GRAHAM WARWICK / WASHINGTON DC

Software to be marketed as commercial off-the-shelf system with US FAA certification expected by year-end

BAE Systems has introduced a real-time operating system specifically designed for safety-critical software applications such as flight and engine controls, avionics and air traffic control. One of the first applications of BAE's CsLEOS is the vehicle management system on Northrop Grumman's X-47A Pegasus unmanned combat air vehicle technology demonstrator, scheduled to fly later this year.

Although developed by BAE Systems Controls for its own use, CsLEOS is being marketed as a commercial off-the-shelf (COTS) system compliant with the industry-standard ARINC 653 applications programming interface. Certification to the US Federal Aviation Administration's highest reliability standard for safety-critical software, DO-178B Level A, is expected by year-end. This will put BAE ahead in the commercial real-time operating system (RTOS) market, believes business development manager Leo Cotnoir.

Major players in the commercial RTOS market include Wind River Systems, whose customers include BAE itself as well as Boeing, Honeywell and Raytheon; and Green Hills Software, which has supplied Boeing, Lockheed Martin and Northrop Grumman, among others. But Cotnoir calculates that 50-60% of the safety-critical market still uses proprietary software. BAE sees a chance to make inroads as more manufacturers move to commercial operating systems.

Development of CsLEOS has taken more than two years and significant investment. "This is the only commercial RTOS designed for safety-critical applications by a company that develops safety-critical systems," says product manager Milan Dedek.

CsLEOS provides safety-critical reliability by using "brick wall" partitioning to isolate processes in time and memory space. Application data is maintained in protected memory spaces, while system and user applications are run in protected partitions. Processor time is divided into major and minor frames within which individual partitions have guaranteed execution time slots. Each partition operates like a virtual processor and can run multiple tasks with differing priorities without affecting other partitions.

Partitioning allows applications with different levels of criticality, such as flight control and health monitoring, to run on the same processor. "We can mix the levels of criticality and make a change to the application with the lower criticality without having to recertify the higher-criticality application," says software head Sumit Ray.

6766

Source: Flight International

Topics