Certifiable Software for the ATN - PowerPoint PPT Presentation

1 / 23
About This Presentation
Title:

Certifiable Software for the ATN

Description:

ACI General Manager The Nature of Portable Communications Software What is portable software ? ... no need for redevelopment of commercially available code; ... – PowerPoint PPT presentation

Number of Views:59
Avg rating:3.0/5.0
Slides: 24
Provided by: ForrestC3
Category:

less

Transcript and Presenter's Notes

Title: Certifiable Software for the ATN


1
Certifiable Software for the ATN
  • Making ATN a realitynow
  • Presented by Forrest ColliverACI General Manager

2
The Nature of Portable Communications Software
  • What is portable software ?
  • Software quality and the ATN
  • How is portable ATN software developed ?
  • Methodologies
  • Quality Standards
  • How is portable software used ? By whom ?
  • ACIs Portable Certifiable ATN Software

3
What is portable software?Types of Software
  • Ready-to-run binary end-user software
  • Examples personal computer software, game
    software, etc.
  • For consumption by individual or organizational
    end-users
  • Plug and play operation
  • Portable binary library or source code software
  • Examples linkable object modules (databases,
    interfaces, etc.) or source code (protocols,
    drivers, or other code requiring adaptation to
    platforms operating systems)
  • For consumption by manufacturers or sophisticated
    end-users having in-house information technology
    support
  • Usable after integration in customization for
    target platform
  • Although used in different contexts, both may be
    called commercial off-the-shelf (COTS) software

4
What is portable software?Why use Portable
Software?
  • Manufacturers perspective
  • Non-recurring cost reduction no need for
    redevelopment of commercially available code no
    opportunity cost where internal resources could
    be better applied to other projects
  • Lifecycle cost reduction portable modules
    warranted and maintained by software vendor
  • Risk reduction
  • Pre-tested software modules are ready to
    integrate
  • Portable software can be supplied with
    certification artifacts
  • Facilitates earlier delivery of manufacturers
    products to market
  • End-users perspective
  • Reduced end-user pricing more competitive
    products
  • Improved confidence Intel-inside effect
  • Factors above contribute to what should
    essentially be a make/buy decision by
    manufacturer

5
Software Quality the ATNThe architecture can
offer
  • ATN architecture was created for support of both
    safety-critical ATS and AOC applications
  • Controller/pilot communications (ATS), e.g.
    clearances
  • Controller/controller communications (ATS), e.g.
    handoff
  • Airline dispatch/pilot communications (AOC), e.g.
    re-routing
  • How?
  • Integrity Assurance via protocol design
  • what is received is what was sent
  • Enhanced Availability via routing architecture
  • information transferred end-to-end in a timely
    manner
  • Remember key role of the ATN is to manage
    mission-critical communication resources
    message traffic

6
Software Quality the ATNbut software must
deliver
  • Accordingly, mission-critical application of ATN
    protocols demands software design quality
    assurance consistent with Essential systems
  • Rationale undetected integrity/availability
    failures may contribute to operational errors
    and/or lead to unacceptable dispatch/controller/pi
    lot work-load
  • RTCA DO-178B provides software development
    guidelines for Level C, to meet Essential
    systems requirements
  • ACIs approach to problem
  • To ensure ATN software mission-readinessall ACI
    RRI/ASE software conforms to DO178B Level C
    guidelines

7
How is ACIs software developed ?Production
Methodology
  • DO-178B Level C
  • Constitutes the norm for essential avionics
    systems
  • ACI offers full development documentation
    compliance
  • includes configuration management quality
    assurance aspects
  • Maximizes certification credit by optimizing
    certification effort during portation process,
    using supplied certification artifacts
  • MIL-STD-498
  • FAA and other US government users specify
    MIL-STD-498 development methodology lifecycle
    compliance for mission-critical software
    systems
  • Applied on both code development documentation
    aspects
  • Complementary to DO 178B Level C

8
How is ACIs software developed ?Lifecycle
Functional View
9
How is ACIs software developed ?Traceability of
Requirements
10
How is ACIs software developed
?Testing/Verification (1/2)
  • Software verification testing consists of two key
    components
  • Requirements-based testing (RBT)
  • Software tested against each requirement to
    ensure that it does what it is supposed to do and
    doesnt perform any unintended functionality
  • Structural coverage analysis (SCA)
  • Identifies code structures (at the instruction
    level for DO 178B Level C) that are not exercised
    by the RBT
  • Ensures that every software instruction is
    required i.e. has been invoked at least once

11
How is ACIs software developed
?Testing/Verification (2/2)
  • Requirements at lowest level (SDD) completely
    cover higher level requirements
  • Requirements inspection process assures coverage
  • Computer Software Unit (CSU) tests ensure SDD
    requirement conformance
  • Inspection process assures that tests fully cover
    requirements
  • Test cases identify WHAT is to be tested
  • Test procedures identify HOW the test will be
    performed
  • CSU tests cover both normal operations and
    evaluation of robustness under limit conditions
  • Check validity of external data prior to CSU
    importation
  • Checks for validity of CSU arithmetic operations

12
Certifiable ATN Software Portable Building Blocks
  • Four RRI Component Builds
  • Airborne Boundary Intermediate System (ABIS)
  • Ground Boundary Intermediate System (GBIS)
  • Airborne End System (AES)
  • Ground End System (GES)
  • Four Application Service Element (ASE) Modules
  • Context Management (CM)
  • Automatic Dependent Surveillance (ADS)
  • Controller/Pilot Data Link Communication (CPDLC)
  • Flight Information Service (FIS)

13
Certifiable ATN Software System Architecture
14
Certifiable ATN Software Statistics
  • Each RRI build comprises between 60000 and 90000
    source lines of DO 178B Level C code
  • AES/GES 63000/75000
  • ABIS/GBIS 87000/87000
  • Four ASEs together comprise between 60000 and
    80000 source lines of code
  • Airborne ASEs order of 15000 each
  • Ground ASEs order of 20000 each
  • Approximately 5000 tested requirements overall

15
Certifiable ATN Software Component Architecture
User Processes
Platform
Custom
Local
Manager
NMA
User
HMI
PSE
E
S
P
e
I
Subnet
g

E
User
n
e
Drivers
a
S
r
Applications
h
o
c
x
C
E

t
n
e
ATN
m
OS
n
Applications
o
r
i
v
Router
n
E

Stack
m
e
t
System
s
y
Clock
S
16
Certifiable ATN Software System Interfaces
17
Certifiable ATN Software Product Composition
  • Source software modules
  • Documentation
  • User's Guide
  • Porting Guide
  • Functional Requirement Specification (FRS)
  • External Interface Control Document (EICD)
  • Software Quality Assurance Plan (SQAP)
  • Validation test scripts sequences
  • System level
  • CSCI level
  • DO 178B Level C Certification artifacts
  • Products pre-ported for UNIX/Streams environment

18
Certifiable ATN Software Product Support
Evolution
  • RRI ASE products under configuration change
    management process
  • Operated by ATNSI ACI as open process ATN
    stakeholder interests and participation
    incorporated
  • Designed to allow incorporation of general
    problem reports (PRs) as well as ICAO PDRs, plus
    agreed product improvements, while respecting
    interoperability
  • Product Support
  • Through end of warranty period (mid 2002)
    RRI/ASE support assured by ACI under CCB process
  • Following warranty long-term RRI/ASE support
    committed by ACI Member companies
  • To-date maintenance releases made at regular
    intervals, following initial RRI/ASE product
    deliveries in February 2000

19
Certifiable ATN Software Certification Credit
  • Controversial subject
  • Definitive approach awaits decisions by
    authorities
  • What is known
  • Structural Coverage Analysis credit likely based
    on FAA analysis
  • Requirement Based Test procedures and results
    comprise part of product package can be rerun as
    required by certification authorities
  • Validation Test procedures and results comprise
    part of product package can be rerun as required
    by customer for acceptance testing
  • Conformance Test Suite (CTS) role view of
    certification authorities not yet definitive
  • In any case, ACI software is designed to
    streamline, risk-reduce, cost-reduce the
    certification process

20
Result fit for purpose portable ATN software
  • Product quality meets safety requirements, meets
    specifications, and reduces lifecycle costs
  • Formalized nature of DO-178B Level C development
    process leads to high overall product quality
  • Process facilitates change management lifecycle
    support
  • Production of required artifacts demonstrates
    compliance and supports users of software
    products
  • Full traceability of functions to design, to
    code, and to test
  • Full functional test coverage
  • Verifies that all functions have been tested
  • Full structural test coverage
  • Verifies that all code is executed

21
The significance of all this
  • Portable software designed to mission-ready
    quality standards can reduce manufacturer cost
    schedule risks, and can facilitate certification
  • ATN software certifiable to DO 178B Level C has
    been in the field since February 2000, and will
    play a major role in the FAA CPDLC communication
    infrastructure, as well as in the products of the
    ACI partner companies
  • This portable certifiable software is available
    to 3rd parties under license, to provide the same
    benefits of cost and risk reduction, and to aid
    in bringing the ATN into serviceTODAY

22
Aeronautical Communication International LLCWho
are we? What do we do?
  • ACI was formed in 1997 as a joint venture of
    Airsys-ATM, Honeywell International, Thomson-CSF
    Sextant Sofréavia, all suppliers of CNS/ATM
    products services
  • ACI was created to execute the ATN Router
    Reference Implementation (RRI) Project, under
    contract to ATNSI
  • In addition, ACI has financed a variety of
    ATN-related software developments and service
    activities
  • Complementary Application/Management Software
  • ATN standardization support (AEEC, IATA ICAO)
  • ATNSI CTS Program Support
  • EUROCONTROL Petal II CAERAF Program Support
  • FAA Ground Router Architecture Evaluation
    Support
  • ACI is currently engaged as a subcontractor to
    CSC on the FAA CPDLC Build I Build I/A Programs

23
Aeronautical Communication International LLCFor
more information
  • Contact
  • Forrest Colliver, General Manager
  • forrest.colliver_at_aci-llc.com
  • Bob Kerr, Marketing Communications
  • bob.kerr_at_aci-llc.com
  • Or, visit the ACI web site at
  • www.aci-llc.com
Write a Comment
User Comments (0)
About PowerShow.com