a call for action
DESCRIPTION
A call for action. www.open-do.org. Cyrille Comar [email protected] Matteo Bordin [email protected]. Summary. Introduction FLOSS & Open Source Communities Introducing Open-DO Why an Open Initiative for DO-178? Keys to Success Annex: Description of the mentioned projects. Introduction. - PowerPoint PPT PresentationTRANSCRIPT
![Page 2: A call for action](https://reader036.vdocuments.us/reader036/viewer/2022070500/5681684a550346895dde3be3/html5/thumbnails/2.jpg)
Summary
Introduction
FLOSS & Open Source Communities
Introducing Open-DO
Why an Open Initiative for DO-178?
Keys to Success
Annex: Description of the mentioned projects
![Page 3: A call for action](https://reader036.vdocuments.us/reader036/viewer/2022070500/5681684a550346895dde3be3/html5/thumbnails/3.jpg)
Which Arinc 653 OS will be around in 15 years?
Commercial Solutions- WRS, Sysgo, LynuxWorks, GHS, DDCI
Private Solutions maintained internally by Avionics companies- At least 3 in Europe & 1 in the US
Experimental- RTEMS + 653 interface
Introduction
Any lessons from what happened in the Unix world?
![Page 4: A call for action](https://reader036.vdocuments.us/reader036/viewer/2022070500/5681684a550346895dde3be3/html5/thumbnails/4.jpg)
FLOSS License
Free to use… for ever
Free to look at sources
Free to change
Free to redistribute
![Page 5: A call for action](https://reader036.vdocuments.us/reader036/viewer/2022070500/5681684a550346895dde3be3/html5/thumbnails/5.jpg)
Open Source Communities
Significant technologies are successfully managed by such communities:
- The Linux Kernel - Eclipse - GCC - RTEMS - Mono - Python …
For more than 20 years now
![Page 6: A call for action](https://reader036.vdocuments.us/reader036/viewer/2022070500/5681684a550346895dde3be3/html5/thumbnails/6.jpg)
Open Source Communities
The GCC example… and many more
• Contributors: from individuals to corporations• Sharing technology not products
![Page 7: A call for action](https://reader036.vdocuments.us/reader036/viewer/2022070500/5681684a550346895dde3be3/html5/thumbnails/7.jpg)
Roles in Open Source Communities
Active participantsShort term cost increase
- Learning curve- Working in an open environment- Contributing back
Long term cost decrease by- Sharing Resources- Solving a common problem- Avoiding solving already solved problems
Initiators & regulators
Passive Users• Benefit from the work of others• Can’t customize to their own needs• Help spread the technology
![Page 8: A call for action](https://reader036.vdocuments.us/reader036/viewer/2022070500/5681684a550346895dde3be3/html5/thumbnails/8.jpg)
• What about the DO-178 community?
• Is there a need for openness & cooperation?
• Potential for community growth?
• AVSI (Aerospace Vehicle Systems Institute)
• Certify Together
• This comittee• military
• space, automotive, …
![Page 9: A call for action](https://reader036.vdocuments.us/reader036/viewer/2022070500/5681684a550346895dde3be3/html5/thumbnails/9.jpg)
Some Relevant Open Projects & Technologies
OSEE
Couverture
SPARK
![Page 10: A call for action](https://reader036.vdocuments.us/reader036/viewer/2022070500/5681684a550346895dde3be3/html5/thumbnails/10.jpg)
Some Relevant Open Projects & Technologies
OSEE
Couverture
SPARK
![Page 11: A call for action](https://reader036.vdocuments.us/reader036/viewer/2022070500/5681684a550346895dde3be3/html5/thumbnails/11.jpg)
LibreOpen Source
High AssuranceCertification
AgileLean
The meeting of 3 worlds
Open - DO Concepts
![Page 12: A call for action](https://reader036.vdocuments.us/reader036/viewer/2022070500/5681684a550346895dde3be3/html5/thumbnails/12.jpg)
LibreOpen Source
High AssuranceCertification
AgileLean
VisibilityResilianceSharingReuse
Iterative requirementsContinuous IntegrationTest Driven Development…
Qualified toolsLife cycle traceabilityReq based testing
Open - DO Concepts
![Page 13: A call for action](https://reader036.vdocuments.us/reader036/viewer/2022070500/5681684a550346895dde3be3/html5/thumbnails/13.jpg)
Relevant Agile/Lean Concepts
Test Driven Development Requirement Based testing
Executable Specifications
Continuous Integration
IP 217Iterative requirements
![Page 14: A call for action](https://reader036.vdocuments.us/reader036/viewer/2022070500/5681684a550346895dde3be3/html5/thumbnails/14.jpg)
Open - DO Challenges
Opening & sharing more than “source code” - requirements, designs, testcases …
Life-Cycle Traceability Agile Workflows for the DO-178
![Page 15: A call for action](https://reader036.vdocuments.us/reader036/viewer/2022070500/5681684a550346895dde3be3/html5/thumbnails/15.jpg)
Some DO-178B workflows
System aspects related to Software Development
Section 2
Overview of aircraft and engine certification
Section 10
Software Life Cycle Process
Software Life Cycle - section 3Software Planning Process – Section 4
Software Development Processes – Section 5
Software Verification - section 3Software Config Management – section 7Software Quality Assurance - Section 8
Certification Liaison - section 9
Integral Processes
Software Life Cycle Data – Section 11
Additional Considerations – Section 12
Top level workflow
Transition criteria between activities
Workflow supportWorkflow verification
![Page 16: A call for action](https://reader036.vdocuments.us/reader036/viewer/2022070500/5681684a550346895dde3be3/html5/thumbnails/16.jpg)
Some DO-178B workflows (2)
System aspects related to Software Development
Section 2
Overview of aircraft and engine certification
Section 10
Software Life Cycle Process
Software Life Cycle - section 3Software Planning Process – Section 4
Software Development Processes – Section 5
Software Verification - section 3Software Config Management – section 7Software Quality Assurance - Section 8
Certification Liaison - section 9
Integral Processes
Software Life Cycle Data – Section 11
Additional Considerations – Section 12
Requirement coverage
Requirements
Design
Coding
Reviews
Testing
Completeness Analysis
Code coverage
Traceability
Component certification workflow
![Page 17: A call for action](https://reader036.vdocuments.us/reader036/viewer/2022070500/5681684a550346895dde3be3/html5/thumbnails/17.jpg)
Some DO-178B workflows (3)
System aspects related to Software Development
Section 2
Overview of aircraft and engine certification
Section 10
Software Life Cycle Process
Software Life Cycle - section 3Software Planning Process – Section 4
Software Development Processes – Section 5
Software Verification - section 3Software Config Management – section 7Software Quality Assurance - Section 8
Certification Liaison - section 9
Integral Processes
Software Life Cycle Data – Section 11
Additional Considerations – Section 12
Qualification of Verification Tools Workflow
Requirement Coverage
Tool Operational Requirements
Reviews
Testing
Completeness Analysis
Traceability
OSEE
![Page 18: A call for action](https://reader036.vdocuments.us/reader036/viewer/2022070500/5681684a550346895dde3be3/html5/thumbnails/18.jpg)
Open DO Components
Open-Do
Workflows DocumentTemplates
QualifiableTools
EducationMaterials
CertifiableComponents
![Page 19: A call for action](https://reader036.vdocuments.us/reader036/viewer/2022070500/5681684a550346895dde3be3/html5/thumbnails/19.jpg)
Open-Do
Workflows DocumentTemplates
QualifiableTools
EducationMaterials
CertifiableComponents
Specialized for given certification standards
Open DO Components
![Page 20: A call for action](https://reader036.vdocuments.us/reader036/viewer/2022070500/5681684a550346895dde3be3/html5/thumbnails/20.jpg)
Open-Do
Workflows DocumentTemplates
QualifiableTools
EducationMaterials
CertifiableComponents
OSEE Couverture… Gene-auto Topcased
Open DO Components
![Page 21: A call for action](https://reader036.vdocuments.us/reader036/viewer/2022070500/5681684a550346895dde3be3/html5/thumbnails/21.jpg)
Open-Do
Workflows DocumentTemplates
QualifiableTools
EducationMaterials
CertifiableComponents
Toy certifiable projects Specialized Examples (e.g. for do-178c annexes)
Open DO Components
![Page 22: A call for action](https://reader036.vdocuments.us/reader036/viewer/2022070500/5681684a550346895dde3be3/html5/thumbnails/22.jpg)
Open-Do
Workflows DocumentTemplates
QualifiableTools
EducationMaterials
CertifiableComponents
OS runtimes IP stack middleware…
Open DO Components
![Page 23: A call for action](https://reader036.vdocuments.us/reader036/viewer/2022070500/5681684a550346895dde3be3/html5/thumbnails/23.jpg)
Open-Do
Workflows DocumentTemplates
QualifiableTools
EducationMaterials
CertifiableComponents
PSAC SDP, SVP, SCMP… Standards SAS…
Open DO Components
![Page 24: A call for action](https://reader036.vdocuments.us/reader036/viewer/2022070500/5681684a550346895dde3be3/html5/thumbnails/24.jpg)
Why an open initiative for the DO-178 world?
![Page 25: A call for action](https://reader036.vdocuments.us/reader036/viewer/2022070500/5681684a550346895dde3be3/html5/thumbnails/25.jpg)
Why Open-DO?
Educational materials for clarifying intent
Experimental test-bed for annexes
A support to the DO-178C effort
![Page 26: A call for action](https://reader036.vdocuments.us/reader036/viewer/2022070500/5681684a550346895dde3be3/html5/thumbnails/26.jpg)
Provides a shared infrastructure- For long term investment- For long term cost reduction
Allows some level of cooperation with competitors
Lower training costs (especially for subcontractors)
Avionics industrial community
Why Open-DO?
![Page 27: A call for action](https://reader036.vdocuments.us/reader036/viewer/2022070500/5681684a550346895dde3be3/html5/thumbnails/27.jpg)
Lower training costs for DERs
Vehicle for clarifying specific issues
Help sharing or practices between authorities
Certification authorities
Why Open-DO?
![Page 28: A call for action](https://reader036.vdocuments.us/reader036/viewer/2022070500/5681684a550346895dde3be3/html5/thumbnails/28.jpg)
Offers an ideal showcase for their open technologies
Tool sharing makes it easier to provide a complete supported solution
Creates and ecosystem where everyone can meet potential customers and partners
Tool providers
Why Open-DO?
![Page 29: A call for action](https://reader036.vdocuments.us/reader036/viewer/2022070500/5681684a550346895dde3be3/html5/thumbnails/29.jpg)
Balance- Europe vs US- Boeing vs Airbus- Authorities vs Industry
Find key participants for critical mass- Certification authorities- Major Aeronautics players- Established tool providers- Academics
Attract public funds for bootstrap
Find appropriate governance rules
Keys to success
define « Open Source 2010 »
certification workflows
![Page 30: A call for action](https://reader036.vdocuments.us/reader036/viewer/2022070500/5681684a550346895dde3be3/html5/thumbnails/30.jpg)
Annex – Information on Mentioned Projects
OSEE
Couverture
SPARK
![Page 31: A call for action](https://reader036.vdocuments.us/reader036/viewer/2022070500/5681684a550346895dde3be3/html5/thumbnails/31.jpg)
System Engineering Environment
Focus on system engineering
Open to external tool integrationOpen development philosophy
Integrated management environment
OSEE
Application life cycle management system
First-class Eclipse project contributed by- www.eclipse.org/osee- Apache Team (Phoenix, AZ)- 5 years in development, 5 people full-time- Not specific to DO-178
![Page 32: A call for action](https://reader036.vdocuments.us/reader036/viewer/2022070500/5681684a550346895dde3be3/html5/thumbnails/32.jpg)
Development Artifacts Tracking
Requirements
Test cases
Test procedures Models Code
Tests
Tests Actual Output Tests Expected Output
OSEE Development Artifacts(import artifacts from external tools)
Traceability Model
OSEE
![Page 33: A call for action](https://reader036.vdocuments.us/reader036/viewer/2022070500/5681684a550346895dde3be3/html5/thumbnails/33.jpg)
Slide: 33
Requirements Test cases
Test procedures
Design
Code Tests
Test Actual Output Test Expected Output
End-to-End Traceability Model
OSEE & Traceability
![Page 34: A call for action](https://reader036.vdocuments.us/reader036/viewer/2022070500/5681684a550346895dde3be3/html5/thumbnails/34.jpg)
Slide: 34
Define Development Teams
Assign Members to Teams
Joe John
Ryan Don
Qualification
VerificationAnalysis
Joe
Don
Workflow Instantiation(example: verification of a
REQ_1_2b)
assign
assign
OSEE & Workflow Modeling/Tracking
![Page 35: A call for action](https://reader036.vdocuments.us/reader036/viewer/2022070500/5681684a550346895dde3be3/html5/thumbnails/35.jpg)
Slide: 35
TOPCASED
Design / Analysis Model
Metamodel
Code
Toolkit in OPen source for Critical Application & SystEm Developmentwww.topcased.org
(formal) analysis
![Page 36: A call for action](https://reader036.vdocuments.us/reader036/viewer/2022070500/5681684a550346895dde3be3/html5/thumbnails/36.jpg)
TOPCASED (II)
UML SysML AADL …
Graphical Modeling
Model Transformation Framework
- An Integrated Eclipse Distribution- The Future Official Eclipse Solution for UML modeling
- http://wiki.eclipse.org/MDT-Papyrus-Proposal
ECore
![Page 37: A call for action](https://reader036.vdocuments.us/reader036/viewer/2022070500/5681684a550346895dde3be3/html5/thumbnails/37.jpg)
Slide: 37
GeneAuto
- A Qualifiable Generic Framework for Code Generation- Dynamic Systems Modeling: Simulink/StateFlow, Scicos- Targeting C (and Ada soon)- Available as a FLOSS
- along with qualification material (planned)- Partners: Airbus, Continental, Thales-Alenia, Barco, IAI, …
Input Model
Intermediate representati
on
Code
…
… Qualified
![Page 38: A call for action](https://reader036.vdocuments.us/reader036/viewer/2022070500/5681684a550346895dde3be3/html5/thumbnails/38.jpg)
Slide: 38
SPARK
- Annotation of Ada programs for Formal Analysis- Partial correctness- Information/Data Flow
- The whole technology is NOW available as a FLOSS- http://www.praxis-his.com/sparkada/
AdaSPARK
![Page 39: A call for action](https://reader036.vdocuments.us/reader036/viewer/2022070500/5681684a550346895dde3be3/html5/thumbnails/39.jpg)
Couverture
- Language-Independent Structural Coverage Framework
- Source coverage WITHOUT instrumentation (st, dc, mc/dc)
- Object Coverage (instructions, branches)
- Instrumented Simulation Framework
- The whole technology will be available as a FLOSS…
- including the qualification material
- https://libre.adacore.com/coverage/
![Page 40: A call for action](https://reader036.vdocuments.us/reader036/viewer/2022070500/5681684a550346895dde3be3/html5/thumbnails/40.jpg)
Slide: 40
Couverture (II)
if Pression (M) >= P_Limit then Alarme (M, « PRE »)elsif Temperature (M) >= T_Limit then Alarme (M, « TEMP »)end if;
0x124600X12464+
...
Source CodeCross Compiler
Instrumented, Virtualized Execution
Environment Execution Traces
Object Coverage Report
(instruction, branch)
Source Coverage Report
(statement, DC, MC/DC)
![Page 41: A call for action](https://reader036.vdocuments.us/reader036/viewer/2022070500/5681684a550346895dde3be3/html5/thumbnails/41.jpg)
Upcoming EventsThe Lean, Agile Approach to High-Integrity Software
Paris - March 26th, 2009Jim Sutton, Lockheed MartinAlexandre Boutin, YahooEmmanuel Chenu, ThalesDavid Jackson, Praxis High-Integrity SystemsCyrille Comar, AdaCore
Open-Do Masterclass @ Avionics EUAmsterdam - March 11th-12th, 2009Franco Gasperoni, AdaCore
Open-Do Masterclass @ Avionics USSan Diego – June, 1st – 2nd, 2009
Ryan Brooks, BoeingRobert B.K. Dewar, AdaCore
Next Informal Open-DO Meeting @ EclipseCon 2009Santa Clara, March 21st -25th, 2009Airbus, Boeing, AdaCore