GNAT Pro for On-board Mission-Critical Space Applications

This paper describes the design and implementation of GNAT Pro for ERC32, a flexible cross-development environment supporting the Ravenscar tasking model on top of bare ERC32 computers. The static and simple tasking model defined by the Ravenscar profile allows for a streamlined implementation of the run-time system directly on top of bare machines. The reduced size and complexity of the run time, together with its configurability, makes it suitable for mission-critical space applications in which certification or reduced footprint is needed. Software reliability and predictability is also increased by excluding non-deterministic and non analysable tasking features. Product validation has been achieved by means of a comprehensive test suite intended to check compliance with the Ravenscar profile and Ada standards, and correct behaviour of specialised features and supplemental tools. Code coverage analysis is also part of the validation campaign, with the goal of achieving 100% statement coverage.

[1]  Juan Zamorano,et al.  The design and implementation of the open Ravenscar kernel , 2001, IRTAW '00.

[2]  Frank Mueller,et al.  Implementing Ada 9X features using POSIX Threads: design issues , 1993, TRI-Ada '93.

[3]  Juan Zamorano,et al.  Exception support for the ravenscar profile , 2001, ALET.

[4]  Juan Zamorano,et al.  GNAT/ORK: AN OPEN CROSS-DEVELOPMENT ENVIRONMENT FOR EMBEDDED RAVENSCAR–ADA SOFTWARE , 2002 .

[5]  B. A. Wichmann,et al.  Guidance for the use of the Ada programming language in high integrity systems , 1998, ALET.

[6]  José F. Ruiz,et al.  Implementing Ada.Real_Time.Clock and Absolute Delays in Real-Time Kernels , 2001, Ada-Europe.

[7]  Alan Burns The Ravenscar Profile , 1999, ALET.

[8]  John G. P. Barnes,et al.  High Integrity Software - The SPARK Approach to Safety and Security , 2003 .

[9]  R. Bell,et al.  IEC 61508: functional safety of electrical/electronic/ programme electronic safety-related systems: overview , 1999 .

[10]  John Barnes Ada 95 Rationale , 1994 .

[11]  Victor L. Winter,et al.  High Integrity Software , 2001 .

[12]  Juan Antonio de la Puente,et al.  The design and implementation of the open Ravenscar kernel , 2001 .

[13]  Theodore P. Baker,et al.  A Linux kernel module implementation of restricted Ada tasking , 1999, IRTAW '99.

[14]  Hoyt Lougee,et al.  SOFTWARE CONSIDERATIONS IN AIRBORNE SYSTEMS AND EQUIPMENT CERTIFICATION , 2001 .

[15]  Alan Burns,et al.  Guide for the use of the Ada Ravenscar Profile in high integrity systems , 2004, ALET.

[16]  David L Weaver,et al.  The SPARC architecture manual : version 9 , 1994 .

[17]  Juan Zamorano,et al.  Precise response time analysis for Ravenscar kernels , 2002, IRTAW '02.

[18]  Robert Dewar,et al.  Exposing Uninitialized Variables: Strengthening and Extending Run-Time Checks in Ada , 2002, Ada-Europe.

[19]  T. Vardanega,et al.  A software process for the construction of predictable on‐board embedded real‐time systems , 1999, Softw. Pract. Exp..

[20]  Johann Blieberger,et al.  Reliable Software Technologies — Ada-Europe 2002 , 2002, Lecture Notes in Computer Science.

[21]  S. Tucker Taft,et al.  Ada 95 Reference Manual , 1995, Lecture Notes in Computer Science.

[22]  Tullio Vardanega,et al.  A Software Process for the Construction of Predictable On-Board Embedded Real-Time Systems , 1999, Softw. Pract. Exp..

[23]  David B. Whalley,et al.  Fast context switches: compiler and architectural support for preemptive scheduling , 1995, Microprocess. Microsystems.

[24]  S. Tucker Taft,et al.  Consolidated Ada Reference Manual Language and Standard Libraries , 2002, Lecture Notes in Computer Science.