Xen Hypervisor Advances Toward DO-178C Certification

- While tailored versions of the Xen Hypervisor have been used in mission-critical systems before, the current effort focuses on certifying the mainline version of Xen, a goal pursued by a dedicated Special Interest Group since 2019. - The certification effort is a collaboration between AMD and the Xen Community, initiated in 2023, to make Xen certifiable across both AMD x86 and ARM architectures. - A significant part of the process involves aligning Xen's coding standards with MISRA C guidelines to enhance code safety and quality; as of early 2024, 80% of the relevant MISRA C rules have been integrated. - The Xen Functional Safety Special Interest Group includes members from major tech companies like ARM, Citrix, EPAM, Renesas, and AMD, with assessors from safety-focused organizations such as Exida and TUV SUD. - This certification will facilitate the development of mixed-criticality systems, where applications with different safety requirements can run on a single multicore processor, a key requirement for modern Integrated Modular Avionics (IMA). - The process for DO-178C compliance is objective-based, allowing for flexibility in software lifecycle styles, and requires extensive documentation, including a Plan for Software Aspects of Certification (PSAC) and various development and verification plans. - A key technical challenge is ensuring strict spatial and temporal isolation between virtual machines to prevent non-critical tasks from interfering with the performance of critical ones. - Beyond avionics, the Xen Project is also targeting other safety standards like ISO 26262 for automotive and IEC 61508 for industrial applications as part of its broader functional safety initiative.