FAA certifies INTEGRITY RTOS for DO-178B, Level A use in Sikorsky S-92 helo.Green Hills Software Inc. recently announced FAA acceptance of a DO-178B, Level A, certification package for its INTEGRITY-178B real-time operating system (operating system) Real-Time Operating System - (RTOS) Any operating system where interrupts are guaranteed to be handled within a certain specified maximum time, thereby making it suitable for control of hardware in embedded systems and other time-critical applications. (RTOS (1) (RealTime Operating System) An operating system designed for use in a real time computer system. See real time system, embedded system, process control and OS-9. ).
The INTEGRITY certification package was delivered to Rockwell Collins Rockwell Collins, Inc. (NYSE: COL) is a large United States-based international company headquartered in Cedar Rapids, Iowa, primarily providing aviation and information technology systems, solutions, and services to governmental agencies and aircraft manufacturers. for use in Technical Standards Order certification for a new avionics system aboard the Sikorsky S-92 helicopter.
FAA audit of the certification package was completed at Green Hills Software's offices in November 2002. The audit process verified compliance with DO-178B, Level A requirements, a required step for certification of the S-92 aircraft.
The S-92 is Sikorsky's newest medium-lift commercial helicopter. Featuring a passenger capacity of 19-22, the versatile new helicopter will serve a variety of commercial and international utility needs, including passenger, cargo, aeromedical aer·o·med·i·cine
The medical study and treatment of physiological and psychological disorders associated with atmospheric or space flight. Also called aerospace medicine, aviation medicine. , search and rescue and resource development support. Production is already underway with final assembly commencing in March 2003.
"The FAA's acceptance of our Level A certification package is very significant," said John Carbone John Carbone is an Australian football (soccer) player who played a number of years in the National Soccer League for Perth Glory and the Brisbane Strikers. , vice president of marketing for Green Hills Software. "INTEGRITY-178B has been approved for use in the most safety-critical applications sanctioned by the FAA. What's more, our complete certification package for DO-178B, Level A is available today to all developers seeking Level A certification. This gives INTEGRITY a clear advantage over other commercial RTOSes wherever DO-178B, Level A certification is required."
Developed by the non-profit Radio Technical Commission for Aeronautics The Radio Technical Commission for Aeronautics (RTCA) develops standards related to the FAA. is a not-for-profit corporation formed to advance the art and science of aviation and aviation electronic systems for the benefiit of the public. (RTCA RTCA Radio Technical Commission for Aeronautics
RTCA Rivers Trails and Conservation Assistance (National Park Service)
RTCA Rio Tinto Coal Australia
RTCA Requirements and Technical Concepts for Aviation ), DO-178B is an internationally recognized standard required for certifying software used in airborne systems and equipment. DO-178B defines five software levels (A through E), with Level A (applicable to the most critical aircraft equipment) requiring the greatest level of effort to show compliance to DO-178B.
INTEGRITY-178B is the core component of Green Hills' solution for safety critical architectures. By providing protection in both the time and space domains, INTEGRITY-178B allows applications that have been assigned different DO-178B safety levels to run concurrently on the same processor (i.e. supports robust partitioning as defined in ARINC ARINC Aeronautical Radio, Inc.
ARINC Aircraft Radio Incorporated
ARINC Aeronautical Research Incorporated 653). INTEGRITY-178B is derived from Green Hills' standard INTEGRITY RTOS product. INTEGRITY, first released by Green Hills in 1997, is a commercial RTOS developed for a broad class of mission critical embedded systems.
INTEGRITY-178B allows multiple software applications to share a common hardware platform and was designed such that any error in one application cannot prevent another application from continuing to operate. As such, the INTEGRITY-178B RTOS provides complete time, space and resource partitioning between applications operating on the same hardware platform. It provides security and determinism through memory protection and real-time scheduling protection.
INTEGRITY-178B's design guarantees bounded computation time by eliminating features such as dynamic memory allocation Reserving memory in a program moment to moment, as needed, without having to reserve a fixed amount when the program starts up. All modern operating systems perform dynamic memory allocation for their own use as well as providing an API function such as "malloc" (memory allocate) to allow . Underlying hardware mechanisms, such as the MMU (Memory Management Unit) The part of the computer that governs memory access. Either part of the CPU chip or housed on separate chips, the MMU controls memory partitions and virtual memory. See memory and virtual memory.
MMU - Memory Management Unit , privileged instruction access control (i.e. supervisor mode) and the trap mechanism are used to provide full system memory protection for all components, including user applications, device drivers and inter-process communications, while its ARINC-653 compliant two-level scheduler provides the framework for temporal protection. Clock and timer protection is guaranteed through access permissions and use of the Time Base Register. INTEGRITY-178B's memory-protection and error-handling features provide a secure system with built-in fault isolation and tolerance.
INTEGRITY-178B is tightly integrated with Green Hills Software's AdaMULTI 2000 IDE. Together with Green Hills Software's family of optimizing Ada 95, C and C++ compilers, AdaMULTI automates all aspects of embedded software development, including editing, source-level debugging, program building, run-time error checking, version control and code/performance optimization. AdaMULTI also features an advanced code coverage tool (G-Cover) that automates structural coverage analysis for application software, including the analysis of DO-178B Table A-7, Objectives 5, 6 and 7 (statement, decision, and MCDC MCDC Minuteman Civil Defense Corps (US civilian border patrol)
MCDC MultiCultural Development Center
MCDC Modified Condition Decision Coverage
MCDC Multiple Condition Decision Coverage coverage achievement).