LIS25-223 Xen Hypervisor: Progress on Safety Certifiability

• Thursday, 15 May 12:30 - 12:55
• Room: Keynote room | Floriana II

Today, Xen is the leading open-source hypervisor in the automotive industry. Over the past decade, the Xen community has worked tirelessly to develop key features that now form a top-tier automotive solution. Capabilities such as Dom0less, Cache Coloring and Real-Time, Virtio with Grants, and support for Cortex-R52/R82 are critical enablers for Xen to power the next generation of vehicles. Xen's most important role remains that of an enforcer, ensuring strict isolation between domains so that the execution of one domain remains unaffected by others. As one of the system's most critical components, Xen is well suited for the highest levels of safety certification. In 2023, AMD, in collaboration with the Xen community, launched a series of initiatives to make Xen safety-certifiable according to the ISO 26262 automotive standard and the IEC 61508 industrial standard, covering both AMD x86 and ARM architectures. In the following months, we have integrated all the relevant MISRA C rules into the Xen coding style and resolved the vast majority of MISRA C violations. We have also introduced MISRA C checkers into the upstream Xen CI loop to prevent new violations from entering the codebase. Additionally, we have laid the foundation for a robust testing infrastructure and begun upstreaming safety requirements. This presentation will provide an in-depth look at our journey toward making Xen safety-certifiable. We will outline the comprehensive community plan for achieving certification and highlight the key developments expected in 2025.

Download Slides

Add to My Agenda