This content is not included in your SAE MOBILUS subscription, or you are not logged in.
Experiences of Civil Certification of Multi-Core Processing Systems in Commercial and Military Avionics, Integration Activities, and Analysis
- Journal Article
- DOI: https://doi.org/10.4271/2019-01-1382
ISSN: 2641-9637, e-ISSN: 2641-9645
Published March 19, 2019 by SAE International in United States
Event: AeroTech Americas
Citation: Tiedeman, H. and Parkinson, P., "Experiences of Civil Certification of Multi-Core Processing Systems in Commercial and Military Avionics, Integration Activities, and Analysis," SAE Int. J. Adv. & Curr. Prac. in Mobility 1(2):419-428, 2019, https://doi.org/10.4271/2019-01-1382.
Avionics systems are currently undergoing a transition from single core processor architectures to multi-core processor architectures. This transition enables significant advantages in reduction in size, weight, power (SWaP) and cost. However, avionics hardware and software certification policies and guidance are evolving as research and experience is gained with multi-core processor architectures. The unique challenges of using multi-core processors in certified avionics will be discussed. The requirements for a virtualization platform supporting multiple real-time operating system (RTOS) partitions on a multi-core processor used in safety-critical avionics systems are defined, including the ability to support multiple design assurance levels (DAL) on multiple cores, fault isolation and containment, static configuration as per ARINC 653, role-based development as per DO-297, and robust partitioning to reduce cost of incremental certification. The paper will present a collaborative approach undertaken by a leading avionics system supplier and a leading safety-critical commercial-off-the-shelf (COTS) RTOS supplier in the development of a multi-core real-time system with DO-178C DAL A software and DO-254 DAL A hardware safety certification on an FAA Program of Record (PoR). The approach taken to comply with FAA CAST-32A objectives will be presented. Particular focus is provided for integration activities and program specific analysis performed by the IMA application developer and integrator to guarantee determinism in the deployed system. Using the approach defined under the PoR, the application developer performs activities including foot-printing under worst-case execution time (WCET) loads and application of numerical methods to predict interference effects. The IMA integrator uses this data to define a performance restricted environment (PRE) and uses WCET verification in the PRE. Tools, analysis methods, and sample results will be presented. The method to capture results is discussed. Finally the paper includes lessons learned during the program.