News & Events.

exida Announces New Whitepaper on the Qualification and Certification of Open-Source Software (OSS)

  March 25, 2026

---

SELLERSVILLE, PA – March 25, 2026 – exida, the global leader in functional safety and cybersecurity certification, is pleased to announce the release of its latest technical whitepaper: "Qualification and Certification of Open-Source Software." This landmark document addresses the growing necessity of integrating Open-Source Software (OSS) into safety-critical industrial and automotive environments. exida encourages feedback from the safety community to help shape future versions of this evolving certification framework.

As modern applications increase in complexity, the industry is shifting toward standardized operating systems like Linux and GNU/Linux. However, the traditional "V-model" approach used in classical safety-related development often conflicts with the rapid, collaborative nature of OSS. exida’s new whitepaper bridges this gap, offering a roadmap for users, maintainers, and integrators to achieve certification up to SIL 2 (IEC 61508) and ASIL B (ISO 26262).

A Tailored Approach to Modern Complexity

The whitepaper introduces exida’s "Open Certification" philosophy, which moves away from a "one-size-fits-all" mentality. Instead, the approach weights the unique characteristics of OSS development and considers the specific strengths of major distributors, such as Red Hat and Codethink, to ensure rigorous risk mitigation.

In an era of large-scale applications and non-deterministic hardware, avoiding OSS in functional safety and cybersecurity is no longer a viable option. The goal for making the whitepaper available is to provide the transparency needed to support technical discourse and mutual learning across the safety community.

Meeting Global Regulatory Demands

The exida approach specifically targets high-complexity systems characterized by mixed-criticality, high change rates, and significant security challenges. Furthermore, the paper outlines how a standardized OSS framework supports the high level of software re-use required to make long-term maintenance commercially viable—a key mandate of the European Cyber Resilience Act (CRA).

Key Topics Covered:

• OSS vs. Proprietary Software: A deep dive into the particularities of open versus proprietary development models.
• Certification Fundamentals: Guidance on tailoring safety assessments to the strengths of individual OSS projects.
• Mixed-Criticality Support: Strategies for managing subsystems with varying safety integrity levels on modern MCUs and GPUs.

Availability and Feedback:

The whitepaper is available for download on the exida website. Download whitepaper

Please send feedback on the paper to Jonathan Moore: jmoore@exida.com

More News

• March 25, 2026
  exida Announces New Whitepaper on the Qualification and Certification of Open-Source Software (OSS)
• March 02, 2026
  Kalmar awarded the cybersecurity certification for MyKalmar INSIGHT
• February 05, 2026
  Industry Spotlight: exida CTO Iwan van Beurden to Address “Design vs. Reality” at 6th Annual Middle East Reliability Conference
• February 04, 2026
  Jinko ESS Receives IEC 62443-2-4 Cybersecurity Certification
• October 13, 2025
  Three Pillars of Process Safety: Catch exida’s Experts at Hazards 35 in Birmingham
• October 08, 2025
  exida Automotive Symposium 2025: Where the Future of Automotive Safety and AI Meets the Bavarian Alps
• October 03, 2025
  Catch exida at CRA-Conf & CySecMed 2025 in Munich: CRA Compliance and Medical Device Cybersecurity