Wednesday, August 19, 2020

MISRA (Motor Industry Software Reliability Association).

MISRA C is a set of software development guidelines for the C programming language developed by MISRA (Motor Industry Software Reliability Association). Its aims are to facilitate code safetysecurityportability and reliability in the context of embedded systems, specifically those systems programmed in ISO C / C90 / C99.[1]
In the beginning "C" was considered unsuitable for safety critical and safety related systems, however, it was so used ...
In 1998, as a response to this situation, MISRA produced MISRA C, a set of guidelines to aid the development of safety related systems in "C" in the automotive world. Since then, MISRA C has been adopted by the wider embedded systems community and has become the dominant, international coding guidelines for the use of "C" in critical systems. The MISRA C guidelines are widely accepted as fulfilling the requirements for a language subset as required by both the 1994 MISRA Development guidelines for vehicle based software and IEC 61508.
Things move on, and now C++ is in the position once held by "C"; many people believe that it should not be used for critical systems, but its use within the field is growing and that growth is without a common set of guidelines.
MISRA has recently completed work on the production of a set of guidelines for the use of C++ in critical systems, the output of which will be a set of guidelines similar to those that were produced for "C".
The document, known as MISRA C++ Guidelines for the use of the C++ language in critical systems, was published and officially launched on 5 June 2008.

Wednesday, August 05, 2020

Aryeh Friedman mentions me in his BSD Magazine Interview.

BSD Magazine 2016-12  

Published on Oct 17, 2019  


Promote what you are doing with
FreeBSD, and what you like and
don’t like.

Interview with Aryeh Friedman, CTO and Co-CEO of
Friedman-Nixon-Wong Enterprises, LLC

by Marta Ziemianowicz, Marta Surzelec & Marta Sienicka


[BSD Magazine]: Hello Aryeh, how have you been doing? Can you introduce yourself to
our readers?

[Aryeh Friedman}: Since 2008, I've been co-owner of a small boutique software consulting fir,
Friedman-Noxon-Wong Enterprises.


In the mid-1990s, along with John L. Sokol, I was the co-inventor of live Streaming Media, real-time streaming protocols (the best known modem version is RSVP), CDN's and SDN's (used to
create the first streaming media network, which operated from 1994 to 2001), and single
threaded web servers (thttpd is a modem version of our work). Concurrently in the early to mid-
1990s, I helped start the first generation of ISPs in Southern and Central California. (For details,
see my LinkedIn profile and the links at the bottom of this interview)  I was also on an early incarnation of the IETF committee that led to the creation of ICANN.

In The late 1990s and early 2000s,  I worked in eDemocracy,, one of the earliest o-
cial networking sites (although it wasn't called that back then). I also got interested in election security in this capacity and therefore have deep doubts about the integrity of the voting system in the 2016 Presidential election.

In The 2000s, I decided to go back to school and get my BS in Computer Science Education. (A side note; I do not agree with the “CS for all” current push in CS education, particularly in elementary school) As I was graduating, the department chair introduced me to another student with an
idea for a widget-based website builder

While that company went nowhere, due to problems on the business side of the company, I cid
meet FNWE's current co-CEO and lead architect, Dee Nixon.

Working with Dee has allowed FNWE to do amazing work with a tiny team. For example, we maintain 800k lines of Java across our different projects with Dee and myself doing almost 100%

Of the work. I tend to be a highly creative but not super detail-oriented big-picture programmer, while Dee is excellent at getting all the i's dotted and all the t's crossed, We use a development methodology we call ‘sketch artist’ from our strengths and weaknesses. Typically, I create a prototype and then Dee works on the most critical, detail-oriented aspects to ensure that they are rock solid in stability and robustness, while I work on aspects that are less detail-oriented but may require a wider range of technical knowledge. For example, I am the one that did the min thinking

(on how to do the transport and reporting of remote cardiac data for Specialized Medical, while
Dee is the one who made it so it can be used in a high-security life critical environment,

[BSD Mag]: Can you tell us something about your company, Friedman-Nixon-Wong Enterprises, LLC?


[AF]: FNWE specializes in technical management and customized software based on our open
soutte work, Our ideal client is a small to medium company that has healthy natural growth prospects (not the highly risky big bang growth that many VC's and other investors irrationally demand these days) and that requires the unique capabilities of the open source products we are
currently developing

(Our open source work focuses mainly on secure cloud computing in life-critical applications. Our
open-source projects include (1) a soon-forthcoming AP/DB framework that can manage heterogeneous micro-services including fully encrypted hierarchical database; (2) PetiteCloud, an
IAAS platform designed primarily for use with FreeBSD as a host and bhyve as a hypervisor, with
the robustness needed for small private clouds in non-data-center environments; and (3) thisTest,

« Java unit-testing framework similar to JUnit but much faster and with a much lighter footprint

(Our main current custom/commercial software focus is medical labs, telemedicine, banking and
other fields that require high security and the rock-solid stability demanded by life critical applications. As 8 small consulting company, we've also done a variety of other projects, such as a poker
odds calculator, a social media popularity algorithm, and various web development work requiring
fully custom back ends andlor computationally sophisticated algorithms,

Our longest term client is Specialized Medical, which does remote cardiac monitoring such as
Holter and Cardiac Telemetry tests in real time. We developed and maintain a system that enables their clients (various private medical practices) to run multi-day cardiac monitoring tests on
Patients. This allows them to spot heart irregulares that a normal in-office EKG would not spot
because its too short in duration and does not follow the patient through their normal daily activity.

“The combination of purpose-built open-source end custom software is prieusrytnprat in
the industries we work in because, for example, HIPAA requires a formal (long-term)

“Business Associate” relationship to exist between the developer and the “covered entity” (the company that makes/manages the medical system),

When working on long term projects, we generally will agree to work with only one company in 2
sven vertical market. For example, we are not available for work with other remote cardiac monitoring companies, although we are open for work with other kinds of medical labs, IoT, and telemedicine applications.

Our advisers include a technical investment banker and a few OS developers. One of our adiis-
cers is Stanley P. Hanks, the CTO of Columbia Ventures, which, uni recently, wholly-owned Hiberniabemia Networks, which in turn owns the highest-capacity and lowest-latency transatlantic cable
between Ireland and the US (NYC). Stanley was also the Inventor of Internet VPN’s while at MFS
Datanet then went on to become the CTO of Enron Communications (not the part of Enron that
was involved in the accounting scandal). At Enron he and his team co-invented CDN's independ cently from the team I was associated with at Sokol and Associates, described below, who also co-invented CDN's at the same time

Another adviser of ours is John L. Sokol, who, besides being my boss at the early streaming
video company DVBS in the mid-1990s, was a member of the team that originally put 386BSD up
on UseNet for people to download, back around 1990 or so. FreeBSD 2.0.5 was forked from this
late 1990s effort. The fist time I had heard of 3268S was when I Met Bill Jolt in a Berkeley bookstore in 1986,I had already been using BSD since 4.2 BSD at that point, since I grew up in

[BSD Mag]: Tell us something about your open source products. Which open source solutions do you use and why?

[AF]: Our main open-source projects have the eventual goal of making an IaaS/PaaS framework
that can be used on the public Internet while meeting the end-to-end encryption requirements of
HIPAA and other high-security standards. Preliminary steps toward that goal include (1) 8 small
scale laa S framework, PetiteCloud, and (2) papi, a hierarchical AP/DB framework that allows full
encryption ofthe DB, as well 25 management of other kinds of resources,

As far as we know, there is no other AP/DB combo with a DB that encrypts entire fles. All other
solutions we know of use encrypted disks, SSL/TLS andlor encrypted DB fields, but NOT fully encrypted records or tables.

PetiteCloud, our IaaS framework, is now good enough for email-business in-house use but nat
yet good enough for data center use (29. itis not yet “lights out" capable, nor doss it currently
have the administrative interface needed for large stale deployment, nor doss it yet have the security  features we plan to add soon) — although it is already much more robust, in some ways, than he pel eter ae pao,

For example, PetiteCloud can recover from power failures much more easily than, say, Open-
Stack, and we plan to keep it that way as we scale it up,

PetiteCioud is the only laaS effort we know that is based on FreeBSD and bhyve as is main buildinging blocks. The main design philosophy is to delegate as much as possible to the host OS, which
puts us in contrast to more heavyweight laaS's like OpenStack. We ate currently working on making PetiteCloud fully HIPAA-compliant and date-center-ready.

We are also creating a hierarchical APUDB framework called pAP!, which will become the foundation of our PaaS: thinStom. pAPI can manage heterogeneous collections of resources including,
among other things, records and tables of the aforementioned fully enerypted hierarchical DB.

Another open-source project of ours thet is more mature is thisTest, a Java unitesting frame-work similar to JUnit but much faster and lighter weight.

Since paid work takes priority over our open source work, for obvious reasons, progress on
PetteCloudithinstorm is not as fast as we wish. For that reason, we plan eventually to launch
something like the FreeBSD Foundation sround PetiteCloudthinStorm (and pAPI), and in that
way, enable faster progress without requiring FNWE to become 3 large fim (we want to stay relatively small),

We love the FreeBSD development model, in contrast to the Linux model. The FreeBSD model
allows for mote coherent and focused open-source work. Since we use the BSD license for our our open source work, we also welcome others to use it for their commercial products without
having to pay us royatis.

[BSD Mag]: Is your solution designed for banking and healthcare mostly or can it be used
in any industry?

[AF]: The next major version of PetiteCloudithinStorm will be designed for any cloud computing
applications that require true end-to-end encryption. The need for security is one of the reasons
we choose FreeBSD over other OS's. The other main reason is the legendary stability of
FreeBSD, both as a host and as 2 guest. PetieClouclthinStorm currently runs on both Linux and
FreeBSD as both host and guest (using QEMU on Linux and bhyve on FreeBSD). We will soon
be updating PetiteCloud to allow Windows quests to run under bhyve (it already runs fine under
(QEMU). We also plan to expand our hypervisor options to include VirtualBox.

As we are nearing the first sufficiently heterogeneous version of pAPI, we will be converting PetiteCloud over to it and making PetiteCloud truly end-to-end encrypted. This means it will be usableble in any secure setting, not just medical and banking. We will then turn our focus to thinStorm
to make the only open source PaaS designed for security from the ground up. It will run on hypervisors and not containers/iails, because the latter do not offer enough separation between the
host and guest for the security features we want.


Another unique aspect of all our work is that, since we are not associated with any large hosting
company andlor data center, we are designing PetiteClouslthinStorm to be used outside of data
centers (as well as, eventually, in them). For example, the OpenStack documentation describes
power loss as “the worst possible disaster that can happen to a clouded data center (largely due
to using iSCSI instead of more fault tolerant network file systems ike NFS backed by a ZFS file
server). Since we run PetiteCloud in our non-purpose-built office, it routinely loses power due to
things like one of us kicking the power strip while cleaning the room. The only recovery needed,
typically, is just hooking the power back up. OpenStack, on the other hand, wil brick up if it loses
power for as little as one second.

All the above will make PetiteCloud an ideal private hybrid cloud needed for high security operations in small and medium businesses. For example, once all the security features are added, it
will be ideal for a small bank, law firm, medical clinic/small hospital, etc. We estimate that will enable it to be used by the 49% of the computing word that requires security better than what can
be offered with OpenStack or with commercial cloud providers (without contracting with them for
a private cloud). Since we plan to use PetiteCioudithinStorm to support HIPAA compliant custom
electronic medical records systems, it will mest PCI-DSS also if properly secured physically and
on on a private cloud.

[BSD Mag]: Do you have your favorite open source system?

[AF]: There is not a single system I like the best, but the combination of tools listed below give us an amazing foundation to bull our open source and custom systems on,

I am a FreeBSD fanatic and have used it since 2.0.5, so I would say that FreeBSD is by far my
favorite open source platform. OpenJDK is a close second, though, because Java is uniquely
well suited to the type of development we do. We like Java because it has the software engineering characteristics that allow us to avoid — or, if necessary, quickly debug — life-threatening bugs
in a life-vertical application, without compromising on the security (which is legal requirement for our clients),

Also in the interests of keeping bugs to a minimum, we believe that change management is of
critical importance in large systems. By change management, we mean not just version control
but also atomic change sets, with controlled access to the baseline/repository. For that reason,
our preferred development environment is a combination of devel/aegis (which I am the port maintainer of) and devel/cook (for which I've written a tutorial). Both these tools were developed by Peter Miller and are still, as far as I am aware, the only tools that satisfy all of his three laws of change management. His laws are

1, Without controlled access to the baseline, the number of interactions within a development
team is O(n), where is the number of developers android the number of ies in the source tree
whichever is larger. With controlled access to the baseline, it can be reduced to near O(n)

2. The baseline MUST always be in working order.

3. The software build construction process can be reduced to a directed acyclic graph (DAG),
as described in his paper ‘Recursive Make Considered Harmful

The first law addresses the main reason for change management systems, namely source-code
control. When you have too many people simultaneously interacting with the code, unless you
make sure each is working on local copies unt they ate ready to merge them back into the master copy, they will constantly step on each others’ feet

Then, there is the second law that only Aegis enforces. A good change management system
should make it difficult to check in buggy, non-working code and integrate it into the baseline.
This means atomic checking in of change sets, in contrast to the far less robust check-in procedures of ait and most other version control systems. I have been a strong advocate of the
FreeBSD base system switching over to atomic change sets vs. the git model. If it had, my estimate is that 11-RELEASE could easily have been on time instead of being almost six weeks late

[BSD Mag]: You have been participating in couple of projects and volunteer activities.
Have you ever been a part of open source community? Or is it security you are interested
in more than open source?

[AF]: I have been associated with several open source efforts and we plan to use that experience
to build a strong non-profit organization to handle the care and feeding of PetiteCloudithinStorm
in the long run, As stated above, I am also the maintainer of several FreeBSD ports. My main ar-
2 of interest are cloud computing and security currently, but I am also interested in other types
of open source projects as well


During the early and mid-2000s, I was one of the founders of the now-defunct Software Develop-
lets Cooperative (SDC) that sought to create a set of licenses that would not need dual licensing
to.use open source for commercial purposes. At the time, I had a false understanding of the BSD
license; I thought i, ke some other open-source licenses, forbade commercial use. Once this
misunderstanding was resolved, I cropped out of SDC and started using the BSD license exclusively for my open source work Around this time, I wrote several blogs that examined the problems GPL created for developers who do not get subsidized by their employers/schools for their open source work. The primary issue here is that, while the BSD license is both free beer and intellectual freedom, GPL is only free beer unless you happen to have 2 well heeled employer 
behind you instead of making a living from your own work

For this reason, the model we will be using with PetiteCloud thinStorm is a fully free and open-
source core with commercial or FOSS add-ons made by competing groups. The core, though, will
be maintained by a single organization. The closest model is that of the FreeBSD base system



This is a specific example of a larger small business/open source business model we envision,
called neo-Jeffersonianism, which is intended to enable small companies to compete effectively
as clusters against even the largest and most entrenched competitors without losing their individual identities. We believe that, I properly structured, neo-Jeffersonianism could be one of the few
scalable sustainable economic growth models we know of.

“Thomas Jefferson wrote: “I hope we shall crush ints birth the aristocracy of our moneyed corpo-corporations which dare already to challenge our government toa trial by strength, and bid defiance to
the laws of our country.” We don't advocate getting rid of large corporations entirely, since there are many economic activities that can be done only by large corporations. But we believe that the
power of large corporations needs to be counterbalanced by organized clusters of small businesses. Jefferson envisioned a world in which the majority of families owned small farms. That
Particular goal is obviously outdated in today's world of mechanized agriculture, which has freed
Up the vast majority of people to do all manner of other things besides farming, but the next best
thing, consistent with Jefferson's goal of limiting the power of big corporations, is to encourage
the creation of organized business clusters that can enable small businesses to survive and
thrive without requiring huge monetary investments,

[BSD Mag]: You also have a patent! Tell us something about it.

[AF]: A small disclaimer: I am an un-named inventor on the patent, because I left the company
(Sokol and Associates) before the paperwork was complete and thus only John L. Sokol's name
appears on the patent itself, but he has given me credit in the original documentation and elsewhere.

“The patent is for a single threaded web server called AfterGumer, currently posted on Source-
Forge under the BSD lense. The idea is that, for static content (ve. stuff that does not need
backend), the maximum hit capacity of the web server can be cranked up much higher than with
2 threaded web server such as Apache or Tomcat. There are several current web servers based
on this design now, with the best known being thttpd

In testing the prototype of AfterBurner in 1894 and 1985, we were able to support, on a single
Pentium-20, almost the entire load that Yahoo! was reporting for their entire site, yet the CPU was
stil 20% idle. The same machine then maxed out four 1,000 Mbps Ethernet NIC's and was still
running only at 15% capacity. As far I Know, AfterBurner sill holds the raw performance record
{or any web server.

John Sokol and Terry Lambert later adapted the same model to create the first kemel queues implementation for BSD. My understanding is that a variant of this model is sill used in the
FreeBSD kernel

The other items I mentioned above as being the co-inventor of were judged to not be patentable

by Sokol & Associates IP attorney.  I guess I will have to live with bragging rights only on them.
(Gee list of links for details.)

[BSD Mag]: What is Rent-a-CTO? Sounds like “Rent a Chief Technology Officer”


[AF]: One of the largest misconceptions many non-technical founders have is what exactly the
role and function of a Chief Technical Officer is, The standard assumption is that it is some kind of
super techie who can jump over tall buildings in a simple leap and can write code by just thinking
about it (no typing needed). The reality is that being 2 CTO is largely a business position rather
than a technical position, although it does require wide-ranging technical knowledge and experience.

The main jobs of 2 CTO are to develop coherent technical strategy, explain the technical aspects of the company to the non-technical stakeholders, and, ina start up, assemble the technical team that will do the R&D and then continued support of the company’s products and service.

This means that most small and startup companies don't need s CTO except when they are making & pivot from one phase of their life to another, and or when they grow. The rest of the time
they don't need a fulltime person in this role. What many small companies and startups do, is to have one fulltime person in the role of both CTO and lead developer. However, a wider
range of technical knowledge can be brought to bear if the company has both a full-time lead developer and a very experienced consultant acting as a parttime CTO. FNWE can provide either
development services or part time CTO services, as needed.

[BSD Mag]: What are the challenges your company is facing at the moment?

[AF]: The main challenge we face is how to balance the demands of our work for clients vs. our
open source work. We have a policy of not billing clients for open source work, even when their
Projects benefit from it

For this reason, we want to move to a non-profit foundation model for PetiteCloudlthinStorm. We
would, of course, be pleased if some of our clients, as well non-clients, made donations of their
time andlor money to the foundation. Sustaining members would have a say in the projects future direction without having to pay, individually, more than a small fraction of the cost. The main
90a of the foundation will be to allow a wider ownership of our open-source projects beyond just
FNWE, so we can get paid for at least some of our open-source work while continuing our policy
Cf not billing our clients for. We do hope, at some point in the future, that the foundation can support one or more full time project developers, since they would speed up development significantly.

Until then, our largest challenge is balancing the demand for immediate paid work with the long term investment needed to make PetteCloud thinStorm a realty

Fortunately, since we have no external pressure from investors or other non-llents, we can allow
PetiteCloud/thinstorm to evolve as needed without the need to slap on features that may be ill advised from a technical standpoint but the marketing department demanded them,

[BSD Mag]: Any plans for the future?

[AF]: From the personal stand point, I would love to find enough time to go back to school to get
my PhD, but from what I have learned from talking to others in my position, this would be largely
just 2 piece of paper, given my background.

From the technical stand point, I would eventually like to leverage PetiteCloud/thinStorm into a
full distributed OS design I  have been working on for about 10 years now. With that OS, I plan to
move as far past cloud computing as cloud computing has moved past traditional IT.

For FNWE, we plan to continue to grow organically so that we can fund the development of this
(OS without the need for outside investors. I want to see neo-Jeffersonianism become a much
more widely used business model because it allows for the average person to start a small form
that will grow organically while at the same time returning the economy to & more balanced ecosystem between small and large companies,

Miero-economists like my father, have long known from experimental and other real world studies that the more times the same dollar circulates within a semi-closed economy, such as the one found in pre-civil rights black neighborhoods or currently found in many immigrant and religious
minority communities, it does that much more work. For example, in the average pre-civil rights
black neighborhood, a dollar would circulate within the community six times before leaving the
community for the larger economy. This means that dollar essentially does six mes more work
than the same dollar in a mass of atomized individual actors. In the atomized case, there is much
more overhead (¢.9. advertising expenses and longer times required to build 4 suitable network
of business connections). In the atomized case, there is an algorithm (known as Simple Mar)
that shows that eventually, everything else being equal, one actor will end up holding all the gol.

One of the main goals of neo-Jeffersonianism is to encourage the creation of many different, but
interlocking, semi-closed economies that can easily capture dollars in 3 manner that allows the
money to circulate multiple times within a relatively small community before leaving it

The communities do not have to be racial, ethnic or religious. Neo-Jeffersonianism can be structured around small business clusters. A business cluster is group of companies that are complementary in some way (exactly how is up to the cluster members).

The eventual structure for PetiteCloud/thinStorm development and deployment is one type of
such a cluster. In the case of PetiteCloud/thinStorm, we plan to build a group of companies each of which, while deriving some or all of its revenue from PetiteCloudithinStorm-related products
land services, is not large enough by itself to shoulder more than & small rection of the R&D, generaletal marketing/PR, etc. the project requires. Thus, there is 2 common good that all cluster members have access to, but at the same time they are free to develop their own strategies about
how to maximize their own potential. For readers who understand economic theory think of it as
collective ownership and oversight ofthe commons in order to avoid the tragedy of the commons.

[BSD Mag]: Do you have any piece of advice for our readers?

[AF]: The pace and bustle of tech in general and Silicon Valley specifically should not defocus
you from your core goals and vision. The extremely rapid pace of progress in computer technol-
Cay over the past 50 years has been due mainly to Moore's Law, not to advances in computer science or software engineering, which have moved st a glacial pace compared to sheer capacity
increases due to Moore's Law. Since Moore's Law is near its physical mits, the pace of progress
(on the hardware front will soon slow down. Hence, we as an industry will need to focus more on
how to make our software more efficient in terms of performance, resource demands, and developer time effort.

Sadly, as Fred Brooks stated, there are no silver bullets to these problems; hence, we need to
Continue honest and open efforts to improve. We should not settle for fake silver bullets ike Agile
Development and its spin offs ~ although, at the same time, pure waterfall is completely dead it was ever alive in the first place. Ditto for design patterns: Model-view-controller, for example, is
excellent for many applications but not appropriate for everything. Only with experience can programmers leam which methodologies are appropriate for which kinds of projects, or find the
happy middle ground between the latest fad and older software engineering practices.

(On the social level, ech can improve life for everyone, but only if it becomes truly and democratically open to all. Silicon Valley has created  a bubble around itself and fooled itself into thinking
that it is in fact diverse and inclusive. Nothing can be further from the truth. NYC is much more diverse in its point of view and startup culture, but even in NYC, due to the investment focus of
most companies, their values get warped,

So I guess one piece of advice I would give is that tech and CS have a lotto offer the world but
as long we allow unrealistically rapid growth/profit expectations to be the primary driver. they will
fall short. The only way to avoid excessive focus on rapid growth is to return to a small business:

Also, if you are just starting out in the field, you should focus on building a solid foundation for a
decades long career instead of just going for the “hot” tech of the moment. Like the world of high
fashion, the hottest new tech is often impractical in the real world, and often has little value beyond being flashy and “cool’. One should focus, instead, on finding the best ways to solve real problems for real people . —

For more information, see:

Real Time Transport Protocols (S-Pack and ECIP): (see history page:

Streaming media (done for DVBS, Inc.)

AfterBurner Web server patent:

Specialized Medical:

Columbia Ventures:

Recursive Make Considered Harmful

FNWE: (under construction)

Aegis port (FreeBSD):


About the Aryeh

‘Aryeh M. Friedman is Co-CEO/CTO of Friedman-Nixon-Wong Enterprises
(FNWE), 2 small boutique consulting firm specializing in mission-critical secure
cloud computing, He draws on over 25 years of industry experience including being 2 pioneer in the technologies that enable cloud computing. FNWE offers development and technical management services. Mr. Friedman currently lives in New
‘York City but grew up in and around Silicon Valley before leaving it to find wider
technical opportunities after high school. You can contact him at or via his Linkedin profile at: