Why COTS certification evidence matters

26th June 2017
Posted By : Anna Flockett
Why COTS certification evidence matters

Placing an increased pressure on supplier to deliver an aircraft with far greater capabilities while complying with a growing demand for safety certification, is the growing demand for highly complex aircraft systems, as most advanced cockpits require software that is considered safety-critical.

Guest blog by Stephen Olsen.

One way to address this complexity is to use more commercial-off-the-shelf (COTS) software technologies that come with certification evidence that can be included in the submission with the Federal Aviation Administration (FAA), EASA, or other safety agencies who grant the authorisation to operate an aircraft. When technology suppliers create this evidence, significant risk is removed from avionics companies who must minimise this risk at all levels of a new programme. This becomes even more important when using multi-core processors where there is no straightforward path to certification; therefore the project risk increases exponentially.

To help avionics suppliers reduce the risk and cost of certification, Wind River has announced the certification evidence release for VxWorks 653 Multi-core Edition on an advanced PowerPC multi-core processor, meeting the rigorous RTCA DO-178C and EUROCAE ED-12C DAL A requirements. This release adds the certification evidence package needed to comply with the FAA’s safety requirements – designs, tests, reviews, source code, build files, test results, annotated object-level code coverage, and tool qualification data for critical integrated modular avionics (IMA) systems.

The delivery of this COTS certification evidence:

  1. Allows suppliers to leverage the safety-proven base platform from Wind River, building against the certified binaries to speed up their certification process in next generation safety-certified systems using multi-core processors.
  2. Removes significant certification and deployment risk from avionics programmes.
  3. Increases certification evidence quality and depth that is not affordable using single program budgets.
  4. Decreases overall costs for certification including any recertification work.
  5. Accelerates the time-to-deployment for challenging FAA RTCA DO-178C DAL A multi-core certification programmes.

Certification: Multi-core systems use case

Multi-core systems bring an additional layer of complexity in terms of system integration and certification. Beyond the technical aspects related to safe partitioning, avionics suppliers must also manage the business concerns related to pulling in applications from various providers. These applications must all share the same processor, but they often times can be certified at different certification design assurance levels (DAL), according to their impact on mission safety.

Another critical issue for avionics companies is shortening the development cycle and certification cost of adding features to software. For instance, if one application is updated, or another one added, this raises the question whether the whole system should go through a recertification process or if certification can be done only on the affected application.

In VxWorks 653 Multi-core Edition these platforms can run on different partitions (see below). They can be updated and certified separately. Using robust partitioning and a qualified XML compiler, one partition can be updated and certified without affecting the rest of the system. This is extremely valuable when deploying applications at different levels of safety criticality. Without a robust partitioning strategy all applications would have to be certified at system high – with robust partitioning each IMA application only needs to be only at its minimum DAL level.  Investing in multiple recertification projects for the entire system at system high creates far higher cost and schedule risk for the avionics project.

With the release of the certification evidence for VxWorks 653 Multi-Core Edition, Wind River is providing practical evidence of its premier certification of the multi-core solution for ARINC 653 IMA systems, allowing avionics companies to lower project risks for multi-core systems certification.

Courtesy of Wind River.


You must be logged in to comment

Write a comment

No comments




Sign up to view our publications

Sign up

Sign up to view our downloads

Sign up

European Smart Homes 2017
25th October 2017
United Kingdom London
TU-Automotive Europe 2017
6th November 2017
Germany Munich
Productronica 2017
14th November 2017
Germany Messe Munchen
Future Armoured Vehicles Survivability 2017
14th November 2017
United Kingdom London
POWER & ENERGY 2017
22nd November 2017
Rwanda Kigali