1 00:00:00,000 --> 00:00:08,469 foreign 2 00:00:00,500 --> 00:00:08,469 [Music] 3 00:00:12,799 --> 00:00:18,000 today we have Sam Bishop presenting 4 00:00:15,660 --> 00:00:20,160 opening up the final frontier expanding 5 00:00:18,000 --> 00:00:21,420 collaboration open source Aerospace 6 00:00:20,160 --> 00:00:23,460 software 7 00:00:21,420 --> 00:00:25,920 Simon's professional software developer 8 00:00:23,460 --> 00:00:27,840 amateur rocket scientist and astronomer 9 00:00:25,920 --> 00:00:29,340 after observing that Linux and open 10 00:00:27,840 --> 00:00:30,900 source are thriving in space they 11 00:00:29,340 --> 00:00:32,940 wondered why they never seen a pull 12 00:00:30,900 --> 00:00:36,120 request from SpaceX 13 00:00:32,940 --> 00:00:37,860 today Sam will discuss why this is the 14 00:00:36,120 --> 00:00:42,200 case and what we use the open source 15 00:00:37,860 --> 00:00:42,200 Community can do about it round Applause 16 00:00:45,300 --> 00:00:50,219 so yeah I'm Sam contact info as usual is 17 00:00:48,660 --> 00:00:52,379 on a slide 18 00:00:50,219 --> 00:00:55,320 um and yeah there's quite a large amount 19 00:00:52,379 --> 00:00:56,820 that goes into why this situation is 20 00:00:55,320 --> 00:01:00,180 what it is but I'll start with a bit of 21 00:00:56,820 --> 00:01:02,100 background on myself so at the start of 22 00:01:00,180 --> 00:01:04,140 covert I like a lot of people was kind 23 00:01:02,100 --> 00:01:05,640 of in a lockdown and was like what do I 24 00:01:04,140 --> 00:01:07,439 do with all this extra time when I'm not 25 00:01:05,640 --> 00:01:08,760 traveling to work and I was like okay 26 00:01:07,439 --> 00:01:10,680 maybe I'll just build like a little 27 00:01:08,760 --> 00:01:12,479 satellite I've watched these like high 28 00:01:10,680 --> 00:01:13,979 school students do it surely I can do it 29 00:01:12,479 --> 00:01:15,540 I've got way more brains than a bunch of 30 00:01:13,979 --> 00:01:16,860 high school students I've got all this 31 00:01:15,540 --> 00:01:18,960 experience they don't have and I've got 32 00:01:16,860 --> 00:01:21,659 money that they don't have I can do it 33 00:01:18,960 --> 00:01:23,400 and then I rapidly learned a lot of the 34 00:01:21,659 --> 00:01:26,340 reasons why those high school students 35 00:01:23,400 --> 00:01:28,799 can do it and I couldn't and some of 36 00:01:26,340 --> 00:01:29,880 that will be part of the talk but I 37 00:01:28,799 --> 00:01:31,619 worked out that it would actually be 38 00:01:29,880 --> 00:01:33,540 easier to start a company doing 39 00:01:31,619 --> 00:01:34,979 construction robotics in space than it 40 00:01:33,540 --> 00:01:37,140 would be to launch my own personal one 41 00:01:34,979 --> 00:01:38,880 because it turns out the whole industry 42 00:01:37,140 --> 00:01:41,040 is not designed for individuals it's 43 00:01:38,880 --> 00:01:42,180 designed for groups which is why even a 44 00:01:41,040 --> 00:01:45,000 group of high school students can do it 45 00:01:42,180 --> 00:01:46,740 but an individual will struggle so if 46 00:01:45,000 --> 00:01:48,659 any wants to talk about space robotics 47 00:01:46,740 --> 00:01:50,880 with me there's that info but I'm going 48 00:01:48,659 --> 00:01:52,380 to get on to why space is hard and it's 49 00:01:50,880 --> 00:01:54,180 not just because sometimes you drop the 50 00:01:52,380 --> 00:01:56,520 satellite and these poor Engineers 51 00:01:54,180 --> 00:01:58,979 discovered that day yes that is actually 52 00:01:56,520 --> 00:02:00,600 a expensive expensive weather satellite 53 00:01:58,979 --> 00:02:02,640 that was tipped over on its side 54 00:02:00,600 --> 00:02:04,500 accidentally and they actually fixed it 55 00:02:02,640 --> 00:02:06,360 amazingly enough it was cheaper to fix 56 00:02:04,500 --> 00:02:09,479 than rebuild but 57 00:02:06,360 --> 00:02:11,520 so the actual hard Parts not the fun 58 00:02:09,479 --> 00:02:12,720 parts of dropping things is that you 59 00:02:11,520 --> 00:02:14,099 actually have to deal with a lot of 60 00:02:12,720 --> 00:02:15,660 physical challenges in the space 61 00:02:14,099 --> 00:02:17,940 environment and they have some logical 62 00:02:15,660 --> 00:02:19,379 effects and some Hardware effects and 63 00:02:17,940 --> 00:02:21,360 since I'm covering open source in the 64 00:02:19,379 --> 00:02:22,860 general sense both hardware and software 65 00:02:21,360 --> 00:02:24,239 I wanted to cover some of the things 66 00:02:22,860 --> 00:02:27,000 that are relevant in the hardware 67 00:02:24,239 --> 00:02:28,379 context as well so things like how in 68 00:02:27,000 --> 00:02:30,900 space you have no thermal management 69 00:02:28,379 --> 00:02:32,040 other than what you can radiate away so 70 00:02:30,900 --> 00:02:33,660 you actually have to be very careful 71 00:02:32,040 --> 00:02:34,920 about how much heat you produce which 72 00:02:33,660 --> 00:02:37,200 means you've got to pay attention to all 73 00:02:34,920 --> 00:02:38,819 of your thermals very very religiously 74 00:02:37,200 --> 00:02:40,500 you've got to be careful that you don't 75 00:02:38,819 --> 00:02:42,480 make your circuit boards out of Coatings 76 00:02:40,500 --> 00:02:44,580 that contain gases that could outgass 77 00:02:42,480 --> 00:02:46,560 and destroy your instruments or gas 78 00:02:44,580 --> 00:02:49,200 bubbles that could cause traces on the 79 00:02:46,560 --> 00:02:50,340 pcbs to lift up and short-circuit and 80 00:02:49,200 --> 00:02:52,500 all of these kinds of things come 81 00:02:50,340 --> 00:02:55,860 together in a way that makes these extra 82 00:02:52,500 --> 00:02:57,840 details important and then you get more 83 00:02:55,860 --> 00:02:59,940 obvious stuff like radiation well yeah 84 00:02:57,840 --> 00:03:02,160 radiation is pretty easy to deal with 85 00:02:59,940 --> 00:03:04,920 you just have to have redundancy and 86 00:03:02,160 --> 00:03:06,959 redundancy and redundancy So Physical 87 00:03:04,920 --> 00:03:08,819 redundancy consensus algorithms giving 88 00:03:06,959 --> 00:03:11,280 you logical redundancy and then 89 00:03:08,819 --> 00:03:13,680 reprogrammable Hardware like fpgas and 90 00:03:11,280 --> 00:03:15,659 cplds to give you extra Hardware 91 00:03:13,680 --> 00:03:18,959 redundancy but controlled by software 92 00:03:15,659 --> 00:03:21,540 because if a heavy ion strikes into your 93 00:03:18,959 --> 00:03:23,879 circuit and completely destroys a gate 94 00:03:21,540 --> 00:03:25,680 well do you want that to be completely 95 00:03:23,879 --> 00:03:27,120 hosed no you'd like to be able to do 96 00:03:25,680 --> 00:03:28,860 something with the rest of the millions 97 00:03:27,120 --> 00:03:31,019 of transistors in that expensive 98 00:03:28,860 --> 00:03:32,940 component so things like having the 99 00:03:31,019 --> 00:03:34,500 ability to reprogram the rest of that 100 00:03:32,940 --> 00:03:36,420 silicon device that spent hundreds of 101 00:03:34,500 --> 00:03:37,860 thousands of dollars buying is kind of 102 00:03:36,420 --> 00:03:40,319 valuable which is why we see a lot of 103 00:03:37,860 --> 00:03:41,879 fpgas in space and then there's the 104 00:03:40,319 --> 00:03:44,220 communication challenges of being in 105 00:03:41,879 --> 00:03:46,379 space you can't just keep an SSH 106 00:03:44,220 --> 00:03:48,599 terminal open to your satellite well you 107 00:03:46,379 --> 00:03:50,879 can but you need a very big budget for 108 00:03:48,599 --> 00:03:52,140 that and if you don't have that massive 109 00:03:50,879 --> 00:03:54,120 budget you'll be dealing with things 110 00:03:52,140 --> 00:03:56,099 like communication delays and 111 00:03:54,120 --> 00:03:57,900 communication windows and orbital 112 00:03:56,099 --> 00:03:59,340 phasing meaning that sometimes you may 113 00:03:57,900 --> 00:04:01,440 only have on a very cheap Mission 114 00:03:59,340 --> 00:04:03,659 something like 30 minutes to an hour 115 00:04:01,440 --> 00:04:06,180 total to communicate with your satellite 116 00:04:03,659 --> 00:04:09,599 anywhere between once a day and several 117 00:04:06,180 --> 00:04:11,519 weeks so you might have to work out your 118 00:04:09,599 --> 00:04:14,280 software so that you can send a batch of 119 00:04:11,519 --> 00:04:17,519 updates nicely compressed in order to 120 00:04:14,280 --> 00:04:19,139 all six weeks of the next set of charms 121 00:04:17,519 --> 00:04:20,940 out to that satellite 122 00:04:19,139 --> 00:04:23,520 and then wait for the results in six 123 00:04:20,940 --> 00:04:25,139 weeks time and then you might decide 124 00:04:23,520 --> 00:04:26,759 okay well I can do that thing up but I 125 00:04:25,139 --> 00:04:27,720 need more data down so I'll muck around 126 00:04:26,759 --> 00:04:29,340 and I'll work with something like 127 00:04:27,720 --> 00:04:30,900 Optical or laser Communications on the 128 00:04:29,340 --> 00:04:32,820 way down because it's easy to go down 129 00:04:30,900 --> 00:04:34,259 than it is to go back up because you 130 00:04:32,820 --> 00:04:36,540 have a hard time putting very large 131 00:04:34,259 --> 00:04:38,520 receiving telescopes on the bottom of 132 00:04:36,540 --> 00:04:39,780 small cheap satellites but they could 133 00:04:38,520 --> 00:04:42,900 put lasers really easily on there 134 00:04:39,780 --> 00:04:44,040 because lasers can be nice and small but 135 00:04:42,900 --> 00:04:45,120 other things that are coming down the 136 00:04:44,040 --> 00:04:46,259 pipe are satellite to satellite 137 00:04:45,120 --> 00:04:47,820 communication people have done 138 00:04:46,259 --> 00:04:49,620 experiments with using like iridium 139 00:04:47,820 --> 00:04:51,660 modems so like you'd get with a SAT 140 00:04:49,620 --> 00:04:53,160 phone you can just buy they put that on 141 00:04:51,660 --> 00:04:55,500 their little satellite and then they 142 00:04:53,160 --> 00:04:56,940 actually have a very low data rate but a 143 00:04:55,500 --> 00:04:58,020 consistent one and that gives them 144 00:04:56,940 --> 00:05:00,240 another way to get around this problem 145 00:04:58,020 --> 00:05:01,919 it's great for these persistent 146 00:05:00,240 --> 00:05:04,380 connectivity scenarios but this Hardware 147 00:05:01,919 --> 00:05:06,419 isn't widely available because despite 148 00:05:04,380 --> 00:05:08,280 being fairly standard Hardware it's not 149 00:05:06,419 --> 00:05:09,960 open it's the behest of a company with 150 00:05:08,280 --> 00:05:12,360 the licensing and a lot of radio 151 00:05:09,960 --> 00:05:14,160 regulations which is one of the things 152 00:05:12,360 --> 00:05:15,720 that I learned in that process of why I 153 00:05:14,160 --> 00:05:17,100 can't do it individually radio 154 00:05:15,720 --> 00:05:18,979 regulations are not designed for 155 00:05:17,100 --> 00:05:21,479 individuals when it comes to Aerospace 156 00:05:18,979 --> 00:05:23,220 then there's the power which comes back 157 00:05:21,479 --> 00:05:26,100 to The Thermals but the power is the 158 00:05:23,220 --> 00:05:27,900 driver and it's one heavy solar panels 159 00:05:26,100 --> 00:05:30,600 are weight and batteries are even 160 00:05:27,900 --> 00:05:33,000 heavier and you'll find that even on a 161 00:05:30,600 --> 00:05:35,820 professional large satellite you will be 162 00:05:33,000 --> 00:05:38,400 dealing with a significant percentage of 163 00:05:35,820 --> 00:05:40,560 the mass that isn't fuel will be your 164 00:05:38,400 --> 00:05:42,120 power because if you want to do anything 165 00:05:40,560 --> 00:05:44,580 useful you've got to have the 166 00:05:42,120 --> 00:05:46,680 electricity to do it and then when 167 00:05:44,580 --> 00:05:48,240 you're not necessarily going to have Sun 168 00:05:46,680 --> 00:05:49,979 such as if you have to turn the 169 00:05:48,240 --> 00:05:52,380 satellite to point The Big Dish at 170 00:05:49,979 --> 00:05:53,940 something well then you need batteries 171 00:05:52,380 --> 00:05:56,039 to have enough power to do what you're 172 00:05:53,940 --> 00:05:57,360 doing and particularly with radio that 173 00:05:56,039 --> 00:05:58,860 becomes important if you need a high 174 00:05:57,360 --> 00:06:01,560 bandwidth link to send down big pretty 175 00:05:58,860 --> 00:06:03,900 pictures you might have to aim that dish 176 00:06:01,560 --> 00:06:05,880 or that antenna and if you're aiming it 177 00:06:03,900 --> 00:06:07,560 that means that your 178 00:06:05,880 --> 00:06:08,880 solar panels will not necessarily be in 179 00:06:07,560 --> 00:06:10,680 the right place depending on the time of 180 00:06:08,880 --> 00:06:12,479 day with all of those previously 181 00:06:10,680 --> 00:06:14,460 mentioned orbital phasing timing things 182 00:06:12,479 --> 00:06:16,979 which means you might need a really 183 00:06:14,460 --> 00:06:18,240 decent burst of battery power why once 184 00:06:16,979 --> 00:06:20,820 every six months but if you don't have 185 00:06:18,240 --> 00:06:22,919 it your satellite dies so you have to 186 00:06:20,820 --> 00:06:25,620 pay attention to all of these things and 187 00:06:22,919 --> 00:06:27,120 as nicely available as the batteries are 188 00:06:25,620 --> 00:06:30,300 getting you can just literally use like 189 00:06:27,120 --> 00:06:31,979 the the 18650s for a lot of the smaller 190 00:06:30,300 --> 00:06:33,979 satellites and they do get widely used 191 00:06:31,979 --> 00:06:36,600 for cubesats and sort of project SATs 192 00:06:33,979 --> 00:06:38,000 that lithium-ion technology is now quite 193 00:06:36,600 --> 00:06:40,380 well accepted 194 00:06:38,000 --> 00:06:41,400 as well as the fact that Electronics 195 00:06:40,380 --> 00:06:43,259 getting better and better all the time 196 00:06:41,400 --> 00:06:45,240 means that we can use thermal management 197 00:06:43,259 --> 00:06:46,500 and power management lower States and 198 00:06:45,240 --> 00:06:48,780 all of the great stuff that we get for 199 00:06:46,500 --> 00:06:50,160 these tiny embedded controllers to save 200 00:06:48,780 --> 00:06:51,780 every watch that we don't want to use 201 00:06:50,160 --> 00:06:54,660 when we run our tiny projects on coin 202 00:06:51,780 --> 00:06:55,740 cells which is great but at the same 203 00:06:54,660 --> 00:06:58,080 time 204 00:06:55,740 --> 00:07:00,180 with a project this much stuff needing 205 00:06:58,080 --> 00:07:01,740 to be checked off and cared for you 206 00:07:00,180 --> 00:07:04,020 don't want to repeat yourself 207 00:07:01,740 --> 00:07:06,780 that's a diagram of the logical system 208 00:07:04,020 --> 00:07:09,000 part of The Logical system from one of 209 00:07:06,780 --> 00:07:11,220 NASA's open source projects that looks 210 00:07:09,000 --> 00:07:13,680 after a satellite software not even the 211 00:07:11,220 --> 00:07:15,000 hardware just the software and all of 212 00:07:13,680 --> 00:07:17,580 those pieces interact with different 213 00:07:15,000 --> 00:07:19,620 bits of hardware subsystems and 214 00:07:17,580 --> 00:07:22,500 as a developer I look at a diagram like 215 00:07:19,620 --> 00:07:24,900 that and I never want to do that twice 216 00:07:22,500 --> 00:07:26,759 if I build that for myself 217 00:07:24,900 --> 00:07:28,680 I never want to do that again because 218 00:07:26,759 --> 00:07:30,599 that is a significant amount of time and 219 00:07:28,680 --> 00:07:32,819 investment that is operating system 220 00:07:30,599 --> 00:07:35,400 levels of time and investment and while 221 00:07:32,819 --> 00:07:36,599 you know a Linux conference an open 222 00:07:35,400 --> 00:07:38,220 source conference we have lots of 223 00:07:36,599 --> 00:07:40,860 example operating systems to point to 224 00:07:38,220 --> 00:07:42,419 that individuals have done there are not 225 00:07:40,860 --> 00:07:44,520 many individuals who have done that 226 00:07:42,419 --> 00:07:46,620 multiple times 227 00:07:44,520 --> 00:07:49,139 because it does represent that level of 228 00:07:46,620 --> 00:07:51,300 investment that a person does not want 229 00:07:49,139 --> 00:07:52,979 to do alone repeatedly it is bigger than 230 00:07:51,300 --> 00:07:54,539 one person to do this kind of software 231 00:07:52,979 --> 00:07:56,819 correctly and to do the hardware 232 00:07:54,539 --> 00:07:59,099 correctly absolutely shouldn't be done 233 00:07:56,819 --> 00:08:00,539 alone and that gets into the height of 234 00:07:59,099 --> 00:08:02,099 challenges about this being a 235 00:08:00,539 --> 00:08:04,380 environment where you have to work with 236 00:08:02,099 --> 00:08:05,400 other people and those are the harder 237 00:08:04,380 --> 00:08:07,680 challenges in this kind of an 238 00:08:05,400 --> 00:08:09,479 environment for open source it's the the 239 00:08:07,680 --> 00:08:11,460 Social Challenges it's the things like 240 00:08:09,479 --> 00:08:13,440 how in a traditional context an 241 00:08:11,460 --> 00:08:14,940 aerospace company has a lot of layers of 242 00:08:13,440 --> 00:08:16,380 management there will be managers and 243 00:08:14,940 --> 00:08:18,060 managers and Engineering managers and 244 00:08:16,380 --> 00:08:20,460 Engineering review managers and process 245 00:08:18,060 --> 00:08:22,860 control managers and managers to manage 246 00:08:20,460 --> 00:08:24,840 the process control the supply chain and 247 00:08:22,860 --> 00:08:26,580 and all of the layers up and down and it 248 00:08:24,840 --> 00:08:30,000 makes sense once you know how many 249 00:08:26,580 --> 00:08:31,560 things go into a large project but these 250 00:08:30,000 --> 00:08:33,839 companies truly do live and die by this 251 00:08:31,560 --> 00:08:36,659 kind of process control because 252 00:08:33,839 --> 00:08:38,880 they're building gigantic things and if 253 00:08:36,659 --> 00:08:40,500 someone who's outside the organization 254 00:08:38,880 --> 00:08:42,659 say they open source their flight 255 00:08:40,500 --> 00:08:44,940 software and anyone in the world could 256 00:08:42,659 --> 00:08:46,380 contribute to that flight software well 257 00:08:44,940 --> 00:08:47,700 how are they going to stop someone in 258 00:08:46,380 --> 00:08:49,560 the wrong Department who knows nothing 259 00:08:47,700 --> 00:08:51,839 about it messing up what they're doing 260 00:08:49,560 --> 00:08:53,339 for their project let alone someone on 261 00:08:51,839 --> 00:08:54,600 the other side of the world they don't 262 00:08:53,339 --> 00:08:55,860 want their drone falling out of the air 263 00:08:54,600 --> 00:08:58,440 they don't want their plane falling out 264 00:08:55,860 --> 00:09:00,300 of the air they want to make sure that 265 00:08:58,440 --> 00:09:01,500 that software is fully controlled and it 266 00:09:00,300 --> 00:09:03,180 gets harder to deal with the people 267 00:09:01,500 --> 00:09:04,920 inside the organization because you 268 00:09:03,180 --> 00:09:07,320 can't just say oh every commit from 269 00:09:04,920 --> 00:09:09,660 someone who doesn't have a whatever.com 270 00:09:07,320 --> 00:09:13,019 email address has to be double checked 271 00:09:09,660 --> 00:09:15,420 well the rest of your stuff might have 272 00:09:13,019 --> 00:09:17,580 the same domain name the rest of the 273 00:09:15,420 --> 00:09:19,140 staff might not know what they're doing 274 00:09:17,580 --> 00:09:21,480 but think they know what they're doing 275 00:09:19,140 --> 00:09:23,279 and put commits in there is management 276 00:09:21,480 --> 00:09:25,320 complexity that these companies are 277 00:09:23,279 --> 00:09:27,480 afraid of and are not necessarily 278 00:09:25,320 --> 00:09:29,580 prepared to take on to manage open 279 00:09:27,480 --> 00:09:32,279 source in their kind of an environment 280 00:09:29,580 --> 00:09:34,140 and it really does come down to the 281 00:09:32,279 --> 00:09:37,019 numbers because if you look at something 282 00:09:34,140 --> 00:09:38,100 like a 747-400 so that's from 1988 was 283 00:09:37,019 --> 00:09:39,959 the first time that got off the ground 284 00:09:38,100 --> 00:09:42,420 and that had four hundred thousand lines 285 00:09:39,959 --> 00:09:45,540 of code in its flight Control software 286 00:09:42,420 --> 00:09:48,600 city is in the future we're on the 777 287 00:09:45,540 --> 00:09:51,660 it takes off being flown by two and a 288 00:09:48,600 --> 00:09:54,720 half million lines of software 289 00:09:51,660 --> 00:09:56,700 and that's mid 90s it has definitely 290 00:09:54,720 --> 00:09:59,640 gotten bigger it has definitely gotten 291 00:09:56,700 --> 00:10:01,080 more complex there are little niches and 292 00:09:59,640 --> 00:10:02,820 places where these systems interact 293 00:10:01,080 --> 00:10:05,399 between layers and air gaps and things 294 00:10:02,820 --> 00:10:08,399 like well how do I put the where is the 295 00:10:05,399 --> 00:10:10,740 plane now info into a system so that the 296 00:10:08,399 --> 00:10:13,380 really lower security environment of the 297 00:10:10,740 --> 00:10:14,820 iPad in the back of the plane so that 298 00:10:13,380 --> 00:10:17,160 someone can watch their you know movie 299 00:10:14,820 --> 00:10:19,680 for three hours can still see where the 300 00:10:17,160 --> 00:10:21,360 plane is on a pretty map still how do 301 00:10:19,680 --> 00:10:24,000 they render that out of the navigation 302 00:10:21,360 --> 00:10:26,000 software that you don't want someone 303 00:10:24,000 --> 00:10:28,440 being able to hack from the plane Wi-Fi 304 00:10:26,000 --> 00:10:30,600 there are complexities in these that 305 00:10:28,440 --> 00:10:32,459 warrant this level of management 306 00:10:30,600 --> 00:10:35,640 but it can be improved for an open 307 00:10:32,459 --> 00:10:37,620 context and that is part of the economic 308 00:10:35,640 --> 00:10:39,480 problem there is an economic cost in 309 00:10:37,620 --> 00:10:42,180 moving forward to that kind of a change 310 00:10:39,480 --> 00:10:44,880 you need to accept that those costs will 311 00:10:42,180 --> 00:10:46,980 both have benefits and negatives there 312 00:10:44,880 --> 00:10:49,500 will be risks things like if you're a 313 00:10:46,980 --> 00:10:52,200 defense contractor selling support for a 314 00:10:49,500 --> 00:10:54,180 proprietary package to a military well 315 00:10:52,200 --> 00:10:55,079 if that becomes open software you aren't 316 00:10:54,180 --> 00:10:56,279 going to be able to sell it anymore 317 00:10:55,079 --> 00:10:58,500 they're just going to be able to get it 318 00:10:56,279 --> 00:11:00,720 so you can't have that kind of a thing 319 00:10:58,500 --> 00:11:03,060 anymore in an open source 320 00:11:00,720 --> 00:11:04,860 environment that way you have to write 321 00:11:03,060 --> 00:11:07,260 that Revenue off and focus on other 322 00:11:04,860 --> 00:11:10,019 things or you cannot open source that 323 00:11:07,260 --> 00:11:11,880 software and things stay the same and 324 00:11:10,019 --> 00:11:15,000 there's a risk of the competitors that 325 00:11:11,880 --> 00:11:16,800 they work with so if you have you know 326 00:11:15,000 --> 00:11:18,420 Boeing Lockheed and all of these 327 00:11:16,800 --> 00:11:21,120 companies they compete quite viciously 328 00:11:18,420 --> 00:11:22,680 for contracts and they are genuinely 329 00:11:21,120 --> 00:11:24,779 going to be concerned that if they 330 00:11:22,680 --> 00:11:26,700 publish their own work openly their 331 00:11:24,779 --> 00:11:28,620 competitors will take that work undercut 332 00:11:26,700 --> 00:11:30,420 their bid and put them out of business 333 00:11:28,620 --> 00:11:31,860 they don't want to have that and that 334 00:11:30,420 --> 00:11:33,720 gets more and more aggressive the 335 00:11:31,860 --> 00:11:34,980 smaller these companies get when you get 336 00:11:33,720 --> 00:11:36,959 down to the kind of small Innovative 337 00:11:34,980 --> 00:11:39,360 companies working on like small Man 338 00:11:36,959 --> 00:11:42,480 portable drone systems for you know 339 00:11:39,360 --> 00:11:44,399 inspection or you know cattle checking 340 00:11:42,480 --> 00:11:46,560 these these ones are very very 341 00:11:44,399 --> 00:11:48,540 competitive and probably leveraging open 342 00:11:46,560 --> 00:11:50,220 source more than the bigger ones do but 343 00:11:48,540 --> 00:11:51,839 at the same time the fear is there and 344 00:11:50,220 --> 00:11:54,060 they will be leveraging it one way it 345 00:11:51,839 --> 00:11:56,880 goes in it does not come back out 346 00:11:54,060 --> 00:11:58,920 and part of that is regulatory 347 00:11:56,880 --> 00:12:01,399 this is more of an issue with space than 348 00:11:58,920 --> 00:12:04,019 air than the Aero part specifically 349 00:12:01,399 --> 00:12:06,120 every country generally speaking has 350 00:12:04,019 --> 00:12:07,740 some kind of export controls for the US 351 00:12:06,120 --> 00:12:09,899 it's itas or the international traffic 352 00:12:07,740 --> 00:12:11,940 and arms regulations the UK has the 353 00:12:09,899 --> 00:12:13,440 export Control Act the Australian 354 00:12:11,940 --> 00:12:16,380 government has the defense trade 355 00:12:13,440 --> 00:12:18,300 controls act and while some of this does 356 00:12:16,380 --> 00:12:20,040 not apply to open source because in 357 00:12:18,300 --> 00:12:22,740 particular America have done a good job 358 00:12:20,040 --> 00:12:24,120 of clearly cutting open source out you 359 00:12:22,740 --> 00:12:25,800 know there is a relatively 360 00:12:24,120 --> 00:12:28,079 straightforward way to determine if it 361 00:12:25,800 --> 00:12:31,740 is or is not under these for the case of 362 00:12:28,079 --> 00:12:33,060 software there is ambiguity here well 363 00:12:31,740 --> 00:12:34,860 covered in the paper that I actually 364 00:12:33,060 --> 00:12:37,320 pulled that slide from referenced in the 365 00:12:34,860 --> 00:12:39,600 top corner there and that regulatory 366 00:12:37,320 --> 00:12:40,980 ambiguity is where things get dicey for 367 00:12:39,600 --> 00:12:43,500 a company that wants to try and publish 368 00:12:40,980 --> 00:12:44,820 their open source software uh the state 369 00:12:43,500 --> 00:12:46,380 department have a lovely definition 370 00:12:44,820 --> 00:12:48,240 because they are the ones who have their 371 00:12:46,380 --> 00:12:51,000 directorate of trade control that looks 372 00:12:48,240 --> 00:12:53,160 after this and that is that itar has a 373 00:12:51,000 --> 00:12:55,860 list of services and articles and 374 00:12:53,160 --> 00:12:58,440 related technical data that are the 375 00:12:55,860 --> 00:13:00,600 defense articles and then that technical 376 00:12:58,440 --> 00:13:02,820 data definition includes software 377 00:13:00,600 --> 00:13:04,079 directly related to defense articles 378 00:13:02,820 --> 00:13:06,660 creating a nice little circular 379 00:13:04,079 --> 00:13:09,420 reference which means that when time 380 00:13:06,660 --> 00:13:12,360 comes and you have this stuff assessed 381 00:13:09,420 --> 00:13:14,639 to is this or isn't this suitable for 382 00:13:12,360 --> 00:13:16,560 inclusion well 383 00:13:14,639 --> 00:13:18,060 you actually have to have a human go 384 00:13:16,560 --> 00:13:20,040 through it you can't just say for 385 00:13:18,060 --> 00:13:21,660 certain because there is this circular 386 00:13:20,040 --> 00:13:23,399 Loop of world does it come under it 387 00:13:21,660 --> 00:13:25,860 under this interpretation back through 388 00:13:23,399 --> 00:13:27,899 the chain or well when we've applied it 389 00:13:25,860 --> 00:13:29,880 to the thing that it's not used on it's 390 00:13:27,899 --> 00:13:32,880 technically a input for something that 391 00:13:29,880 --> 00:13:35,220 is and that makes it more or less and 392 00:13:32,880 --> 00:13:39,360 it's very ambiguous very manual very 393 00:13:35,220 --> 00:13:40,560 human interpreted over and over and that 394 00:13:39,360 --> 00:13:43,740 is where a big part of the risk for 395 00:13:40,560 --> 00:13:46,139 these companies is and one particularly 396 00:13:43,740 --> 00:13:47,639 annoying little detail is that itire has 397 00:13:46,139 --> 00:13:50,160 a process for marking something as 398 00:13:47,639 --> 00:13:52,500 public so that that half of there where 399 00:13:50,160 --> 00:13:54,720 it's exempt and you don't have to worry 400 00:13:52,500 --> 00:13:58,040 about itar restrictions on your lovely 401 00:13:54,720 --> 00:14:00,420 project but crucially of the eight 402 00:13:58,040 --> 00:14:02,399 mandated ways to make it publicly 403 00:14:00,420 --> 00:14:04,500 available and publicly available is a 404 00:14:02,399 --> 00:14:06,120 noun in this context 405 00:14:04,500 --> 00:14:07,019 putting it on the internet is not one of 406 00:14:06,120 --> 00:14:09,180 them 407 00:14:07,019 --> 00:14:11,160 so you can't just publish the code to 408 00:14:09,180 --> 00:14:13,920 GitHub and have that pull request count 409 00:14:11,160 --> 00:14:16,139 as publishing to the public access in a 410 00:14:13,920 --> 00:14:17,160 way that means it's itar free no you 411 00:14:16,139 --> 00:14:19,079 actually have to have a gatekeeping 412 00:14:17,160 --> 00:14:20,639 mechanism some kind of an extra step in 413 00:14:19,079 --> 00:14:23,519 there do one of those other eight things 414 00:14:20,639 --> 00:14:25,139 first and then it can be public 415 00:14:23,519 --> 00:14:27,540 otherwise you run the risk of breaching 416 00:14:25,139 --> 00:14:28,980 itar which is the kind of thing that you 417 00:14:27,540 --> 00:14:30,899 do not want to do if you want your 418 00:14:28,980 --> 00:14:33,120 company to stay alive if you aren't say 419 00:14:30,899 --> 00:14:34,680 Boeing because they can get away with it 420 00:14:33,120 --> 00:14:37,380 with a bit of a slap on the wrist and a 421 00:14:34,680 --> 00:14:39,660 large large fine but if you're you know 422 00:14:37,380 --> 00:14:41,579 trying to make drones and you breach 423 00:14:39,660 --> 00:14:43,500 that because someone nicked your 424 00:14:41,579 --> 00:14:45,779 software and you didn't do all the right 425 00:14:43,500 --> 00:14:47,760 dotting of eyes and crossing of T's well 426 00:14:45,779 --> 00:14:49,440 you you might not just walk away with no 427 00:14:47,760 --> 00:14:52,560 company you might walk away with jail 428 00:14:49,440 --> 00:14:54,300 time they take that pretty seriously 429 00:14:52,560 --> 00:14:56,160 um and part of that is where we get to 430 00:14:54,300 --> 00:14:59,639 the last part of this the liability in 431 00:14:56,160 --> 00:15:01,380 general risk the liability is a huge 432 00:14:59,639 --> 00:15:04,740 factor for these companies these 433 00:15:01,380 --> 00:15:07,740 companies are very very embedded in a 434 00:15:04,740 --> 00:15:10,260 liability World they are that is you 435 00:15:07,740 --> 00:15:12,779 know they build planes they people's 436 00:15:10,260 --> 00:15:15,540 lives are in their hands and and that 437 00:15:12,779 --> 00:15:17,160 matters to both them and to the people 438 00:15:15,540 --> 00:15:19,380 who make the laws that they have to work 439 00:15:17,160 --> 00:15:22,440 within and those kinds of liability 440 00:15:19,380 --> 00:15:25,079 risks are legal risks to the companies 441 00:15:22,440 --> 00:15:27,420 lawyers they they are unproven legal 442 00:15:25,079 --> 00:15:29,100 risks they are untested by precedent 443 00:15:27,420 --> 00:15:31,680 there is no case law for them to point 444 00:15:29,100 --> 00:15:34,079 to when they are asked a question is it 445 00:15:31,680 --> 00:15:35,880 safe for us to whatever the lawyer's 446 00:15:34,079 --> 00:15:38,339 answer will be I have nothing to say it 447 00:15:35,880 --> 00:15:40,320 isn't therefore it is not safe 448 00:15:38,339 --> 00:15:43,019 and there will be a very big long 449 00:15:40,320 --> 00:15:45,360 process to try and change that 450 00:15:43,019 --> 00:15:46,920 can be improved and it has been improved 451 00:15:45,360 --> 00:15:50,399 in some places in other Industries 452 00:15:46,920 --> 00:15:53,279 already and that legal liability is part 453 00:15:50,399 --> 00:15:55,380 of the reason that open source licenses 454 00:15:53,279 --> 00:15:58,199 in general are being used in a one-way 455 00:15:55,380 --> 00:16:00,360 fashion the code goes in they review it 456 00:15:58,199 --> 00:16:01,079 to their own internal satisfaction they 457 00:16:00,360 --> 00:16:02,699 can 458 00:16:01,079 --> 00:16:04,500 basically look at that little bit at the 459 00:16:02,699 --> 00:16:07,079 bottom of the MIT license that says no 460 00:16:04,500 --> 00:16:09,959 warranty no liability if you screw up 461 00:16:07,079 --> 00:16:12,300 it's on you that part they take the 462 00:16:09,959 --> 00:16:14,279 burden off and all the work they do 463 00:16:12,300 --> 00:16:16,380 internally to take the burden of that 464 00:16:14,279 --> 00:16:18,899 is valuable to the company 465 00:16:16,380 --> 00:16:21,300 it's them doing hard work to accept the 466 00:16:18,899 --> 00:16:22,920 liability and that's part of their value 467 00:16:21,300 --> 00:16:26,100 proposition in using open source 468 00:16:22,920 --> 00:16:28,320 software and to open things up more they 469 00:16:26,100 --> 00:16:31,560 have to contribute back that work in 470 00:16:28,320 --> 00:16:34,260 part even if not in full but in part by 471 00:16:31,560 --> 00:16:36,720 way of trust that they actually use that 472 00:16:34,260 --> 00:16:39,180 code if they publish what they use it 473 00:16:36,720 --> 00:16:41,579 means that that code was actually 474 00:16:39,180 --> 00:16:44,279 verified good enough 475 00:16:41,579 --> 00:16:47,459 and that creates a moral implication if 476 00:16:44,279 --> 00:16:48,899 not a legal implication and that's where 477 00:16:47,459 --> 00:16:50,220 things get more complex for the 478 00:16:48,899 --> 00:16:51,899 companies and it becomes more of a 479 00:16:50,220 --> 00:16:53,639 quagmire for them to try and get dragged 480 00:16:51,899 --> 00:16:56,279 out of by the open Community because 481 00:16:53,639 --> 00:16:57,959 it's very difficult to avoid the risks 482 00:16:56,279 --> 00:17:00,180 of them winding up in a crab mentality 483 00:16:57,959 --> 00:17:01,800 if you make a small light aircraft and 484 00:17:00,180 --> 00:17:04,140 you borrow the code for the navigation 485 00:17:01,800 --> 00:17:04,919 display and a pilot flies it into a 486 00:17:04,140 --> 00:17:07,380 mountain 487 00:17:04,919 --> 00:17:09,240 well the people who put the code in 488 00:17:07,380 --> 00:17:11,100 there they're not actually responsible 489 00:17:09,240 --> 00:17:12,480 for you making sure that that won't fly 490 00:17:11,100 --> 00:17:14,760 someone into a mountain because the GPS 491 00:17:12,480 --> 00:17:17,640 is backwards you are because you made 492 00:17:14,760 --> 00:17:19,620 the plane you put the code in but 493 00:17:17,640 --> 00:17:21,179 you can very easily if you want to avoid 494 00:17:19,620 --> 00:17:22,740 your own legal liability your own 495 00:17:21,179 --> 00:17:24,240 lawyers probably recommending this to 496 00:17:22,740 --> 00:17:26,880 you every time you ask them something 497 00:17:24,240 --> 00:17:28,679 they will be like blame everyone you can 498 00:17:26,880 --> 00:17:30,840 other than yourself because that spreads 499 00:17:28,679 --> 00:17:32,880 the blame and that helps your case and 500 00:17:30,840 --> 00:17:35,340 so they will probably say it may have 501 00:17:32,880 --> 00:17:37,559 been in people who gave us code 502 00:17:35,340 --> 00:17:39,360 and you get the crab mentality you get 503 00:17:37,559 --> 00:17:41,580 one company dragging the other into the 504 00:17:39,360 --> 00:17:44,520 bucket again and everyone looks at the 505 00:17:41,580 --> 00:17:46,860 code and goes we can't trust this it's 506 00:17:44,520 --> 00:17:48,840 not good enough we shouldn't do it this 507 00:17:46,860 --> 00:17:51,660 way because look at that thing that just 508 00:17:48,840 --> 00:17:54,059 happened it taints the entire perception 509 00:17:51,660 --> 00:17:56,539 around using open code in this kind of 510 00:17:54,059 --> 00:18:00,120 an environment where safety is critical 511 00:17:56,539 --> 00:18:02,640 liability is absolutely absolutely lives 512 00:18:00,120 --> 00:18:04,500 are on the line level of liability and 513 00:18:02,640 --> 00:18:07,200 it is going to take time for us to 514 00:18:04,500 --> 00:18:09,480 overcome this but 515 00:18:07,200 --> 00:18:11,340 in the long run it's better because 516 00:18:09,480 --> 00:18:13,200 I kind of don't want to die in a plane 517 00:18:11,340 --> 00:18:14,700 crash because some really smart person 518 00:18:13,200 --> 00:18:17,520 worked out how to mess with the flight 519 00:18:14,700 --> 00:18:19,020 controls by jumping at air gap on the 520 00:18:17,520 --> 00:18:20,400 Wi-Fi from the plane to the navigation 521 00:18:19,020 --> 00:18:21,980 systems because he worked out he could 522 00:18:20,400 --> 00:18:25,200 use some length of wire with as a radio 523 00:18:21,980 --> 00:18:27,900 like I see air gap breaches come through 524 00:18:25,200 --> 00:18:29,520 on the little fun list of random hacks 525 00:18:27,900 --> 00:18:31,200 that I get shown by some people I you 526 00:18:29,520 --> 00:18:32,820 know follow and I'm like wow that's 527 00:18:31,200 --> 00:18:36,000 insanely clever I can't believe you did 528 00:18:32,820 --> 00:18:39,419 that with the hard drive speed noise or 529 00:18:36,000 --> 00:18:41,400 the PC speaker or the LED light and a 530 00:18:39,419 --> 00:18:42,960 camera somewhere else in the room the 531 00:18:41,400 --> 00:18:46,799 amount of ways you can jump into your 532 00:18:42,960 --> 00:18:48,419 Gap just defies belief and when your 533 00:18:46,799 --> 00:18:50,400 entire security model consists of well 534 00:18:48,419 --> 00:18:52,679 we didn't link these two directly so 535 00:18:50,400 --> 00:18:55,620 surely that's secure enough 536 00:18:52,679 --> 00:18:56,760 I kind of don't like that at the back of 537 00:18:55,620 --> 00:18:58,140 my mind in a part that I just try and 538 00:18:56,760 --> 00:19:00,419 switch off every time I bought a plane 539 00:18:58,140 --> 00:19:01,919 and it would be nice to know that more 540 00:19:00,419 --> 00:19:04,740 people were looking at this that that 541 00:19:01,919 --> 00:19:06,720 code was being opened up that we are 542 00:19:04,740 --> 00:19:08,520 actually making those bugs shallow that 543 00:19:06,720 --> 00:19:10,740 we are answering the classic why of what 544 00:19:08,520 --> 00:19:13,140 makes open source software worth it it's 545 00:19:10,740 --> 00:19:14,820 that many eyes make all bugs shallow it 546 00:19:13,140 --> 00:19:18,840 makes the software better because it's 547 00:19:14,820 --> 00:19:20,340 not just the one person doing it and we 548 00:19:18,840 --> 00:19:22,500 have an example of where this has been 549 00:19:20,340 --> 00:19:25,020 done before we've got Automotive grade 550 00:19:22,500 --> 00:19:26,760 Linux now Automotive grade Linux was 551 00:19:25,020 --> 00:19:29,100 started in 2012 so it's 10-year 552 00:19:26,760 --> 00:19:30,780 anniversary last year and it's a 553 00:19:29,100 --> 00:19:32,039 collaborative project that drags in a 554 00:19:30,780 --> 00:19:34,260 bunch of the automotive companies from 555 00:19:32,039 --> 00:19:37,080 around the world so Jaguar Ford General 556 00:19:34,260 --> 00:19:38,580 Motors all of these companies and the 557 00:19:37,080 --> 00:19:41,160 half of them that are subsidiaries of 558 00:19:38,580 --> 00:19:42,960 the other half and they collaborate on 559 00:19:41,160 --> 00:19:44,520 an open source Linux distro that is 560 00:19:42,960 --> 00:19:47,400 suitable for their needs generally 561 00:19:44,520 --> 00:19:49,799 across the entirety of what a car uses 562 00:19:47,400 --> 00:19:51,120 these things for it's not just the 563 00:19:49,799 --> 00:19:53,760 display that shows your cool Android 564 00:19:51,120 --> 00:19:55,080 games it's the the infotainment system 565 00:19:53,760 --> 00:19:57,000 for the rest of the car playing things 566 00:19:55,080 --> 00:19:58,200 in the back seat displays while the 567 00:19:57,000 --> 00:19:59,940 front seats can control them with 568 00:19:58,200 --> 00:20:01,679 parental controls it's having the 569 00:19:59,940 --> 00:20:04,020 connectivity for things like having the 570 00:20:01,679 --> 00:20:05,700 car with a built-in Wi-Fi hotspot it's 571 00:20:04,020 --> 00:20:07,980 for things like having the telematics so 572 00:20:05,700 --> 00:20:09,600 that your car can gather the data to go 573 00:20:07,980 --> 00:20:10,919 okay the tire pressure is low on the 574 00:20:09,600 --> 00:20:12,480 front right side I need to include a 575 00:20:10,919 --> 00:20:14,340 little icon in the top right corner of 576 00:20:12,480 --> 00:20:15,960 my lovely little display Dash rather 577 00:20:14,340 --> 00:20:17,940 than having an ugly light on the main 578 00:20:15,960 --> 00:20:20,580 section all of that data gets golden 579 00:20:17,940 --> 00:20:22,320 process through Linux based systems in 580 00:20:20,580 --> 00:20:24,120 some of these modern cars because the 581 00:20:22,320 --> 00:20:25,860 automotive grade Linux Foundation has 582 00:20:24,120 --> 00:20:27,179 actually stepped up and made one that 583 00:20:25,860 --> 00:20:29,160 they are happy to trust 584 00:20:27,179 --> 00:20:30,660 and they've done that by encouraging 585 00:20:29,160 --> 00:20:32,400 them to share their resources they've 586 00:20:30,660 --> 00:20:33,840 got these companies to go look 587 00:20:32,400 --> 00:20:35,460 we'll let you know what we're getting 588 00:20:33,840 --> 00:20:37,260 wrong and what's wrong we'll give you 589 00:20:35,460 --> 00:20:38,640 some money to even fix it and they've 590 00:20:37,260 --> 00:20:41,340 built this collaborative organization 591 00:20:38,640 --> 00:20:44,640 together with those companies to try and 592 00:20:41,340 --> 00:20:47,580 Foster a community first company is able 593 00:20:44,640 --> 00:20:49,980 to pull from open project and it's made 594 00:20:47,580 --> 00:20:51,539 a difference our cars are generally more 595 00:20:49,980 --> 00:20:52,799 secure now when they use this kind of a 596 00:20:51,539 --> 00:20:55,559 stack because people are actually 597 00:20:52,799 --> 00:20:58,440 checking it and that leads to a large 598 00:20:55,559 --> 00:21:01,799 part of what makes them actually a good 599 00:20:58,440 --> 00:21:04,320 example to pull from is that they're 600 00:21:01,799 --> 00:21:09,299 actually testing the damn stuff 601 00:21:04,320 --> 00:21:11,580 and that is no small fee because they 602 00:21:09,299 --> 00:21:13,440 build their own test Hardware because if 603 00:21:11,580 --> 00:21:15,299 you're testing a headless board in an 604 00:21:13,440 --> 00:21:17,520 embedded context and you might be doing 605 00:21:15,299 --> 00:21:19,440 over-the-air updates via a third-party 606 00:21:17,520 --> 00:21:21,600 wireless network provided to you by the 607 00:21:19,440 --> 00:21:23,700 car manufacturer whose pays and Telco 608 00:21:21,600 --> 00:21:25,440 you know a lump sum up front for every 609 00:21:23,700 --> 00:21:27,840 car that's solds like here's 15 grand 610 00:21:25,440 --> 00:21:30,179 for the next 50 years make that modem 611 00:21:27,840 --> 00:21:31,200 work so we can push updates which is the 612 00:21:30,179 --> 00:21:32,820 kind of thing they do in this 613 00:21:31,200 --> 00:21:34,080 environment you want to know that every 614 00:21:32,820 --> 00:21:35,460 time you push an update over that 615 00:21:34,080 --> 00:21:38,159 potentially unreliable cell phone 616 00:21:35,460 --> 00:21:40,500 network it will work which means that 617 00:21:38,159 --> 00:21:42,840 you have to have silent always not going 618 00:21:40,500 --> 00:21:44,520 to fail on you a b updates working on a 619 00:21:42,840 --> 00:21:46,080 headless environment you have no ability 620 00:21:44,520 --> 00:21:48,059 to go in and inspect 621 00:21:46,080 --> 00:21:51,120 and they test for that they build test 622 00:21:48,059 --> 00:21:53,280 Hardware like those SD mux cards and the 623 00:21:51,120 --> 00:21:56,220 SD wire board that you see on the on the 624 00:21:53,280 --> 00:21:58,320 right hand side there and that lets them 625 00:21:56,220 --> 00:22:00,360 do device under test headless boot 626 00:21:58,320 --> 00:22:02,460 testing and other low-level Hardware 627 00:22:00,360 --> 00:22:05,400 testing to guarantee that their Hardware 628 00:22:02,460 --> 00:22:07,980 that that software is designed for that 629 00:22:05,400 --> 00:22:11,220 they say it's good enough for a car to 630 00:22:07,980 --> 00:22:12,780 rely on for its safety features 631 00:22:11,220 --> 00:22:15,240 they're putting the hard work into 632 00:22:12,780 --> 00:22:17,960 testing that and that is absolutely 633 00:22:15,240 --> 00:22:21,240 critical to have that kind of exhaustive 634 00:22:17,960 --> 00:22:24,480 expensive labor-intensive 635 00:22:21,240 --> 00:22:26,880 absolutely necessary testing done for it 636 00:22:24,480 --> 00:22:29,039 to make a difference in the Aerospace 637 00:22:26,880 --> 00:22:30,299 context if your drone is going to fall 638 00:22:29,039 --> 00:22:32,159 out of the sky because the battery is 639 00:22:30,299 --> 00:22:33,480 low and it lags and you don't know the 640 00:22:32,159 --> 00:22:34,740 battery is low 641 00:22:33,480 --> 00:22:36,659 well you don't want that to fall on 642 00:22:34,740 --> 00:22:38,400 someone's head do you you want that to 643 00:22:36,659 --> 00:22:39,179 land safely and it won't be able to do 644 00:22:38,400 --> 00:22:41,100 that 645 00:22:39,179 --> 00:22:43,799 if it's not tested properly it can't 646 00:22:41,100 --> 00:22:46,080 miss signals it needs to never miss the 647 00:22:43,799 --> 00:22:47,640 signals that are important and unless 648 00:22:46,080 --> 00:22:48,900 the testing gets done you can't be sure 649 00:22:47,640 --> 00:22:50,760 of that which means you can't get a 650 00:22:48,900 --> 00:22:53,220 safety certification 651 00:22:50,760 --> 00:22:55,200 and then you can't sell which is why the 652 00:22:53,220 --> 00:22:56,640 companies care and why the companies put 653 00:22:55,200 --> 00:22:58,020 money into the project and why the 654 00:22:56,640 --> 00:22:59,760 project can afford to design their own 655 00:22:58,020 --> 00:23:02,760 test Hardware like this 656 00:22:59,760 --> 00:23:04,020 and that matters it affords their CI 657 00:23:02,760 --> 00:23:05,340 infrastructure a large part of the there 658 00:23:04,020 --> 00:23:08,039 was a talk earlier today about the 659 00:23:05,340 --> 00:23:09,900 kernel CI Pipeline and a contributor to 660 00:23:08,039 --> 00:23:12,299 that effort has been the automotive 661 00:23:09,900 --> 00:23:14,159 grade Linux project because they care 662 00:23:12,299 --> 00:23:17,460 about making sure that the kernel is CI 663 00:23:14,159 --> 00:23:19,799 tested all the damn time because unless 664 00:23:17,460 --> 00:23:21,659 it's tested all the damn time 665 00:23:19,799 --> 00:23:24,059 One update goes wrong 666 00:23:21,659 --> 00:23:27,179 one firmware rollout goes wrong 667 00:23:24,059 --> 00:23:29,940 one safety critical system goes wrong 668 00:23:27,179 --> 00:23:32,280 and someone may if it's a good day wind 669 00:23:29,940 --> 00:23:35,039 up in a ditch if it's a bad day wind up 670 00:23:32,280 --> 00:23:37,440 off a cliff and the car companies don't 671 00:23:35,039 --> 00:23:38,220 want that so they pay and they make it 672 00:23:37,440 --> 00:23:40,919 work 673 00:23:38,220 --> 00:23:42,480 but the community had to move first 674 00:23:40,919 --> 00:23:44,400 which is why I think we need to start 675 00:23:42,480 --> 00:23:45,600 moving in this direction for Aerospace 676 00:23:44,400 --> 00:23:48,179 software we need to actually begin 677 00:23:45,600 --> 00:23:50,400 building a community group like the 678 00:23:48,179 --> 00:23:52,860 automotive grade Linux Foundation 679 00:23:50,400 --> 00:23:54,179 for Aerospace because we have this world 680 00:23:52,860 --> 00:23:56,280 where drones are being flown around with 681 00:23:54,179 --> 00:23:58,380 Linux on board we've got multiple 682 00:23:56,280 --> 00:24:00,419 systems coordinating cameras and flight 683 00:23:58,380 --> 00:24:01,919 software on Linux powered drones that 684 00:24:00,419 --> 00:24:03,539 hobbyists are doing certainly but 685 00:24:01,919 --> 00:24:05,760 probably the commercial companies too at 686 00:24:03,539 --> 00:24:07,559 this point because well if the code is 687 00:24:05,760 --> 00:24:08,880 up there and I want to make my drone for 688 00:24:07,559 --> 00:24:10,140 under a hundred dollars how am I going 689 00:24:08,880 --> 00:24:11,760 to do that as easily as possible I'll 690 00:24:10,140 --> 00:24:14,659 just go yoink 691 00:24:11,760 --> 00:24:17,220 and it's probably happening yesterday 692 00:24:14,659 --> 00:24:19,380 and that means that the risk is already 693 00:24:17,220 --> 00:24:21,720 out there in a 694 00:24:19,380 --> 00:24:23,159 strict sense but not a practical sense 695 00:24:21,720 --> 00:24:24,900 because the companies don't have any 696 00:24:23,159 --> 00:24:26,580 liability right now there is no openness 697 00:24:24,900 --> 00:24:28,559 they aren't talking about how they've 698 00:24:26,580 --> 00:24:30,299 built these things internally because 699 00:24:28,559 --> 00:24:32,280 there's no incentive for them to do so 700 00:24:30,299 --> 00:24:34,620 all of the things I was saying before 701 00:24:32,280 --> 00:24:36,720 are why no one says that these things 702 00:24:34,620 --> 00:24:39,059 are being used this way there is a 703 00:24:36,720 --> 00:24:41,340 reason why I have not been able to find 704 00:24:39,059 --> 00:24:44,159 a single pull request from SpaceX it's 705 00:24:41,340 --> 00:24:45,659 because when they used Linux on the 706 00:24:44,159 --> 00:24:48,059 starlink satellites on the dragon 707 00:24:45,659 --> 00:24:50,460 spacecraft there is liability for them 708 00:24:48,059 --> 00:24:52,860 massive commercial money on the table 709 00:24:50,460 --> 00:24:54,539 liability lives on the line important 710 00:24:52,860 --> 00:24:56,159 liability that they pay a team of 711 00:24:54,539 --> 00:24:57,780 lawyers to look after 712 00:24:56,159 --> 00:24:58,620 and if they ever publish what they're 713 00:24:57,780 --> 00:25:00,539 using 714 00:24:58,620 --> 00:25:02,460 that gets worse for them 715 00:25:00,539 --> 00:25:04,440 because they're the ones on the hook for 716 00:25:02,460 --> 00:25:06,600 it not the people who originally made it 717 00:25:04,440 --> 00:25:08,400 not the people who were in a position to 718 00:25:06,600 --> 00:25:10,799 publish it openly in a collaborative way 719 00:25:08,400 --> 00:25:13,020 under those kinds of itar restrictions 720 00:25:10,799 --> 00:25:14,580 that would be all their burden and they 721 00:25:13,020 --> 00:25:15,780 don't want that burden which is why 722 00:25:14,580 --> 00:25:18,120 you've never seen a pull request from 723 00:25:15,780 --> 00:25:19,799 SpaceX and why we can do something about 724 00:25:18,120 --> 00:25:21,960 changing that if we try and set up an 725 00:25:19,799 --> 00:25:24,600 organization to Steward this kind of 726 00:25:21,960 --> 00:25:27,480 work and try and create a lack of a 727 00:25:24,600 --> 00:25:29,279 better name for it and Aerospace Linux 728 00:25:27,480 --> 00:25:30,779 group 729 00:25:29,279 --> 00:25:32,039 probably have to find a better name 730 00:25:30,779 --> 00:25:33,299 because automotive and Aerospace same 731 00:25:32,039 --> 00:25:35,340 acronym but 732 00:25:33,299 --> 00:25:37,340 something like that is needed if we want 733 00:25:35,340 --> 00:25:39,840 to try and move this forward because 734 00:25:37,340 --> 00:25:42,900 Starship is going to have Linux on it 735 00:25:39,840 --> 00:25:44,520 SpaceX use Linux everywhere 736 00:25:42,900 --> 00:25:46,320 every time they launched a batch of 737 00:25:44,520 --> 00:25:48,179 their styling satellites back when they 738 00:25:46,320 --> 00:25:50,279 were launching them 60 at a time 739 00:25:48,179 --> 00:25:52,140 they were launching 4 000 Linux 740 00:25:50,279 --> 00:25:55,320 computers into space they were literally 741 00:25:52,140 --> 00:25:57,360 launching 75 separate Linux computers on 742 00:25:55,320 --> 00:25:59,700 every one of those satellites 743 00:25:57,360 --> 00:26:02,460 75 computers in a tightly coupled 744 00:25:59,700 --> 00:26:04,740 supervisory control domain dense 745 00:26:02,460 --> 00:26:06,360 embedded network doing millions of 746 00:26:04,740 --> 00:26:08,700 things all the time flying around up 747 00:26:06,360 --> 00:26:10,380 there with engines that could slam them 748 00:26:08,700 --> 00:26:12,299 into other people's satellites or God 749 00:26:10,380 --> 00:26:14,340 Knows Why 750 00:26:12,299 --> 00:26:16,380 and we have no idea what's going on with 751 00:26:14,340 --> 00:26:18,240 it we just have to accept that they've 752 00:26:16,380 --> 00:26:20,159 done their hard work and that's for the 753 00:26:18,240 --> 00:26:22,320 most part fine 754 00:26:20,159 --> 00:26:24,059 but should forever remain that way do we 755 00:26:22,320 --> 00:26:25,799 want it to remain proprietary do we want 756 00:26:24,059 --> 00:26:27,539 it to remain behind closed doors like 757 00:26:25,799 --> 00:26:29,640 that or do we want to actually try and 758 00:26:27,539 --> 00:26:30,960 push the industry forward like we did in 759 00:26:29,640 --> 00:26:33,539 Automotive 760 00:26:30,960 --> 00:26:34,919 and one of the ways to do that is to 761 00:26:33,539 --> 00:26:36,720 start building that organization start 762 00:26:34,919 --> 00:26:39,059 building that group and start working on 763 00:26:36,720 --> 00:26:41,159 the important projects to make that more 764 00:26:39,059 --> 00:26:42,720 valuable for the companies so that they 765 00:26:41,159 --> 00:26:44,279 might choose to adopt it because that is 766 00:26:42,720 --> 00:26:46,380 what the Automotive Group did they 767 00:26:44,279 --> 00:26:48,600 spearheaded tizen that's actually where 768 00:26:46,380 --> 00:26:50,039 it came from first not the phones it 769 00:26:48,600 --> 00:26:52,500 actually came out as part of this this 770 00:26:50,039 --> 00:26:54,360 Core group and ties in one of those 771 00:26:52,500 --> 00:26:56,940 first wins was Automotive for the 772 00:26:54,360 --> 00:26:59,159 display and the infotainment system and 773 00:26:56,940 --> 00:27:00,659 then they expanded it they built a lot 774 00:26:59,159 --> 00:27:03,000 of work on top of it to make it reliable 775 00:27:00,659 --> 00:27:04,980 and robust and they did that testing 776 00:27:03,000 --> 00:27:06,779 work and they've built it up so that it 777 00:27:04,980 --> 00:27:07,799 is able to do the infotainment the 778 00:27:06,779 --> 00:27:09,600 telematics all of this stuff 779 00:27:07,799 --> 00:27:11,700 simultaneously to a level where they are 780 00:27:09,600 --> 00:27:13,020 happy that it's good enough and we have 781 00:27:11,700 --> 00:27:15,299 to do the same thing for Aerospace 782 00:27:13,020 --> 00:27:17,460 software or else the companies can't use 783 00:27:15,299 --> 00:27:19,320 it and start the cycle because they're 784 00:27:17,460 --> 00:27:20,760 not going to take their old code it was 785 00:27:19,320 --> 00:27:22,500 a footnote in one of the earlier slides 786 00:27:20,760 --> 00:27:23,760 but I don't think they're ever going to 787 00:27:22,500 --> 00:27:25,740 open source what they've written right 788 00:27:23,760 --> 00:27:27,600 now because if they were to open source 789 00:27:25,740 --> 00:27:29,580 what they've written right now that 790 00:27:27,600 --> 00:27:32,400 would be a risk to them that they cannot 791 00:27:29,580 --> 00:27:34,440 stomach if they took that software that 792 00:27:32,400 --> 00:27:35,940 was already flying and let other people 793 00:27:34,440 --> 00:27:37,919 see it 794 00:27:35,940 --> 00:27:38,940 you look back at something like the 737 795 00:27:37,919 --> 00:27:40,919 Max 796 00:27:38,940 --> 00:27:42,900 that was a software problem 797 00:27:40,919 --> 00:27:44,159 100 a software problem there was some 798 00:27:42,900 --> 00:27:45,779 Hardware involved but it was a software 799 00:27:44,159 --> 00:27:47,640 problem that killed people 800 00:27:45,779 --> 00:27:49,080 quite a lot of people for a plane crash 801 00:27:47,640 --> 00:27:50,340 kind of thing actually 802 00:27:49,080 --> 00:27:53,460 and 803 00:27:50,340 --> 00:27:55,640 if Boeing had been open about that 804 00:27:53,460 --> 00:27:59,100 software they may have been 805 00:27:55,640 --> 00:28:02,039 worse out there there may still be worse 806 00:27:59,100 --> 00:28:04,679 in that code and we don't know they 807 00:28:02,039 --> 00:28:06,720 probably have some idea but calculated 808 00:28:04,679 --> 00:28:08,100 risk management is what it is for large 809 00:28:06,720 --> 00:28:10,320 companies like that 810 00:28:08,100 --> 00:28:12,240 and they will never want to open source 811 00:28:10,320 --> 00:28:14,460 that kind of code because that is too 812 00:28:12,240 --> 00:28:16,380 big of a risk for them 813 00:28:14,460 --> 00:28:18,120 and that is just how business Works they 814 00:28:16,380 --> 00:28:19,740 have to stay solvent or else well they 815 00:28:18,120 --> 00:28:21,179 stop being a business so they won't open 816 00:28:19,740 --> 00:28:23,700 source that software they will 817 00:28:21,179 --> 00:28:25,860 potentially adopt new code new code that 818 00:28:23,700 --> 00:28:27,120 has been proven good enough 819 00:28:25,860 --> 00:28:28,140 but we're not going to get a big code 820 00:28:27,120 --> 00:28:30,120 dump we're not going to get someone 821 00:28:28,140 --> 00:28:32,340 going here is the last 30 years of hard 822 00:28:30,120 --> 00:28:35,159 work to make amazing thing because 823 00:28:32,340 --> 00:28:36,659 fundamentally it is like deciding to run 824 00:28:35,159 --> 00:28:39,179 through a plate glass window for these 825 00:28:36,659 --> 00:28:40,799 companies that is utterly insane levels 826 00:28:39,179 --> 00:28:42,480 of risk and they will not take it on the 827 00:28:40,799 --> 00:28:44,039 community has to move first and we have 828 00:28:42,480 --> 00:28:45,840 to start doing things like having 829 00:28:44,039 --> 00:28:49,020 significant testing on the real-time 830 00:28:45,840 --> 00:28:50,340 preempt kernel set it's almost all the 831 00:28:49,020 --> 00:28:52,500 way in now there's just a few little 832 00:28:50,340 --> 00:28:54,840 extra patches left and that's a big win 833 00:28:52,500 --> 00:28:57,299 over the last 12 months 12 months ago 834 00:28:54,840 --> 00:28:59,640 there was still mostly unmerged but 835 00:28:57,299 --> 00:29:01,919 ready for merge now it's merged mostly 836 00:28:59,640 --> 00:29:03,600 and just a little bit living out that is 837 00:29:01,919 --> 00:29:06,000 a big win because a lot of Aerospace 838 00:29:03,600 --> 00:29:07,860 stuff needs real-time systems it needs 839 00:29:06,000 --> 00:29:09,900 extremely precise timing response it 840 00:29:07,860 --> 00:29:12,840 needs to acknowledge updates in a very 841 00:29:09,900 --> 00:29:15,419 important Fashion on hierarchy you need 842 00:29:12,840 --> 00:29:17,220 to have I must know now and I need to 843 00:29:15,419 --> 00:29:18,480 know really soon and everything else can 844 00:29:17,220 --> 00:29:19,919 wait after that 845 00:29:18,480 --> 00:29:22,020 and unless you have those kind of 846 00:29:19,919 --> 00:29:24,419 patches you can't get that guarantee in 847 00:29:22,020 --> 00:29:26,520 the Linux kernel it's just how it works 848 00:29:24,419 --> 00:29:27,720 and so that's a crucial component that's 849 00:29:26,520 --> 00:29:29,640 the kind of thing that could be tested 850 00:29:27,720 --> 00:29:31,500 more exhaustively there are some other 851 00:29:29,640 --> 00:29:33,299 open source projects that are in this 852 00:29:31,500 --> 00:29:35,039 Aerospace domain that could definitely 853 00:29:33,299 --> 00:29:36,779 deserve more Community attention from 854 00:29:35,039 --> 00:29:39,299 people who aren't already working at 855 00:29:36,779 --> 00:29:41,100 large companies there's qbos which tried 856 00:29:39,299 --> 00:29:42,960 to make an open source operating system 857 00:29:41,100 --> 00:29:44,700 for satellites you can actually build 858 00:29:42,960 --> 00:29:45,899 that one still on a Raspberry Pi it's a 859 00:29:44,700 --> 00:29:48,000 great little project but the company 860 00:29:45,899 --> 00:29:49,260 shifted away from it because they 861 00:29:48,000 --> 00:29:51,059 weren't making much money off that 862 00:29:49,260 --> 00:29:52,679 compared to how much development time it 863 00:29:51,059 --> 00:29:54,179 took for them to do the kind of testing 864 00:29:52,679 --> 00:29:56,100 and work that was needed to make it 865 00:29:54,179 --> 00:29:57,600 useful they shifted into running a 866 00:29:56,100 --> 00:29:59,640 management software stack that they had 867 00:29:57,600 --> 00:30:01,440 built side by side with it so kind of a 868 00:29:59,640 --> 00:30:04,860 grafana for your satellite kind of a 869 00:30:01,440 --> 00:30:06,600 thing and that's fine they've opened 870 00:30:04,860 --> 00:30:09,299 that code which is great it's there as a 871 00:30:06,600 --> 00:30:11,159 good example but it's not one people can 872 00:30:09,299 --> 00:30:12,480 just pick up and use right now it has 873 00:30:11,159 --> 00:30:14,159 missing pieces that were previously 874 00:30:12,480 --> 00:30:15,779 proprietary to do with radios and all 875 00:30:14,159 --> 00:30:17,520 sorts of other components but it could 876 00:30:15,779 --> 00:30:19,620 be a starting point if a project wants 877 00:30:17,520 --> 00:30:20,820 to pick it up and then there's NASA's 878 00:30:19,620 --> 00:30:22,440 core flight system that's actually 879 00:30:20,820 --> 00:30:24,240 running real satellites 880 00:30:22,440 --> 00:30:26,039 but once you learn how that patch 881 00:30:24,240 --> 00:30:28,860 process works and how that review cycle 882 00:30:26,039 --> 00:30:31,260 goes you really do get a very quick 883 00:30:28,860 --> 00:30:32,640 lesson in how Aerospace software works 884 00:30:31,260 --> 00:30:34,919 if you want to contribute to that 885 00:30:32,640 --> 00:30:36,779 project you're basically proposing a 886 00:30:34,919 --> 00:30:38,700 contribution not actually giving them 887 00:30:36,779 --> 00:30:40,080 one they may rewrite it completely 888 00:30:38,700 --> 00:30:41,880 because 889 00:30:40,080 --> 00:30:43,799 if you're from a certain country or from 890 00:30:41,880 --> 00:30:45,779 a certain place or a certain there's a 891 00:30:43,799 --> 00:30:48,000 million reasons why they may completely 892 00:30:45,779 --> 00:30:49,620 rewrite it based on your suggestion 893 00:30:48,000 --> 00:30:52,200 or they just may review it and 894 00:30:49,620 --> 00:30:54,539 potentially include it it's a heavily 895 00:30:52,200 --> 00:30:56,760 gated process because well NASA actually 896 00:30:54,539 --> 00:30:59,760 used that to fly satellites so they're 897 00:30:56,760 --> 00:31:01,440 damn careful with it and rightly so but 898 00:30:59,760 --> 00:31:03,779 there is a good bootstrapping project 899 00:31:01,440 --> 00:31:05,580 the open sack kit that gets that all 900 00:31:03,779 --> 00:31:07,260 running up on a Linux you know Linux 901 00:31:05,580 --> 00:31:09,059 environment and a virtual machine and 902 00:31:07,260 --> 00:31:10,860 lets you play with it but Linux isn't a 903 00:31:09,059 --> 00:31:13,200 first class platform for them 904 00:31:10,860 --> 00:31:14,039 because it's not reliable enough in 905 00:31:13,200 --> 00:31:15,539 their View 906 00:31:14,039 --> 00:31:16,919 well we could try and make it more 907 00:31:15,539 --> 00:31:18,240 reliable we could try and push that 908 00:31:16,919 --> 00:31:19,440 forward to get it to the point where 909 00:31:18,240 --> 00:31:21,659 they considered it a first class 910 00:31:19,440 --> 00:31:23,820 platform and not just a good enough for 911 00:31:21,659 --> 00:31:25,799 a VM on your desktop 912 00:31:23,820 --> 00:31:29,000 there's F Prime that's actually flying a 913 00:31:25,799 --> 00:31:29,000 helicopter on Mars we 914 00:31:31,919 --> 00:31:35,940 are openly on regular stuff on Earth we 915 00:31:34,440 --> 00:31:38,460 could see more drones being developed 916 00:31:35,940 --> 00:31:39,480 with f Prime in an open way not in a 917 00:31:38,460 --> 00:31:40,799 closed way because I wouldn't be 918 00:31:39,480 --> 00:31:43,080 surprised to see a lot of commercial 919 00:31:40,799 --> 00:31:44,399 drones using F Prime if they ever told 920 00:31:43,080 --> 00:31:47,340 us what they used 921 00:31:44,399 --> 00:31:49,020 and absolutely critical is maintaining 922 00:31:47,340 --> 00:31:51,059 that real-time preempt Aerospace 923 00:31:49,020 --> 00:31:53,460 software has a very strong need for real 924 00:31:51,059 --> 00:31:54,659 time I cannot emphasize this enough when 925 00:31:53,460 --> 00:31:56,340 you have to move out of the way of 926 00:31:54,659 --> 00:31:57,000 something while moving very quickly at 927 00:31:56,340 --> 00:31:59,039 like 928 00:31:57,000 --> 00:32:02,399 hundreds of kilometers an hour or even 929 00:31:59,039 --> 00:32:04,620 worse thousands of kilometers a second 930 00:32:02,399 --> 00:32:06,059 you need to know about it right now 931 00:32:04,620 --> 00:32:07,020 otherwise you could be in serious 932 00:32:06,059 --> 00:32:07,919 trouble 933 00:32:07,020 --> 00:32:09,360 and 934 00:32:07,919 --> 00:32:11,880 really that is where the bigger picture 935 00:32:09,360 --> 00:32:14,039 is it is testing it is having a cohesive 936 00:32:11,880 --> 00:32:16,140 group to manage that testing to deal 937 00:32:14,039 --> 00:32:18,539 with the funding of that testing and to 938 00:32:16,140 --> 00:32:20,460 Steward the group as a whole like how we 939 00:32:18,539 --> 00:32:22,740 have already done with automotive and I 940 00:32:20,460 --> 00:32:25,919 think we can push this forward it just 941 00:32:22,740 --> 00:32:27,899 needs to start and unfortunately for me 942 00:32:25,919 --> 00:32:30,600 I'm in the same position as some of 943 00:32:27,899 --> 00:32:32,580 those companies so I can't start it I 944 00:32:30,600 --> 00:32:35,100 need to try and encourage the community 945 00:32:32,580 --> 00:32:38,159 to start so I can join 946 00:32:35,100 --> 00:32:40,760 so with that and 10 minutes left I'll 947 00:32:38,159 --> 00:32:40,760 take questions 948 00:32:50,760 --> 00:32:55,440 so did you actually end up building a 949 00:32:52,559 --> 00:32:58,399 satellite oh yeah but I can't fly it 950 00:32:55,440 --> 00:32:58,399 works on my desk 951 00:33:01,200 --> 00:33:05,340 since we already have Automotive grade 952 00:33:02,940 --> 00:33:07,500 Linux could the scope of that be 953 00:33:05,340 --> 00:33:09,000 expanded to cover Aerospace or are there 954 00:33:07,500 --> 00:33:10,380 do they need to be maintained as two 955 00:33:09,000 --> 00:33:12,720 separate and largely overlapping 956 00:33:10,380 --> 00:33:14,039 projects it could but I don't know how 957 00:33:12,720 --> 00:33:16,380 well that would help the organization 958 00:33:14,039 --> 00:33:18,179 for their needs they do have a very 959 00:33:16,380 --> 00:33:20,640 different set of needs and while there 960 00:33:18,179 --> 00:33:22,380 is significant overlap at the core I 961 00:33:20,640 --> 00:33:24,120 don't know how much benefit there would 962 00:33:22,380 --> 00:33:26,820 be in the long run to those peripheral 963 00:33:24,120 --> 00:33:29,460 interests the whole infotainment portion 964 00:33:26,820 --> 00:33:31,500 is a great clear-cut example there you 965 00:33:29,460 --> 00:33:33,480 know all the Aerospace stuff broadly 966 00:33:31,500 --> 00:33:35,220 speaking outside of very specific niches 967 00:33:33,480 --> 00:33:36,779 like large airliners where you might 968 00:33:35,220 --> 00:33:39,360 have a whole infotainment system in them 969 00:33:36,779 --> 00:33:41,279 outside of that there isn't really a 970 00:33:39,360 --> 00:33:42,899 need for large chunks of what those 971 00:33:41,279 --> 00:33:45,120 people are building and testing and 972 00:33:42,899 --> 00:33:47,159 making sure it works so 973 00:33:45,120 --> 00:33:48,539 potentially it really does come down to 974 00:33:47,159 --> 00:33:50,399 how much is done better as a 975 00:33:48,539 --> 00:33:52,260 collaboration between two peer 976 00:33:50,399 --> 00:33:54,059 organizations or whether it would be 977 00:33:52,260 --> 00:33:55,380 better to make it part of their overall 978 00:33:54,059 --> 00:33:57,480 mission and whether they want to adopt 979 00:33:55,380 --> 00:33:59,279 that they are funded at the moment by 980 00:33:57,480 --> 00:34:01,080 majority car companies 981 00:33:59,279 --> 00:34:03,779 those car companies may not want to have 982 00:34:01,080 --> 00:34:05,279 other people you know butting in 983 00:34:03,779 --> 00:34:06,960 they want that control potentially 984 00:34:05,279 --> 00:34:08,099 because that serves their needs they're 985 00:34:06,960 --> 00:34:12,919 paying for that 986 00:34:08,099 --> 00:34:12,919 so it may be but potentially no 987 00:34:16,139 --> 00:34:18,740 any more questions 988 00:34:27,300 --> 00:34:34,080 you said if I remember correctly that 989 00:34:29,899 --> 00:34:36,659 NASA didn't trust Unix for Linux for uh 990 00:34:34,080 --> 00:34:39,720 most things yet apparently they trusted 991 00:34:36,659 --> 00:34:42,480 it for helicopter on Mars how did that 992 00:34:39,720 --> 00:34:44,940 that's got an interesting story actually 993 00:34:42,480 --> 00:34:48,240 um in in that particular case it kind of 994 00:34:44,940 --> 00:34:50,520 came down to they were forced to 995 00:34:48,240 --> 00:34:52,800 um the the better example is that they 996 00:34:50,520 --> 00:34:54,300 were willing to trust the cameras on the 997 00:34:52,800 --> 00:34:55,700 on the landing portion of that mission 998 00:34:54,300 --> 00:34:58,740 to Linux 999 00:34:55,700 --> 00:35:00,839 because with the helicopter they were 1000 00:34:58,740 --> 00:35:02,220 forced to take that one because the only 1001 00:35:00,839 --> 00:35:04,020 way they could get enough compute power 1002 00:35:02,220 --> 00:35:06,240 to do that mission to have that 1003 00:35:04,020 --> 00:35:08,339 helicopter fly keep that under the 1004 00:35:06,240 --> 00:35:10,200 weight threshold to make these able to 1005 00:35:08,339 --> 00:35:12,660 lift off with the very tight power 1006 00:35:10,200 --> 00:35:14,280 budget they had that the thing is right 1007 00:35:12,660 --> 00:35:15,480 on the razor's Edge in terms of how much 1008 00:35:14,280 --> 00:35:16,800 weight they were able to get on there 1009 00:35:15,480 --> 00:35:18,200 and how much power they were able to 1010 00:35:16,800 --> 00:35:21,420 store and how much they needed to fly 1011 00:35:18,200 --> 00:35:23,099 was to run with a Linux board and their 1012 00:35:21,420 --> 00:35:26,480 decision was based on okay we can either 1013 00:35:23,099 --> 00:35:29,220 try and port a whole thing over to this 1014 00:35:26,480 --> 00:35:31,260 or we can take what's already on there 1015 00:35:29,220 --> 00:35:33,839 that's good enough that was in fact 1016 00:35:31,260 --> 00:35:35,280 actually supported by the the air the 1017 00:35:33,839 --> 00:35:37,680 automotive grade Linux so they were able 1018 00:35:35,280 --> 00:35:39,720 to use a quite robust hardened kernel 1019 00:35:37,680 --> 00:35:41,520 tested line of code it was all custom 1020 00:35:39,720 --> 00:35:44,700 down but they could start from somewhere 1021 00:35:41,520 --> 00:35:46,859 that trusted and tested they were able 1022 00:35:44,700 --> 00:35:48,780 to take that and still build a mission 1023 00:35:46,859 --> 00:35:49,980 and then on the other side of it on the 1024 00:35:48,780 --> 00:35:51,900 receive side there's actually another 1025 00:35:49,980 --> 00:35:53,460 little computer on the Rover that 1026 00:35:51,900 --> 00:35:55,500 listens to the helicopter that also runs 1027 00:35:53,460 --> 00:35:57,599 Linux just mainly because it was 1028 00:35:55,500 --> 00:36:00,900 convenient for the team to do it all on 1029 00:35:57,599 --> 00:36:03,420 Linux as one stack and that one actually 1030 00:36:00,900 --> 00:36:05,760 talks via a uart to the main Rover 1031 00:36:03,420 --> 00:36:07,619 operating system and it's not like that 1032 00:36:05,760 --> 00:36:09,420 actually gets to talk back to earth when 1033 00:36:07,619 --> 00:36:11,099 they get files from the helicopter when 1034 00:36:09,420 --> 00:36:12,480 it's done with a flight it just 1035 00:36:11,099 --> 00:36:14,460 literally writes them out to a Serial 1036 00:36:12,480 --> 00:36:15,900 buffer and then if the Rover is happy 1037 00:36:14,460 --> 00:36:17,760 with that it will then write that into 1038 00:36:15,900 --> 00:36:20,280 memory and later do its thing with it 1039 00:36:17,760 --> 00:36:21,359 there is layers and gatekeeping in this 1040 00:36:20,280 --> 00:36:23,880 process 1041 00:36:21,359 --> 00:36:26,520 that is part of their willingness to 1042 00:36:23,880 --> 00:36:29,040 accept Linux in this context is because 1043 00:36:26,520 --> 00:36:31,619 it's behind safety's not in critical 1044 00:36:29,040 --> 00:36:33,720 places was the only option to get it 1045 00:36:31,619 --> 00:36:35,400 done on a deadline they were kind of 1046 00:36:33,720 --> 00:36:38,099 forced into it and willing to accept 1047 00:36:35,400 --> 00:36:40,020 that under certain key circumstances and 1048 00:36:38,099 --> 00:36:41,820 that's not to say it was a bad choice 1049 00:36:40,020 --> 00:36:43,500 it's a good choice it flies that thing 1050 00:36:41,820 --> 00:36:46,920 well 1051 00:36:43,500 --> 00:36:48,780 but under other circumstances such as 1052 00:36:46,920 --> 00:36:49,920 for instance one of the new missions 1053 00:36:48,780 --> 00:36:51,359 that's currently under development 1054 00:36:49,920 --> 00:36:53,339 that's going to do a large I think it's 1055 00:36:51,359 --> 00:36:55,020 a hexacopter I might be remembering that 1056 00:36:53,339 --> 00:36:57,780 wrong but a very large multi-rotor 1057 00:36:55,020 --> 00:37:00,540 copter being sent to Titan 1058 00:36:57,780 --> 00:37:01,800 that probably won't run Linux that's 1059 00:37:00,540 --> 00:37:03,240 probably going to be running a real-time 1060 00:37:01,800 --> 00:37:04,560 operating system and a lot of custom 1061 00:37:03,240 --> 00:37:06,839 stuff on top 1062 00:37:04,560 --> 00:37:08,160 because they can't risk it this is going 1063 00:37:06,839 --> 00:37:09,960 to be a nuclear-powered flying 1064 00:37:08,160 --> 00:37:13,260 helicopter on you know Saturn's moons 1065 00:37:09,960 --> 00:37:15,960 they don't want anything to go wrong 1066 00:37:13,260 --> 00:37:17,220 and they won't trust Linux there and 1067 00:37:15,960 --> 00:37:20,700 this is the thing that needs to try and 1068 00:37:17,220 --> 00:37:23,220 change but with the Imaging cameras that 1069 00:37:20,700 --> 00:37:24,900 was an interesting one they couldn't get 1070 00:37:23,220 --> 00:37:27,900 all of that to work without using a 1071 00:37:24,900 --> 00:37:30,240 regular computer they had too much data 1072 00:37:27,900 --> 00:37:32,520 so the Imaging cameras the the wonderful 1073 00:37:30,240 --> 00:37:34,320 videos that we have this time as opposed 1074 00:37:32,520 --> 00:37:36,480 to last time when Ingenuity was Landing 1075 00:37:34,320 --> 00:37:38,640 this time was because they actually took 1076 00:37:36,480 --> 00:37:40,380 an industrial control computer that was 1077 00:37:38,640 --> 00:37:41,640 used for managing you know regular 1078 00:37:40,380 --> 00:37:43,680 production lines one of these little PC 1079 00:37:41,640 --> 00:37:45,540 104 kind of embedded boards but a modern 1080 00:37:43,680 --> 00:37:46,980 one with lots of bandwidth 1081 00:37:45,540 --> 00:37:48,300 made sure it was good enough for the job 1082 00:37:46,980 --> 00:37:49,260 the G's and the red hardening and 1083 00:37:48,300 --> 00:37:51,780 everything 1084 00:37:49,260 --> 00:37:53,280 and then they plugged a ton of USB 1085 00:37:51,780 --> 00:37:55,500 cameras into it 1086 00:37:53,280 --> 00:37:56,880 so all of those wonderful multi-views of 1087 00:37:55,500 --> 00:37:58,020 it as it's coming down and all the 1088 00:37:56,880 --> 00:38:00,000 photos that we get from where it's 1089 00:37:58,020 --> 00:38:01,800 dropped things and stuff's coming behind 1090 00:38:00,000 --> 00:38:03,240 it and all of the wonderful multi-camera 1091 00:38:01,800 --> 00:38:04,079 reviews we have of that seven minutes of 1092 00:38:03,240 --> 00:38:06,240 Terror 1093 00:38:04,079 --> 00:38:08,460 they came in from one single Linux box 1094 00:38:06,240 --> 00:38:09,480 because it was the absolute right tool 1095 00:38:08,460 --> 00:38:11,099 for the job 1096 00:38:09,480 --> 00:38:12,359 because if they tried to do that with a 1097 00:38:11,099 --> 00:38:13,800 real-time one they would have had to 1098 00:38:12,359 --> 00:38:15,900 basically build half of Linux from 1099 00:38:13,800 --> 00:38:17,820 scratch to do all of that for themselves 1100 00:38:15,900 --> 00:38:20,579 they had to send that data they had to 1101 00:38:17,820 --> 00:38:22,560 do jpeg processing to compress it down 1102 00:38:20,579 --> 00:38:24,300 so they could send it back they had to 1103 00:38:22,560 --> 00:38:25,920 manage the multiple i o streams they had 1104 00:38:24,300 --> 00:38:28,140 to do USB controlling from multiple 1105 00:38:25,920 --> 00:38:30,780 points and you know all of that stuff in 1106 00:38:28,140 --> 00:38:33,540 an operating system a full one that does 1107 00:38:30,780 --> 00:38:35,040 lots of stuff on desktops and even more 1108 00:38:33,540 --> 00:38:37,320 stuff on servers 1109 00:38:35,040 --> 00:38:39,420 it already does that and that was the 1110 00:38:37,320 --> 00:38:41,640 solution that was right for that job 1111 00:38:39,420 --> 00:38:43,320 that's a good example of where Linux was 1112 00:38:41,640 --> 00:38:44,760 the right tool and they willingly chose 1113 00:38:43,320 --> 00:38:46,200 it 1114 00:38:44,760 --> 00:38:47,940 but it doesn't get as much publicity 1115 00:38:46,200 --> 00:38:50,160 because it's not a cool little Rover or 1116 00:38:47,940 --> 00:38:52,740 a awesome amazing helicopter that's like 1117 00:38:50,160 --> 00:38:54,480 holy crap it's flying 1118 00:38:52,740 --> 00:38:56,220 but it is making head roads and that's 1119 00:38:54,480 --> 00:38:58,520 why I'm optimistic that we can change 1120 00:38:56,220 --> 00:38:58,520 this 1121 00:38:59,940 --> 00:39:05,359 cool anybody else 1122 00:39:02,160 --> 00:39:05,359 okay this will be the last question 1123 00:39:07,560 --> 00:39:12,119 in this space What competition does 1124 00:39:10,320 --> 00:39:15,540 Linux have to deal with 1125 00:39:12,119 --> 00:39:19,079 um remembering from early 2000 or early 1126 00:39:15,540 --> 00:39:20,820 to late noughties Windows CE was on a 1127 00:39:19,079 --> 00:39:23,220 bunch of cars and that was just 1128 00:39:20,820 --> 00:39:25,079 horrendous for most part 1129 00:39:23,220 --> 00:39:27,480 I don't know if it's as much a matter of 1130 00:39:25,079 --> 00:39:28,800 competition as it is a matter of 1131 00:39:27,480 --> 00:39:31,560 establishment 1132 00:39:28,800 --> 00:39:32,520 the the biggest thing that you see when 1133 00:39:31,560 --> 00:39:34,200 you look into the decision-making 1134 00:39:32,520 --> 00:39:36,359 process is that they go with what they 1135 00:39:34,200 --> 00:39:38,280 can trust and they trust what they know 1136 00:39:36,359 --> 00:39:40,020 and right now they don't know Linux well 1137 00:39:38,280 --> 00:39:42,599 enough and that's part of the things 1138 00:39:40,020 --> 00:39:44,339 there's a good interview with one of the 1139 00:39:42,599 --> 00:39:46,980 lead development people behind the 1140 00:39:44,339 --> 00:39:50,220 Ingenuity helicopter uh yeah the injury 1141 00:39:46,980 --> 00:39:52,440 helicopter and he actually is a Linux 1142 00:39:50,220 --> 00:39:55,380 person from JPL and he helped get Linux 1143 00:39:52,440 --> 00:39:57,359 into JPL uh it's it's an episode on the 1144 00:39:55,380 --> 00:39:58,980 Linux unplugged podcast it's a quite a 1145 00:39:57,359 --> 00:40:01,140 long interview if you want to go find it 1146 00:39:58,980 --> 00:40:04,020 in their archives and and he outlines 1147 00:40:01,140 --> 00:40:06,240 quite in detail how Linux got into this 1148 00:40:04,020 --> 00:40:08,460 environment and and why he was able to 1149 00:40:06,240 --> 00:40:11,460 get them to trust it and it was a long 1150 00:40:08,460 --> 00:40:13,680 process Linux was in use at JPL for over 1151 00:40:11,460 --> 00:40:16,140 a decade before this project they were 1152 00:40:13,680 --> 00:40:17,579 using Linux on their desktops but for 1153 00:40:16,140 --> 00:40:19,079 the flight Hardware they were compiling 1154 00:40:17,579 --> 00:40:22,740 to these other environments they were 1155 00:40:19,079 --> 00:40:24,359 compiling to things like rtos or any one 1156 00:40:22,740 --> 00:40:25,560 of these other environments like VX 1157 00:40:24,359 --> 00:40:27,300 works is kind of falling out of action 1158 00:40:25,560 --> 00:40:28,619 but it's still quite a dominant one like 1159 00:40:27,300 --> 00:40:31,800 all of the Mars rovers that are still 1160 00:40:28,619 --> 00:40:34,260 moving uh they all run VX works and and 1161 00:40:31,800 --> 00:40:35,700 I don't think that it's wrong to assume 1162 00:40:34,260 --> 00:40:37,920 that critical missions in the future 1163 00:40:35,700 --> 00:40:39,900 will probably also still run VX works 1164 00:40:37,920 --> 00:40:42,000 for a while because VX works is one of 1165 00:40:39,900 --> 00:40:44,940 those supported platforms for the CFS 1166 00:40:42,000 --> 00:40:47,099 they have a history with this they know 1167 00:40:44,940 --> 00:40:49,020 that they can make it do the job and 1168 00:40:47,099 --> 00:40:51,540 until we get to the point where they can 1169 00:40:49,020 --> 00:40:54,240 also feel that confident in Linux 1170 00:40:51,540 --> 00:40:55,980 it won't be in the decision tree and 1171 00:40:54,240 --> 00:40:58,500 that is really where it comes down to 1172 00:40:55,980 --> 00:41:00,839 that organization that testing 1173 00:40:58,500 --> 00:41:02,940 that putting it out on the table and 1174 00:41:00,839 --> 00:41:04,500 saying look we all trust this look how 1175 00:41:02,940 --> 00:41:06,420 much work we're doing to make it so that 1176 00:41:04,500 --> 00:41:08,280 you could too 1177 00:41:06,420 --> 00:41:11,040 and then it will become a matter of well 1178 00:41:08,280 --> 00:41:12,780 why don't we pick Linux because it is 1179 00:41:11,040 --> 00:41:14,640 easier to work with they're already 1180 00:41:12,780 --> 00:41:17,940 using it in so many other places but 1181 00:41:14,640 --> 00:41:19,500 choosing to Crush down into these more 1182 00:41:17,940 --> 00:41:21,119 tightly constrained environments like 1183 00:41:19,500 --> 00:41:22,740 real-time operating systems that don't 1184 00:41:21,119 --> 00:41:25,740 have full posix layers and things like 1185 00:41:22,740 --> 00:41:27,300 that because they trust them more 1186 00:41:25,740 --> 00:41:29,940 and if they don't have to do that work 1187 00:41:27,300 --> 00:41:32,520 well why would they want to 1188 00:41:29,940 --> 00:41:35,099 so I think that it's uh it's a shifting 1189 00:41:32,520 --> 00:41:36,839 trade that will definitely improve over 1190 00:41:35,099 --> 00:41:38,960 time it's not as much a direct 1191 00:41:36,839 --> 00:41:41,099 competition kind of a thing 1192 00:41:38,960 --> 00:41:43,500 case in point they ripped all of the 1193 00:41:41,099 --> 00:41:46,440 windows off the Control software of the 1194 00:41:43,500 --> 00:41:47,700 ISS in about 20 I want to say 12. it was 1195 00:41:46,440 --> 00:41:49,920 in a slide from last year if you're 1196 00:41:47,700 --> 00:41:51,180 curious because someone accidentally 1197 00:41:49,920 --> 00:41:53,820 brought a worm onto the International 1198 00:41:51,180 --> 00:41:56,040 Space Station on a floppy 1199 00:41:53,820 --> 00:41:57,420 that was a bit of a bit of a red you 1200 00:41:56,040 --> 00:41:58,859 know a bit of a black eye and they were 1201 00:41:57,420 --> 00:41:59,940 like you know what 1202 00:41:58,859 --> 00:42:01,320 we're just going to make all of these 1203 00:41:59,940 --> 00:42:03,119 laptops that actually do the system 1204 00:42:01,320 --> 00:42:04,560 displays about what's actually going on 1205 00:42:03,119 --> 00:42:05,640 on the space station Hardware you know 1206 00:42:04,560 --> 00:42:06,900 what they'll just be Debbie and Linux 1207 00:42:05,640 --> 00:42:08,640 now 1208 00:42:06,900 --> 00:42:10,619 because that's good for the job and it's 1209 00:42:08,640 --> 00:42:12,960 on a regular laptop and IBM can provide 1210 00:42:10,619 --> 00:42:15,839 support or someone else it's 1211 00:42:12,960 --> 00:42:17,880 trusted in that niche 1212 00:42:15,839 --> 00:42:19,740 it was good enough even back then 1213 00:42:17,880 --> 00:42:22,520 but it's all about those niches and 1214 00:42:19,740 --> 00:42:22,520 where they can trust them 1215 00:42:23,119 --> 00:42:28,280 what everybody final clip for Sam Bishop 1216 00:42:28,690 --> 00:42:32,449 [Applause]