June 10-11, 2019, the sixth OS DAY conference “Tools, Tools Development and Utilization Experience” was held in Moscow. RED SOFT - co-organizer of the conference. We conduct it in partnership with leading Russian IT companies and organizations, including ISP RAS, GosNIIAS, Kaspersky Lab, Basalt SPO, etc.
More than 300 Russian developers of operating platforms and system software, representatives of regulators and customers of domestic software gathered on OS DAY-2109. The main theme of the event was determined by the conference participants a year ago. Developers are facing with the task of ensuring the high quality of software at all stages of its life cycle, therefore, the use of tools has become particularly relevant. And this year, OS DAY was dedicated to tools for creating operating platforms and experience of their utilization.
The most important characteristic of the quality of system software is its reliability, including security. Harutyun Avetisyan, Director of the Institute of Systems Programming named after V.P. Ivannikov RAS (ISP RAN), at the opening of the conference, said: “Today, cyber threats have become a challenge for all of us. The most difficult, multifaceted task of protecting against these risks cannot be solved by a single company; software developers' cooperation is required. This is well understood by leading Russian companies: it is significant that among the conference organizers there are companies that compete in the market, but unite to solve important problems. With the joint efforts of business, basic science and regulators, we must ensure the technological independence of the country."
Today regulators set trends in providing confidence in system software. Dmitry Shevtsov, Head of the Directorate for the Organization of Technical Protection of Information and Security of Critical Infrastructure Objects of the Russian Federation FSTEC of Russia, spoke about new regulatory documents establishing the standardization of software and the requirements for its security. Since June 1, 2019, two documents came into force: "Methods for identifying vulnerabilities and undeclared capabilities in software" and "Information Security Requirements Establishing Levels of Trust in Technical Information Security Tools and Information Technology Security Tools". The last document describes 6 levels of trust. The FSTEC of Russia pays special attention to the modeling of security access control policies, as well as the work on creating a secure compiler.
Trusted system software and its development tools are the foundation of the country's technological independence in IT. Alexey Novodvorsky, Deputy General Director of Basalt SPO, spoke about the existing domestic development infrastructure that all Russian companies can use: “To ensure technological independence, freedom in choosing hardware platforms is important. We provide support for their maximum number in the domestic repository "Sisyphus", which is developed by our team. In 2019, the stable Ninth Platform of this repository was introduced. Using it, developers of system or application software will be able to create the necessary tools and software products for all supported platforms. Among them are domestic Elbrus, Baikal, ELVIS, YADRO, as well as promising foreign RISC V, ARM, Loongson. Therefore, the question: is there life without x86, no longer sounds like a joke”.
Anna Kan, head of the GosNIIAS sector, said that in order to achieve technological independence, it is necessary to create not only general-purpose operating systems, but also certified domestic real-time operating systems, in particular, on-board operating systems: “GosNIIAS, in cooperation with RAS institutes and IT companies, is developing certified real-time multiplatform onboard OS and tools for its development. Currently, we have managed to solve the basic fundamental issues and begin to work closely on its creation”.
Russian developers consider the creation of tools that provide the compatibility of Russian software to be a serious task. Roman Simakov, director of the RED SOFT System Products Development Department, said: “For customers to build the most sophisticated multicomponent complexes of the critical IT infrastructure, they do not need scattered software, but software solutions that include system and application software. Therefore, we pay special attention to the development of an affiliate program; RED SOFT already has over 100 confirmed compatibilities. Together with colleagues from the "Domestic Software" Assn., we are working on the creation of a single catalog of software compatibility".
To respond to the challenges facing the IT industry, the cooperation of system software developers and security tools is needed. Valery Egorov, Deputy Director for Basic Information Technologies, NTP Kryptosoft, noted: “Only by joint efforts can a technological breakthrough be achieved. Cooperation with companies creating Russian operating systems and application software allows us to take a fresh look at the directions of our own developments evolution, such as our QP OS operating system. One of the priorities today is the creation of compatible tools and tools that will be used by domestic developers”.
Andrei Duhvalov, head of the advanced technologies department at Kaspersky Lab, shared: “Security, trust, vulnerabilities, human factor, mistakes ... The developers have been repeating these words for many years. And the number of problems only increases every year. The reasons for this are different, including the increase in the variety and complexity of software. The methods of ensuring security and trust that are universally applied do not allow us to hope that problems will be solved in the near future. But there is a way out. We see the further development of the software industry in the creation of immune information systems, in which at a systemic, architectural, principled level the properties of immunity are laid down - the ability to perform its basic functionality in an aggressive information environment. Such systems are able to work reliably regardless of the presence of errors in the application code, incorrect administration, virus or other attacks. Just like living organisms in nature".
Dmitry Zavalishin, DZ Systems CEO and one of the OS DAY founders, summed up the conference: “System Russian software has become complex, sophisticated and multi-component. It requires a huge number of various tools to ensure its life cycle, software development - including for individual processors - its assembly, debugging and testing, obtaining information about the effectiveness and errors in the process of the system run, and so on. Therefore, for system software developers, creating and using tools is one of the most pressing tasks. The conference provided an opportunity for useful, concentrated communication with colleagues, which cannot be obtained at other events”.
As part of OS DAY, there was an exhibition of products of domestic manufacturers of operating systems and hardware platforms. The conference participants were not only viewing the latest solutions, but were able to work with the software and hardware complexes presented.