[
Date Prev][
Date Next][
Thread Prev][
Thread Next][
Date Index][
Thread Index]
[
List Home]
Re: [open-regulatory-compliance] Important and Critical product categories - Operating systems
|
Hi,
I agree. With the current definition it's very close to something
that does task scheduling, even if it is completely in user space.
If I try to parse the sentence "Software products with digital
elements that control the execution of programs and that may
provide services such as resource allocation, scheduling,
input-output control, and data management." it sounds like "control
the execution of programs" is the only hard criteria given. The
parts after may are just additional hints at what an operating
system may additionally do. Is that correct?
From a security point of view I would say the separation of
execution between kernel space and user space or more generally
different levels of hardware security boundaries (rings?) is a key
part of modern operation systems. I am not sure if this holds true
in the embedded space though.
Best,
Tobias
Am 25.03.25 um 21:02 schrieb Marta
Rybczynska via open-regulatory-compliance:
Hello,
I think that this definition requires some work. It does
not mention hardware support and access control (including
access control to hardware) and those are related to security.
The definition "as-is" could be interpreted to include things
like task scheduling systems (in CI, job scheduling in
scientific systems and the like). It also gives no boundary
between the OS and included tools. In the case of a Linux
distribution, does it apply to the kernel, or to the whole
distribution?
I propose the following:
Software products with digital elements that control the
execution of programs and manage hardware access. They may
provide services such as resource allocation, scheduling,
input-output control, and data management, and might run
directly on hardware or use a hypervisor.
What do you think?
Marta
Hi folks,
This is the definition of operating systems
in the draft implementing act:
Software products with digital elements that
control the execution of programs and that may
provide services such as resource allocation,
scheduling, input-output control, and data
management.
This category includes but is not limited to
real-time operating systems, operating systems for
servers, mainframes and mobile devices, network
operating systems and general-purpose operating
systems.
Are you all comfortable with this definition or do
you have concerns with it? If so, what are those
concerns and how would you modify the definition to
address them?
Thanks.
--tobie
---
Tobie Langel
Tech Lead ORC WG, Eclipse Foundation
Principal, UnlockOpen
_______________________________________________
open-regulatory-compliance mailing list
open-regulatory-compliance@xxxxxxxxxxx
To unsubscribe from this list, visit https://accounts.eclipse.org
_______________________________________________
open-regulatory-compliance mailing list
open-regulatory-compliance@xxxxxxxxxxx
To unsubscribe from this list, visit https://accounts.eclipse.org
--
Frech IT GmbH / Am Brünnele 7 / 71642 Ludwigsburg
phone : +49-(0)7141-9113037 / HR B 744851 / AG Stuttgart
Geschäftsführer: Tobias Frech
mobile: +49-(0)172-7112352 / email: tobias@xxxxxxxxxx