What’s the difference between a SIL and a DAL? How does it affect my Code Coverage?

In this article I look at the different integrity levels for the DO-178C "Software Considerations in Airborne Systems and Equipment Certification" development guidance and ISO26262 "Road vehicles – Functional safety" standard, what they mean for code coverage and why they are not equivalent.
Read More

ED4I tool - generating diverse code automatically to satisfy ISO26262 requirements

Is it possible to use diversity on a single processor to reliably detect hardware faults? That's the thought that lead to research which resulted in ED4I, a technique to support error detection. How we got from this research to the point where cars on the road are now relying upon ECUs that have been developed using this technique is an interesting story.
Read More

How to trace the source of deadlocks

In this article I explain how you can use the principles of tracing tools to find the sequence of events that lead to a deadlock. A deadlock is a cyclic dependency, for example where action A cannot continue because it is waiting for a resource to be unlocked by action B, however action B is waiting on A before continuing. Deadlocks are one of the many banes of multi-threaded development for dynamically scheduled systems. Even though the locations of the deadlock itself are easy enough to find, establishing how we got to that point is often a harder task.
Read More

Deadline Floor Inheritance Protocol for Earliest Deadline First resource sharing

In a previous posting, I mentioned the Deadline Floor Inheritance Protocol for resource sharing in EDF schedulers. In this blog post, I describe how this works.
Read More