objectada raven safety critical software development environments the aonix emphasis
TRANSCRIPT
ObjectAda RavenObjectAda Raven
Safety CriticalSafety CriticalSoftware Software
DevelopmentDevelopmentEnvironmentsEnvironments
The Aonix EmphasisThe Aonix Emphasis
ObjectAda RavenObjectAda Raven
Safety CriticalSafety CriticalSoftware Software
DevelopmentDevelopmentEnvironmentsEnvironments
The Aonix EmphasisThe Aonix Emphasis
04/19/23 3
ObjectiveObjective Acquaint you with our Ada95 products Acquaint you with our Ada95 products
and servicesand servicesDevelopment SystemsDevelopment Systems
Product Goals & PhilosophyProduct Goals & PhilosophyProduct Line Organization & AvailabilityProduct Line Organization & AvailabilityTechnical CharacteristicsTechnical Characteristics
Available Safety Critical Certification SolutionsAvailable Safety Critical Certification Solutions– DO-178B Level ADO-178B Level A– High Speed RailHigh Speed Rail– Nuclear Shutdown,Nuclear Shutdown,– etc.etc.
04/19/23 4
Product Line Product Line OrganizationOrganization
UNIX / Motif / CDE
Windows 98 / NT Native
x Intel
x PowerPCCO
R
E
P
R
O
EN
TER
P
CER
T
IF
RISE
I
E
x 68K
D
04/19/23 5
Main ComponentsMain Components
Graphical IDE in platform styleGraphical IDE in platform style Compiler, prelinker, builder, cross-Compiler, prelinker, builder, cross-
referencerreferencer Lightweight library mechanismLightweight library mechanism Integrated editor, browser and Integrated editor, browser and
debugger, cross tools debugger, cross tools Variable or optional components: Variable or optional components:
bindings, GUI builder, analysis toolsbindings, GUI builder, analysis tools
04/19/23 6
ObjectAda CompilersObjectAda Compilers
Very fastVery fastEssentially one passEssentially one pass70K lpm on SPARC 1070K lpm on SPARC 10Multiple units/files in compilation faster Multiple units/files in compilation faster
due to caching of specsdue to caching of specs Source-basedSource-based
No compilation order requirementsNo compilation order requirementsCan use multiple source and object Can use multiple source and object
pathspathsPersistent info is ASCII and editablePersistent info is ASCII and editable
7
New SCCI SupportNew SCCI Supporton Windowson Windows
New SCCI SupportNew SCCI Supporton Windowson Windows
List FilesList Files Keep Checked OutKeep Checked Out CommentComment Select / UnSelect AllSelect / UnSelect All Get Latest Get Latest Check OutCheck Out Check InCheck In Undo Check OutUndo Check Out Add to CMAdd to CM Remove from CMRemove from CM Show HistoryShow History Show DifferencesShow Differences CM PropertiesCM Properties Invoke External CMInvoke External CM
List FilesList Files Keep Checked OutKeep Checked Out CommentComment Select / UnSelect AllSelect / UnSelect All Get Latest Get Latest Check OutCheck Out Check InCheck In Undo Check OutUndo Check Out Add to CMAdd to CM Remove from CMRemove from CM Show HistoryShow History Show DifferencesShow Differences CM PropertiesCM Properties Invoke External CMInvoke External CM
ObjectAda RavenObjectAda Raven
Certified/CertifiableCertified/CertifiableCompiler/RTSCompiler/RTS
ObjectAda RavenObjectAda Raven
Certified/CertifiableCertified/CertifiableCompiler/RTSCompiler/RTS
9
RTS CertificationRTS CertificationRTS CertificationRTS CertificationDO-178B Level ADO-178B Level A
Full Requirements through Test Results Full Requirements through Test Results MappingMapping
100% Source Level Coverage100% Source Level Coverage100% Machine Level Coverage100% Machine Level CoverageFull MCDC CoverageFull MCDC Coverage
An RTS Can be Certified but,An RTS Can be Certified but,Termed CertifiableTermed CertifiableAn RTS is Nothing Unto ItselfAn RTS is Nothing Unto Itself
DO-178B Level ADO-178B Level A
Full Requirements through Test Results Full Requirements through Test Results MappingMapping
100% Source Level Coverage100% Source Level Coverage100% Machine Level Coverage100% Machine Level CoverageFull MCDC CoverageFull MCDC Coverage
An RTS Can be Certified but,An RTS Can be Certified but,Termed CertifiableTermed CertifiableAn RTS is Nothing Unto ItselfAn RTS is Nothing Unto Itself
10
Ravenscar ProfileRavenscar ProfileRavenscar ProfileRavenscar Profile Industry Wide Safety Critical StandardIndustry Wide Safety Critical Standard
Deterministic Ada95 Subset…Deterministic Ada95 Subset… Certifiable Safety Critical SubsetCertifiable Safety Critical Subset Tasking AllowedTasking Allowed
Rendezvous DisallowedRendezvous DisallowedUse Protected Objects for CommunicationUse Protected Objects for Communication
No Dynamic Memory AllocationNo Dynamic Memory Allocation etc.etc.
Industry Wide Safety Critical StandardIndustry Wide Safety Critical Standard
Deterministic Ada95 Subset…Deterministic Ada95 Subset… Certifiable Safety Critical SubsetCertifiable Safety Critical Subset Tasking AllowedTasking Allowed
Rendezvous DisallowedRendezvous DisallowedUse Protected Objects for CommunicationUse Protected Objects for Communication
No Dynamic Memory AllocationNo Dynamic Memory Allocation etc.etc.
04/19/23 11
Safety CriticalSafety CriticalReal-time ApproachReal-time Approach
Aonix technology for safety-critical Aonix technology for safety-critical applicationsapplications
Raven and C-SMARTRaven and C-SMARTConforms to Ravenscar ProfileConforms to Ravenscar ProfileFlags Ravenscar Profile Violations at Compile TimeFlags Ravenscar Profile Violations at Compile TimeLevel A Certification Packages AvailableLevel A Certification Packages AvailableAdaCast for Test Harness and Source Level CoverageAdaCast for Test Harness and Source Level CoverageAdaCover machine level coverage analysisAdaCover machine level coverage analysisNew support for bounded tasking modelNew support for bounded tasking modelNew support for Targeting a Real-Time OSNew support for Targeting a Real-Time OSPowerPC, 32 bit Intel, 68K PowerPC, 32 bit Intel, 68K
12
Raven PackagesRaven PackagesRaven PackagesRaven Packages Core PackCore Pack
Core Compile SystemCore Compile System
Project PackProject Pack Ada-Assured and PerfoRMAxAda-Assured and PerfoRMAx
Test PackTest Pack AdaCast, Test: harness, case, coverage, ...AdaCast, Test: harness, case, coverage, ...
Safety Critical PackSafety Critical Pack AdaCover: Machine Level Coverage AdaCover: Machine Level Coverage
Certification PackCertification Pack Design PackDesign Pack
StP/UML with ACDStP/UML with ACD
Core PackCore PackCore Compile SystemCore Compile System
Project PackProject Pack Ada-Assured and PerfoRMAxAda-Assured and PerfoRMAx
Test PackTest Pack AdaCast, Test: harness, case, coverage, ...AdaCast, Test: harness, case, coverage, ...
Safety Critical PackSafety Critical Pack AdaCover: Machine Level Coverage AdaCover: Machine Level Coverage
Certification PackCertification Pack Design PackDesign Pack
StP/UML with ACDStP/UML with ACD
13
Safety Critical Safety Critical CustomersCustomers
Safety Critical Safety Critical CustomersCustomers
Aircraft/Avionics –Aircraft/Avionics – Global Positioning System (Global Positioning System (GPSGPS) (Sextant Avionique)) (Sextant Avionique) Flight control data concentrator: Flight control data concentrator: AIRBUS A330-A340AIRBUS A330-A340 (Sextant Avionique) (Sextant Avionique) Braking and steering control unit: AIRBUS A330-A340 (Thomson CSF/DOI and Messier Bugatti)Braking and steering control unit: AIRBUS A330-A340 (Thomson CSF/DOI and Messier Bugatti) Air Traffic Control (ATC): Ground-based instrument landing system (Navia, formerly Normarc)Air Traffic Control (ATC): Ground-based instrument landing system (Navia, formerly Normarc) Air Traffic Control (ATC): Germany, England, France and Belgium (EUROCONTROL)Air Traffic Control (ATC): Germany, England, France and Belgium (EUROCONTROL) Flight Management System (Flight Management System (FMSFMS): (EUROCONTROL)): (EUROCONTROL) Gauge control system: FALCON (Dassault/Intertechnique) France, GermanyGauge control system: FALCON (Dassault/Intertechnique) France, Germany Mission computer and data concentrator: TIGER and NH-90 (Mission computer and data concentrator: TIGER and NH-90 (EurocopterEurocopter)) (ATC): Denmark, Belgium, New Zealand, South Africa, Kenya, Pakistan, and Greece(ATC): Denmark, Belgium, New Zealand, South Africa, Kenya, Pakistan, and Greece
(Thomson CSF/SDC)(Thomson CSF/SDC) Air Traffic Control simulators: Switzerland, Ireland (Thomson CSF/SDC)Air Traffic Control simulators: Switzerland, Ireland (Thomson CSF/SDC) Air Traffic Control System (Air Traffic Control System (ATCATC): (FAA)): (FAA) Radar system: Civil avionics (Wilcox Electric)Radar system: Civil avionics (Wilcox Electric) Engine control system: (Chandler Evans)Engine control system: (Chandler Evans) Flight Management: Flight Management: Lockheed C130JLockheed C130J (Lockheed Martin) (Lockheed Martin) Ground Collision Avoidance: Lockheed C130J (Aerosystems International)Ground Collision Avoidance: Lockheed C130J (Aerosystems International) Displays: Lockheed C130J (Lockheed Sanders)Displays: Lockheed C130J (Lockheed Sanders) Global Positioning System: Global Positioning System: Boeing 777Boeing 777 (CMC) (CMC) Axle Steering System: Boeing 777 (Parker/Abex-NWL)Axle Steering System: Boeing 777 (Parker/Abex-NWL) Power Management System: Boeing 777 (Sundstrand)Power Management System: Boeing 777 (Sundstrand) Brakes: Boeing 777 (Crane/Hydro-Air) Nuclear and Electricity Brakes: Boeing 777 (Crane/Hydro-Air) Nuclear and Electricity
Aircraft/Avionics –Aircraft/Avionics – Global Positioning System (Global Positioning System (GPSGPS) (Sextant Avionique)) (Sextant Avionique) Flight control data concentrator: Flight control data concentrator: AIRBUS A330-A340AIRBUS A330-A340 (Sextant Avionique) (Sextant Avionique) Braking and steering control unit: AIRBUS A330-A340 (Thomson CSF/DOI and Messier Bugatti)Braking and steering control unit: AIRBUS A330-A340 (Thomson CSF/DOI and Messier Bugatti) Air Traffic Control (ATC): Ground-based instrument landing system (Navia, formerly Normarc)Air Traffic Control (ATC): Ground-based instrument landing system (Navia, formerly Normarc) Air Traffic Control (ATC): Germany, England, France and Belgium (EUROCONTROL)Air Traffic Control (ATC): Germany, England, France and Belgium (EUROCONTROL) Flight Management System (Flight Management System (FMSFMS): (EUROCONTROL)): (EUROCONTROL) Gauge control system: FALCON (Dassault/Intertechnique) France, GermanyGauge control system: FALCON (Dassault/Intertechnique) France, Germany Mission computer and data concentrator: TIGER and NH-90 (Mission computer and data concentrator: TIGER and NH-90 (EurocopterEurocopter)) (ATC): Denmark, Belgium, New Zealand, South Africa, Kenya, Pakistan, and Greece(ATC): Denmark, Belgium, New Zealand, South Africa, Kenya, Pakistan, and Greece
(Thomson CSF/SDC)(Thomson CSF/SDC) Air Traffic Control simulators: Switzerland, Ireland (Thomson CSF/SDC)Air Traffic Control simulators: Switzerland, Ireland (Thomson CSF/SDC) Air Traffic Control System (Air Traffic Control System (ATCATC): (FAA)): (FAA) Radar system: Civil avionics (Wilcox Electric)Radar system: Civil avionics (Wilcox Electric) Engine control system: (Chandler Evans)Engine control system: (Chandler Evans) Flight Management: Flight Management: Lockheed C130JLockheed C130J (Lockheed Martin) (Lockheed Martin) Ground Collision Avoidance: Lockheed C130J (Aerosystems International)Ground Collision Avoidance: Lockheed C130J (Aerosystems International) Displays: Lockheed C130J (Lockheed Sanders)Displays: Lockheed C130J (Lockheed Sanders) Global Positioning System: Global Positioning System: Boeing 777Boeing 777 (CMC) (CMC) Axle Steering System: Boeing 777 (Parker/Abex-NWL)Axle Steering System: Boeing 777 (Parker/Abex-NWL) Power Management System: Boeing 777 (Sundstrand)Power Management System: Boeing 777 (Sundstrand) Brakes: Boeing 777 (Crane/Hydro-Air) Nuclear and Electricity Brakes: Boeing 777 (Crane/Hydro-Air) Nuclear and Electricity
14
Safety Critical Safety Critical CustomersCustomers
Safety Critical Safety Critical CustomersCustomersNuclear/Power -Nuclear/Power -
Power plant control: (Sema Group)Power plant control: (Sema Group) Power generating system simulation: (Thomson CSF/DSI)Power generating system simulation: (Thomson CSF/DSI) Nuclear reactor project: (Nuclear Electric)Nuclear reactor project: (Nuclear Electric) Power plant power transmission system: (ABB Relays AG)Power plant power transmission system: (ABB Relays AG) Nuclear reactor control simulation: (CEA Cadarache)Nuclear reactor control simulation: (CEA Cadarache) Nuclear Shutdown SystemNuclear Shutdown System: Nuclear power station in Czech Republic (Westinghouse Electric): Nuclear power station in Czech Republic (Westinghouse Electric)
Trains and Railways –Trains and Railways – Subway network control systems: Paris, Calcutta, and Cairo (GEC ALSTHOM)Subway network control systems: Paris, Calcutta, and Cairo (GEC ALSTHOM) Railway and signal control system: TGV for north lines and the Railway and signal control system: TGV for north lines and the ChunnelChunnel Brake system for the TGV: the TVM 430 project (CSEE Transports)Brake system for the TGV: the TVM 430 project (CSEE Transports) Brake and signals system: Brake and signals system: London UndergroundLondon Underground, Jubilee Line extension (Westinghouse) , Jubilee Line extension (Westinghouse) Railway and signal control system: TGV MediterraneeRailway and signal control system: TGV Mediterranee Railway Signaling System in China: KCRC project (Alstom)Railway Signaling System in China: KCRC project (Alstom)
Space –Space – Satellite positioning systemSatellite positioning system: (Alcatel SEL): (Alcatel SEL) Launching platform: Ariane V project (Aerospatiale with the CNES and Matra Marconi Space)Launching platform: Ariane V project (Aerospatiale with the CNES and Matra Marconi Space) Satellite imaging system: SPOT project (CNES)Satellite imaging system: SPOT project (CNES) Columbus part of International Space Station: (ERNO Raumfahrttechnik)Columbus part of International Space Station: (ERNO Raumfahrttechnik) Data management systems and network control system: Data management systems and network control system: International Space StationInternational Space Station (NASA) (NASA) Inertial Reference System: QUASAR 3000 project (Thalès Avionics) for ArianeVInertial Reference System: QUASAR 3000 project (Thalès Avionics) for ArianeV Data management system: APM (Atmospheric Pressure Module) for International Space StationData management system: APM (Atmospheric Pressure Module) for International Space Station
(Matra Marconi)(Matra Marconi)
Nuclear/Power -Nuclear/Power - Power plant control: (Sema Group)Power plant control: (Sema Group) Power generating system simulation: (Thomson CSF/DSI)Power generating system simulation: (Thomson CSF/DSI) Nuclear reactor project: (Nuclear Electric)Nuclear reactor project: (Nuclear Electric) Power plant power transmission system: (ABB Relays AG)Power plant power transmission system: (ABB Relays AG) Nuclear reactor control simulation: (CEA Cadarache)Nuclear reactor control simulation: (CEA Cadarache) Nuclear Shutdown SystemNuclear Shutdown System: Nuclear power station in Czech Republic (Westinghouse Electric): Nuclear power station in Czech Republic (Westinghouse Electric)
Trains and Railways –Trains and Railways – Subway network control systems: Paris, Calcutta, and Cairo (GEC ALSTHOM)Subway network control systems: Paris, Calcutta, and Cairo (GEC ALSTHOM) Railway and signal control system: TGV for north lines and the Railway and signal control system: TGV for north lines and the ChunnelChunnel Brake system for the TGV: the TVM 430 project (CSEE Transports)Brake system for the TGV: the TVM 430 project (CSEE Transports) Brake and signals system: Brake and signals system: London UndergroundLondon Underground, Jubilee Line extension (Westinghouse) , Jubilee Line extension (Westinghouse) Railway and signal control system: TGV MediterraneeRailway and signal control system: TGV Mediterranee Railway Signaling System in China: KCRC project (Alstom)Railway Signaling System in China: KCRC project (Alstom)
Space –Space – Satellite positioning systemSatellite positioning system: (Alcatel SEL): (Alcatel SEL) Launching platform: Ariane V project (Aerospatiale with the CNES and Matra Marconi Space)Launching platform: Ariane V project (Aerospatiale with the CNES and Matra Marconi Space) Satellite imaging system: SPOT project (CNES)Satellite imaging system: SPOT project (CNES) Columbus part of International Space Station: (ERNO Raumfahrttechnik)Columbus part of International Space Station: (ERNO Raumfahrttechnik) Data management systems and network control system: Data management systems and network control system: International Space StationInternational Space Station (NASA) (NASA) Inertial Reference System: QUASAR 3000 project (Thalès Avionics) for ArianeVInertial Reference System: QUASAR 3000 project (Thalès Avionics) for ArianeV Data management system: APM (Atmospheric Pressure Module) for International Space StationData management system: APM (Atmospheric Pressure Module) for International Space Station
(Matra Marconi)(Matra Marconi)
04/19/23 15
SummarySummary
Flexible, well-planned product architectureFlexible, well-planned product architectureLightweight implementation technologyLightweight implementation technology
Aonix...Aonix...Vast Experience in Safety Critical SystemsVast Experience in Safety Critical SystemsSupplier of Certifiable RTS and Needed Supplier of Certifiable RTS and Needed
Support ToolsSupport ToolsLeading Supplier for Ada83Leading Supplier for Ada83Only Supplier Today for Ada95Only Supplier Today for Ada95
Off-The-Shelf Certification PackagesOff-The-Shelf Certification Packages
16