Safety critical solutions do 178b
1 / 29

- PowerPoint PPT Presentation

  • Updated On :

Safety Critical Solutions DO-178B. Joe Colloca Aonix. We’ll Cover …. Review: Ada’s role in Safety Critical Systems Aonix Raven Solution Architecture Safety-Critical Systems Aonix / Ada Safety Critical Projects. Ada in Safety Critical Systems. Ada is preferred, but not required

I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
Download Presentation

PowerPoint Slideshow about '' - ardith

An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.

- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
Safety critical solutions do 178b

Safety Critical Solutions DO-178B

Joe Colloca


We ll cover
We’ll Cover …

  • Review: Ada’s role in Safety Critical Systems

  • Aonix Raven Solution Architecture

  • Safety-Critical Systems

  • Aonix / Ada Safety Critical Projects

Ada in safety critical systems
Ada in Safety Critical Systems

  • Ada is preferred, but not required

  • Global use

    • Aviation

    • Rail

    • Energy

  • Existing standards support with Certifiable RTs

    • DoD 178B

    • SIL 4

    • RIA 23

Objectada raven

ObjectAda Raven

Safety Critical

Software Development Environment

Product structure approach benefits
Product Structure / Approach / Benefits

  • Evolvable, “Base +” packaging

    • Supports gradual buy-in

    • Doesn’t require “all-at-once” commitment

  • Platforms, Environments, Communications for embedded development & testing

  • Cover the breadth of lifecycle/process

  • Value / price competitive

  • Familiar Environments; Ease-of-use; Standards

Product line organization

Windows XP / 2003 / NT

UNIX / Linux / CDE


Core Solution Package

Enterprise Scalability

Out of Box Certification

Product Line Organization


x Intel


x ERC 32

x 68K

Scci support
SCCI Support

List Files Keep Checked Out

Comment Select / UnSelect All

Get Latest Check Out

Check In Undo Check Out

Add to CM Remove from CM

Show History Show Differences

CM Properties Invoke External CM

Objectada raven1

ObjectAda Raven

Certified / Certifiable

Compiler & RTS

Safety systems legal

Case Law













Confidence / Safety

Safety Systems - Legal

Runtime certifiability dod 178b level a
Runtime Certifiability DoD-178B Level A

  • Full Requirements through Test Results Mapping

  • 100% Source Level Coverage

  • 100% Machine Level Coverage

  • Full MCDC Coverage

  • Runtimes can be certified but,

    • Termed “Certifiable”

    • System as a whole is certified

    • Must deliver certification evidence record

Hercules c130j and c27
Hercules - C130J and C27










Certification experience c 130j avionics

Over 3000 signatures

required on certification material

for one RTS Certification system


6000 Lines of Code

Certification Experience – C-130J Avionics

  • Reviews

    • Requirements

    • Design

    • Code

  • Functional Testing

  • Coverage testing

  • Large amount of test data to be analyzed

Ravenscar profile
Ravenscar Profile

  • Industry Wide Safety Critical Standard

  • Ada95 Subset

    • Deterministic

    • Certifiable

  • Tasking Allowed

    • Rendezvous Disallowed

    • Use Protected Objects for Communication

  • No Dynamic Memory Allocation

Ravenscar profile support
Ravenscar Profile Support

New support: Bounded tasking model

Flags Ravenscar Profile violations at compile time

New support: Segregated loads

PowerPC 32 bit Intel ERC32 68K

Ravenscar profile support1
Ravenscar Profile Support

  • VectorCast

    • Source Level Coverage & Test Harness

    • Integrated Code Coverage

    • Repeatable Testing

    • Compiler integration

    • Embedded target based testing

  • AdaCover

    • Full target-based machine level coverage testing

  • Out-of-Box Level A Certification Packages

Raven example packaging
Raven Example Packaging

  • Core Pack

    • Basic Development Environment

  • Project Pack

    • Advanced Language Sensitive tools for larger group source consistency / style guideline conformance

  • Test Pack

    • Provides coverage for higher levels of quality verification in mission- and safety-critical development

  • Safety Critical Pack

    • Comprehensive standards-based testing & documentation through Level A

  • Design Pack

    • Implements best practices for designing and producing safer & more reliable software applications & reusable components

Where is ada in safety critical
Where is Ada in Safety Critical?

  • Lockheed Martin - C130J and C27

  • Boeing 777

  • Boeing 737

  • Westinghouse Electric - Nuclear Shutdown

  • Westinghouse Brake and Signals

    • London Underground - Jubilee Line extension

    • Automatic Brakes and Signaling

Boeing 777

Power Management






Axle Steering


Boeing 777

London underground jubilee line
London Underground – Jubilee Line

  • Software role

    • Manage train separation – faster & closer together

    • Inter-train communication

    • Central control center

  • Architecture & Safety Standard

    • M68030 controllers

    • Software Integrity Level 4 (SIL)

    • RIA 23 required

  • Mapping document produced between RIA 23 and Aonix (DO-178B) Certification materials

Aonix program success

ITT Avionics: Integrated RF Countermeasures

Honeywell: H-764G Embedded GPS

Thales Avionics: Global Positioning System

Lockheed Martin: Missile and Guidance System Upgrades

Thales Avionics: Flight control data concentrator AIRBUS A330-A340

Thomson CSF: Braking and steering control AIRBUS A330-A340

Navia: Air Traffic Control (ATC) ground-based instrument landing system

Eurocontrol: ATC Germany, England, France, Belgium

Eurocontro: Flight Management System

Thales Air Defence: ATC

Wilcox Electric: Avionics radar system

Chandler Evans: Engine control system

Lockheed Martin: Flight Management: Lockheed C130J

Aerosystems International: Ground Collision Avoidance System

Lockheed Sanders: Avionics Displays Lockheed C130J

Canadian Marconi: GPS Boeing 777

Parker/Abex-NWL: Axle Steering System Boeing 777

Sundstrand: Power Management System Boeing 777

Crane/Hydro-Air: Braking System Boeing 777

Aonix Program Success

Aonix program success1

Astrium: Automated Transfer Vehicle

Alcatel SEL: Satellite positioning system

Aerospatiale: Ariane V launcher

Matra Marconi Space: Ariane V launcher CNES: Galileo Mars probe - switching and telemeasuring systems

CNES: Satellite imaging system

Astrium Gmbh: International Space Station - Columbus project

NASA / Boeing: International Space Station - Flight Control Systems

Matra Marconi Space: Atmospheric Pressure Module - Data / Network management

Alstom Transport: Radio Bloc Center system Rail Traffic Management

GEC Alsthom: Subway network control systems Paris, Calcutta, and Cairo

GEC Alsthom: Signal control system: TGV North Lines / Channel Tunnel

CSEE Transports: TGV Brake system / TVM 430 project

Westinghouse: Brake and Signals system London Underground Jubilee Line

Swisslog Software: Supply Chain Management System

XATA: Telematics application framework

Kordoba: Enterprise Data Model

NORTEL Networks: Optical Switch Platform

Siemens: Network Management System

Aonix Program Success

Coming soon
Coming Soon

Multi-language Time & Memory partitioned kernel


  • Ada is a good technical choice for high-integrity systems

  • Aonix solution architecture delivers business value throughout the development cycle

  • Certification out-of-box

  • Evolving Aonix solutions are a good technical – and business - choice