1 / 41

A call for action

A call for action. www.open-do.org. Cyrille Comar comar@adacore.com Matteo Bordin bordin@adacore.com. Summary. Introduction FLOSS & Open Source Communities Introducing Open-DO Why an Open Initiative for DO-178? Keys to Success Annex: Description of the mentioned projects. Introduction.

daisy
Télécharger la présentation

A call for action

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. A call for action www.open-do.org Cyrille Comar comar@adacore.com Matteo Bordin bordin@adacore.com

  2. Summary • Introduction • FLOSS & Open Source Communities • Introducing Open-DO • Why an Open Initiative for DO-178? • Keys to Success • Annex: Description of the mentioned projects

  3. Introduction Which Arinc 653 OS will be around in 15 years? • Commercial Solutions • - WRS, Sysgo, LynuxWorks, GHS, DDCI • Private Solutions maintained internally by Avionics companies • - At least 3 in Europe & 1 in the US • Experimental • - RTEMS + 653 interface Any lessons from what happened in the Unix world?

  4. FLOSS License Free to use… for ever Free to look at sources Free to change Free to redistribute

  5. Open Source Communities • Significant technologies are successfully managed by such communities: • - The Linux Kernel • - Eclipse • - GCC • - RTEMS • - Mono • - Python • … • For more than 20 years now

  6. Open Source Communities • Contributors: from individuals to corporations • Sharing technology not products … and many more The GCC example

  7. Roles in Open Source Communities Initiators & regulators • Active participants • Short term cost increase • Learning curve • Working in an open environment • - Contributing back • Long term cost decrease by • - Sharing Resources • Solving a common problem • Avoiding solving already solved problems • Passive Users • Benefit from the work of others • Can’t customize to their own needs • Help spread the technology

  8. What about the DO-178 community? • Is there a need for openness & cooperation? • Potential for community growth? • AVSI (Aerospace Vehicle Systems Institute) • Certify Together • This comittee • military • space, automotive, …

  9. Some Relevant Open Projects & Technologies OSEE Couverture SPARK

  10. Some Relevant Open Projects & Technologies OSEE Couverture SPARK

  11. Open - DO Concepts The meeting of 3 worlds Libre Open Source High AssuranceCertification Agile Lean

  12. Open - DO Concepts Qualified tools Life cycle traceability Req based testing Visibility Resiliance Sharing Reuse Libre Open Source High AssuranceCertification Agile Lean Iterative requirements Continuous Integration Test Driven Development …

  13. Relevant Agile/Lean Concepts Test Driven Development Requirement Based testing Executable Specifications Iterative requirements IP 217 Continuous Integration

  14. Open - DO Challenges Opening & sharing more than “source code” - requirements, designs, testcases … Life-Cycle Traceability Agile Workflows for the DO-178

  15. Some DO-178B workflows Top level workflow Software Life Cycle Process Transition criteria between activities Integral Processes Workflow support Workflow verification

  16. Some DO-178B workflows (2) Component certification workflow Software Life Cycle Process Traceability Integral Processes Requirement coverage Code coverage

  17. Some DO-178B workflows (3) Qualification of Verification Tools Workflow Software Life Cycle Process Traceability Integral Processes Requirement Coverage OSEE

  18. Open DO Components Document Templates Workflows Open-Do Qualifiable Tools Certifiable Components Education Materials

  19. Open DO Components Specialized for given certification standards Document Templates Workflows Open-Do Qualifiable Tools Certifiable Components Education Materials

  20. Open DO Components Document Templates Workflows Open-Do Qualifiable Tools Certifiable Components Education Materials OSEE Couverture … Gene-auto Topcased

  21. Open DO Components Document Templates Workflows Open-Do Qualifiable Tools Certifiable Components Education Materials Toy certifiable projects Specialized Examples (e.g. for do-178c annexes)

  22. Open DO Components Document Templates Workflows Open-Do Qualifiable Tools Certifiable Components OS runtimes IP stack middleware … Education Materials

  23. Open DO Components PSAC SDP, SVP, SCMP… Standards SAS … Document Templates Workflows Open-Do Qualifiable Tools Certifiable Components Education Materials

  24. Why an open initiative for the DO-178 world?

  25. Why Open-DO? A support to the DO-178C effort • Educational materials for clarifying intent • Experimental test-bed for annexes

  26. Why Open-DO? Avionics industrial community • Provides a shared infrastructure • - For long term investment • - For long term cost reduction • Allows some level of cooperation with competitors • Lower training costs (especially for subcontractors)

  27. Why Open-DO? Certification authorities • Lower training costs for DERs • Vehicle for clarifying specific issues • Help sharing or practices between authorities

  28. Why Open-DO? Tool providers • Offers an ideal showcase for their open technologies • Tool sharing makes it easier to provide a complete supported solution • Creates and ecosystem where everyone can meet potential • customers and partners

  29. Keys to success • Balance • - Europe vs US • - Boeing vs Airbus • - Authorities vs Industry • Find key participants for critical mass • - Certification authorities • - Major Aeronautics players • - Established tool providers • - Academics • Attract public funds for bootstrap • Find appropriate governance rules • define « Open Source 2010 » • certification workflows

  30. Annex – Information on Mentioned Projects OSEE Couverture SPARK

  31. OSEE Focus on system engineering Open System Engineering Environment Open to external tool integration Open development philosophy Integrated management environment • Application life cycle management system • First-class Eclipse project contributed by • - www.eclipse.org/osee • - Apache Team (Phoenix, AZ) • - 5 years in development, 5 people full-time • - Not specific to DO-178

  32. OSEE Development Artifacts Tracking Requirements Test procedures Models Code Tests Test cases Tests Actual Output Tests Expected Output OSEE Development Artifacts (import artifacts from external tools) Traceability Model

  33. OSEE & Traceability End-to-End Traceability Model Requirements Test cases Design Test procedures Code Tests Test Expected Output Test Actual Output Slide: 33

  34. OSEE & Workflow Modeling/Tracking Define Development Teams Workflow Instantiation (example: verification of a REQ_1_2b) Analysis Verification Qualification assign Joe assign Joe John Ryan Don Don Assign Members to Teams Slide: 34

  35. TOPCASED • Toolkit in OPen source for Critical Application & SystEm Development • www.topcased.org Metamodel Design / Analysis Model (formal) analysis Code Slide: 35

  36. TOPCASED (II) ECore UML SysML AADL … Graphical Modeling Model Transformation Framework • An Integrated Eclipse Distribution • The Future Official Eclipse Solution for UML modeling • http://wiki.eclipse.org/MDT-Papyrus-Proposal

  37. GeneAuto Input Model … Intermediate representation Qualified … Code • - A Qualifiable Generic Framework for Code Generation • Dynamic Systems Modeling: Simulink/StateFlow, Scicos • Targeting C (and Ada soon) • Available as a FLOSS • along with qualification material (planned) • Partners: Airbus, Continental, Thales-Alenia, Barco, IAI, … Slide: 37

  38. SPARK SPARK Ada • Annotation of Ada programs for Formal Analysis • Partial correctness • Information/Data Flow • The whole technology is NOW available as a FLOSS • http://www.praxis-his.com/sparkada/ Slide: 38

  39. Couverture • Language-Independent Structural Coverage Framework • Source coverage WITHOUT instrumentation (st, dc, mc/dc) • Object Coverage (instructions, branches) • Instrumented Simulation Framework • The whole technology will be available as a FLOSS… • including the qualification material • https://libre.adacore.com/coverage/

  40. Couverture (II) Instrumented, Virtualized Execution Environment Source Code Execution Traces Cross Compiler if Pression (M) >= P_Limit then Alarme (M, « PRE ») elsif Temperature (M) >= T_Limit then Alarme (M, « TEMP ») end if; 0x12460 0X12464+ ... Object Coverage Report (instruction, branch) Source Coverage Report (statement, DC, MC/DC) Slide: 40

  41. Upcoming Events The Lean, Agile Approach to High-Integrity Software Paris - March 26th, 2009 Jim Sutton, Lockheed Martin Alexandre Boutin, Yahoo Emmanuel Chenu, Thales David Jackson, Praxis High-Integrity Systems Cyrille Comar, AdaCore Open-Do Masterclass @ Avionics EU Amsterdam - March 11th-12th, 2009 Franco Gasperoni, AdaCore Open-Do Masterclass @ Avionics US San Diego – June, 1st – 2nd, 2009 Ryan Brooks, Boeing Robert B.K. Dewar, AdaCore Next Informal Open-DO Meeting @ EclipseCon 2009 Santa Clara, March 21st -25th, 2009 Airbus, Boeing, AdaCore info@open-do.org

More Related