Skip to main content
SAIF Autonomy to use RVS to verify their groundbreaking AI platform
RVS 3.22 Launched
Hybrid electric pioneers, Ascendance, join Rapita Systems Trailblazer Partnership Program
Magline joins Rapita Trailblazer Partnership Program to support DO-178 Certification
How to certify multicore processors - what is everyone asking?
Data Coupling Basics in DO-178C
Control Coupling Basics in DO-178C
Components in Data Coupling and Control Coupling
DO-278A Guidance: Introduction to RTCA DO-278 approval
ISO 26262
Data Coupling & Control Coupling
Verifying additional code for DO-178C
Avionics and Testing Innovations 2025
DASC 2025
DO-178C Multicore In-person Training (Fort Worth, TX)
DO-178C Multicore In-person Training (Toulouse)
Airbus® Defence & Space is a leading manufacturer of civil and military aircraft, claiming over 6,000 planes in operation in 2013. Airbus Military is the division of Airbus Defence & Space responsible for production of the A330® Multi-Role Tanker Transport (MRTT).
The A330 MRTT features an Advanced Refuelling Boom System (ARBS) which includes a Boom Control and Computing System (BCCS) that is classified as a Level A system according to DO-178B guidelines. Airbus Defence & Space selected RVS (Rapita Verification Suite) to carry out worst-case execution time (WCET) analysis for this DO-178B project.
Summary
The challenge
- To effectively determine WCET times while meeting DO-178B guidelines and reducing costs
The solution
- Use RapiTime (part of RVS) to instrument the ARBS source code and carry out WCET analysis
The benefits
- A significant reduction in the effort required to carry out WCET analysis
- Opportunities to optimize the source code
The challenge
The ARBS is a fly–by–wire system based on a partitioning architecture which is compliant with ARINC 653. Data processing and the logic of the ARBS system are implemented by software that, due to the criticality of the refueling function, is classified as Level A software.
Due to the safety–critical nature of the functions performed by the BCCS, it is considered a Hard Real–Time (HRT) system where its correctness relies not only on functional correctness but also on the timely delivery of the computed results. This means that establishing its WCET is of vital importance.
Airbus Defence & Space faced three major challenges during the development and testing of the ARBS:
- Effectively determining worst-case execution times.
- Meeting DO-178B requirements.
- Reducing development costs.
The solution
Airbus Defence & Space selected RapiTime for its ability to provide a hybrid-static analysis/dynamic measurement approach to WCET analysis. This avoided the challenges of a purely static analysis technique, which relies on the availability of a model for each target to be analyzed.
To meet the objectives of this DO-178B project, RapiTime was used to:
- Instrument the source code.
- Collect execution data from the software while it ran.
- Analyze WCET results to gain confidence that timing requirements were still met in worst-case situations.
Instrumenting source code
Using RapiTime, instrumentation was added to the source code. A small and fixed number of system calls were located within the source code of every partition as a simple form of instrumentation.
Data collection
The executable was loaded and run on the embedded target. When the application was run, execution of each instrumented call was logged and timestamped.
Analyzing the source code
RapiTime used collected execution time data and knowledge of the source code structure to predict the software’s WCET. This, along with other timing metrics, was written to a timing report that could be easily analyzed.
The benefits
RapiTime’s automated WCET instrumentation and analysis significantly reduced the effort needed to produce evidence required for DO-178B certification compared to manual processes.
The results collected by RapiTime include analysis of timing hotspots that have given Airbus Defence & Space the opportunity to optimize the source code to improve resource utilization.
