Certification of software for real-time safety-critical systems: state of the art

This paper presents an overview and discusses the role of certification in safety-critical computer systems focusing on software, and partially hardware, used in the civil aviation domain. It discusses certification activities according to RTCA DO-178B “Software Considerations in Airborne Systems and Equipment Certification” and touches on tool qualification according to RTCA DO-254 “Design Assurance Guidance for Airborne Electronic Hardware.” Specifically, certification issues as related to real-time operating systems and programming languages are reviewed, as well as software development tools and complex electronic hardware tool qualification processes are discussed. Results of an independent industry survey done by the authors are also presented.

[1]  Eliane Martins,et al.  Component-Based Software Certification Based on Experimental Risk Assessment , 2007, LADC.

[2]  Ingo Stürmer,et al.  Code Generation for Safety-Critical Systems – Open Questions and Possible Solutions , 2008 .

[3]  V. Santhanam The anatomy of an FAA-qualifiable Ada subset compiler , 2002, SIGAda.

[4]  Jean Souyris,et al.  Experimental Assessment of Astrée on Safety-Critical Avionics Software , 2007, SAFECOMP.

[5]  Burke Maxey COTS Integration in Safety Critical Systems Using RTCA/DO-178B Guidelines , 2003, ICCBSS.

[6]  Jan Vitek,et al.  A real-time Java virtual machine with applications in avionics , 2007, TECS.

[7]  G. Romanski Certification of an operating system as a reusable component , 2002, Proceedings. The 21st Digital Avionics Systems Conference.

[8]  Alejandro Alonso,et al.  Safety critical applications and hard real-time profile for Java: a case study in avionics , 2006, JTRES '06.

[9]  R. Bell,et al.  IEC 61508: functional safety of electrical/electronic/ programme electronic safety-related systems: overview , 1999 .

[10]  John B. Goodenough The Ada Compiler Validation Capability , 1981 .

[11]  Uma Ferrell,et al.  RTCA DO-178B/EUROCAE ED-12B , 2000, Avionics.

[12]  Vana Kalogeraki,et al.  Proceedings : 10th IEEE International Symposium on Object and Component-Oriented Real-Time Distributed Computing : ISORC 2007 :7-9 May, 2007, Santorini Island, Greece , 2007 .

[13]  James Gosling,et al.  The Real-Time Specification for Java , 2000, Computer.

[14]  Sathyanarayanan Subbiah,et al.  Issues with object orientation in verifying safety-critical systems , 2003, Sixth IEEE International Symposium on Object-Oriented Real-Time Distributed Computing, 2003..

[15]  Andrew J. Kornecki,et al.  Assessment of Software Development Tools for Safety-Critical Real-Time Systems , 2003 .

[16]  Wolfgang A. Halang,et al.  Programming languages for use in safety-related applications , 2003, Annu. Rev. Control..

[17]  Jean-Marie Dautelle Validating Java(tm) for Safety-Critical Applications , 2005 .

[18]  E. Denney,et al.  A Software Safety Certification Tool for Automatically Generated Guidance, Navigation and Control Code , 2008, 2008 IEEE Aerospace Conference.

[19]  Prahladavaradan Sampath,et al.  Verification of Model Processing Tools , 2008 .

[20]  H. S. Osborne,et al.  The international electrotechnical commission , 1953, Electrical Engineering.

[21]  Neil White,et al.  Smart Certification of Mixed Criticality Systems , 2005, Ada-Europe.

[22]  K. Keller,et al.  Model-based Approach to Validation and Verification of Flight Critical Software , 2008, 2008 IEEE Aerospace Conference.

[23]  Tony Cant,et al.  Revision of Australian defence standard def (Aust) 5679 , 2006 .

[24]  Les Hatton,et al.  Safer language subsets: an overview and a case history, MISRA C , 2004, Inf. Softw. Technol..

[25]  David S. Rosenblum,et al.  The Certification of Software Tools with respect to Software Standards , 2007, 2007 IEEE International Conference on Information Reuse and Integration.

[26]  B. Hall,et al.  Model-based development and the implications to design assurance and certification , 2005, 24th Digital Avionics Systems Conference.

[27]  N. Juristo,et al.  Validation, verification and certification of embedded systems , 2004 .

[28]  Gerald Sonneck,et al.  A Classification Scheme for Software Verification Tools with Regard to RTCA/DO-178B , 2001, SAFECOMP.

[29]  Andy J. Wellings,et al.  Ravenscar‐Java: a high‐integrity profile for real‐time Java , 2005, Concurr. Pract. Exp..

[30]  Andrew J. Kornecki,et al.  The Qualification of Software Development Tools From the DO-178B Certification Perspective , 2006 .

[31]  Les Hatton Language subsetting in an industrial context: A comparison of MISRA C 1998 and MISRA C 2004 , 2007, Inf. Softw. Technol..

[32]  Franco Gasperoni,et al.  High-Integrity Systems Development for Integrated Modular Avionics Using VxWorks and GNAT , 2002, Ada-Europe.

[33]  Martin Schoeberl,et al.  A Profile for Safety Critical Java , 2007, 10th IEEE International Symposium on Object and Component-Oriented Real-Time Distributed Computing (ISORC'07).

[34]  Arndt Lindner ANSI-C in Safety Critical Applications - Lessons-Learned from Software Evaluation , 1998, SAFECOMP.

[35]  Kelvin Nilsen,et al.  Applying Java™ Technologies to Mission-Critical and Safety-Critical Development , 2005, SSS.

[36]  Bill Potter,et al.  Model-Based Design for DO-178B with Qualified Tools , 2009 .

[37]  Usha Santhanam Automating software module testing for FAA certification , 2001 .

[38]  S. Dellacherie,et al.  Improve - HDL - a DO-254 formal property checker used for design and verification of avionics protocol controllers , 2003, Digital Avionics Systems Conference, 2003. DASC '03. The 22nd.

[39]  Ingo Stürmer,et al.  Systematic Testing of Model-Based Code Generators , 2007, IEEE Transactions on Software Engineering.

[40]  Cyrille Comar,et al.  Certification & Object Orientation: The New Ada Answer , 2006 .

[41]  Tom Erkkinen,et al.  Production Code Generation for Safety-Critical Systems , 2004 .

[42]  George Romanski The Challenges of Software Certification , 2001 .

[43]  Jean J. Labrosse,et al.  MicroC/OS-II: The Real Time Kernel , 1998 .

[44]  Ernst Kesseler Integrating air transport elicits the need to harmonise software certification while maintaining safety and achieving security , 2004 .

[45]  Andrew J. Kornecki,et al.  Experimental evaluation of software development tools for safety-critical real-time systems , 2005, Innovations in Systems and Software Engineering.

[46]  R. Fachet Re-use of software components in the IEC-61508 certification process , 2004 .

[47]  D J Reifer Airborne Systems Software Acquisition Engineering Guidebook for Verification, Validation, and Certification. , 1978 .

[48]  Andy J. Wellings,et al.  A Comparison of Ada and Real-Time JavaTM for Safety-Critical Applications , 2006, Ada-Europe.