Safety-critical software continues to make its way into military embedded application environments beyond avionics flight systems, such as weapons systems and communications equipment. Often, all of these systems operate together as a single “system-of-systems.” This makes it increasingly important that each of them meets the most stringent and rigorous requirements for safety-criticality, since, if one fails, there could be failures or vulnerabilities in the entire system as a whole.
However, as safety-critical software has proliferated with the multitude of embedded operating systems (OSs) and other software solutions available, so has its complexity. Traditionally, embedded devices have been hardware-centric, and the embedded software has consisted of relatively simple, flat address space kernels carefully designed to optimize performance and minimize the memory footprint. The new embedded system-of-systems, however, is characterized by growing software complexity, so much so that embedded software now dominates development costs and schedules.
As a result, the old way of developing software from scratch for each embedded project is giving way to the need to reuse software from previous development efforts wherever possible, in order to reduce the time, costs and risks involved in redevelopment efforts.
To help reduce the complexities, expense and time needed to get avionics systems to market, the Federal Aviation Administration (FAA) has developed robust guidelines and methodologies for software reuse. Reusable software component (RSC) approval promises to have far-reaching implications and create a major shift in the embedded software industry. Safety-critical design engineers will not only have more software choices available than ever before, but will also be able to reuse software code in multiple safety-critical systems.
RSC FAA Approval: A Standards-Based Approach
Reusable components are not a new concept. In fact, many other industries have long benefited from reusing interchangeable parts. However, the reuse of embedded software represents a significant issue in aviation, since the FAA must approve all software as safe.
In the whole certification process of an embedded OS or other software solution in avionics, for example, each system must meet the rigorous DO-178B standard that defines safety-critical software guidelines for the development of airborne systems. DO-178B certification comprises five levels of safety-criticality, with Level A requiring the most demanding certification process. Until the formidable specifications of this standard are met, a safety-critical computing system literally never gets off the ground.
Currently, any time a systems integrator wants to integrate its DO-178B Level A-certified software component into a new hardware system, the entire hardware/software configuration has to be certified together again. Moreover, that certification is only valid for that particular hardware/software box in that particular configuration. Integrators that try to use the same OS for newer platforms cannot take advantage of that OS’s existing certification: instead, certification has to be done all over again for each hardware/software system they build.
The FAA realized that there was an opportunity to improve the certification process so that system integrators could reuse their existing software, reduce time-to-market and take credit for their previous development efforts.
Thus, the concept of RSC approval for software components was born and guidelines were provided for reusing software data, if properly planned and packaged, with minimal rework from one project to another. These guidelines were released as part of the FAA advisory circular (AC) AC 20-148 for airborne systems and equipment. AC 20-148 shows one acceptable way for RSC developers, integrators and applicants to gain FAA acceptance of components that may make up a part of a system’s software application. It lists software libraries, input and output data files, OSs and communication protocols, among others, as potential components for RSC approval.
RSC approval is the first standards-based approach for software reuse, so that systems integrators can consider portions of the safety-critical software code and supporting DO-178B artifacts—which include software, requirements documentation, design documentation, requirements coverage, test sweeps, verification procedures and test results—for reuse in other embedded system designs with other software components. The RSC developer provides integrators with guidance on how to use those components and take credit for the different objectives of DO-178B. Essentially, an integrator can take partial credit for some objectives and full credit for others. This helps to significantly decrease the time required for software development, modification and maintenance across various design projects and to minimize the overall costs of avionics equipment.
continue to next page >>
