Model-driven development of ARINC 653 configuration tables

Generative …, 2004

24th Digital Avionics Systems Conference, 2005

The term "Model based design and development" has grown in popularity over the past decade. Within the embedded avionics community the term model based design implies the development and application of "control models and simulations" within tools such as MATLAB. At Honeywell, the authors have been engaged in model based development (MBD) and associated tools development for avionics applications. This position paper applies the lessons learned and discusses several issues, relating to sound modelbased design, to meet design assurance and certification objectives. The paper examines the dominant approaches utilized by some of the popular model-based design, code generation and verification tool suites available commercially. It contrasts these approaches to traditional software design, implementation, and verification methods. This paper also recommends taking a broader perspective of MBD and suggests adopting lessons learned from the classical software engineering arena. We discuss this together with areas for future investigation, standardization, and automation tool development and integration

Software and Systems Modeling, 2021

The development process of on-board software applications can benefit from model-driven engineering techniques. Model validation and model transformations can be applied to drive the activities of specification, requirements definition, and system-level validation and verification according to the space software engineering standards ECSS-E-ST-40 and ECSS-Q-ST-80. This paper presents a model-driven approach to completing these activities by avoiding inconsistencies between the documents that support them and providing the ability to automatically generate the system-level validation tests that are run on the Ground Support Equipment and the matrices required to complete the software verification. A demonstrator of the approach has been built using as a proof of concept a subset of the functionality of the software of the control unit of the Energetic Particle Detector instrument on-board Solar Orbiter.

2003

Architecture Description Languages provide significant opportunity for the incorporation of formal methods and engineering models into the analysis of software and system architectures. A standard is being developed for embedded real-time safety critical systems which will support the use of various formal approaches to analyze the impact of the composition of systems from hardware and software and which will allow the generation of system glue code with the performance qualities predicted. The standard, the Avionics Architecture Description Language (AADL), is based on the MetaH language developed under DARPA and US Army funding and on the model driven architectural based approach demonstrated with this technology over the last 12 years. The AADL standard will include a UML profile useful for avionics, space, automotive, robotics and other real-time concurrent processing domains including safety critical applications.

2016

In the last decade, Thales Alenia Space started studying the transition of its own systems engineering methods from standard requirement and document based ones to innovative approaches taking care of concurrent engineering, enhanced collaboration, model based system engineering methods and tools and tool-chains for overall engineering environments. In the field of system architectures analysis and definition, TAS has deployed internally a tooled-up approach, which is being extended to other system and multidisciplinary engineering activities. Despite an investment needed to set-up the tooled-up approach, it allows to relate in a same model customer needs and architecture constraints, furthermore ensuring overall document consistency with the design by means of automatic documentation generation from the model, simplifying alignment in case of model update. Moreover, traceability links between requirements and model facilitate impact analysis for system evolution and maintenance, an...

2010

A vionics systems must be carefully designed due to their criticality since fault may lead to loss of life. Thes e systems must be verified and certified. However, design of avionics arc hitectures becomes more and more complex due to an increasing demand of new functionalities. It makes very diffic ult to analyze systems and detect potential faults that may cause damages. This paper presents an approac h to model and validate avionics systems. Architecture requirements, properties and constraints are described with the Architecture Analysis and Design Language (AA DL) and its associated A RINC653 annex. Then, we apply validation rules to check system correctness and constraints enforcement. This approac h provides a high-level view of the system and eases the development of avionics system by validating their requirements at a modellevel, before any implement ation efforts

ARINC 653 specification has been introduced as a standardized interface definition of real-time operating system to simplify the development of integrated Modular Avionics. The ARINC 653 provides a strict and robust time and space partitioning to guarantee the reliability of avionics by isolating the failures of the system. Configuration data for the time and space partitions in the ARINC 653 can be defined as the XML configuration file that can be accessed only by system OS. Unfortunately, it is quite tedious activity to confirm the integrity of partition scheduling and to check the syntax errors of XML during the integration tasks. In this paper, we present a software configuration tool that provides generating the configuration data and verifying the integrity of partitioning based on XML Scheme of the ARINC 653 standard.

2016

All avionics software systems are subjected to certification constraints imposed by DO-178 standards. Civil avionics equipment manufacturers are quite conservative in their software development processes: most still use time-tested software engineering tools and methods, due to strict certification constraints. These certification constraints, along with the increasing size and complexity of modern avionics software-intensive systems, are having a huge impact on the cost of certifiable avionics software development. To cope with this increasing complexity, avionics equipment manufacturers need to use modern software development methodologies. This is possible with the release of DO-178C standard. In my thesis, I have explored the use of model-based software product line engineering for certifiable avionics software development, and have proposed industrial-level solutions for using a model-based software product line process based on commercially available tools. In this thesis, I have also explored the applicability of our model-based software product line process to export-controlled, certifiable avionics software development, identifying constraints that limit the reuse of software components among export-controlled avionics software and proposing technical solutions that facilitate the application of a model-based software product line to export-controlled, certifiable avionics software development. The proposed solutions are validated using industrial case studies.

Lecture Notes in Computer Science, 2012

Configuring Integrated Control Systems (ICSs) is largely manual, time-consuming and error-prone. In this paper, we propose a model-based configuration approach that interactively guides engineers to configure software embedded in ICSs. Our approach verifies engineers' decisions at each configuration iteration, and further, automates some of the decisions. We use a constraint solver, SICStus Prolog, to automatically infer configuration decisions and to ensure the consistency of configuration data. We evaluated our approach by applying it to a real subsea oil production system. Specifically, we rebuilt a number of existing verified product configurations of our industry partner. Our experience shows that our approach successfully enforces consistency of configurations, can automatically infer up to 50% of the configuration decisions, and reduces the complexity of making configuration decisions.

2010

The ARINC-653 standard defines a common interface for Integrated Modular Avionics (IMA) code. In particular, ARINC-653 Part 1 specifies a process-and partition-management API that is analogous to POSIX threads, but with certain extensions and restrictions intended to support the implementation of high reliability flight code. MCP is a software model checker, developed at NASA Ames, that provides capabilities for model checking C and C++ source code. In this paper, we present recent work aimed at implementing extensions to MCP that support ARINC-653, and we discuss the challenges and opportunities that consequentially arise. Providing support for ARINC-653's time and space partitioning is nontrivial, though there are implicit benefits for partial order reduction possible as a consequence of the API's strict interprocess communication policy.