POK, an ARINC653-compliant operating system released under the BSD license

High-integrity systems must be designed to ensure reliability and robustness properties. They must operate continuously, even when deployed in hostile environment and exposed to hazards and threats. To avoid any potential issue during execution, they are developed with specific attention. For that purpose, specific standards define methods and rules to be checked during the development process. Dedicated execution platforms must also be used to reduce potential errors. For example, in the avionics domain, the DO178-B standard defines the quality criteria (in terms of performance, code coverage, etc.) to be met according to the software assurance level. ARINC653 specifies services for the design of safe systems of avionics systems by using partitioning mechanisms. However, despite those specific methods and tools, errors are still introduced in high-integrity systems implementation. In fact, their complexity due to the large number of collocated functions complicates their analysis, design or even configuration & deployment. In addition, an error may lead to a safety or security threats, which is especially critical for such systems. In addition, existing tools and software are released under either commercial or proprietary terms. This does not ease identification and fix of potential security/safety issues while also reducing the potential users audience. In this paper, we present POK, a kernel released under the BSD license that supports software isolation with time & space partitioning for high-integrity systems implementation. Its configuration is automatically generated from system specifications to avoid potential error related to traditional code production processes. System specifications, written using AADL models are also analyzed to detect any design error prior implementation efforts.