3UDcvutUSMjty1mXTUJ3m6//hJ8+i6BRA/iW3bUNHNUs9B14HdXBgI1ANFoP3N2FvKpSZAyDVV2BdUEIFq2P59W2hYc1ATk30mVpYJRfDjE61ebcp6jnjpr3Ube99m1AdH2L1kNoewsjEwWwjV3g1PH3QYV3iru9cqu/EGiD5UPhFgCVYzGWTMkWsfjR3OGUkTPgXex+0vpnApAFKXlzp5F/sQ0x4kcIp0Jz6z5neybU9B8zmzL2GfFOGi92Pz4Dz/yNwFB+EiUywqFrAJq2VJ92/X++88BREtTaJFTID3tQgkI0OL9sIIJdB14N2zlDNx9Vd0JvkYB0W5ZQiAIx6S+dDLEYAhiNOjuokUOPrGJNaz1AamFLHITJ1A8dZbN/YSTMZYjpQZ+rLrIa0XWrIKoXYBmc23tmU3fpe5uV0f/+++/IygaDyViwm45tcyZRrkXwd7f+2MGyJLnoS2rEJemYRcKUIUk+I44uHjc65LLsc4dXLgfA4feBmXi/8KipYZNAFqx8putYgywMijqVMUFCJ6IvmvfgfzMSRRPnYSeNxDqpFJlwKSyZr8FprfNQDsAsRIAhbuw29P8/K9uTm4a3fHfIhxuD+opQU4XsPUt1wHjTzEofCIBJT6EcDIKk23R7MChzh20es50AdF93ftuhCjaaKQ2u3pj88pGFn4rGLdHncVWYJs6h2B3JwLQ2dJFv5GcI5fZAAAHzElEQVSfTRvTbhAgAj1fFJqeQa22TnUrqJYp/M1/uuv3ewbCX0vGrYFITwhijHNLfL2e0qV67BqADKGHrW6g+mxTzTds4mq1gqncqtlv5Me6lXiO/3wBKpp82zbZaAlQJTTp6H3ZYNhJ2mauLkBk9zv2HmHdfpXZJy8pQDRruyCLn3/71578+no+fr3H2waIxlN7DiZPGPpi3YD8VQ7y1D/BVubqWgJZGZqvZuKYYrxWmBdCQQSoaAttUVHbANFJYc0thgJ30s5ZzOd4fUpr+SC/NaY4tI/1SJAnn7ikAJEJTqlCS/UIDUVx60nRf1x+5V87PL/E+rDVA4haq2x9678Abchu5KbqWuXth+YXs4IIEA010mJ8eytb1bRVQQSJVoHHAsUj1NKFJtpWi+J8BRGgyOAWtuNjbvznbrvkOjqNXMxBgr+TC11AeUtsKexuO6DiS59zzMIi1FwRctZEICog1hM6J8yuBERgtxy+A5Y8AzV18pIClCs0t6phzVRPveas+nm0nHLbsPNwfnLGDRR0t0GeXHCzD/H+MPvp91egLoakIPo/Fx8s9cxmbVfqbUdW1RKzXBPuKvFCBQmk8IKkQdadlvJzbVXQ4rNfTMUDCz1yRloBiLXyMiw2cFRVHpEkh1BCZM1efUAEiVqS0XIVeea1Nzwg2m0so5otwWlrkECrxMeu7J8rzJ11m8tWKMgH5PZco5S+BYkG9kIYvUNiKZiwhU579x138tKpn8KkpkWVW4+t0xKzMpNwocNsKhopFGxj+zsOJ1opWmwrIAoOknHziJKacOGsA8jtqmuxYkBVFFhDc5rJ7Dz0JifZF+Oks78+74DowrFUCWI00fTWAKZqIZNXDGdzX19bikaa9TfVr1OPfcmhTTF0WWkIkAvKBapYJsJDA7j6wx9E4cyvYMpLdTeVbVZBFKzQyolCtsB8Jh8UEE/Quty4e4gNzKhSU0BaC+R09420ElpXntu2+CDaBXLHDjxYXJxyk6ENKKgSEGutaTm49s8+h+IUdVKc3RhANm3Ia8AopCDleQTjAYR7u9AxSFMQNqZfSaG7O9QQILIEqYzcVjhtM3GUh+MdNWkWcy0DSh7aa+++7WY+e+yxtps4Uzag5XKQChbEIO3r0IXeHUlwArUecJvikpkrLCmw0jKCHcG6FER+NZOWmlokvJ4Fa1lBfg5Oyc2y1vutKuiKT38InJmBsnCiLYAM1WITh4acZueC7x7EwJ4k20OBZTp0k434KwFRdDlzLI3upLtqca3CRbYQLFWAbEZarsOuBatlQFS21dVvD+t52tzcbgmQ2NWBA5/4ONu3wTL1pgFZhgktp0FbdnsrmOHkfM9lQ119WyMhN4os5wlXA6RKJqS5JcTi8VUBkTlOLeQ3DE5bTJx16guOri7CUo2WAW1+183o3dqD4iRFcHW0ZfaL2b29G2iSTppJscpTgqJC/MZ19z3xVf/KpIG0aBf/ortH7vMHzKsBcgwTs+M5JGPURMrd+mZF8bztILMoQRHibZlWWM3UtaQgavC3abP1AMtee/sdNGvi6Aseuv/TLDgwpbmmAOWnJSybgYeu++xjn1vLtpNZdjjr68lE4e3RkBOqZeIIkKYB2bMLSHQlVgBi1UALEjQx2nK2ekN9kD9JZyrU3crdkKJZQJ1XXW5te9NhQTr9aFO5ONqLdnFB//uDf/jTu9Y76MrHaVY40Rn4UjKh72FRtW6xDAcBMkwOy3NFRGgVRZB293J3X8mncyhYsQ2H05KJo9Ksnbsjz5vGomvTWwR0xac+3FKyVElpKMYGhy6/+7tN1TBTJsRMLXwrEu9+TzQi8T4gCiSYijrdwWs+lWt79ehaF1TTJo72DYomxB8mk85hgc8mW/FBQk8X2xaNUjxsv+wmphsWxpfnD9z35FAj6lntuaSqIKTPRkPClfSc3KIMwSqyvKGsh1uaPmj0+zUNqPKDaBeUjjj+ipax0L4/9eTi/FQP/dz8zttYekeZea6pCTsa30zPyg9UBgSNnohaz6cKpo6I+JWwI39AXSwMqoidVzgtmbhaB+S31RR09c4gX4CeL7A0Tq1kaSkXx4Vx+R98CvrM46CB7npdf2vVJBRmChj55ONtudhWA/uzLx4+7O8O3A749b7Hhh2UH9ImRKlPyhThqNRev5zN9gElDoxhy5U3Qjn706ZqEqh328Kc9vyBTz12Vb0H/UZ63oYB8k8CqSoa4h+hOm+7IHFqTmKRkg9o7COfYK2ZjWW3+2KjCtIyCqTI9t2X3fVw492g3gCkNhxQ5Tmg1RMhoXhPwCwMSJM58H2b7d3vfA9PrZlZT9AmAGXmpaWxj/28/w1wrpv6iucVkP8N/dUTUTt/TUBfAhcJge/pZs1iG1EQzb1MTWrrDkybOjMXyYsuCKDKY6fVEwlkP85lpxDsiLFie8TcuZj1ZlSL8zKGP/LYBT+GjWR50Ryc76vE/Ow1ATXFYDld1HqTdhj2OzSW91Cl++bOypdscOBDv2gAVY+r4sWpbyAzwQaeBMtO9npJS3dVnp7X8Mpv821bRbCRKmjlvS9KQNUmMKKlPx5QZtnddtcQ2ykrPVu4pIODi1pBta442liKC5k/5zKz19C+dbIYajgx2sqVfKFee9ErqNaJodV+sWD4n3bd/e3chTpx5+tz/z9f12lM5ZJi3gAAAABJRU5ErkJggg==" preserveAspectRatio="none"/> + </g> + <g> + <g transform="translate(-0.5 -0.5)"> + <switch> + <foreignObject style="overflow: visible; text-align: left;" pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility"> + <div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe flex-end; justify-content: unsafe center; width: 88px; height: 1px; padding-top: 223px; margin-left: 266px;"> + <div style="box-sizing: border-box; font-size: 0; text-align: center; color: #000000; "> + <div style="display: inline-block; font-size: 12px; font-family: "Helvetica"; color: light-dark(#000000, #ffffff); line-height: 1.2; pointer-events: all; font-weight: bold; white-space: normal; word-wrap: normal; "> + QEMU + </div> + </div> + </div> + </foreignObject> + <text x="310" y="223" fill="light-dark(#000000, #ffffff)" font-family=""Helvetica"" font-size="12px" text-anchor="middle" font-weight="bold"> + QEMU + </text> + </switch> + </g> + </g> + <g> + <path d="M 257 100 L 257 61.24" fill="none" stroke="#000000" stroke-width="2" stroke-miterlimit="10" pointer-events="stroke" style="stroke: light-dark(rgb(0, 0, 0), rgb(255, 255, 255));"/> + <path d="M 257 55.24 L 261 63.24 L 257 61.24 L 253 63.24 Z" fill="#000000" stroke="#000000" stroke-width="2" stroke-miterlimit="10" pointer-events="all" style="fill: light-dark(rgb(0, 0, 0), rgb(255, 255, 255)); stroke: light-dark(rgb(0, 0, 0), rgb(255, 255, 255));"/> + </g> + <g> + <path d="M 260 100 L 220 100 Q 210 100 209.67 109.99 L 208.27 151.77" fill="none" stroke="#000000" stroke-width="2" stroke-miterlimit="10" pointer-events="stroke" style="stroke: light-dark(rgb(0, 0, 0), rgb(255, 255, 255));"/> + <path d="M 208.07 157.77 L 204.34 149.64 L 208.27 151.77 L 212.34 149.9 Z" fill="#000000" stroke="#000000" stroke-width="2" stroke-miterlimit="10" pointer-events="all" style="fill: light-dark(rgb(0, 0, 0), rgb(255, 255, 255)); stroke: light-dark(rgb(0, 0, 0), rgb(255, 255, 255));"/> + </g> + <g> + <path d="M 260 100 L 300 100 Q 310 100 310 110 L 310 151.76" fill="none" stroke="#000000" stroke-width="2" stroke-miterlimit="10" pointer-events="stroke" style="stroke: light-dark(rgb(0, 0, 0), rgb(255, 255, 255));"/> + <path d="M 310 157.76 L 306 149.76 L 310 151.76 L 314 149.76 Z" fill="#000000" stroke="#000000" stroke-width="2" stroke-miterlimit="10" pointer-events="all" style="fill: light-dark(rgb(0, 0, 0), rgb(255, 255, 255)); stroke: light-dark(rgb(0, 0, 0), rgb(255, 255, 255));"/> + </g> + </g> + <switch> + <g requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility"/> + <a transform="translate(0,-5)" xlink:href="https://www.drawio.com/doc/faq/svg-export-text-problems" target="_blank"> + <text text-anchor="middle" font-size="10px" x="50%" y="100%"> + Text is not SVG - cannot display + </text> + </a> + </switch> +</svg> diff --git a/docs/score_tools/clippy.rst b/docs/score_tools/clippy.rst new file mode 100644 index 00000000000..ac82b557af7 --- /dev/null +++ b/docs/score_tools/clippy.rst @@ -0,0 +1,134 @@ +.. + # ******************************************************************************* + # Copyright (c) 2025 Contributors to the Eclipse Foundation + # + # See the NOTICE file(s) distributed with this work for additional + # information regarding copyright ownership. + # + # This program and the accompanying materials are made available under the + # terms of the Apache License Version 2.0 which is available at + # https://www.apache.org/licenses/LICENSE-2.0 + # + # SPDX-License-Identifier: Apache-2.0 + # ******************************************************************************* + +.. doc_tool:: clippy + :id: doc_tool__clippy + :status: evaluated + :version: 1.90.0 (see [1]) + :tcl: HIGH + :safety_affected: YES + :security_affected: YES + :realizes: wp__tool_verification_report + :tags: tool_management + +Clippy Verification Report +=========================== + +Introduction +------------ +Scope and purpose +~~~~~~~~~~~~~~~~~ +Clippy is a linter tool (performs static code analysis) for the Rust programming language. +It provides a collection of lints to catch common mistakes and improve code quality. +Clippy helps developers identify potential issues in their Rust code, such as performance pitfalls, +stylistic inconsistencies, and potential bugs. + +Inputs and outputs +~~~~~~~~~~~~~~~~~~ +| Inputs: Software sources (Rust), Lint configuration +| Outputs: Report with detected rules violations + +.. figure:: _assets/clippy.drawio.svg + :width: 100% + :align: center + :alt: Clippy overview + + Clippy overview + +Available information +~~~~~~~~~~~~~~~~~~~~~ +- Version: >= 1.90.0 [1]_ +- Official repository: https://github.com/rust-lang/rust-clippy +- Official documentation: https://github.com/rust-lang/rust-clippy +- Clippy configuration in S-CORE module repository: https://github.com/eclipse-score/score_rust_policies/tree/main/clippy + + +Installation and integration +---------------------------- +Installation +~~~~~~~~~~~~ +| To add the Clippy Bazel targets to your project or module follow guidelines in `here <https://github.com/eclipse-score/score_rust_policies>`_ + +Integration +~~~~~~~~~~~ +Integrated in bazel. + +Environment +~~~~~~~~~~~ +Requires Rust toolchain and Bazel build environment. + +Safety evaluation +----------------- +This section outlines the safety evaluation of clippy for its use within the S-CORE project. + + +.. list-table:: Safety evaluation + :header-rows: 1 + :widths: 1 2 8 2 6 4 2 2 + + * - Malfunction identification + - Use case description + - Malfunctions + - Impact on safety? + - Impact safety measures available? + - Impact safety detection sufficient? + - Further additional safety measure required? + - Confidence (automatic calculation) + * - 1 + - False-negative: Fail to detect non-compliance with the consistency rules + - | Diverging from consistency rules. + | However lints are not involved in ensuring correctness of code, but only a measure of quality of the source code. + + - no + - no + - yes + - no + - high + * - 2 + - False-positive: Report non-compliance, although the code is compliant + - | No in code malfunction. + | However this will cause an failure in CI/CD checks that needs to be resolved before merging code by author through manual inspection and explanation + - no + - no + - yes + - no + - high + +Security evaluation +------------------- +This section outlines the security evaluation of Rustfmt for its use within the S-CORE project. + + +.. list-table:: Security evaluation + :header-rows: 1 + + * - Threat identification + - Use case description + - Threats + - Impact on security? + - Impact security measures available? + - Impact security detection sufficient? + * - 1 + - TBD + - TBD + - TBD + - TBD + - TBD + +Result +~~~~~~ +Clippy does not require qualification for use in safety-related software development according to ISO 26262. + +.. [1] The tool version mentioned in this document is preliminary. + Exact version shall be derived from qualified Rust compiler used in S-CORE project. diff --git a/docs/score_tools/doc_as_code.rst b/docs/score_tools/doc_as_code.rst index 028aaf17b95..3c3faa6db37 100644 --- a/docs/score_tools/doc_as_code.rst +++ b/docs/score_tools/doc_as_code.rst @@ -15,7 +15,7 @@ .. doc_tool:: Doc-as-Code :id: doc_tool__doc_as_code :status: evaluated - :version: v1.3.0 + :version: v2.2.0 :tcl: LOW :safety_affected: YES :security_affected: YES @@ -58,7 +58,7 @@ This includes getting started or usage information and integration manual. The capabilities of the tool can be found here: -`Doc-as-Code Project Capabilities <https://eclipse-score.github.io/docs-as-code/main/product/capabilities.html#capabilities>`_ +`Doc-as-Code Project Capabilities <https://eclipse-score.github.io/docs-as-code/main/internals/requirements/capabilities.html>`_ Installation and integration @@ -66,14 +66,15 @@ Installation and integration Tool location: -`Release v0.4.4 <https://github.com/eclipse-score/docs-as-code/tree/v0.4.4>`_ +`Release v2.2.0 <https://github.com/eclipse-score/docs-as-code/tree/v2.2.0>`_ How to integrate: -`Doc-as-Code Integration <https://eclipse-score.github.io/docs-as-code/main/how-to-integrate/index.html>`_ +`Doc-as-Code Setup <https://eclipse-score.github.io/docs-as-code/main/how-to/setup.html>`_ -Environment: github, python, Version 3.y.z, sphinx, Version x.y.z, sphinx-needs, Version x.y.z -Supported platforms: Windows, Linux +Environment: Bazel + +Supported platforms: Linux Evaluation @@ -158,14 +159,14 @@ Requirements and testing aspects -------------------------------- Tool requirements are defined here: -`Doc-as-Code Requirements <https://eclipse-score.github.io/docs-as-code/main/product/requirements.html#requirements>`_ +`Doc-as-Code Requirements <https://eclipse-score.github.io/docs-as-code/main/internals/requirements/requirements.html>`_ Test cases and tests are defined here: -`Doc-as-Code Test cases and tests <https://github.com/eclipse-score/docs-as-code/tree/v0.4.2/src/extensions>`_ +`Doc-as-Code Test cases and tests <https://github.com/eclipse-score/docs-as-code/tree/v2.2.0/src/extensions>`_ The tests are part of the rules checker code sections. Requirements coverage is documented here: -`Doc-as-Code Requirements <https://eclipse-score.github.io/docs-as-code/main/product/requirements.html#requirements>`_ +`Doc-as-Code Requirements <https://eclipse-score.github.io/docs-as-code/main/internals/requirements/requirements.html>`_ diff --git a/docs/score_tools/index.rst b/docs/score_tools/index.rst index 2781b1a6624..f0c91cacf03 100644 --- a/docs/score_tools/index.rst +++ b/docs/score_tools/index.rst @@ -33,3 +33,5 @@ S-CORE Tools Overview gtest bazel rustfmt + itf + clippy diff --git a/docs/score_tools/itf.rst b/docs/score_tools/itf.rst new file mode 100644 index 00000000000..aa906f1da93 --- /dev/null +++ b/docs/score_tools/itf.rst @@ -0,0 +1,212 @@ +.. + # ******************************************************************************* + # Copyright (c) 2025 Contributors to the Eclipse Foundation + # + # See the NOTICE file(s) distributed with this work for additional + # information regarding copyright ownership. + # + # This program and the accompanying materials are made available under the + # terms of the Apache License Version 2.0 which is available at + # https://www.apache.org/licenses/LICENSE-2.0 + # + # SPDX-License-Identifier: Apache-2.0 + # ******************************************************************************* + +.. doc_tool:: ITF + :id: doc_tool__itf + :status: draft + :version: 0.1.0 + :tcl: LOW + :safety_affected: YES + :security_affected: YES + :realizes: wp__tool_verification_report + :tags: tool_management + +ITF (Integration Testing Framework) Verification Report +======================================================= + +Introduction +------------ +Scope and purpose +~~~~~~~~~~~~~~~~~ +ITF is a pytest-based integration testing framework that simplifies writing and +running integration tests. It provides utilities for common integration tasks +— for example, SSH connection setup, interpreting dataframes, parsing +diagnostic messages, etc. ITF can execute tests on emulators (QEMU) as well as on +physical hardware. + +Inputs and outputs +~~~~~~~~~~~~~~~~~~ +| Inputs: Software image (binary), Pytest-based test files (python) +| Outputs: Test report + +.. figure:: _assets/itf.drawio.svg + :width: 100% + :align: center + :alt: ITF overview + + ITF overview + +Available information +~~~~~~~~~~~~~~~~~~~~~ +- Version: 0.1.0 [1]_ +- Repository: https://github.com/eclipse-score/itf +- Example of ITF test in S-CORE ITF repository: https://github.com/eclipse-score/itf/blob/main/examples/examples/itf/test_docker.py + + +Installation and integration +---------------------------- +Installation +~~~~~~~~~~~~ +| To add the ITF Bazel dependency to your project or module, include the following line in your MODULE.bazel file: + +.. code-block:: Python + + bazel_dep(name = "score_itf", version = "0.1.0") + +| And verify that the `.bazelrc` configuration file contains the following directive to register the S-CORE module registry: + +.. code-block:: Python + + common --registry=https://raw.githubusercontent.com/eclipse-score/bazel_registry/main/ + +| The sources of bazel S-CORE ITF module configuration can be found at: https://github.com/eclipse-score/bazel_registry/tree/main/modules/score_itf + + +Integration +~~~~~~~~~~~ +Integrated in bazel. + +Environment +~~~~~~~~~~~ +Running application software instance with configured connection. + +Safety evaluation +----------------- +This section outlines the safety evaluation of ITF for its use within the S-CORE project. + + +.. list-table:: Safety evaluation + :header-rows: 1 + :widths: 1 2 8 2 6 4 2 2 + + * - Malfunction identification + - Use case description + - Malfunctions + - Impact on safety? + - Impact safety measures available? + - Impact safety detection sufficient? + - Further additional safety measure required? + - Confidence (automatic calculation) + * - 1 + - Run tests and generate test report + - | Fails to load input files + | + | ITF fails to load provided file even if file is present and accessible. + - yes + - (implicit) Check ITF test run status + - yes + - no + - high + * - 2 + - Run tests and generate test report + - | Fails to write result to file + | + | ITF was not able to save results in file(s). + - yes + - (implicit) Check ITF test run status + - yes + - no + - high + * - 3 + - Run tests and generate test report + - | Fails to collect results of the test(s) + | + | ITF was not able to collect results of executed test. + - no + - no + - yes + - no + - high + * - 4 + - Run tests and generate test report + - | Fails to detect an existing error + | + | ITF fails to detect the presence of existing errors. + - yes + - no + - no + - yes (qualification) + - low + * - 5 + - Run tests and generate test report + - | Fails to execute the test + | + | ITF fails to execute specific test from the test plan + - no + - no + - yes + - no + - high + * - 6 + - Run tests and generate test report + - | Indicates presence of a non-existing error + | + | ITF indicates the presence of errors that do not exist. + - no + - no + - yes + - no + - high + * - 7 + - Run tests and generate test report + - | Produces wrong test report + | + | ITF fails to save correct test result in test report. + - yes + - Review test report + - yes + - no + - high + +Security evaluation +------------------- +This section outlines the security evaluation of ITF for its use within the S-CORE project. + + +.. list-table:: Security evaluation + :header-rows: 1 + + * - Threat identification + - Use case description + - Threats + - Impact on security? + - Impact security measures available? + - Impact security detection sufficient? + * - 1 + - TBD + - TBD + - TBD + - TBD + - TBD + +Result +~~~~~~ +ITF requires qualification for use in safety-related software development. + + +**Tool Qualification** +------------------------------------------- +Based on method: validation of the software tool. + +Requirements and testing aspects +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +Tool requirements are derived from official documentation (currently missing): https://github.com/eclipse-score/itf + +The testing team is responsible for identifying the specific ITF functionality +used in the project. Based on this, requirements for the utilized features must be derived from +the available documentation and ITF validated against defined requirements. + + +.. [1] The tool version mentioned in this document is preliminary. + It is subject to change and will be updated in future.