Скачать презентацию Safety Critical Software Development Safety Critical and Скачать презентацию Safety Critical Software Development Safety Critical and

c977465f4ff468b49e43f622dc981597.ppt

  • Количество слайдов: 32

Safety Critical Software Development • Safety Critical and COTS Solutions Safety Critical Software Development • Safety Critical and COTS Solutions

Objective • Acquaint you with our products and services – Development Systems • Product Objective • Acquaint you with our products and services – Development Systems • Product Goals & Philosophy • Product Line Organization & Availability • Technical Characteristics l Support For Safety Critical Certification – DO-178 B Level A – Aonix Is …. . • Leading Safety Critical Supplier for Ada 83 • Only Safety Critical Supplier to Have Formally Certified for Ada 95

Aonix Customers Aonix Experience Internal Use Only 3 Aonix Customers Aonix Experience Internal Use Only 3

Sample Safety Critical Applications • • • Boeing 777 Boeing 737 Westinghouse Electric - Sample Safety Critical Applications • • • Boeing 777 Boeing 737 Westinghouse Electric - Nuclear Shutdown Lockheed Martin - C 130 J and C 27 Westinghouse Brake and Signals – London Underground - Jubilee Line extension • Biggest Project In Europe – Automatic Brakes and Signaling Internal Use Only 4

Boeing 777 Sample Systems Power Management Sundstrand GPS CMC Axle Steering Parker/Abex-NWL Internal Use Boeing 777 Sample Systems Power Management Sundstrand GPS CMC Axle Steering Parker/Abex-NWL Internal Use Only Brakes Crane/Hydro-Air 5

Hercules - C 130 J Aonix SC Products used for: Flight Management Unit Ground Hercules - C 130 J Aonix SC Products used for: Flight Management Unit Ground Collision Avoidance System Back-up FMU Internal Use Only 6

Certification Experiences C-130 J Cockpit Display • Reviews – Requirements – Design – Code Certification Experiences C-130 J Cockpit Display • Reviews – Requirements – Design – Code Note: Over 3000 signatures required on certification material for one RTS Certification system. • Functional Testing • Coverage testing • Large amount of test data to be analyzed. (MIPS 3500) RTS/Kernel is about 6000 Lines of Code Internal Use Only 7

Object. Ada Raven Safety Critical Software Development Environments Internal Use Only 8 Object. Ada Raven Safety Critical Software Development Environments Internal Use Only 8

Offerings • Complete Development Environments • Group Coordination Tool Support • High Integrity Application Offerings • Complete Development Environments • Group Coordination Tool Support • High Integrity Application Support – Safety Critical – Mission Critical • Life Cycle Tool Support – UML or SE – Large Scale Controlled Code Generation • COTS Certification Packages – Certified to DO-178 B Level A Internal Use Only 9

Product Line Organization Windows 98 / NT / 2000 UNIX / Motif / CDE Product Line Organization Windows 98 / NT / 2000 UNIX / Motif / CDE C O R E P R O E N T E R P R I S E C E R T I F I E D Native x Intel x Power. PC x ERC 32 x 68 K

Required Safety Critical CM - SCCI Support List Files Comment Get Latest Check In Required Safety Critical CM - SCCI Support List Files Comment Get Latest Check In Add to CM Show History CM Properties Keep Checked Out Select / Un. Select All Check Out Undo Check Out Remove from CM Show Differences Invoke External CM Internal Use Only 11

Object. Ada IDE Internal Use Only 12 Object. Ada IDE Internal Use Only 12

Object. Ada Compilers • Very fast – Essentially one pass – 70 K lpm Object. Ada Compilers • Very fast – Essentially one pass – 70 K lpm on SPARC 10 – Multiple units/files in compilation faster due to caching of specs • Source-based – No compilation order requirements – Can use multiple source and object paths – Persistent info is ASCII and editable – Integrates with Most 3 rd Party Tools Off-The-Shelf

General Real-Time Approach • Integrative approach: – – Raven & Ventur. Com ETS, and General Real-Time Approach • Integrative approach: – – Raven & Ventur. Com ETS, and Linux for 32 bit Intel Raven, Tornado, & Lynx. OS for Power. PC Raven ERC 32 & ARTK Host-based tools integration as well as target executive – Real-time extensions – Real-time analysis and reporting tools – Ada. Cast • Test ; Harness, Case, Coverage, Complexity…

Object. Ada Raven Certified/Certifiable Compiler/RTS Internal Use Only 15 Object. Ada Raven Certified/Certifiable Compiler/RTS Internal Use Only 15

RTS / Kernel Certification – DO-178 B Level A – – Full Requirements through RTS / Kernel Certification – DO-178 B Level A – – Full Requirements through Test Results Mapping 100% Source Level Coverage 100% Machine Level Coverage Full MCDC Coverage – An RTS/Kernel Can be Certified but, • Termed Certifiable • An RTS/Kernel is Nothing Unto Itself Internal Use Only 16

Safety Critical Real-time Approach • Aonix technology for safety-critical applications • Raven Environments • Safety Critical Real-time Approach • Aonix technology for safety-critical applications • Raven Environments • • Conforms to Ravenscar Profile Flags Ravenscar Profile Violations at Compile Time Level A Certification Package Available Ada. Cast for Test Harness and Source Level Coverage Ada. Cover machine level coverage analysis New support for bounded tasking model New support for segregated loads

Raven Board Level Configurations Raven RTS BSP Sequential RTS Raven Tasking RTS Internal Use Raven Board Level Configurations Raven RTS BSP Sequential RTS Raven Tasking RTS Internal Use Only 3 rd Party RTOS 18

Raven Board Level Configurations • Sequential RTS/Kernel – Small and Fast – No Tasking Raven Board Level Configurations • Sequential RTS/Kernel – Small and Fast – No Tasking Support • Full Raven RTS/Kernel – Larger But Just As Fast – Full Tasking and Interrupt Support – Optional Non-Certifiable Feature Use • Layered on Top of an RTOS – – More General Capabilities from RTOS Larger Collection of Drivers Larger Foot Print Likely a Bit Slower Internal Use Only 19

Raven Packages • Designed For Project Size – Packages for Small or Large Programs Raven Packages • Designed For Project Size – Packages for Small or Large Programs – Higher Level Packages add Group Coordination Between Developers • Designed For Criticality of Application – Packages for General up to Safety Critical Applications – Higher Level Packages add Greater Test and Safety Capabilities Internal Use Only 20

Raven Packages • Core Pack • Core Compile System • Project Pack V Ada-Assured, Raven Packages • Core Pack • Core Compile System • Project Pack V Ada-Assured, Ada. Nav, and Reporting Tools • Test Pack V Ada. Cast, Test: harness, case, coverage, . . . • Safety Critical Pack V Ada. Cover: Machine Level Coverage • Design Pack • St. P/UML with ACD • Certification Pack Visibility Internal Use Only Traceability Confidence / Safety 21

Certification Pack • Complete Certification Evidence – For Applicable RTS/Kernel • Available for: • Certification Pack • Complete Certification Evidence – For Applicable RTS/Kernel • Available for: • Ada 83 C-SMART - Sequential Kernels – Intel, 68 k, e. MIPS, and ERC 32 • Ada 95 Raven - Full Tasking Kernels – Intel, Power. PC, and ERC 32 Internal Use Only 22

One Set of Certification Evidence Delivery 170 lb Internal Use Only 23 One Set of Certification Evidence Delivery 170 lb Internal Use Only 23

Now: One CD-ROM Captures All SDF’s Internal Use Only 24 Now: One CD-ROM Captures All SDF’s Internal Use Only 24

More… Aonix Customers More Aonix Experience Internal Use Only 25 More… Aonix Customers More Aonix Experience Internal Use Only 25

Safety Critical Customers Aircraft/Avionics – • · Global Positioning System (GPS) (Sextant Avionique) • Safety Critical Customers Aircraft/Avionics – • · Global Positioning System (GPS) (Sextant Avionique) • · Flight control data concentrator: AIRBUS A 330 -A 340 (Sextant Avionique) • · Braking and steering control unit: AIRBUS A 330 -A 340 (Thomson CSF/DOI and Messier Bugatti) • · Air Traffic Control (ATC): Ground-based instrument landing system (Navia, formerly Normarc) • · Air Traffic Control (ATC): Germany, England, France and Belgium (EUROCONTROL) • · Flight Management System (FMS): (EUROCONTROL) • · Gauge control system: FALCON (Dassault/Intertechnique) France, Germany • · Mission computer and data concentrator: TIGER and NH-90 (Eurocopter • · (ATC): Denmark, Belgium, New Zealand, South Africa, Kenya, Pakistan, and Greece (Thomson CSF/SDC) • · Air Traffic Control simulators: Switzerland, Ireland (Thomson CSF/SDC) • · Air Traffic Control System (ATC): (FAA) • · Radar system: Civil avionics (Wilcox Electric) • · Engine control system: (Chandler Evans) • · Flight Management: Lockheed C 130 J (Lockheed Martin) • · Ground Collision Avoidance: Lockheed C 130 J (Aerosystems International) • · Displays: Lockheed C 130 J (Lockheed Sanders) • · Global Positioning System: Boeing 777 (CMC) • · Axle Steering System: Boeing 777 (Parker/Abex-NWL) • · Power Management System: Boeing 777 (Sundstrand) • · Brakes: Boeing 777 (Crane/Hydro-Air) Nuclear and Electricity Internal Use Only 26

Safety Critical Customers Nuclear/Power • · Power plant control: (Sema Group) • · Power Safety Critical Customers Nuclear/Power • · Power plant control: (Sema Group) • · Power generating system simulation: (Thomson CSF/DSI) • · Nuclear reactor project: (Nuclear Electric) • · Power plant power transmission system: (ABB Relays AG) • · Nuclear reactor control simulation: (CEA Cadarache) • · Nuclear Shutdown System: Nuclear power station in Czech Republic (Westinghouse Electric) Trains and Railways – • · Subway network control systems: Paris, Calcutta, and Cairo (GEC ALSTHOM) • · Railway and signal control system: TGV for north lines and the Chunnel • · Brake system for the TGV: the TVM 430 project (CSEE Transports) • · Brake and signals system: London Underground, Jubilee Line extension (Westinghouse) • · Railway and signal control system: TGV Mediterranee • · Railway Signaling System in China: KCRC project (Alstom) Space – • · Satellite positioning system: (Alcatel SEL) • · Launching platform: Ariane V project (Aerospatiale with the CNES and Matra Marconi Space) • · Satellite imaging system: SPOT project (CNES) • · Columbus part of International Space Station: (ERNO Raumfahrttechnik) • · Data management systems and network control system: International Space Station (NASA) • · Inertial Reference System: QUASAR 3000 project (Thalès Avionics) for Ariane. V • · Data management system: APM (Atmospheric Pressure Module) for International Space Station Internal Use Only 27 (Matra Marconi)

Some Newer Safety Critical Customers – Pratt and Whitney » PW 6000 Commercial Jet Some Newer Safety Critical Customers – Pratt and Whitney » PW 6000 Commercial Jet Engine » New JSF F-35: F 135 -PW-100 Jet Engines – Honeywell Canada (formerly Allied Signal) » ECS 2000, Environmental Control System » for the 777 LR/ER planes – Honeywell Florida » Multiple Military Avionics (certifiable) » Positioned for Military AND Commercial Avionics – BF Goodrich » HUMS – MAO Bechtel » PPDSU, Nuclear Submarine Display – Litton » F-22 (certifiable) Internal Use Only 28

Why Aonix • Pratt and Whitney. . . “Pratt & Whitney selected the Object. Why Aonix • Pratt and Whitney. . . “Pratt & Whitney selected the Object. Ada/Raven product for use on the PW 6000 in 1998 following an extensive evaluation. Aonix was selected for a variety of reasons including the usability of the tool set and the technical support that they were able to provide, ” states Bret Lynch, Manager, Real Time and Embedded Software for Pratt & Whitney. “The main discriminator, however, was the safety-critical domain experience of the company and their ability to meet the standards required for incorporation into a DO-178 B Level-A software system. ” Internal Use Only 29

Summary – Flexible, well-planned product architecture – Lightweight implementation technology – Aonix. . . Summary – Flexible, well-planned product architecture – Lightweight implementation technology – Aonix. . . – Vast Experience in Safety Critical Systems – Supplier of Certifiable RTS and Needed Support Tools • Leading Safety Critical Supplier for Ada 83 • Only Safety Critical Supplier Today for Ada 95 – Off-The-Shelf Certification Packages – Partnerships with Leading Safety Critical Experts

Aonix Contact us at: http: //www. aonix. com/SIGAda Internal Use Only 31 Aonix Contact us at: http: //www. aonix. com/SIGAda Internal Use Only 31

And Now What Raven Really Looks like…. . Since it was such a hit And Now What Raven Really Looks like…. . Since it was such a hit last year. . . Internal Use Only 32