Certification Mac Mollison. Who mandates certification? l FAA (Federal Aviation Administration)...
-
Upload
christopher-reeves -
Category
Documents
-
view
216 -
download
0
description
Transcript of Certification Mac Mollison. Who mandates certification? l FAA (Federal Aviation Administration)...
![Page 1: Certification Mac Mollison. Who mandates certification? l FAA (Federal Aviation Administration) »Standards…](https://reader036.fdocuments.us/reader036/viewer/2022082622/5a4d1c0f7f8b9ab0599f5db2/html5/thumbnails/1.jpg)
Certification
Mac Mollison
![Page 2: Certification Mac Mollison. Who mandates certification? l FAA (Federal Aviation Administration) »Standards…](https://reader036.fdocuments.us/reader036/viewer/2022082622/5a4d1c0f7f8b9ab0599f5db2/html5/thumbnails/2.jpg)
Who mandates certification?
FAA (Federal Aviation Administration)» Standards DO178B, DO297
DoD (Department of Defense)» Mandates a security validation program
incorporating many standards NSA (National Security Agency)
» Certifies crypto software and devices
![Page 3: Certification Mac Mollison. Who mandates certification? l FAA (Federal Aviation Administration) »Standards…](https://reader036.fdocuments.us/reader036/viewer/2022082622/5a4d1c0f7f8b9ab0599f5db2/html5/thumbnails/3.jpg)
DO 178-B
Sets lots of “software engineering” rules» E.g., documenting the design/development
process» We won’t discuss this further here
Gives criticality levels for software» The only part that has interesting
implications for us, to my knowledge» See next slide
![Page 4: Certification Mac Mollison. Who mandates certification? l FAA (Federal Aviation Administration) »Standards…](https://reader036.fdocuments.us/reader036/viewer/2022082622/5a4d1c0f7f8b9ab0599f5db2/html5/thumbnails/4.jpg)
DO 178-B Criticality Levels
A: Catastrophic B: Hazardous C: Major D: Minor E: No Effect
![Page 5: Certification Mac Mollison. Who mandates certification? l FAA (Federal Aviation Administration) »Standards…](https://reader036.fdocuments.us/reader036/viewer/2022082622/5a4d1c0f7f8b9ab0599f5db2/html5/thumbnails/5.jpg)
Implications of DO 178-B
1. Increasing WCET pessimism with increasing criticality level
» Our group has written papers on how to deal with this “intelligently”
2. Need to use Level-A RTOS that forces independence between software of different levels
» Defined by ARINC 653 API standard
![Page 6: Certification Mac Mollison. Who mandates certification? l FAA (Federal Aviation Administration) »Standards…](https://reader036.fdocuments.us/reader036/viewer/2022082622/5a4d1c0f7f8b9ab0599f5db2/html5/thumbnails/6.jpg)
ARINC 653
Defines API for time-space partitioning» See next slide
Multiple RTOSs are ARINC 653 compliant
» Wind River VxWorks 653» Etc.
![Page 7: Certification Mac Mollison. Who mandates certification? l FAA (Federal Aviation Administration) »Standards…](https://reader036.fdocuments.us/reader036/viewer/2022082622/5a4d1c0f7f8b9ab0599f5db2/html5/thumbnails/7.jpg)
Time-Space Partitioning
Partitions are basically “containers” that are statically scheduled.
![Page 8: Certification Mac Mollison. Who mandates certification? l FAA (Federal Aviation Administration) »Standards…](https://reader036.fdocuments.us/reader036/viewer/2022082622/5a4d1c0f7f8b9ab0599f5db2/html5/thumbnails/8.jpg)
DO 297
Standard for integrated modular avionics (IMA)
Satisfied by using an ARINC 653 OS Isn’t talked about much and we won’t
discuss it further now
![Page 9: Certification Mac Mollison. Who mandates certification? l FAA (Federal Aviation Administration) »Standards…](https://reader036.fdocuments.us/reader036/viewer/2022082622/5a4d1c0f7f8b9ab0599f5db2/html5/thumbnails/9.jpg)
Security
Must use “secure” RTOS, hardware, etc. when working with classified information» Classified = confidential, secret, top secret/SAR
Typically, when multiple security levels co-exist in one system, time-space partitioning is used» E.g. VxWorks MILS: Like VxWorks 653, but fewer
LOC More details in security segment of course