摘要 :
Avionics software development is expensive and release cadence is slow. Therefore, reusable software components and applications are particularly attractive to enable faster system development, increase quality and decrease costs....
展开
Avionics software development is expensive and release cadence is slow. Therefore, reusable software components and applications are particularly attractive to enable faster system development, increase quality and decrease costs. A common Application Programming Interface (API) can avoid strong coupling between software and its execution environment and enable re-use even when the execution environment changes. ARINC 653 describes such an API for avionics applications. However, orthogonal to the use of this API, some coupling to the hardware and the execution environment remains. Usually, an avionics application still has to be adapted to the OS implementing ARINC 653 and compiled for the target hardware architecture. In this paper, we outline a concept for removing this restriction, while increasing portability and re-usability, using WebAssembly as a common Application Binary Interface and object code format. Since WebAssembly is a universal byte-code written for a Virtual Machine, this also enables advantages towards certification and fault isolation. In this work we integrate a WebAssembly (Wasm) interpreter onto an ARINC 653 Hypervisor to demonstrate feasibility of the approach, and to assess runtime impact on binary size and performance. Moreover we argue that certification according to DO-178C is achievable for a Wasm interpreter based avionic software stack.
收起
摘要 :
Behavior Driven Development (BDD) is a test driven development approach which aims at bridging the gap between the end-user and the software development. It promotes a semi-formal ubiquitous language for executable behavior specif...
展开
Behavior Driven Development (BDD) is a test driven development approach which aims at bridging the gap between the end-user and the software development. It promotes a semi-formal ubiquitous language for executable behavior specification and automated acceptance testing. The BDD infrastructure Cucumber and the language Gherkin have been established in many application domains. This paper discusses their utilization for airborne software engineering with an example application, Class C Terrain Awareness and Warning System, being developed using Rust language with Rust BDD infrastructure.
收起
摘要 :
Behavior Driven Development (BDD) is a test driven development approach which aims at bridging the gap between the end-user and the software development. It promotes a semi-formal ubiquitous language for executable behavior specif...
展开
Behavior Driven Development (BDD) is a test driven development approach which aims at bridging the gap between the end-user and the software development. It promotes a semi-formal ubiquitous language for executable behavior specification and automated acceptance testing. The BDD infrastructure Cucumber and the language Gherkin have been established in many application domains. This paper discusses their utilization for airborne software engineering with an example application, Class C Terrain Awareness and Warning System, being developed using Rust language with Rust BDD infrastructure.
收起
摘要 :
The number of flights performed globally by the airline industry increased from 20 million in 2004 to almost 40 million in 2019. This growing number of performed flights puts enormous pressure on the global aviation sector as a wh...
展开
The number of flights performed globally by the airline industry increased from 20 million in 2004 to almost 40 million in 2019. This growing number of performed flights puts enormous pressure on the global aviation sector as a whole. That pressure is mainly expressed as a desire for Size, Weight, Power and Cost (SWAP-C) reduction. Today, it is not only the underlying architecture and the corresponding hardware but also the software running these architectures defining the success in SWAP-C optimization. Software development is effort-intensive, error-prone, and expensive. This leads to the question of why the avionics industry is not exploiting emerging methods and techniques from other domains. The open-source software movement provides a staggering amount of different technologies for solving problems that are not too different from the problems in the avionics domain. The major reasons for this development paralysis are certification requirements. The civil aviation sector is strictly regulated, thus experimenting with alternatives is expensive and difficult. Nevertheless, this paper explores a few of these alternatives, namely Cloud-Native Technologies for the future Integrated Modular Avionics (IMA) architectures, and tries to suggest topics that might be interesting for further research.
收起
摘要 :
Safety-critical real-time systems must be carefully designed to guarantee both functional and temporal correctness. State-of-the-art approaches to achieve this are often based on formal notations capturing both the desired functio...
展开
Safety-critical real-time systems must be carefully designed to guarantee both functional and temporal correctness. State-of-the-art approaches to achieve this are often based on formal notations capturing both the desired functionality and relevant timing properties. This work is concerned with the design of embedded software systems for emerging fields such as the Urban Air Mobility (UAM) sector. In this context, it deals with scenarios that benefit from a less formal programming model, but for which guarantees on functional and timing behavior must still be provided. We propose a concept to specify and simulate the behavior of embedded real-time software in a deterministic manner. It combines the Logical Execution Time (LET) paradigm with a flexible, code-based approach for behavior specification and performs discrete-event (DE) simulations to determine how exactly the designed system responds to given stimuli. We describe this concept, present a reference implementation using Ptolemy II as simulation backend, and discuss its application to a pilot assistance system from the UAM sector.
收起
摘要 :
Embedded systems have long been evolving towards incorporating more than one processor. We see both, homogeneous and heterogeneous multi-core designs. Symmetric Multiprocessing (SMP) enables high performance computing on embedded ...
展开
Embedded systems have long been evolving towards incorporating more than one processor. We see both, homogeneous and heterogeneous multi-core designs. Symmetric Multiprocessing (SMP) enables high performance computing on embedded systems for applications that require high processing power. However, parallel programming of multi-core embedded applications suffers from complexity. It is notably harder, time-consuming and most importantly, prone to errors than sequential programming which makes it a challenge, particularly in safety critical domains. In avionics, the position paper CAST-32A Multi-core Processing reports on concerns and proposes objectives regarding the safety for multi-core software. The key is to identify and prevent possible interference that potentially disturbs the determinism. Rust is a modern systems programming language which aims amongst others at being safe. In this paper, we investigate how Rust can help with the development of safe multi-core applications, in particularly for the avionics domain. A representative platform is designed with a partitioned runtime environment using the L4Re separation kernel on a multi-core ARM architecture. The evaluation is carried out using a parallel implementation of a forward looking terrain avoidance algorithm.
收起
摘要 :
Urban Air Mobility is envisioned as an on-demand, highly automated and autonomous air transportation modality. It requires the use of advanced sensing and data communication technologies to gather, process, and share flight-critic...
展开
Urban Air Mobility is envisioned as an on-demand, highly automated and autonomous air transportation modality. It requires the use of advanced sensing and data communication technologies to gather, process, and share flight-critical data. Where this sharing of mix-critical data brings opportunities, if compromised, presents serious cybersecurity threats and safety risks due to the cyber-physical nature of the airborne vehicles. Therefore the avionics system design approach of adhering to functional safety standards (DO-178C) alone is inadequate to protect the mission-critical avionics functions from cyber-attacks. To approach this challenge, the DO-326A/ED-202A standard provides a baseline to effectively manage cybersecurity risks and to ensure the airworthiness of airborne systems. In this regard, this paper pursues a holistic cybersecurity engineering and bridges the security gap by mapping the DO-326A/ED-202A system security risk assessment activities to the Threat Analysis and Risk Assessment process. It introduces Resilient Avionics Architecture as an experimental use case for Urban Air Mobility by apprehending the DO-326A/ED-202A standard guidelines. It also presents a comprehensive system security risk assessment of the use case and derives appropriate risk mitigation strategies. The presented work facilitates avionics system designers to identify, assess, protect, and manage the cybersecurity risks across the avionics system life cycle.
收起
摘要 :
The competition for market entry in emerging segments such as Urban Air Mobility highlights the need for efficient and flexible development processes. This is accompanied by the trend towards software-intensive avionics systems du...
展开
The competition for market entry in emerging segments such as Urban Air Mobility highlights the need for efficient and flexible development processes. This is accompanied by the trend towards software-intensive avionics systems due to the requirement for complex and computationally expensive algorithms. Considering the successful application of agile developments in the software domain, one might conclude that the agile paradigm would be the perfect fit to address these issues. However, for highly safety-critical domains such as aviation, multiple conflicts with the agile paradigm exist. Especially the constraint to follow rigorous and well documented processes contradicts the ideas of agile. To bridge this gap, a comprehensive and well documented, but still flexible process is necessary. Accordingly, this paper proposes a first step towards such an agile safety-guided design, by combining Model-Based Systems Engineering with the System-Theoretic Process Analysis. Particularly, focus is placed on enabling an iterative safety-guided design by providing functionality to track design changes to the corresponding safety artifacts. This automated functionality is enabled by a formalized execution of the safety analysis. At first glance, formalization sounds like a contradiction to the agile paradigm. However, we argue that formality and agility are not necessarily contradicting each other. Our theory is that moving the focus of formality from the human activities to the assisting functionality even increases overall agility. The iterative safety-guided design and resulting identification of safety improvements is demonstrated with examples of a flight assistance system.
收起
摘要 :
While formal methods have long been praised by the dependable Cyber-Physical System community, continuous software engineering practices are now employing or promoting semi-formal approaches for achieving lean and agile processes....
展开
While formal methods have long been praised by the dependable Cyber-Physical System community, continuous software engineering practices are now employing or promoting semi-formal approaches for achieving lean and agile processes. This paper is a discussion about using Behaviour Driven Development, particularly Gherkin and RSpec for DepDevOps, DevOps for dependable Cyber-Physical Systems.
收起
摘要 :
While formal methods have long been praised by the dependable Cyber-Physical System community, continuous software engineering practices are now employing or promoting semi-formal approaches for achieving lean and agile processes....
展开
While formal methods have long been praised by the dependable Cyber-Physical System community, continuous software engineering practices are now employing or promoting semi-formal approaches for achieving lean and agile processes. This paper is a discussion about using Behaviour Driven Development, particularly Gherkin and RSpec for DepDevOps, DevOps for dependable Cyber-Physical Systems.
收起