论文信息 - Designing a future airborne capability environment (FACE) hypervisor for safety and security

Designing a future airborne capability environment (FACE) hypervisor for safety and security

A partitioning environment is one of the components of an avionics architecture aligned with the Future Airborne Capability Environment (FACE™). In this paper, we explore the design of a hypervisor to provide the partitioning specified in the FACE Technical Standard. The FACE Consortium is focused on military aviation software, with a dual emphasis on technical standards and business acquisition strategies. We provide an overview of the history and purpose of FACE, then briefly examine previous open avionics initiatives. Our hypervisor extends the Xen open source hypervisor to support the ARINC 653 partitioning standard. Adding the Application Program Interface for the ARINC 653 standard is relatively straightforward because the underlying architectural concepts align well (with a few interesting challenges). Our current work is to expand our hypervisor technology to provide the required interfaces under FACE safety and security profiles. We discuss the current state of the project, examining technical and business aspects of open source software. We conclude with a roadmap for our hypervisor technology to reach conformance with the FACE Technical Standard and eventually achieve flight and security certification.

Steven H. VanderLeest | S. Vanderleest

[1] Steven H. VanderLeest,et al. ARINC 653 hypervisor , 2010, 29th Digital Avionics Systems Conference.

[2] Sumesh Divakaran,et al. Refinement-Based Verification of the FreeRTOS Scheduler in VCC , 2015, ICFEM.

[3] T. Gaska. Optimizing an incremental Modular Open System Approach (MOSA) in avionics systems for balanced architecture decisions , 2012, 2012 IEEE/AIAA 31st Digital Avionics Systems Conference (DASC).

[4] Joyce L. Tokar. A Comparison of Avionics Open System Architectures , 2017 .

[5] Ronald S. Ross,et al. Systems Security Engineering: Considerations for a Multidisciplinary Approach in the Engineering of Trustworthy Secure Systems | NIST , 2016 .

[6] Rushby John,et al. Partitioning in Avionics Architectures: Requirements, Mechanisms, and Assurance , 1999 .

[7] Steven H. VanderLeest,et al. Taming interrupts: Deterministic asynchronicity in an ARINC 653 environment , 2014, 2014 IEEE/AIAA 33rd Digital Avionics Systems Conference (DASC).

[8] Eirini Kalliamvakou,et al. Certification of Open Source Software - A Scoping Review , 2016, OSS.

[9] Steven H. VanderLeest. The open source, formally-proven seL4 microkernel: Considerations for use in avionics , 2016, 2016 IEEE/AIAA 35th Digital Avionics Systems Conference (DASC).

[10] Richard B. Wray,et al. Space Generic Open Avionics Architecture (SGOAA) reference model technical guide , 1993 .