High Integrity Solutions 2
-
Upload
david-harper -
Category
Documents
-
view
20 -
download
2
Transcript of High Integrity Solutions 2
High Integrity Solutions
Dave HarperSystems Engineer4th February 2015
Introduction
• Implementation of a High Integrity NTP system for Air Traffic Control– Air Traffic Control– Supporting Systems– Safety Requirements– Failure Modes– Solution to provide NTP service– Conclusion
Air Traffic Control System
Controller Screen: Heathrow Approach
Safety Requirements
• Depends on criticality of service– Voice Comms– Surveillance
• Probability of Failure <1 in 10,000,000 hours• No undesirable failure modes• Safety Management System• Rarely achieved by COTS products
Reliability
• Electronic hardware – random– Typical equipment MTBF 50k-100k hours
• Software – systematic– For commercial software limit is 10k hours
• How do we meet the Safety Requirements?– Bespoke– Innovative use of commercially available
equipment.
Time Distribution
• Time data by serial interface• Originally bespoke• Network Time Protocol• Improved performance at less cost
NTP Clock Strata
NTP Time Distribution Solution
NTP Servers
SwitchesRouters with firewall
NTP clients
A B C
Aircraft Reliability
Conclusions
• NTP service for ATC– Meets safety requirements using COTS equipment.– Better performance– Less cost
• Sometimes only a bespoke solution will do.