high integrity solutions 2
TRANSCRIPT
![Page 1: High Integrity Solutions 2](https://reader030.vdocuments.us/reader030/viewer/2022032505/55c58472bb61eb11398b47b7/html5/thumbnails/1.jpg)
High Integrity Solutions
Dave HarperSystems Engineer4th February 2015
![Page 2: High Integrity Solutions 2](https://reader030.vdocuments.us/reader030/viewer/2022032505/55c58472bb61eb11398b47b7/html5/thumbnails/2.jpg)
Introduction
• Implementation of a High Integrity NTP system for Air Traffic Control– Air Traffic Control– Supporting Systems– Safety Requirements– Failure Modes– Solution to provide NTP service– Conclusion
![Page 3: High Integrity Solutions 2](https://reader030.vdocuments.us/reader030/viewer/2022032505/55c58472bb61eb11398b47b7/html5/thumbnails/3.jpg)
Air Traffic Control System
![Page 4: High Integrity Solutions 2](https://reader030.vdocuments.us/reader030/viewer/2022032505/55c58472bb61eb11398b47b7/html5/thumbnails/4.jpg)
Controller Screen: Heathrow Approach
![Page 5: High Integrity Solutions 2](https://reader030.vdocuments.us/reader030/viewer/2022032505/55c58472bb61eb11398b47b7/html5/thumbnails/5.jpg)
Safety Requirements
• Depends on criticality of service– Voice Comms– Surveillance
• Probability of Failure <1 in 10,000,000 hours• No undesirable failure modes• Safety Management System• Rarely achieved by COTS products
![Page 6: High Integrity Solutions 2](https://reader030.vdocuments.us/reader030/viewer/2022032505/55c58472bb61eb11398b47b7/html5/thumbnails/6.jpg)
Reliability
• Electronic hardware – random– Typical equipment MTBF 50k-100k hours
• Software – systematic– For commercial software limit is 10k hours
• How do we meet the Safety Requirements?– Bespoke– Innovative use of commercially available
equipment.
![Page 7: High Integrity Solutions 2](https://reader030.vdocuments.us/reader030/viewer/2022032505/55c58472bb61eb11398b47b7/html5/thumbnails/7.jpg)
Time Distribution
• Time data by serial interface• Originally bespoke• Network Time Protocol• Improved performance at less cost
![Page 8: High Integrity Solutions 2](https://reader030.vdocuments.us/reader030/viewer/2022032505/55c58472bb61eb11398b47b7/html5/thumbnails/8.jpg)
NTP Clock Strata
![Page 9: High Integrity Solutions 2](https://reader030.vdocuments.us/reader030/viewer/2022032505/55c58472bb61eb11398b47b7/html5/thumbnails/9.jpg)
NTP Time Distribution Solution
NTP Servers
SwitchesRouters with firewall
NTP clients
A B C
![Page 10: High Integrity Solutions 2](https://reader030.vdocuments.us/reader030/viewer/2022032505/55c58472bb61eb11398b47b7/html5/thumbnails/10.jpg)
Aircraft Reliability
![Page 11: High Integrity Solutions 2](https://reader030.vdocuments.us/reader030/viewer/2022032505/55c58472bb61eb11398b47b7/html5/thumbnails/11.jpg)
Conclusions
• NTP service for ATC– Meets safety requirements using COTS equipment.– Better performance– Less cost
• Sometimes only a bespoke solution will do.