As Open-Source Software (OSS) becomes essential for high-complexity, safety-critical applications, the industry must bridge the gap between transparent OSS development and traditional, rigid "V-model" safety standards. This whitepaper provides a roadmap for users, maintainers, and integrators to successfully qualify OSS Linux and GNU/Linux projects up to SIL 2 / ASIL B. It explains the exida “tailored” approach to assessing and certifying OSS Linux and/or GNU/Linux projects for functional-safety applications. It outlines how these products can be successfully certified to global FuSa standards and long-term maintenance mandates like the European Cyber Resilience Act (CRA).
In recent years, the practice of publishing comprehensive assessment reports has largely been replaced by the publication of certificates alone. For complex topics such as OSS qualification, greater transparency of assessment approaches would support technical discourse and mutual learning – the goal of this whitepaper.
exida wants and appreciates your feedback on this paper. Please send your feedback to Jonathan Moore.