Current opportunities at Rapita
CAST-32A Compliance Update
New paper: Surrogate Applications for Multicore Contention Modeling
Rapita hosts SCADE webinar with ANSYS
Software verification on the Solar Orbiter
Metrowerks CodeTest - How and why to upgrade
Leveraging FACE Conformance Artifacts to Support Airworthiness
Assured Multicore Partitioning for FACE Systems
DO-178C
MATLAB Simulink MCDC coverage and WCET analysis
Code coverage for Ada, C and C++
AMC 20-193
How to verify multicore hardware & software for avionics
FACE Technical Interchange Meeting
Aerospace TechWeek 2021
Safe Use of Multi-Core Processors Seminar
AMC 20-193
EASA® and the FAA™ have been developing guidelines for development of multi-core systems for DO-178 aerospace projects. These include the EASA Certification Review Item – Multi-core Processor (CRI MCP), CAST-32A and the soon to be released AMC 20-193. Acceptable Means of Compliance documents (AMCs) and the FAA's equivalent, Advisory Circulars, provide guidance for compliance with airworthiness regulations without creating or changing existing regulatory requirements.
AMC 20-193 is a joint effort by EASA and the FAA that supplements the guidance in position paper "CAST-32A: Multi-core Processors". AMC 20-193 will build on industry advancements that are aiding the certification process for multicore processors (MCPs) and will recommend best practices to consider when dealing with MCPs. It is anticipated that AMC 20-193 will address the topics of dynamic allocation and multicore inteference mitigation. The final version of AMC 20-193 is due to be published in late 2021 – updates can be found at the EASA website.
Background
Multicore processors are increasingly used within avionics systems, and this trend is likely to continue. These processors offer increased performance compared to single core processors and allow more functionality to be included within hardware. They can also contain other embedded functions such as memory management and embedded security, reducing the chip count for a system. Furthermore, as single-core processors are used in so few other industries, their future supply is a serious concern for avionics suppliers.
Whilst MCPs offer a great deal of advantages, their behavior is harder to verify due to the presence of interference channels.
Interference channels can be caused by a variety of factors, including contention over shared hardware resources. This interference can have a significant effect on timing behavior, raising critical safety concerns. Consequently, conventional DO-178C and DO-297 guidance (designed for single-core systems) is insufficient to verify the behavior of MCPs, hence the need for additional guidance such as CAST-32A and AMC 20-193.
CAST-32A
In response to the increasing use of MCPs and the need to meet compliance guidelines in projects using MCPs, the Certification Authorities Software Team (CAST) published Position Paper CAST-32A named ‘Multicore Processors’ (often referred to as just ‘CAST-32A’). This paper identifies topics that could impact the safety, performance and integrity of airborne software systems executing on MCPs and provides objectives intended to guide the production of safe multicore avionics systems.
You can find out more about more about CAST-32A here
Rapita Systems has a unique solution to help you meet CAST-32A objectives including analyzing software timing behavior within the context of multicore interference. Taking advantage of this solution will provide a head start in adhering to the guidelines that will be provided in the upcoming AMC 20-193. Find out more about Rapita’s solution here.
