How Codethink are using STPA for risk analysis of software-intensive systems and integrating the outputs into the engineering process.
Codethink's first ISO 26262 ASIL D Tool Certification - Deterministic Construction Service (DCS)
Codethink continues to participate in the promising RISC-V ecosystem, and we have exciting news around Freedesktop SDK and GNOME.
Everyone wants the same thing: stable software for the long term, including the latest features. To achieve this, you need to have confidence in your software and in the software you depend on, which has to come from testing.
Previously ARM servers were slower than x86, but not any more
High quality releases require high quality testing infrastructure. To show how deep OS and GUI testing can be done, let's look at the OpenQA instance we helped set up for GNOME.
As part of Codethink's interest in RISC-V, we created some simple hardware.
You’ve made a choice to use open-source software as part of your product release. That’s a great start. Open-source software projects usually have large contributing communities that help improve the software’s quality and functionality over time.
For the last few months, the BuildTeam Community has been organising a meetup to gather like-minded community members to discuss, share and exchange innovations and relevant topics and systems in build.
Applying functional safety practices to modern software-intensive systems requires a different approach to the established methods enshrined in current safety standards. Codethink have been working with Exida on a new approach to software safety for systems based on Linux.
The recent furore around University of Minnesota’s “Hypocrite commits” research, which spilled over from the Linux Kernel Mailing List and into mainstream tech media, has provoked a lot of discussion about the Linux kernel community’s processes, and arguably provided ammunition to folks who have been saying all along that open source software cannot be trusted.
If API is the way a programmer can call one program from another, then ABI is how the computer can call one program from another. This covers a whole lot of intricacies, such as calling conventions and the object format.
Consuming open-source is only the start of the journey for many companies. Whether by design or necessity, organisations find themselves adapting from being simply open-source consumers to being full-fledged producers, contributors and maintainers, eventually working in public, following ‘open by default and ‘upstream first’ principles.
As part of Codethink's interest in RISC-V I have been following the RISC-V kernel list. Whilst looking through the postings the following bug came up, titled: [syzbot] BUG: unable to handle kernel access to user memory in schedule_tail
We detail some research and development work Codethink conducted last year; building a low cost multi-camera sports tracking system. We specifically focus on camera space tracking on embedded platforms, as well as running through some of the background and state of the art of Computer Vision.
This blog post is about the Remote Asset API, describing its components and going into detail about the server-side implementation which has been worked on here at Codethink.
Codethink recently ran the Safety and Open Source devroom at FOSDEM 2021. Unfortunately, due to Covid-19, this was entirely virtual. However, this did make the conference more accessible to those who would otherwise be unable to attend. 2021 was the first year that the safety devroom had been run, and hopefully, it will become a regular occurrence at FOSDEM in future years.
One of the innovative minds that contribute to the community and work with our client’s projects is Beth White, Project Manager at Codethink, for the last 4 years. She has led and planned projects for some of our prime clients by driving the community side.
Terraform definitions are rarely defined in isolation without configurations for other tools such as Ansible, Puppet, Kubernetes. These definitions' close relationships often lead to changes in the configurations for multiple tools across various configuration languages.
The Bloodlight project was designed to test for new health metrics in the blood by testing multiple LED wavelengths of light at high-frequency and accuracy. We hoped to process the signals to determine the most appropriate wavelengths for low-power sensing and find new potential data in the signals.
As we celebrate International Women's Day, I thought I would reflect on the many inspirational women I have come across, in-person in everyday life, in articles or in history. My HR career has allowed me to see just how well women have steered their professional growth and how policies and procedures have evolved to complement changing and progressive environments.
One of the more challenging aspects of prototyping research hardware has always been the construction of plastic enclosures/cases. This is an even more fundamental issue for wearable/medical prototypes - in our example the case plays a strong role in the PPG sensor's optical properties.
Applying functional safety practices to software-intensive systems can be very challenging, and established approaches have struggled to scale and adapt to the problem. But what is meant by the assertion that "Safety is a system property, not a component property" and how should this shape our understanding of safety when applied to software?
When something as exciting as a completely open CPU architecture comes along, it's hard to stop Codethink's engineers from getting involved. We've set up an internal research project with the goal of learning about RISC-V, and we have some interesting results already.
In this episode of 'Meet the Codethings', we've asked Shaun about FOSDEM, the future of safety-critical software in automotive, and STPA. Keep up-to-date with our news about safety by just subscribing to our Safety newsletter at the end of the article.
Codethink is a company which provides software services and consultancy. We work with our clients to help them to deliver their projects effectively and efficiently. We prefer to work with a Project Manager on basis as we feel this usually results in the best possible outcome for our clients and ensures our engineering teams are well-supported.
FOSDEM is a two-day event organised by the FOSS community for FOSS the community. This event aims to gather like-minded professionals to learn, teach, and broaden their knowledge and network. This is a fun and exciting weekend for the developers and our employees since they are hosting their first devroom this year.
Ben Dooks is our Senior Engineer and Open Source Consultant with more than 15 years’ experience contributing to Linux Kernel. Dooks joined Codethink 8 years ago, and since then he's been involved in a range of projects involving the Linux kernel, such as the MEG project, amongst others.
Conferences and events are a valuable way to grow an open source project. They're a space for software engineers, team leaders, architects and open source enthusiasts to discuss ideas, share points of views, identify solutions and introduce new software developments.
We got this open source cartoon as an Xmas gift... hope you like it
FOSDEM is coming, 6th and 7th of February 2021! In addition to attending the virtual event, this time Codethink engineers will be curating the Safety and Open Source Software Dev Room.
Bazel and BuildStream are tools which are commonly used to organize and delegate the building of software. There are a few key differences between them but largely they are concerned with the same development problems.
It's that happy time of the year again! And we are not only talking about hearing "All I Want For Christmas Is You" every time you go to the supermarket. We are talking about Advent of Code.
In our previous blog post we introduced the Interrogizer project. Interrogizer is a logic analyser, which means it samples binary signals and sends the samples to a host computer as fast as possible.
Interrogizer is an Open Source project, aimed at providing developers with an affordable and easily producible tool to aid troubleshooting by enabling measurement of digital signals. Started from a desire to share hardware knowledge around Codethink, the device uses a small microcontroller placed on a simple PCB that can be easily and cheaply produced; allowing for iterations of the product as development progresses.
In an evermore software-intensive world, the security of software systems has become a critical part of product design and implementation. One way in which attackers exploit software systems is by crafting malicious inputs. The defence to such attacks is a combination of defensive programming techniques including input validation.
In this post I'm going to talk about the recent tranche of work I've put into a tool I wrote called topplot, which plots graphs from the data produced by the system utility top.
As an organisation, health and wellbeing is one of our key focuses - this includes our colleagues, customers, connections, friends and family. We are progressing through our wellbeing calendar and have a focus this month on activities to raise awareness for World Suicide Prevention Day and to join in with the World's Biggest Coffee Morning on 25th September in support of Macmillian Cancer.
There are various roles out there on ansible-galaxy that will take care of installing this application for you, but their main advantage is the ability to install on platforms we don't use, and the ones we looked over didn't provide any configuration of openvas itself.
I recently digitally attended the 2020 STAMP workshop, hosted by MIT. This was originally planned to be in Boston in March, but for obvious reasons was moved.
We’re excited to see that Red Hat has decided to offer flatpak runtimes for RHEL with a ten year security fix plan...
Codethink staff have been predominantly based at home now for over three months. In that time the way we all interact with the world has changed considerably.
Codethink is working on a project to design a fully open-source (hardware and software) research device for experimenting with shining light into skin and detecting the light that reflects, gets absorbed and passes through. This kind of technology is widely deployed for measuring heart rates.
In the mid-2010s, Codethink developed the software suite for specifying, developing, and building Linux-based systems. The work has been used by several long-standing customers and Codethink even uses it for some of our own infrastructure. This blog will take you through work done to modernise one of the components of Baserock - Lorry.
Codethink is a software company that works on various client projects; ranging from medical, finance, automotive. In these different areas of engagement; we are trusted to work on various types of problems that clients face with their systems. One such problem encountered required us looking at a userspace software where the program was occasionally not responding on time.
In my previous blog post I introduced my work to improve Rust's support for RISC-V Linux systems. Since then I have fixed a couple of interesting compiler bugs. This blog post describes my process to track down these issues; explains some
rustc internals; and discusses movement in the broader Rust community regarding RISC-V.
In 2019, electric vehicles accounted for 7.4% of total passenger car registrations in the UK. For an ever-more environmentally conscious population, this presents a very low number. Electric vehicles are often seen as a next step, or even a solution for greener transportation. Indeed, electric vehicles are becoming a more accessible option for an increasing number of consumers, and getting closer to a wider public adoption.
In 2018, Codethink worked with Lukas Bulwahn from BMW on a project investigating some core functionality of the Linux kernel that is relevant to safety considerations of an assumed system. We wanted to share some of our findings from this work, as it could prove useful to communities interested in using Linux in a safety-critical context.
Buildstream projects can easily be consumed by Bazel projects by use of a bazelize element, offering greater flexibility and an easier path to integrating third party dependencies
RISC-V is a new Instruction Set Architecture developed in the open and available for use without paying a license fee. This means there are no barriers to achieving open hardware implementations, which opens the door to performant (mostly) open hardware processors...
Building and testing at scale often involves codebases with millions of lines of code, worked upon by thousands of developers. One solution to the problem of building as quickly as possible is simply delegating that responsibility — not to the machine that the developer is working on, or even to a server that the CI job has been dispatched to, but to a server farm...
As concerns about the privacy and security implications of contract tracing apps for COVID-19 show, establishing trust in software is still a real challenge. I’ve been following reports about these apps closely, and have been interested to read medical, technical and ethical analysis from around the world. What all of these perspectives underline for me is the critical role of public trust in the success or failure of such applications.
Medical Devices are utilising software more than ever before. Recent challenges from COVID-19 have outlined some of the great benefits of utilising open source within the Medical industry. Chris looks at the benefits Open Source Software and projects could bring to the industry, as well as potential drawbacks of implementing an open-source initiative
I’ve now been working at home since early March. My colleagues and I have all adapted to be able to work at home following the coronavirus outbreak and the subsequent measures taken by the UK government and other governments around the world. This shift is one that we have all had to come to terms with quickly.
Industry leading Medical companies are turning their attention to helping combat the fight. Manufacturers of ventilators and respiratory care such as Philips and Medtronic are committing to doubling production of ventilators over the next couple of months.
Codethink has switched into home-working mode to minimise the possibility of COVID-19 infections for our team, families, customers and partners.
Codethink recently worked on platform libraries for the real-time M4 cores of the MediaTek MT3620, the first Azure Sphere chip certified by Microsoft focusing on the development of a set of drivers for the peripheral subsystems (SPI, I2C, I2S, ADC, PWM, GPIO and Timers).
Codethink has experience of developing new concepts using Wirepas Mesh technology and can assist any company with software challenges to bring such products to life. We have partnered with Wirepas to help it and its customers to take the ecosystem to the next level.
When building software, we know that we need to be fast and we know we need to minimise any wasted time in the process. Introducing Remote Execution to builds will help to achieve this, but how do the different solutions compare? That's where the Remote Execution API Testing Project comes in...
Fortran will be turning 65 this November and, though the programming language may conjure up images of punch cards and room-sized computers, it is certainly not dead. Originally developed by IBM in the early 1950s for scientists and engineers, it found early success with the target audience and is still being used today.
Codethink’s culture stems from the world of open source software. A large part of what it means to be a Codething is taking part in the sharing of knowledge across the company and learning on a daily basis. This practice drives the development of understanding in different areas of …
As mentioned in the first part of this article, An Introduction to Distributed Builds and Remote Execution, there is no single solution to the problem of building software in a distributed manner. This description will focus on a solution based on the Remote Execution API.
Part of creating software involves translating source code into instructions that can be executed by hardware and packaging the results in a way that can be consumed by users. That process is known as building (although colloquially it sometimes can be referred to as compiling).
For small programs …
Installing Linux on most PCs is easy — you pop in a DVD or a USB stick, click through the install process, and you’re most of the way there. When it comes to more specialised devices, however, installing and running an operating system isn’t quite so straight-forward.
Embedded devices …
You might have heard the term ‘FPGA’ thrown around every now and again. In several areas of the tech industry their use is growing -- particularly in automotive, aerospace, and medical applications.
Debian is over 20 years old now, and the venerable distro is keeping the ball rolling by releasing its latest version, 10.0 (Buster), last Saturday.
Free/Libre Open Source Software (F/LOSS) projects have always been community-driven affairs. Many of the tools that we use at Codethink are the result of years of passionate work put in by dedicated developers. They use their free time to provide the world with useful, thoughtful and creative software.
It is nearing the end of pride month, and over the course of June, here at Codethink we wanted to explore the question of inclusivity in the open source community. When we first wrote this article, we noted that the Wikipedia page on the matter was sparse, and we were surprised there was such a lack of detail. To address this, we contributed some of the research in this article, hoping to make it more easily accessible.
Codethink partnered with York Instruments on a project to develop a new Magnetoencephalogram (MEG) scanner to replace their existing apparatus. This is a neuroimaging device which maps brain activity by recording magnetic fields which are produced by naturally occurring electrical currents in the brain.
Here at Codethink we've recently been putting some energy into enhancing our onboarding process that we have in place for all new starters at the company. As we grow steadily in size, it's important we have a well defined approach to welcoming new employees into the company and introducing them …
Interview with Adam Jones discussing hot to get into open source, and why Open source software is at the heart of Codethink.
GitOps is increasingly popular in the cloud-native world, allowing developers to deliver software to production using their native tooling—a pull request in Git. The underlying principle is that of infrastructure as code.
As a result of collaborative research with MIT, Codethink announces a new open source project AV-STPA, to analyse and document safety requirements for autonomous vehicles by applying System-Theoretic Process Analysis.
On our continuing journey to understand the implications of safety and security risk management for complex software-intensive systems, Codethink has …
For a project with one of our larger clients, Codethink engineers had been using a 3rd party debugging board, purchased by the customer. Engineers found that the debug board features were quite limited. Due to the delicate design of the board, the lead time for production was long and as …
The Civil Infrastructure Platform (CIP), a Linux Foundation Initiative, is attracting the attention of well known stakeholders in the Industrial Grade space.
The long term project goal is to create an Open Source base layer for industrial grade systems collaboratively to enable the creation of reusable building blocks that meet …
Over the course of three months and two PCB revisions, Codethink developed a USB 3 switch (See Image) in order to address issues regarding software deployment and continuous integration faced by one of our major customers.
The aim was to deliver a computer-controlled, automated deployment pipeline for testing software on …
Codethink has been collaborating with British Cycling technical staff to develop an innovative telematics system to measure performance of their athletes in training for competitive events. This system seeks to improve the recording and analysis of raw data and will aid training progress of British Cycling in preparation for the …
Systems are becoming more complex than ever before. This now allows us to accomplish tasks that once seemed impossible. With this increase in complexity from systems, there is a need for safety models that can keep up.
STAMP (System-Theoretic Accident Model and Processes) is an accident and causality model based …
The theme of International Women’s Day 2019 is ‘Balance for Better’. It is reported that 17% of those working in technology sector in the UK are female, an imbalance that has drawn a lot of attention. For International Women’s Day this year, I talked to a few of …
If you've ever looked into remote build caching and execution and read about it
Configuring Linux systems to stabilise latency
Over the course of the last few months, Codethink have conducted an investigation into whether or not Linux systems can be configured to be deterministic, so that performance over time is made to be more predictable and overall improved by tweaking the kernel in …
I attended GUADEC 2018, and really enjoyed it, and I feel that I got a lot out of it.
The talks were recorded and they should be put online some time soon, I think. They need volunteers to do some video editing first though.
There is an issue for doing …
Many embedded/automotive vendors are recommending that electronic control unit (ECU) consolidation can be best achieved by adopting an architecture with a hypervisor. The idea is to isolate functions into guest operating system virtual machines and restrict access to sensitive resources. So examples of the consolidated architecture look something like …
Traditionally ELCE has been an important annual event for Codethink. This year was no exception. ELCE 2017 was not only a great technical event but...
LONDON--(BUSINESS WIRE)-- The Institute for Strategy, Resilience & Security (ISRS) at University College London (UCL) in association with software developer Codethink Ltd, today announced the release of a new white paper entitled Towards Trustable Software – A Systematic Approach To Establishing Trust In Software. Paul Sherwood, CEO of Codethink will introduce …
FLOSS event offerings have exploded in the last few years. You can find everything from very elite, invitation-only pricey events to small, local meetings that are open to everybody...
An introduction to Error Correction, Hamming Codes, Reed-Solomon, and Locally Repairable Codes
Tristan explains his new initative BuildStream and what it could mean for GNOME in 2017.
A look at open source for Civil Infrastructure, and why we're a founding member of CIP.
This post was originally a quick email to a client and their other partners detailing what the output from the "top" tool means, which is a utility which shows a list of running processes on a UNIX system along with statistics on their memory and CPU consumption.
Here's an example …
Looking at YAML and JSON for Schemas and Validation.
Moving from a traditional product/release focused delivery model to a rolling model. Agustin talks about our team's work on the GENIVI Development Platform and the transition to a continuous delivery model.
As part of International Supercomputing Conference 2016, Codethink announced an open source Fortran parser that enables modernisation and execution of many academic, scientific, and commercial algorithms on ARM, Intel, and OpenPOWER.
Sam and Mike continue their post about the Teufel build process, talking about the implementation of a reliable caching mechanism.
Within companies producing devices, product progress continues to drive complexity and creates legacy challenges. Codethink senior engineers Sam Thursfield and Michael Drake explain how a recent embedded project for high end Home Entertainment demanded working with a complex Buildroot setup. This delivered major build time benefits, enabling rapid continuous integration.
Over the last few years Codethink has been helping a series of customers understand and manage the scale and complexity of their software integration pipelines. We've seen and tried various approaches to visualise what's happening, but many projects end up falling back to some combination of:
- architecture diagrams
- data models …
Superuser talked to Zara Zaimeche, software developer at Codethink, about StoryBoard, a task tracking system for cross-team projects.
Deep learning in Python
We do standups to keep the team aware of what everyone is doing, and to identify roadblocks. Doing them on IRC means we can
- log the minutes
- have remote participants
- be in more than one standup at once (eg Project Manager)
Standups should be short - approx 10 minutes …
Codethink joins Automotive Grade Linux to help advance open collaboration and automotive software development for cars of the future
Codethink is delighted to be sponsoring the first systemd conference.
Maintaining 100 million lines of code on your own is not much fun, and surprisingly expensive.
Leading automotive electronics supplier Visteon and Linux software specialist Codethink are partnering to improve the long-term traceability and reproducibility of software used in in-vehicle infotainment products.
Codethink's Contributions to ARM Software Ecosystem Facilitate Commercial Deployment Among Cloud and Enterprise End Users
DataCentred announce that in a world first they have integrated servers running ARM Aarch64 processors into their OpenStack public cloud platform
First Public Baserock Meetup to be held in Manchester, England.
NVIDIA Jetson TK1 + Baserock + Linux 3.15 in one day Engineers take just 24 hours to get a new open source 3.15 Linux operating system running on new NVIDIA Jetson TK1.
Codethink Receives GENIVI Most Valuable Contributor Award. Recognised for Baserock contribution to GENIVI Baseline Integration Team.
- Using STPA with software-intensive systems
- Codethink achieves ISO 26262 ASIL D Tool Certification
- RISC-V: running GNOME OS on SiFive hardware for the first time
- Automated Linux kernel testing
- Native compilation on Arm servers is so much faster now
- Higher quality of FOSS: How we are helping GNOME to improve their test pipeline
- RISC-V: A Small Hardware Project
- Why aligning with open source mainline is the way to go
- Build Meetup 2021: The BuildTeam Community Event
- A new approach to software safety
- Does the "Hypocrite Commits" incident prove that Linux is unsafe?
- ABI Stability in freedesktop-sdk
- Why your organisation needs to embrace working in the open-source ecosystem
- RISC-V User space access Oops
- Tracking Players at the Edge: An Overview
- What is Remote Asset API?
- Running a devroom at FOSDEM: Safety and Open Source
- Meet the codethings: Understanding BuildGrid and BuildBox with Beth White
- Streamlining Terraform configuration with Jsonnet
- Bloodlight: Designing a Heart Rate Sensor with STM32, LEDs and Photodiode
- Making the tech industry more inclusive for women
- Bloodlight Case Design: Lessons Learned
- Safety is a system property, not a software property
- RISC-V: Codethink's first research about the open instruction set
- Meet the Codethings: Safety-critical systems and the benefits of STPA with Shaun Mooney
- Why Project Managers are essential in an effective software consultancy
- FOSDEM 2021: Devroom for Safety and Open Source
- Meet the Codethings: Ben Dooks talks about Linux kernel and RISC-V
- Here we go 2021: 4 open source events for software engineers and project leaders
- Xmas Greetings from Codethink
- Call for Papers: FOSDEM 2021 Dev Room Safety and Open Source Software
- Building the abseil-hello Bazel project for a different architecture using a dynamically generated toolchain
- Advent of Code: programming puzzle challenges
- Improving performance on Interrogizer with the stm32
- Introducing Interrogizer: providing affordable troubleshooting
- Improving software security through input validation
- More time on top: My latest work improving Topplot
- Cycling around the world
- Orchestrating applications by (ab)using Ansible's Network XML Parser
- My experience of the MIT STAMP workshop 2020
- Red Hat announces new Flatpak Runtime for RHEL
- How to keep your staff healthy in lockdown
- Bloodlight: A Medical PPG Testbed
- Bringing Lorry into the 2020s
- How to use Tracecompass to analyse kernel traces from LTTng
- Fixing Rust's test suite on RISC-V
- The challenges behind electric vehicle infrastructure
- Investigating kernel user-space access
- Consuming BuildStream projects in Bazel: the bazelize plugin
- Improving RISC-V Linux support in Rust
- Creating a Build toolkit using the Remote Execution API
- Trusting software in a pandemic
- The Case For Open Source Software In The Medical Industry
- My experiences moving to remote working
- Impact of COVID-19 on the Medical Devices Industry
- COVID-19 (Coronavirus) and Codethink
- Codethink develops Open Source drivers for Microsoft Azure Sphere MediaTek MT3620
- Codethink partners with Wirepas
- Testing Bazel's Remote Execution API
- Passing the age of retirement: our work with Fortran and its compilers
- Sharing technical knowledge at Codethink
- Using the REAPI for Distributed Builds
- An Introduction to Remote Execution and Distributed Builds
- Gluing hardware and software: Board Support Packages (BSPs)
- Engineering's jack of all trades: an intro to FPGAs
- Bust out your pendrives: Debian 10 is out!
- Why you should attend local open source meet-ups
- Acceptance, strife, and progress in the LGBTIQ+ and open source communities
- Codethink helps York Instruments to deliver world-beating medical brain-scanner
- Codethink open sources part of staff onboarding - 'How To Git Going In FOSS'
- Getting into open source
- How to put GitOps to work for your software delivery
- Open Source Safety Requirements Analysis for Autonomous Vehicles based on STPA
- Codethink engineers develop custom debug solution for customer project
- Codethink contributes to CIP Super Long Term Kernel maintenance
- Codethink creates custom USB 3 switch to support customer's CI/CD pipeline requirements
- Codethink unlocks data analysis potential for British Cycling
- MIT Doctor delivers Manchester masterclass on innovative safety methodology
- Balance for Better: Women in Technology Codethink Interviews
- Introducing BuildGrid
- Configuring Linux to stabilise latency
- GUADEC 2018 Talks
- Hypervisor Not Required
- Codethink at ELCE 2017
- Towards Trustable Software White Paper
- Why support community driven FOSS events
- Error Correcting Codes and Erasure Codes
- Introducing BuildStream
- Why Codethink is a founding member of the Civil Infrastructure Platform, a Linux Foundation initiative
- Using and understanding top to measure CPU and memory consumption
- Validating Schemas in YAML
- GENIVI Development Platform
- Codethink announces Open Fortran Compiler
- Lautsprecher Teufel Build Process Improvements Part 2
- Lautsprecher Teufel Build Process Improvements
- Visualising the Software Integration process for whole systems
- Codethink's Zara Zaimeche Interviewed on Storyboard Development
- Measuring the Iris
- How to run Standups on IRC/Slack
- Codethink Joins Automotive Grade Linux
- Codethink Sponsors systemd.conf
- Codethink's Paul Sherwood on GENIVI 'Crack in the Foundation'
- Visteon and Codethink Collaborate
- AppliedMicro and Codethink Announce Partnership
- OpenStack Public Cloud on 64-bit ARM servers with DataCentred
- First Public Baserock Meetup to be held in Manchester
- No Secret Sauce, Just Open Source
- GENIVI most valuable contributor