ObjectAda Raven Safety Critical Software Development Environment
Download
Report
Transcript ObjectAda Raven Safety Critical Software Development Environment
ObjectAda Raven
Safety Critical
Software Development
Environment
Objective
Acquaint you with our Ada95
products and services
Development
Systems
Product
Goals & Philosophy
Product Line Organization & Availability
Technical Characteristics
Support
–
For Safety Critical Certification
DO-178B Level A
Aonix
Is …..
Leading
Supplier for Ada83
Only Supplier for3 Ada95
Product Philosophy
Stratified, evolvable product line
Value
& price competitive
Support different needs at appropriate
prices
Support activities in multiple areas of
lifecycle/process
Support gradual buy-in for customers
Native
Hard
Real-Time
Certifiable Safety4Critical Systems
Product Line Organization
Windows 98 / NT
UNIX / Motif / CDE
C
O
R
E
P
R
O
E
N
T
E
R
P
R
I
S
E
Native
x Intel
C
E
R
x PowerPC
T
I
F
I
x 68K
E
D
5
Main Components
Graphical IDE in platform style
Compiler, prelinker, builder, crossreferencer
Lightweight library mechanism
Integrated editor, browser and
debugger, cross tools
Variable or optional components:
bindings, GUI builder, analysis tools
6
ObjectAda Compilers
Very fast
Essentially
one pass
70K lpm on SPARC 10
Multiple units/files in compilation faster
due to caching of specs
7
ObjectAda Library
Source-based
No
compilation order requirements
Can use multiple source and object paths
Persistent info is ASCII and editable
8
General
Real-Time Approach
Integrative approach:
PharLap
ETS & Raven for 32 bit Intel
Tornado, LynxOS & Raven for PowerPC
(Tornado) & Raven for 68K
Host-based tools integration as well as
target executive
Real-time extensions
Real-time analysis tools - PerfoRMAx
AdaCast
Test
; Harness, Case, Coverage, Complexity…
9
ObjectAda Raven
Certified/Certifiable
Compiler/RTS
( Legal )
Safety Systems
Laws
Regulations
Standards
Guidelines
PROCESS
Case Law
Precedence
Interpretations
Standards
Guidelines
Visibility
Traceability
EVIDENCE / RECORD
Confidence / Safety
11
RTS Certification
DO-178B
Level A
Full
Requirements through Test Results
Mapping
100% Source Level Coverage
100% Machine Level Coverage
Full MCDC Coverage
An
RTS Can be Certified but,
Termed
Certifiable
An RTS is Nothing Unto
Itself
12
Ravenscar Profile
Industry Wide Safety Critical Standard
Deterministic Ada95 Subset…
Certifiable Subset
Tasking Allowed
Rendezvous
Disallowed
Use Protected Objects for Communication
No Dynamic Memory Allocation
etc.
13
Safety Critical
Real-time Approach
Aonix technology for safety-critical
applications
Raven and C-SMART
Conforms
to Ravenscar Profile
Flags Ravenscar Profile Violations at Compile Time
Level A Certification Package Available
AdaCast for Test Harness and Source Level Coverag
AdaCover machine level coverage analysis
New support for bounded tasking model
New support for segregated loads
PowerPC, 32 bit Intel, 68K
14
Raven Packages
Core Pack
Core
Compile System
Project Pack
Ada-Assured and
PerfoRMAx
Test Pack
AdaCast,
Test: harness, case, coverage, ...
Safety Critical Pack
AdaCover:
Machine Level Coverage
Certification Pack
Design Pack
StP/UML
with ACD
15
AdaCover
A Qualified Tool For MC Coverage
Target
- Data Collection
User
selectable start/stop points
Single steps on target
Provides full machine level coverage data
Uploaded to Host after execution
Host
- Post Analysis
Coverage
reports
Updates assembly listing
Merge to create total execution reports
16
AdaCover
Sample Usage
with AdaCover;
with Cover_Test;
procedure Cover_Driver is
Var : Integer := 0;
begin
AdaCover.Start(Cover_Test'Address);
Cover_Test;
AdaCover.Stop;
AdaCover.Dump;
end Cover_Driver;
17
Sample Safety Critical
Applications
Boeing 777
Boeing 737
Westinghouse Electric - Nuclear
Shutdown
Lockheed Martin - C130J and C27
Westinghouse Brake and Signals
London
Underground - Jubilee Line
extension
Biggest
Project In Europe
Automatic
Brakes18 and Signaling
Boeing 777 Sample Systems
Power Management
Sundstrand
GPS
Canadian Marconi
Brakes
Crane/Hydro-Air
Axle Steering
Parker/Abex-NWL
20
Hercules - C130J
Aonix SC
Products
used for:
Flight
Management
Unit
Ground
Collision
Avoidance
System
Back-up
FMU
21
London - Jubilee Line
Extension Project
Underground
trains, faster, closer
together
M68030 controllers
Trains communicate with each other and
with central control
Software Integrity Level 4 (SIL)
RIA 23 required
Mapping document produced between
RIA 23 and Aonix (DO-178B)
Certification materials
22
Largest funded project
in Europe
Safety Critical Customers
Aircraft/Avionics –
Global Positioning System (GPS) (Sextant Avionique)
Flight control data concentrator: AIRBUS A330-A340 (Sextant Avionique)
Braking and steering control unit: AIRBUS A330-A340 (Thomson CSF/DOI and Messier Bugatti)
Air Traffic Control (ATC): Ground-based instrument landing system (Navia, formerly Normarc)
Air Traffic Control (ATC): Germany, England, France and Belgium (EUROCONTROL)
Flight Management System (FMS): (EUROCONTROL)
(ATC): Denmark, Belgium, New Zealand, South Africa, Kenya, Pakistan, and Greece
(Thomson CSF/SDC)
Air Traffic Control simulators: Switzerland, Ireland (Thomson CSF/SDC)
Air Traffic Control System (ATC): (FAA)
Radar system: Civil avionics (Wilcox Electric)
Engine control system: (Chandler Evans)
Flight Management: Lockheed C130J (Lockheed Martin)
Ground Collision Avoidance: Lockheed C130J (Aerosystems International)
Displays: Lockheed C130J (Lockheed Sanders)
Global Positioning System: Boeing 777 (Canadian Marconi)
Axle Steering System: Boeing 777 (Parker/Abex-NWL)
Power Management System: Boeing 777 (Sundstrand)
Brakes: Boeing 777 (Crane/Hydro-Air) Nuclear and Electricity –
Power plant control: (Sema Group)
Power generating system simulation: (Thomson CSF/DSI)
Nuclear reactor project: (Nuclear Electric)
Power plant power transmission system: (ABB Relays AG)
Nuclear reactor control simulation: (CEA Cadarache)
Nuclear Shutdown System: Nuclear power23
station in Czech Republic (Westinghouse Electric)
Safety Critical Customers
Trains and Railways –
Subway network control systems: Paris, Calcutta, and Cairo (GEC ALSTHOM)
Railway and signal control system: TGV for north lines and the Chunnel
Brake system for the TGV: the TVM 430 project (CSEE Transports)
Brake and signals system: London Underground, Jubilee Line extension (Westinghouse)
Space –
Satellite positioning system: (Alcatel SEL)
Launching platform: Ariane V project (Aerospatiale with the CNES and Matra Marconi Space)
Switching and telemeasuring systems: Galileo Mars probe project (CNES)
Satellite imaging system: SPOT project (CNES)
Columbus part of International Space Station: (ERNO Raumfahrttechnik)
Data management systems and network control system: International Space Station (NASA)
Data management system: APM (Atmospheric Pressure Module) for International Space Station
(Matra Marconi)
24
One Set of Certification Evidence
Delivery170 lb
25
One CD-ROM
captures all SDF’s
26
Summary
Flexible,
well-planned product architecture
Lightweight implementation technology
Vast
Experience in Safety Critical Systems
Supplier of Certifiable RTS and Needed
Support Tools
Leading
Supplier for Ada83
Only Supplier for Ada95
Off-The-Shelf
Certification Packages
27
28