Loading…

An open software architecture for high-integrity and high-availability avionics

We describe a software architecture that can greatly reduce re-certification costs associated with the re-hosting of avionics applications from one platform to another. This is achieved by (1) enabling the development of core application components independent of platform specific concerns related t...

Full description

Saved in:
Bibliographic Details
Main Authors: Agrawal, M., Cooper, S., Graba, L., Thomas, V.
Format: Conference Proceeding
Language:English
Subjects:
Online Access:Request full text
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:We describe a software architecture that can greatly reduce re-certification costs associated with the re-hosting of avionics applications from one platform to another. This is achieved by (1) enabling the development of core application components independent of platform specific concerns related to I/O and fault-tolerance, (2) defining abstractions of platform I/O and fault-tolerance strategies for use by application components, and (3) providing transforms that enable system integrators to build a system with its specific I/O and fault-tolerance requirements using platform-independent application components. Application component and transform source code (and in many cases, binaries) can be moved from one platform to another without the need for modification. The system configuration and any new transforms developed still need to be recertified. The I/O abstractions defined by the architecture are key to enable the development of platform independent application components. Inputs to components are simple values (signals) with attributes such as refresh rate and units. On different platforms, these values may be generated at different rates, in different units, and in different ways (by combining values from multiple sources, produced by a fail-stop source, etc.). Transforms mask these platform differences from application components. Similarly, differences in component output attributes and those required by the platform are handled by transforms. The architecture makes provision for application specific built-in-tests, fault-detectors, and reconfiguration strategies. Again, these are specified and implemented independent of core application functionality, allowing application components to be moved across platforms with different fault-tolerance strategies. A software framework based on this architecture has been implemented and demonstrated using an FMS-like application. Core application functionality was implemented as components and packaged as shared libraries. Multiple I/O and redundancy schemes were then constructed using these application modules by changing only the configuration. This demonstrated the feasibility of developing application components in a platform independent manner and configuring them for different platforms.
DOI:10.1109/DASC.2004.1390766