Skip to main content
RVS 3.19 Launched
Rapita is proud to be an ISOLDE Partner
Rapita and SYSGO underline partnership
RVS 3.18 Launched
Introduction to Data Coupling and Control Coupling for DO-178C
Measuring response times and more with RapiTime
Why mitigating interference alone isn’t enough to verify timing performance for multicore DO-178C projects
There are how many sources of interference in a multicore system?
Data Coupling & Control Coupling
Verifying additional code for DO-178C
DO-178C Guidance: Introduction to RTCA DO-178 certification
MATLAB® Simulink® MCDC coverage and WCET analysis
OHB® Sweden provides complete space missions, satellites and spacecraft subsystems. With more than 30 years of proven success running a wide range of space missions in low and geostationary orbit and developing and manufacturing spacecraft for interplanetary missions, OHB Sweden has acquired a first class reputation of offering reliable and innovative solutions to its customers.
Rapita and OHB Sweden are partners in the AMASS project, which aims to lower certification costs for cyber-physical systems.
As part of AMASS, Rapita worked with OHB Sweden to improve the efficiency of structural coverage analysis testing for an Attitude Orbital Control System used on the Electra satellite, while supporting future adoption of DO-178C certification processes.
Summary
The challenge
- Improve efficiency of structural coverage analysis while supporting future adoption of DO-178C certification processes
The solution
- RapiCover integrated with the existing build and test environment with minimal modifications to collect DO-178C Level B coverage data.
The benefits
- Improved coverage analysis efficiency through reduced instrumentation overheads, an advanced justification workflow for tracking manual coverage analysis, and support for ternary operators.
- Reduced costs and risks for downstream certification due to the availability of qualification kits should RapiCover be used throughout the program.
The challenge
OHB Sweden’s project uses a model-based design process and an automated code generation and test environment. In the project, code is auto-generated from Simulink® models into a number of library functions. A test harness is built for each of these functions using the SPARC RTEMS GCC toolchain. Finally, tests of the functions are run on a LEON2 emulator (TSIM).
At the onset of this case study, OHB Sweden were using an open-source coverage analysis tool to provide coverage data, for which no qualification support is available. As OHB Sweden are considering the development of manned spacecraft in the future, which requires adherence to DO-178C guidelines and processes, this lack of support presents a risk.
Rapita was asked to provide a more efficient coverage analysis solution than the one currently being used, which also integrates with the existing code generation and test environment and has a tool qualification path already in place, thereby supporting future adoption of DO-178C processes for the project.
The solution
Rapita worked with OHB Sweden to integrate RapiCover into the existing build and test environment to collect structural coverage data at DO-178C Level B while tests are run on source library functions.
Because of the flexible architecture of both RapiCover and OHB Sweden’s development environment, integration was accomplished while making minimal changes to the build system.
A strategy was put in place to collect coverage data while tests were executed by hooking into the software’s existing I/O system.
The toolchain was then executed to collect coverage data from the library functions. The flexible nature of RapiCover means that migration of the integration to collect data from new functions will require minimal effort.
The benefits
Replacing OHB Sweden’s existing coverage solution with RapiCover contributed to a marked increase in coverage analysis efficiency through the following:
- 40% reduction in end-to-end testing time – RapiCover’s low instrumentation overheads significantly reduced the time needed to run coverage tests.
- Justifications for tracking manual analysis of coverage – RapiCover’s justifications make it easy to mark code as covered by manual analysis. With customizable templates, custom fields and support for migration when code changes, these minimize the effort needed to fill coverage holes caused by unreachable or untestable code.
- Full support for analysis of C code – unlike the previous coverage analysis tool it replaced, RapiCover supports coverage analysis of ternary operators, removing the need for manual review of code containing them.
The availability of RapiCover qualification kits also promises to reduce certification costs and risks for downstream certification should the tool be adopted throughout the whole program.
Anders Edfors, Attitude and Orbit Control Systems Specialist at OHB Sweden commented on the benefits of using RapiCover over their previous solution:
“The AMASS project aims to reduce the cost of certifying systems such as the ones we develop, which is critical for the continued production of safe systems and the growth of our industry. Along with other efficiency improvements, Rapita’s structural coverage analysis solution increased our end-to-end test speed by ~40% when compared with our previous approach, which will let us produce verification evidence faster and reduce downstream certification costs. It was a delight working with Rapita. Their expert engineers quickly adapted to our build system and the integration went far more smoothly than we could have expected.”
Anders Edfors
Attitude and Orbit Control Systems Specialist
OHB Sweden
Other case studies
