Demonstrator with AntMicro: Renode and S2OPC on TSN
OPC UA PubSub on MQTT
OPC UA Safety
[Carles] Went through both projects - there are very strong claims on the side of open62541 on code quality, fuzzing tests, etc. Do you run the same type of tools/tests? Does the codebase follow a set of coding guidelines that ensure it can be certified for functional safety
[Vincent] Run tools from OPC UA Foundation. Can not put script in repo as it’s only available to members
[Vincent] Run Coverity
[Vincent] Run fuzzing tools as well (member of the Google fuzzing project)
[Vincent] Follow MISRA rules (using Coverity) as well as cybersecurity rules in France
[Vincent] Academics also ran additional static analysis tools, such as clockwork
[Carles] Went through releases as well -- open62541 around 5 years
[Vincent] 4 years for S2OPC
[David L] How is it being integrated with Zephyr?
[Vincent] Idea was that we can suggest using S2OPC as an OPC module inside Zephyr
[David L] Depending on how it’s integrated, it can be left up to the users on which one they want to use?
[Maureen] Is certification with OPC, primarily an interop type thing?
[Vincent] If you want to certify a product using S2OPC, you must go to the OPC Foundation.
[Vincent] Functional part on the protocol; functional test cases. Robustness test (72 hour run for memory leak). User manual of the product to see if a user is able to configure the product in the correct way. OPC Foundation does not check the functional safety part.
[David L] If touchpoints are fairly limited, then the burden of maintaining this would lie more on the other open source project
[Kumar] Net - what is the ask of Zephyr?
[Carles] The way to go is to create a module (repo) which has a copy of the code (which contains the porting layer and is maintained by S2OPC)
[Kumar] TSC needs to have a follow-up discussion to decide if we want to do that; want to avoid module bloat
[David L] How would you get a manifest to point to a 3rd party project
[Anas] Problem is if we have everything by default. We shouldn’t get into the business of selecting one single implementation. Need to think about how the module is self-contained enough that much functionality is contained by itself
[Kumar] Consider having a modules-extra?
[Carles] Today all of our kconfigs are in the main tree
[David L] Relevant conversation to continue to have.
[Vincent] We have a common interest to work together around safety and security. Interested to work with Zephyr (don’t have all the test bench that Zephyr has on it’s own).
[Maureen] To TSC: Is there interest from multiple people for including this? More time needed to think about it?
[Kumar] Concern is less about picking one. It’s more about maintenance. Want to have a conversation around before we vote.
[Anas] Approach makes sense. First have optional; can elevate once we have more exposure
[Maureen] Continue discussion around potential for having a modules-extra on next week's TSC call
Communication platform (Slack vs. Discord) [Kumar]