FAQs

What is RVS?

RVS is the leading toolsuite for the verification of critical software.

Used globally in the aerospace and automotive industries, it includes tools for functional and requirements-based testing, timing analysis including worst-case execution time analysis, and structural code coverage analysis. 

How does RVS work?

RVS works by combining static and dynamic analyses of software execution to gain an understanding of the software architecture. Using this understanding, RVS injects and/or instruments code to perform a variety of functions including generating and running functional test harnesses, analyzing the structural coverage achieved during functional testing, and analyzing the timing behavior of code being executed.

By integrating into the existing development environment and continuous build servers, RVS reduces the cost of software verification. The flexible nature of RVS integrations and its extremely low instrumentation overheads support its use on even the most complex systems, including multicore systems.

Which industries use RVS?

We have been providing quality products and customer service to companies primarily in the aerospace and automotive embedded industries since 2004, as demonstrated by our case studies. As our products are designed to meet the stringent requirements for DO-178B/C certification in the aerospace industry, they are well-suited to any safety/mission-critical application such as those in the nuclear, medical, industrial and rail industries.

My software is part of a product that must be certified against a safety guideline. Can RVS tools be qualified for use in my project?

All our RVS tools are designed to meet the most stringent needs of certification processes, such as the DO-178B/C process used in the aerospace industry and the ISO 26262 process used in the automotive industry. We can provide developer qualification documents, a template integration qualification report and on-site tests to support you in qualifying RVS tools in projects requiring certification.

How does RVS fit into my development environment?

The design requirements of all RVS tools include the ability to work alongside your existing development environment. You can configure these tools to generate verification metrics and run tests using custom scripts, and can integrate the tools into your existing version control and continuous build systems. 

How do RVS tools collect data from my target?

All RVS tools support numerous data collection strategies, which are optimized to achieve a minimal instrumentation overhead. You can collect data using debuggers, logic analyzers, directly from the address bus, or using our datalogger, RTBx. By working with you to determine the optimal data collection strategy, you can ensure you achieve results with minimal effort.

How is my data presented?

All RVS tools include a friendly user-interface that presents your data in both tabular and graphical formats. Using this interface, you can filter your results to zoom in on target functions, making it easy to find the information you are looking for.

Which languages does RVS support?

RVS supports C, C++ and Ada projects, including mixed-language ones.

How large a code base can RVS tools handle?

RVS tools are designed to handle very large code bases. Because of the efficient algorithms used by RVS tools, there is no fundamental limitation to the number of lines of code that RVS can process, and our RVS tools have been used on projects with millions of lines of code.

Which host operating systems can RVS be used on?

RVS tools support Windows 7 or newer, Windows Server 2008 R2 or newer, and a variety of Linux distributions including Ubuntu and Red Hat.

RVS tools can be used on projects with unsupported operating systems by using a clone integration to split the process and delegate parts of it to the unsupported machine.

Can I use RVS with my build system?

All RVS tools can be integrated to work with almost any compiler and target hardware. Our integration service promises to deliver a robust integration of RVS into your build system.

Which hardware architectures do RVS tools support?

RVS tools can be integrated to work with almost any embedded target. Our engineers can work with you to determine the optimal strategy for integrating the tool with your target, even for multi-core architectures. For more information on the hardware architectures we have integrated RVS tools with, see our support specification.

Can I use RVS on my target, which has limited RAM and/or ROM?

The instrumentation overheads for RVS tools are the lowest in the market, and the tools can support zero-instrumentation overhead in some cases. Because of this, RVS can generate verification data from your source code in fewer builds than possible using other tools. For example, in a recent customer evaluation, RapiCover instrumentation overhead was 4 to 5 times lower than competitor tools, leading to a 92% reduction in the number of builds necessary to test the code base. If necessary, you can configure RVS tools to instrument your code in multiple builds and compile collected data into a single report. 

How are RVS products licensed?

We offer both “Node-locked” and “Floating” licenses, and a license server to support use of our tools in your specific development environment. Floating licenses follow the “Enterprise” model, meaning that you can use our tools across geographical boundaries and different projects and users.

For more information on our licensing models, see our RVS licensing FAQs.

What happens if I encounter an issue while using an RVS tool?

All RVS licenses include access to our dedicated in-house support team, who will work with you to provide a rapid fix to your issue. This is a critical part of our vision. During 2016, we responded to 97% of new support requests within one working day, closed 56% of these within 3 working days and 91% within 20 working days. We also inform our customers of known issues via our website and email. 

How do you support RVS users?

We provide an extensive set of RVS documentation with each of our products, and offer training courses guiding you through the most effective use of RVS tools. All our users can benefit from privileged access to our website, which includes downloads for new product releases. 

How do I learn more about RVS?

You can request a trial version of RVS. You can also arrange a demonstration, where a member of our team will work with you to show the benefits RVS can offer you.

What is RapiTest?

RapiTest is the leading tool for functional testing of critical software.

Used globally in the aerospace and automotive industries, it reduces the cost of functional testing at all levels, including system, integration and unit testing. 

As part of the RVS toolsuite, it forms part of a software verification solution that also includes tools for structural coverage analysis and worst-case execution time analysis. 

How does RapiTest work?

RapiTest works by using input tests in a variety of formats and an understanding of the program structure achieved through dynamic analysis to produce test harnesses that it executes on the native build system to collect test results. When collecting data from hardware targets, data can be collected from almost any target hardware by a variety of approaches.

What types of testing does RapiTest support?

You can use RapiTest to generate code for testing both high- and low-level requirements, and it supports the generation of tests for various levels and definitions understood in the industry, such as unit, module, integration and system tests.  

How do I write tests for use with RapiTest?

RapiTest supports tests written in spreadsheet formats and as scripts, and is customizable to support existing or alternative test formats. You can use our spreadsheet and scripting formats to write your tests, and if necessary, we can develop a converter for RapiTest to interpret tests written in your existing format. 

What kind of stubbing behavior does RapiTest support?

The test generation algorithms RapiTest uses are powerful and support generation of all types of stubs used in the industry, including stubs, mocks, fakes, spies and dummies

How many tests can RapiTest run at once?

You can include as many tests as you want to in a single build on your target, subject to the resources available on your target and your data collection strategy. As with all our RVS tools, RapiTest has a very low overhead, meaning you can complete your test cycle in fewer builds than using other tools.

How is my test data displayed?

RapiTest test data is displayed using a friendly user-interface. When you run a test, your results are displayed based on just the subprograms you tested, letting you quickly check your results against requirements. 

My software is part of a product that must be certified against a safety guideline. Can RapiTest be qualified for use in my project?

RapiTest is designed to meet the most stringent needs of certification processes, such as the DO-178B/C process used in the aerospace industry and the ISO 26262 process used in the automotive industry. We can provide developer qualification documents, a template integration qualification report and on-site tests to support you in qualifying RapiTest in projects requiring certification.

How do I verify my software’s functional and temporal behavior when instrumentation has been applied?

We recommend that, when using RVS tools to perform functional testing of safety-critical applications for a final run-for-score, you run your full test suite both with and without coverage instrumentation applied, then confirm that the results match. This provides evidence that coverage instrumentation has not changed the functional behavior of your code.

Which languages does RapiTest support?

RapiTest supports C, C++ and Ada projects, including mixed-language ones.

How large a code base can RVS tools handle?

RVS tools are designed to handle very large code bases. Because of the efficient algorithms used by RVS tools, there is no fundamental limitation to the number of lines of code that RVS can process, and our RVS tools have been used on projects with millions of lines of code.

Which host operating systems can RVS be used on?

RVS tools support Windows 7 or newer, Windows Server 2008 R2 or newer, and a variety of Linux distributions including Ubuntu and Red Hat.

RVS tools can be used on projects with unsupported operating systems by using a clone integration to split the process and delegate parts of it to the unsupported machine.

Can I use RapiTest with my build system?

RapiTest can be integrated to work with almost any compiler and target hardware. Our integration service promises to deliver a robust integration of RapiTest into your build system.

Which hardware architectures do RVS tools support?

RVS tools can be integrated to work with almost any embedded target. Our engineers can work with you to determine the optimal strategy for integrating the tool with your target, even for multi-core architectures. For more information on the hardware architectures we have integrated RVS tools with, see our support specification.

How are RVS products licensed?

We offer both “Node-locked” and “Floating” licenses, and a license server to support use of our tools in your specific development environment. Floating licenses follow the “Enterprise” model, meaning that you can use our tools across geographical boundaries and different projects and users.

For more information on our licensing models, see our RVS licensing FAQs.

What happens if I encounter an issue while using an RVS tool?

All RVS licenses include access to our dedicated in-house support team, who will work with you to provide a rapid fix to your issue. This is a critical part of our vision. During 2016, we responded to 97% of new support requests within one working day, closed 56% of these within 3 working days and 91% within 20 working days. We also inform our customers of known issues via our website and email. 

How do you support RVS users?

We provide an extensive set of RVS documentation with each of our products, and offer training courses guiding you through the most effective use of RVS tools. All our users can benefit from privileged access to our website, which includes downloads for new product releases. 

How do I learn more about RapiTest?

You can request a trial version of RVS, which includes RapiTest. You can also arrange a demonstration, where a member of our team will work with you to show the benefits RapiTest can offer you.

If you're interested in RapiTest in academia, you can search for it in the academic press

What is RapiCover?

RapiCover is the leading tool for structural code coverage analysis of critical software.

Used globally in the aerospace and automotive industries, it reduces the cost of analyzing structural code coverage analysis up to and including MC/DC.

As part of the RVS toolsuite, it forms part of a software verification solution that also includes tools for functional testing and worst-case execution time analysis. 

How does RapiCover work?

RapiCover works by injecting instrumentation code into source code and executing the native build system so that coverage results are collected during program execution. Data can be collected from almost any target hardware by a variety of approaches.

Which coverage criteria can I measure using RapiCover?

You can measure the most common coverage criteria required to support DO-178B/ED-12B, DO-178C/ED-12C and ISO 26262 certification using RapiCover. This includes function, call, statement, branch, decision and condition coverage, and MC/DC.

Can I determine coverage for a decision containing large numbers of conditions?

By default, RapiCover supports 30 conditions per decision, and includes support for up to 1000 conditions per decision using an alternate, inbuilt instrumentation strategy.

Can I collect coverage over multiple builds?

Using our configurable instrumentation mechanism, you can instruct RapiCover to determine coverage for specific subprograms as necessary. After running your tests, it’s easy to merge coverage data from these runs into a combined report using RapiCover’s Merge Coverage utility.

Can I add manual configurations that flag my code as being exempt/uncoverable?

RapiCover and RapiCoverZero include a powerful “justification” mechanism that lets you mark code as covered. Using this feature, you can provide a rationale for justifying the code and create templates to justify code more easily. When your code changes, justifications are automatically migrated to represent the new location of your justified code.

For more information on using justifications, see our white paper.

 

What happens when I change my code?

RapiCover and RapiCoverZero retain information about the revision of your code it used to generate results. The tool will report an error if you try to merge coverage from incompatible revisions. RapiCover includes an Optimal Dataset Calculator feature you can use to calculate the least expensive tests you need to run again when your code changes, saving you valuable testing effort.

Can I collect coverage data across power cycles and reset sequences?

RapiCover can be configured to collect data in real-time while your software runs. By writing data to an external device, the data will remain in place while your system reboots, and collection can be reinitialized when it restarts. This means that you can collect coverage data across a shutdown or reset sequence. This is subject to your target hardware architecture. 

How is my data presented?

All RVS tools include a friendly user-interface that presents your data in both tabular and graphical formats. Using this interface, you can filter your results to zoom in on target functions, making it easy to find the information you are looking for.

Treemaps provide a high-level overview of your code base and help you understand the coverage of your code at a glance.

My software is part of a product that must be certified against a safety guideline. Can RapiCover be qualified for use in my project?

RapiCover is designed to meet the most stringent needs of certification processes, such as the DO-178B/C process used in the aerospace industry and the ISO 26262 process used in the automotive industry. We can provide developer qualification documents, a template integration qualification report and on-site tests to support you in qualifying RapiCover tools in projects requiring certification.

How do I verify my software’s functional and temporal behavior when instrumentation has been applied?

We recommend that, when performing functional testing of safety-critical applications for a final run-for-score, you run your full test suite both with and without coverage instrumentation applied, then confirm that the results match. This provides evidence that RVS instrumentation has not changed the functional behavior of your code.

Which languages does RapiCover support?

RapiCover supports C, C++ and Ada projects, including mixed-language ones.

How large a code base can RVS tools handle?

RVS tools are designed to handle very large code bases. Because of the efficient algorithms used by RVS tools, there is no fundamental limitation to the number of lines of code that RVS can process, and our RVS tools have been used on projects with millions of lines of code.

Which host operating systems can RVS be used on?

RVS tools support Windows 7 or newer, Windows Server 2008 R2 or newer, and a variety of Linux distributions including Ubuntu and Red Hat.

RVS tools can be used on projects with unsupported operating systems by using a clone integration to split the process and delegate parts of it to the unsupported machine.

Can I use RapiCover with my build system?

RapiCover can be integrated to work with almost any compiler and target hardware. Our integration service promises to deliver a robust integration of RapiCover into your build system.

Which hardware architectures do RVS tools support?

RVS tools can be integrated to work with almost any embedded target. Our engineers can work with you to determine the optimal strategy for integrating the tool with your target, even for multi-core architectures. For more information on the hardware architectures we have integrated RVS tools with, see our support specification.

How are RVS products licensed?

We offer both “Node-locked” and “Floating” licenses, and a license server to support use of our tools in your specific development environment. Floating licenses follow the “Enterprise” model, meaning that you can use our tools across geographical boundaries and different projects and users.

For more information on our licensing models, see our RVS licensing FAQs.

What happens if I encounter an issue while using an RVS tool?

All RVS licenses include access to our dedicated in-house support team, who will work with you to provide a rapid fix to your issue. This is a critical part of our vision. During 2016, we responded to 97% of new support requests within one working day, closed 56% of these within 3 working days and 91% within 20 working days. We also inform our customers of known issues via our website and email. 

How do you support RVS users?

We provide an extensive set of RVS documentation with each of our products, and offer training courses guiding you through the most effective use of RVS tools. All our users can benefit from privileged access to our website, which includes downloads for new product releases. 

How do I learn more about RapiCover?

You can request a trial version of RVS, which includes RapiCover. You can also arrange a demonstration, where a member of our team will work with you to show the benefits RapiCover can offer you.

If you're interested in RapiCover in academia, you can search for it in the academic press

What is RapiTime?

RapiTime is the leading tool for worst-case execution time analysis of critical software.

Used globally in the aerospace and automotive industries, it reduces the cost of analyzing the worst-case timing behavior of critical software.

As part of the RVS toolsuite, it forms part of a software verification solution that also includes tools for functional testing and structural coverage analysis. 

How does RapiTime work?

RapiTime works by injecting instrumentation code into source code and executing the native build system so that timing results are collected during program execution. Data can be collected from almost any target hardware by a variety of approaches.

Which types of timing data does RapiTime calculate?

When you run your code on-target, or on-host using a simulator, RapiTime collects several timing metrics. These include worst-case execution time, high and low water mark paths, and minimum, average and maximum execution times for each test of your code. 

How does RapiTime calculate the worst-case execution time of my software?

The worst-case execution time reported by RapiTime is pessimistic, meaning the actual worst-case execution time of your code could not be higher than that reported by RapiTime. This satisfies the stringent requirements of embedded system certification. 

Can I determine timing metrics on my target, which has limited RAM and/or ROM?

The instrumentation overheads for RapiTime tools are very low, and zero-instrumentation overhead can even be supported in some cases, depending on your target hardware and data collection strategy. This means that you can use RapiTime with virtually any target. 

If your available memory is very limited, you can use RapiTime's Time Bands feature to automatically select the depth of instrumentation of your code based on the expected execution frequencies of your code. 

Can I use RapiTime to analyze the timing behavior of multicore architectures?

As with all RVS tools, RapiTime supports data collection on multicore architectures. RapiTime achieves this by suspending data collection during a task interrupt and reinitializing collection when the task on the current core resumes execution. You can also use RapiTime to identify the interference produced by other cores on your system under test.

RapiTime is a key component of the Rapita Systems Multicore Timing Solution, which analyzes the timing behavior of multicore systems and is suitable for DO-178C/CAST-32A compliance. 

How does RapiTime help me investigate timing behavior?

RapiTime includes a Rewind Trace utility, which lets you step through the events that occurred during program execution like you can with a debugger. This lets you set breakpoints and easily analyze the execution of your program.

In addition to guaranteeing that timing deadlines are met, how else can I use RapiTime?

You can use timing metrics to optimize your code for timing behavior. RapiTime highlights the costliest functions in terms of execution time, guiding you towards the best optimization candidates. By running RapiTime again after you optimize your code, you can determine performance improvements.

How do I determine the execution time overhead from instrumenting my source code?

RapiTime includes inbuilt functionality to let you determine the execution time overhead of adding instrumentation to your source code. This overhead can then be automatically subtracted from the timing metrics reported by the tool. 

How is my data presented?

All RVS tools include a friendly user-interface that presents your data in both tabular and graphical formats. Using this interface, you can filter your results to zoom in on target functions, making it easy to find the information you are looking for.

RapiTime includes charts designed to help you easily understand your data:

  • Its Treemaps provide a high-level overview of your code base and help you understand the timing behavior of your code at a glance.
  • Its Invocation Timeline and Aggregate Profile Charts let you visualize your results in of your code's call tree, identify the calls with the highest execution times, and investigate specific timing events more easily.
My software is part of a product that must be certified against a safety guideline. Can RapiTime be qualified for use in my project?

RapiTime is designed to meet the most stringent needs of certification processes, such as the DO-178B/C process used in the aerospace industry and the ISO 26262 process used in the automotive industry. We can provide developer qualification documents, a template integration qualification report and on-site tests to support you in qualifying RapiTime tools in projects requiring certification.

How do I verify my software’s functional and temporal behavior when instrumentation has been applied?

We recommend that, when producing timing evidence for certification, you use RapiTime to improve your test data so that the high watermark path and predicted worst-case path align as closely as possible and then perform task boundary only instrumentation to measure the high-watermark execution times. These values will be representative of the estimated worst case times, and the minimal level of instrumentation applied will have a negligible effect on the application's timing behavior.

Which languages does RapiTime support?

RapiTime supports C, C++ and Ada projects, including mixed-language ones.

How large a code base can RVS tools handle?

RVS tools are designed to handle very large code bases. Because of the efficient algorithms used by RVS tools, there is no fundamental limitation to the number of lines of code that RVS can process, and our RVS tools have been used on projects with millions of lines of code.

Which host operating systems can RVS be used on?

RVS tools support Windows 7 or newer, Windows Server 2008 R2 or newer, and a variety of Linux distributions including Ubuntu and Red Hat.

RVS tools can be used on projects with unsupported operating systems by using a clone integration to split the process and delegate parts of it to the unsupported machine.

Can I use RapiTime with my build system?

RapiTime can be integrated to work with almost any compiler and target hardware. Our integration service promises to deliver a robust integration of RapiTime into your build system.

Which hardware architectures do RVS tools support?

RVS tools can be integrated to work with almost any embedded target. Our engineers can work with you to determine the optimal strategy for integrating the tool with your target, even for multi-core architectures. For more information on the hardware architectures we have integrated RVS tools with, see our support specification.

How are RVS products licensed?

We offer both “Node-locked” and “Floating” licenses, and a license server to support use of our tools in your specific development environment. Floating licenses follow the “Enterprise” model, meaning that you can use our tools across geographical boundaries and different projects and users.

For more information on our licensing models, see our RVS licensing FAQs.

What happens if I encounter an issue while using an RVS tool?

All RVS licenses include access to our dedicated in-house support team, who will work with you to provide a rapid fix to your issue. This is a critical part of our vision. During 2016, we responded to 97% of new support requests within one working day, closed 56% of these within 3 working days and 91% within 20 working days. We also inform our customers of known issues via our website and email. 

How do you support RVS users?

We provide an extensive set of RVS documentation with each of our products, and offer training courses guiding you through the most effective use of RVS tools. All our users can benefit from privileged access to our website, which includes downloads for new product releases. 

How do I learn more about RapiTime?

You can request a trial version of RVS, which includes RapiTime. You can also arrange a demonstration, where a member of our team will work with you to show the benefits RapiTime can offer you.

If you're interested in RapiTime in academia, you can search for it in the academic press

RapiTask is the leading tool for task-level scheduling analysis of critical software.

Used globally in the aerospace and automotive industries, it reduces the cost of understanding software scheduling behavior and troubleshooting scheduling issues.

As part of the RVS toolsuite, it forms part of a software verification solution that also includes tools for functional testing, structural coverage analysis and worst-case execution time analysis. 

RapiTask provides an RTOS-independent tool for visualization and exploring the scheduling behavior of embedded systems, and rapidly diagnosing and identifying potential problems.

It lets you visualize scheduling behavior across threads and processor cores, and reports response times from your system.

RapiTask is OS-agnostic so you can keep the same visualization and metrics if you change OS, and you can use RapiTask results as a point of reference to compare operating systems.

Additionally, you can capture and display custom events not related to the operating system (for example ARINC 429 messages) and display them in the trace.

RapiTask is OS-agnostic; as with all Rapita tools the integration with the operating environment needs to be customized. If we can get information about items of interest from the OS we can add ‘user events’ to a RapiTask trace.

As with all RVS tools, RapiTask supports data collection on multicore architectures. 

RapiTask is a component of the Rapita Systems Multicore Timing Solution, which analyzes the timing behavior of multicore systems and is suitable for DO-178C/CAST-32A compliance. 

RapiTask displays data in two applications, the RVS Project Manager that is shared with all RVS tools, and an application specifically designed to display task scheduling information. You can synchronize the two applications to ensure that you can easily identify specific timing events in your system. 

RapiTask's Invocation Timeline Chart helps you to understand the high-level scheduling behavior of your system at a glance. 

You can use RapiTask as a standalone tool with either automatic or manual instrumentation.

RapiTime abstracts away from the OS tasking model and only reports the execution time of a task as if it were the only thing running on the CPU. If you are interested in the response time of your code, or the interaction between tasks and your OS, you'll need RapiTask.

RapiTask supports C, C++ and Ada projects, including mixed-language ones.

RVS tools are designed to handle very large code bases. Because of the efficient algorithms used by RVS tools, there is no fundamental limitation to the number of lines of code that RVS can process, and our RVS tools have been used on projects with millions of lines of code.

RVS tools support Windows 7 or newer, Windows Server 2008 R2 or newer, and a variety of Linux distributions including Ubuntu and Red Hat.

RVS tools can be used on projects with unsupported operating systems by using a clone integration to split the process and delegate parts of it to the unsupported machine.

RapiTask can be integrated to work with almost any compiler and target hardware. Our integration service promises to deliver a robust integration of RapiTask into your build system.

RVS tools can be integrated to work with almost any embedded target. Our engineers can work with you to determine the optimal strategy for integrating the tool with your target, even for multi-core architectures. For more information on the hardware architectures we have integrated RVS tools with, see our support specification.

We offer both “Node-locked” and “Floating” licenses, and a license server to support use of our tools in your specific development environment. Floating licenses follow the “Enterprise” model, meaning that you can use our tools across geographical boundaries and different projects and users.

For more information on our licensing models, see our RVS licensing FAQs.

RapiTask supports C, C++ and Ada projects, including mixed-language ones.

All RVS licenses include access to our dedicated in-house support team, who will work with you to provide a rapid fix to your issue. This is a critical part of our vision. During 2016, we responded to 97% of new support requests within one working day, closed 56% of these within 3 working days and 91% within 20 working days. We also inform our customers of known issues via our website and email. 

We provide an extensive set of RVS documentation with each of our products, and offer training courses guiding you through the most effective use of RVS tools. All our users can benefit from privileged access to our website, which includes downloads for new product releases. 

You can request a trial version of RVS, which includes RapiTask. You can also arrange a demonstration, where a member of our team will work with you to show the benefits RapiTask can offer you.

If you’re interested in RapiTask in academia, you can search for it in the academic press.

RapiCoverZero is a structural coverage analysis tool that requires no project source code or modification of the development environment being used. To extract coverage information, RapiCoverZero analyzes branch trace information collected from a compatible target or data collection mechanism.

As part of the RVS toolsuite, RapiCoverZero forms part of a software verification solution that also includes tools for functional testing and worst-case execution time analysis.

RapiCoverZero uses two inputs from which to produce structural coverage results. The first of these is a branch trace collected while the program under analysis is executed, while the second is a disassembly of the executable. From these, it can understand both the program structure and the events that occurred during the program execution, allowing it to perform structural coverage analysis and produce coverage results.

RapiCoverZero extracts information on program execution from a branch trace that must be collected while the program under analysis is executed. This branch trace may be produced by target hardware or collected using a specific data collection mechanism such as a Lauterbach debugger.

For a list of currently supported platforms, see our RapiCoverZero Hardware support.

You can measure function, call, statement, branch and decision coverage using RapiCoverZero.

RapiCoverZero produces coverage results by analyzing a branch trace produced during program execution. While coverage metrics up to decision coverage can be inferred from branch traces, most branch traces do not include sufficient information from which to produce MC/DC results.

If you need to collect MC/DC results, you can do so using RapiCover.

If your source code is available, yes. By importing your source code and debug symbols into your RVS project, you can view your results in the context of both your object and source code, and trace between them.

RapiCover and RapiCoverZero include a powerful “justification” mechanism that lets you mark code as covered. Using this feature, you can provide a rationale for justifying the code and create templates to justify code more easily. When your code changes, justifications are automatically migrated to represent the new location of your justified code.

For more information on using justifications, see our white paper.

 

RapiCover and RapiCoverZero retain information about the revision of your code it used to generate results. The tool will report an error if you try to merge coverage from incompatible revisions. RapiCover includes an Optimal Dataset Calculator feature you can use to calculate the least expensive tests you need to run again when your code changes, saving you valuable testing effort.

If you are using an external device to collect branch trace information, the data will remain in place while your system reboots, after which you can begin data collection again. This means that you can collect coverage data across a shutdown or reset sequence. This may be subject to your target hardware architecture and the device you use to collect branch trace information.

All RVS tools include a friendly user-interface that presents your data in both tabular and graphical formats. Using this interface, you can filter your results to zoom in on target functions, making it easy to find the information you are looking for.

Treemaps provide a high-level overview of your code base and help you understand the coverage of your code at a glance.

Yes, you can. If you provide RVS with access to debug symbols, you can also trace results you have collected from source and object code.

As RapiCoverZero analyzes object code directly to produce results, it supports any language that targets machine code.

RVS tools are designed to handle very large code bases. Because of the efficient algorithms used by RVS tools, there is no fundamental limitation to the number of lines of code that RVS can process, and our RVS tools have been used on projects with millions of lines of code.

We offer both “Node-locked” and “Floating” licenses, and a license server to support use of our tools in your specific development environment. Floating licenses follow the “Enterprise” model, meaning that you can use our tools across geographical boundaries and different projects and users.

For more information on our licensing models, see our RVS licensing FAQs.

All RVS licenses include access to our dedicated in-house support team, who will work with you to provide a rapid fix to your issue. This is a critical part of our vision. During 2016, we responded to 97% of new support requests within one working day, closed 56% of these within 3 working days and 91% within 20 working days. We also inform our customers of known issues via our website and email. 

We provide an extensive set of RVS documentation with each of our products, and offer training courses guiding you through the most effective use of RVS tools. All our users can benefit from privileged access to our website, which includes downloads for new product releases. 

You can request a trial version of RVS, which includes RapiCoverZero. You can also arrange a demonstration, where a member of our team will work with you to show the benefits that RapiCoverZero can offer you.

RapiTimeZero is an execution time analysis tool that requires no project source code or modification of the development environment being used. To extract execution time information, RapiTimeZero analyzes branch trace information collected from a compatible target or data collection mechanism.

As part of the RVS toolsuite, it forms part of a software verification solution that also includes tools for structural coverage analysis and functional testing.

 

RapiTimeZero uses two inputs from which to produce execution time results. The first of these is a branch trace collected while the program under analysis is executed, while the second is a disassembly of the executable. From these, it can understand both the program structure and the events that occurred during the program execution, allowing it to perform execution time analysis and produce execution time results.

RapiTimeZero extracts information on program execution from a branch trace that must be collected while the program under analysis is executed. This branch trace may be produced by target hardware or collected using a specific data collection mechanism such as a Lauterbach debugger.

For a list of currently supported platforms, see our RapiTimeZero Hardware support.

RapiTimeZero calculates the high and low water mark paths through your program and collects minimum, average and maximum execution times for your code.

RapiTimeZero does not currently collect worst-case execution time results, but we are developing a solution to do so. This requires more in-depth analysis of collected branch traces than that required for analysis of other execution time metrics.

For more information, contact support@rapitasystems.com.

If you need to collect worst-case execution time results, you can do so using RapiTime.

 

If your source code is available, yes. By importing your source code and debug symbols into your RVS project, you can view your results in the context of both your object and source code, and trace between them.

As with all RVS tools, RapiTimeZero supports data collection on multicore architectures. To analyze the timing behavior of multicore architectures, RapiTimeZero simply needs to know which branches corresponded to which core during program execution. This information can either be inferred by providing an individual branch trace for each core, or a combined trace that includes information on the core on which each branch was taken.

RapiTimeZero includes a Rewind Trace utility, which lets you step through the events that occurred during program execution like you can with a debugger. This lets you set breakpoints and easily analyze the execution of your program.

As RapiTimeZero analyzes object code directly to produce results, it supports any language that targets machine code.

RVS tools are designed to handle very large code bases. Because of the efficient algorithms used by RVS tools, there is no fundamental limitation to the number of lines of code that RVS can process, and our RVS tools have been used on projects with millions of lines of code.

We offer both “Node-locked” and “Floating” licenses, and a license server to support use of our tools in your specific development environment. Floating licenses follow the “Enterprise” model, meaning that you can use our tools across geographical boundaries and different projects and users.

For more information on our licensing models, see our RVS licensing FAQs.

All RVS licenses include access to our dedicated in-house support team, who will work with you to provide a rapid fix to your issue. This is a critical part of our vision. During 2016, we responded to 97% of new support requests within one working day, closed 56% of these within 3 working days and 91% within 20 working days. We also inform our customers of known issues via our website and email. 

We provide an extensive set of RVS documentation with each of our products, and offer training courses guiding you through the most effective use of RVS tools. All our users can benefit from privileged access to our website, which includes downloads for new product releases. 

You can request a trial version of RVS, which includes RapiTimeZero. You can also arrange a demonstration, where a member of our team will work with you to show the benefits that RapiTimeZero can offer you.

RapiTaskZero is a scheduling visualization tool that requires no project source code or modification of the development environment being used. To extract task-level scheduling information from a program, RapiTaskZero analyzes branch trace information collected from a compatible target or data collection mechanism.

As part of the RVS toolsuite, it forms part of a software verification solution that also includes tools for structural coverage analysis, worst-case execution time analysis and functional testing.

 

RapiTaskZero uses two inputs from which to produce task-level scheduling results. The first of these is a branch trace collected while the program under analysis is executed, while the second is a disassembly of the executable. From these, it can understand both the program structure and the events that occurred during the program execution, allowing it to perform task-level scheduling analysis and produce results.

RapiTaskZero extracts information on program execution from a branch trace that must be collected while the program under analysis is executed. This branch trace may be produced by target hardware or collected using a specific data collection mechanism such as a Lauterbach debugger.

For a list of currently supported platforms, see our RapiTaskZero Hardware support.

RapiTaskZero is OS-agnostic so you can keep the same visualization and metrics if you change OS, and you can use RapiTaskZero results as a point of reference to compare operating systems.

Additionally, you can capture and display custom events not related to the operating system (for example ARINC 429 messages) and display them in the trace.

RapiTaskZero is OS-agnostic; as with all Rapita tools the integration with the operating environment needs to be customized. If we can get information about items of interest from the OS we can add ‘user events’ to a RapiTaskZero trace.

As with all RVS tools, RapiTaskZero supports data collection on multicore architectures. To analyze the task-level scheduling behavior of multicore architectures, RapiTaskZero simply needs to know which branches corresponded to which core during program execution. This information can be inferred by providing a combined trace that includes information on the core on which each branch was taken.

RapiTaskZero displays data in two applications, the RVS Project Manager that is shared with all RVS tools, and an application specifically designed to display task scheduling information. You can synchronize the two applications to ensure that you can easily identify specific timing events in your system.

RapiTaskZero 's Invocation Timeline Chart helps you to understand the high-level scheduling behavior of your system at a glance.

RapiTime and RapiTimeZero abstract away from the OS tasking model and only report the execution time of a task as if it were the only thing running on the CPU. If you are interested in the response time of your code, or the interaction between tasks and your OS, you'll need RapiTask or RapiTaskZero.

As RapiTaskZero analyzes object code directly to produce results, it supports any language that targets machine code.

RVS tools are designed to handle very large code bases. Because of the efficient algorithms used by RVS tools, there is no fundamental limitation to the number of lines of code that RVS can process, and our RVS tools have been used on projects with millions of lines of code.

We offer both “Node-locked” and “Floating” licenses, and a license server to support use of our tools in your specific development environment. Floating licenses follow the “Enterprise” model, meaning that you can use our tools across geographical boundaries and different projects and users.

For more information on our licensing models, see our RVS licensing FAQs.

All RVS licenses include access to our dedicated in-house support team, who will work with you to provide a rapid fix to your issue. This is a critical part of our vision. During 2016, we responded to 97% of new support requests within one working day, closed 56% of these within 3 working days and 91% within 20 working days. We also inform our customers of known issues via our website and email. 

We provide an extensive set of RVS documentation with each of our products, and offer training courses guiding you through the most effective use of RVS tools. All our users can benefit from privileged access to our website, which includes downloads for new product releases. 

You can request a trial version of RVS, which includes RapiTaskZero. You can also arrange a demonstration, where a member of our team will work with you to show the benefits that RapiTaskZero can offer you.

RVS core licenses provide a set of common tools and are required to run any RVS product. RVS plugin licenses are required to run specific products (RapiTest, RapiCover, RapiTime, RapiTask, or any other Rapita tool). When you purchase RVS, you receive one or more RVS core licenses, and one or more plugin licenses depending on your requirements.

A floating license lets multiple people within an organization use RVS in a shared environment. 

Floating licenses work running an RVS License Server on a networked machine accessible by all computers that have RVS installed.

Access to floating licenses is managed by TCP/IP connection to license server software, which we provide for you to install on a Windows or Linux server.

When a user runs RVS, a core license token and the relevant plugin license tokens are requested from the license server. When the user stops using RVS, the tokens are returned to the server. After being returned to the server, a license token is held in a checked-out state for a specified ‘linger time’ (the
default linger time is 10 minutes).

If one or more of the required license tokens aren’t available, either because they are in use or in ‘check-out’ time, the user won’t be able to run RVS.

Floating licenses can be used anywhere within a country or geographical region, as agreed prior to the license being issued.

A node-locked license lets you use RVS on a specific machine. A node-locked license can be shared between multiple people, but only one person can use it at a time.

Generally, a node-locked license cannot be used on shared-user machines, thin clients, or systems that use remote desktop or servers. You cannot use a node-locked license in a continuous integration environment.

Contact us if you need more information on node-locked licenses.

Yes. Contact us and we’ll discuss this process with you.

Yes. You can upgrade node-locked licenses to floating licenses for a fee. Contact us at any time, and we’ll arrange this.

We work with you to find the licensing solution that best suits your needs.

Depending on your organization or project, you may need more than one license configuration.

For example, you may need a floating license that can be used by multiple project participants, and with licenses allocated to certain users or groups. You may also benefit from one or more node-locked licenses that can be used at a specific location. Contact us, and we’ll be happy to talk you through your options in more detail.

You have three options. You could:

  • Purchase two node-locked licenses, one for your office computer and one for the lab computer.
  • Purchase a floating license with one core license and the plugin licenses you require. By doing so, you can use RVS on your office computer and in the lab, but not at the same time.
  • Purchase a node-locked license configured to a USB license key, and move it between the office and the lab.

Our licensing system is based on Reprise License Manager (RLM). Licenses are provided as file licenses, which are configured with the required numbers of core and plugin licences. In a floating license configuration, the file license is locked to the license server’s host ID. In a node-locked configuration, the file license is locked to the machine’s host ID.

Key elements in our file licenses (including the host ID, license numbers, and start and end dates) are signature-protected, and are unable to be changed by anyone outside of Rapita Systems. If any signature-protected part of a file license is edited, the license is automatically invalidated.

Depending on your system and environment, you may require a USB license key as well as a license file.

We will let you know if this is the case, and provide you with everything you need to install and manage your USB license key.

Older versions of RVS (up to version 3.8) may be licensed with USB license keys.

Perpetual licenses let you use RVS indefinitely. This supports the use of RVS in projects with long life cycles, such as those common in the aerospace domain.

Annual licenses let you use RVS for a number of annual periods. This is useful for projects with short durations.

Yes. You can convert your annual license to a perpetual license at any time while your license is active. Converting a license from annual to perpetual incurs a small fee, and requires the purchase of a support and maintenance contract with a duration of at least 1 year.

Annual licenses include support and maintenance for the full duration of the license period.

Perpetual licenses include support and maintenance for the first year. After this, you can purchase a Rapita support and maintenance contract to cover one or more years of additional support. You can purchase this support in advance to ensure that your products are covered. As long as your license is covered by a support and maintenance contract, you can access the latest version of the tools, all bug fixes and the Rapita support team.

You can find out the types of licenses you have using the RVS License Manager application, which is included with the RVS software. You can also view the numbers and expiration dates of your core and plugin licenses.

You can check your licensing information, including expiry dates, in the RVS License Manager application and/or in your license file. If your license is due to expire, contact us to start the renewal process.

If one or more of the licenses you need has expired, you will be unable to run RVS. Make sure you renew your licenses before they expire. Contact us to renew your licenses.

Contact us to start the renewal process. When your license is renewed, we send you an updated file license with the new details. After the file license is installed and active, the old one is no longer usable.

If you are using a USB license key, you may need to generate a key information file and send this to us. We then supply you with an updated file, which you use to renew your license. More detailed guidance is included in the RVS Installation and
Licensing Guide
, which is provided with the RVS software.

Contact us to upgrade your license. When your license is upgraded, we send you an updated file license with the new details. After the file license is installed and active, the old one is no longer usable.

If you are using a USB license key, you may need to generate a key information file and send this to us. We then supply you with an updated file, which you use to upgrade your license. More detailed guidance is included in the RVS Installation and Licensing Guide, which is provided with the RVS software.

If you have a floating license, you will need a license server. We provide you with license server software (either Windows or Linux versions) with your RVS software.

Yes. You can add RVS licenses to your existing RLM license server.

Requirements: You can only use the generic RLM license server with RVS versions 3.8a or later. If you have a legacy version of RVS (version 3.8 or earlier), you’ll need a patch to support RLM. More detail is provided in the Installation and Licensing Guide, which is included with the RVS software.

Yes. You can restrict access to floating licenses to specific users.

According to your requirements, you can set up pools or ‘groups’ of licenses for various types of users. For example, you can reserve licenses for specific departments, sites, projects, teams within a project or users within a team. Each license reserved for each group can be configured with different start
and end dates, helping you control who is using the software and when. By doing so, you can ensure that high-priority users can always access the licenses they require, and other users can’t access licenses they don’t need or shouldn’t be using after a certain date.

You can set up license groups by editing the options file (e.g. rapita.opt) that accompanies your file license. This lets you define user groups, and reserve licenses for specific groups or users. Detailed instructions are provided in the RVS Installation and Licensing Guide, which is included with the RVS software.

Requirements: You can only configure license groups if you install the generic RLM license server, which can only be used with RVS version 3.8a or later. If you have a legacy version of RVS (version 3.8 or earlier), you’ll need further support to configure license groups. Contact us and we’ll talk you through
the details.

You can check the status of your license server(s) in the RVS License Manager. You can also generate reports showing active users using the command line. More detailed guidance is provided in the RVS Installation and Licensing Guide, which is included with the RVS software.

Yes, but not concurrently. With a node-locked license, multiple people can use a single license on a single machine, but not at the same time. With a node-locked license, you cannot install RVS on shared-user machines, thin clients, systems that use remote desktop, or servers, nor can you use it in continuous
integration environments. If you want to use RVS in these systems or environments, you can use a floating license, which you can upgrade to at any time.

You have several options for managing third-party use of our software. You can:

  • Configure your license server to allow the contractor to access the licenses they need for a limited time.
  • Provide the contractor with access to an on-site machine that has a node-locked license.
  • Provide the contractor with a node-locked license tied to a USB license key, which they must return when their contract ends.
  • Purchase a new annual license for the contractor to use, with an end date that aligns with the end of their contract.

Contact us to discuss these options – we’re happy to arrange a solution that will best meet your needs.

Yes. You can purchase RVS Reader, which lets you view RVS reports but does not let you run the RVS tools.

We provide additional support for using RLM licensing with legacy versions of RVS. This may involve patching your RVS software to support RLM (note that this change can be implemented without affecting your RVS qualification).

More detailed guidance is included in the RVS Installation and Licensing Guide, which is provided with the RVS software. You can also contact us at any time if you’re unsure how to proceed, or need any advice or assistance.

Note that upgrading to the latest version of RVS is the best way to access the benefits of RLM licensing.

Yes. We’ll continue to use USB license keys for customers with older versions of RVS (both floating and node-locked). You can also upgrade to our file license system for use with your legacy version of RVS, or purchase the latest version of the RVS software, which includes built-in support for using file licenses.

When developing safety-critical applications to DO 178C (CAST32A) guidelines or ISO 26262 standards, there are special requirements for using multicore processors. Evidence must be produced to demonstrate that software operates within timing deadlines.

The goal of multicore timing analysis is to produce execution time evidence for these complex systems. In multicore processors, multiple cores compete for the same shared resources, resulting in potential interference channels that can affect execution time. Accounting for this interference and producing robust execution time evidence is a challenge addressed by Rapita’s Multicore Timing Solution.

By following a V-model process, our engineers investigate multicore systems and produce evidence about multicore timing behavior. Our approach has been designed to support projects within the DO 178C (CAST32A) and ISO 26262 context.

You can see an example workflow of Rapita’s Multicore Timing Solution in our Multicore White Paper.

Our multicore timing analysis solution comprises three components: a process, tool automation, and services.

Our multicore timing analysis process is a V-model process that we developed in line with DO-178 and CAST-32A. It follows a requirements-based testing approach that focuses on identifying and quantifying interference channels on multicore platforms.

The tools we have developed let us apply tests to multicore hardware (RapiTest) and collect timing data (RapiTime) and other metrics such as scheduling metrics (RapiTask) from them. We use RapiDaemons (developed by the Barcelona Supercomputing Center) to create a configurable degree of traffic on shared hardware resources during tests, so we can analyze the impact of this on the application’s timing behavior.

Our multicore timing analysis services include tool integration, porting RapiDaemons, performing timing analysis, identifying interference channels, and others depending on customer needs.

Yes. Our multicore timing analysis solution can be used to produce timing evidence needed to satisfy DO-178C objectives (in line with CAST-32A guidance), and ISO 26262 standards.

No, but we are currently working on projects that will go through certification with the FAA and EASA.

Rapita is a recognized leader in multicore timing analysis, with multiple professional publications on the subject:

  • Steven H. VanderLeest and Samuel R. Thompson, “Measuring the Impact of Interference Channels on Multicore Avionics”  to appear in the Proceedings of the 39th Digital Avionics Systems Conference (DASC), San Antonio, TX, Oct 2020.
  • VanderLeest, S.H. and Evripidou, C., “An Approach to Verification of Interference Concerns for Multicore Systems (CAST-32A),” best papers of 2020 SAE Aerotech, to appear in SAE International Journal of Advances and Current Practices in Mobility.
  • VanderLeest, S.H. and Evripidou, C., “An Approach to Verification of Interference Concerns for Multicore Systems (CAST-32A),” SAE Technical Paper 2020-01-0016, 2020, doi:10.4271/2020-01-0016.
  • Steven H. VanderLeest, Jesse Millwood, Christopher Guikema, “A Framework for Analyzing Shared Resource Interference in a Multicore System,” Proceedings of the 37th Digital Avionics Systems Conference (DASC), London, Sep 2018.

Our multicore team technical leads have also served in the following professional organizations:

  • Vice-chair for the Enterprise Architecture (EA-25) subcommittee on airworthiness for the Future Airborne Capability Environment (FACE) consortium, 2020.
  • Chair for the “Multicore Assurance” session of the 39th Digital Avionics Systems Conference, 2020.
  • Chair for the “Integrated Modular Avionics” track of the 37th Digital Avionics Systems Conference, 2018.

Rapita Systems are uniquely positioned to offer the combination of expertise and tools required to effectively perform multicore timing analysis.

Whilst the challenge of certifying multicore systems for safety-critical applications is a relatively new one for the industry as a whole, we have been researching this area for over a decade. Rapita are working with key industry stakeholders, including major chip-manufacturers like NXP, to support them in refining the evidence required to satisfy certification authorities.

Rapita have extensive experience in providing software verification solutions for some of the best-known aerospace and automotive companies in the world. For example, BAE Systems used RapiTime (one of the tools in our Multicore Timing Solution) to identify worst-case execution time optimizations for the Mission Control Computer on their Hawk Trainer jet.

See more of our Case Studies.

In the CAST-32A position paper published by the FAA, an interference channel is defined as "a platform property that may cause interference between independent applications". This definition can be applied to a range of ‘platform properties’, including thermal factors etc.

Of these interference channels, interference caused by the sharing of certain resources in multicore systems is one of the most significant in terms of execution times. Interference based on shared resources may occur in multicore systems when multiple cores simultaneously compete for use of shared resources such as buses, caches and main memory.

Rapita’s Multicore Timing Solution analyzes the effects of this type of interference channel.

A very simple example of a shared resource interference channel is as follows:

Interference channels

In this simplified example, tasks running independently on the two cores may need to access main memory simultaneously via the memory controller. These accesses can interfere with each other, potentially degrading system performance.

There is no standard list that fits all platforms. Some interference channels can be more common than others, such as the ones related to the memory hierarchy (i.e. caches and main memory). The identification of interference channels (for which we provide a service) is an important activity that identifies the interference channels whose impact on the system’s timing behavior must be assessed.

This depends on the platform, project needs, and whether we have already performed analysis on a similar hardware platform previously. Our solution includes an initial pilot phase in which we study the system and estimate the amount of time needed for subsequent phases. Typical projects run for between 2 and 12 months, depending on the scope of the analysis and complexity of the system.

We can analyze almost all hardware architectures. Our engineers work with you to determine the optimal strategy for integrating our RVS tools with your target, including hardware characterization and design considerations to best fit the hardware you're using.

To work with an architecture that is new to us, we first identify which metrics we can collect from the hardware, then adapt RapiDaemons for the architecture and implement a strategy to collect data from it.

We've worked with the following boards, CPUs and RTOSs:

    BoardCPURTOS
    Ultrascale ZCU102ARM A53Deos
    NXP QorIQ T2080PowerPC e6500VxWorks 653 3.0
    NXP QorIQ T2080PowerPC e6500PikeOS 5.x
    TI Keystone K2LARM A15PikeOS
    NVIDIA Xavier SoCCarmel (ARMv8 variant by NVIDIA)QNX
    AURIXTricore TC377TXBare metal
    AURIXTricore TC397AUTOSAR

    We also have upcoming projects with the following combinations of boards, CPUs and RTOSs:

    BoardCPURTOS
    Ultrascale ZCU102ARM A53 and R5Helix/VxWorks7
    NXP Layerscape LS1048AARM A53Deos

Some of the multicore systems that we’ve worked with are listed in our FAQ “Which hardware architectures can you analyze?”.

If we have already worked on a similar multicore platform to yours, it may take less time to perform hardware analysis for your platform.

Yes. We have already run projects analyzing the Nvidia Xavier AGX (CUDA) and we have ongoing projects analyzing AMD’s Embedded Radeon E9171 GPU featuring the CoreAVI Vulkan SC driver.

As per CAST-32A, each interference channel on the system must be analyzed to ensure that its effects on timing behavior have been mitigated. Some channels may be eliminated by architectural analysis or because they are deactivated for your system. For all channels that have not been eliminated, CAST-32A requires that multicore timing analysis be done to ensure that software operates within its timing deadlines. For each channel, one must provide analysis test reports and a summary to show that the set of tests is complete – Rapita provides this service to show completeness. Note that CAST-32A includes objectives other than testing, such as planning objectives. We provide templates to help you complete these.

Rapita have been providing execution time analysis services and tooling since 2004.

RapiTime, part of the Rapita Verification Suite (RVS), is the timing analysis component of our Multicore Timing Solution. Our customers have qualified RapiTime on several DO178C DAL A projects where it has been successfully used to generate certification evidence by some of the most well-known aerospace companies in the world. See our Case Studies.

Learn more about our tool qualification support for RapiTime in projects requiring DO-178B/C certification.

As well as providing a mature tool chain, we support the customer in ensuring that their test data is good enough, so that the timing information they generate from the target is reliable.

Our RapiDaemons are configured and tested (see the FAQ: ‘configuring and porting’) to ensure that they behave as expected on each specific customer platform.

We also assess available observability channels as part of a processor analysis. This primarily applies to the use of performance counters, where we assess their accuracy and usefulness for obtaining meaningful insights into the system under observation.

RTOS vendors may provide partitioning mechanisms for their multicore processors, but these do not guarantee the complete elimination of interference. Instead, they are designed to provide an upper limit on the interference, sometimes at the expense of average-case performance.

In aerospace, these partitioning mechanisms may be referred to as ‘robust partitioning’. CAST-32A (the FAA’s position paper on multicore processors in avionics) identifies allowances for some of the objectives if you have robust partitioning in place – but it is still necessary to verify that the partitioning is indeed as robust as claimed.

From a certification standpoint, regardless of the methodology behind the RTOS vendor’s approach to eliminating interference, the effectiveness of the technology needs to be verified.

It is possible for companies to perform multicore timing analysis internally, but it is a highly complex undertaking which is very costly in terms of budget and effort. Anecdotally, one of our customers reported that it took them five years and a budget in the millions of dollars to analyze one specific platform.

Our Multicore Timing Solution is typically delivered as a turn-key solution, from initial system analysis and configuration all the way through to providing evidence for certification.

Some customers prefer to outsource only parts of the process to Rapita. For example, it is possible for a customer to purchase RapiDaemons under license and use them to gather and analyze their own data.

We’re completely flexible, and we understand that different customers have different needs. As such, you can purchase any component of our multicore timing analysis solution separately if that’s what you need. This includes, but is not limited to:

  • Tool licenses (RapiTest, RapiTime, RapiTask)
  • Services to integrate automation tools to work with your multicore system
  • RTBx hardware to collect trace data from your multicore system
  • Generic libraries of RapiDaemons
  • Services to port RapiDaemons to your multicore system
  • Services to perform multicore timing analysis

Yes: our approach can be used to get an in-depth understanding of how sensitive software can be to other software. For example:

  • Task 1 executes acceptably in isolation and with most other tasks, but if it executes simultaneously with Task 127, its function X takes 10 times as long to return.
  • This intelligence can feed into system integration activities to ensure that function X can never execute at the same time as Task 127.

The information from this type of analysis can also provide insights into potential improvements to the implementation of the two tasks. Sensitive tasks are not always the guilty party: other tasks can be overly aggressive and cause delays in the rest of the system.

For safety reasons, WCET will always be somewhat pessimistic. However, techniques that work well for single-core systems risk generating a WCET that is unreasonably large when applied to multicore systems, because the effects of contention can become disproportionate. The objective, therefore, is to calculate a value that is plausible and useful, without being optimistic. Optimism in relation to WCET is inherently unsafe.

It is not enough to identify how sensitive an application’s tasks are to different types and levels of interference; it is also necessary to understand what degree of interference a task may suffer in reality. It is possible to lessen the pessimism in WCET analysis by viewing the processor under observation through this paradigm.

The degree to which we can reduce pessimism is dependent on how effectively we can analyze the system. Factors influencing this include:

  • The overhead of the tracing mechanism (which affects depth of instrumentation)
  • The availability and reliability of performance counters
  • The availability of information regarding other tasks executing on the system
  • The quality of tests that exercise the code

Cache partitioning is all about predictability, not performance. Your code might execute faster on average without cache partitioning, but it’s probably not as predictable and can be quite sensitive to whatever executes in parallel.

Cache partitioning aims to remove all the sensitivity to other tasks sharing the caches, thus making your task more predictable – but potentially at the expense of overall performance. In critical systems, predictability is of far greater importance than performance.

Rapita’s Multicore Timing Solution can be used to exercise cache partitioning mechanisms by analyzing any shared – and usually undocumented – structures internal to the caches.

To analyze how a specific task is affected by contention on a specific resource, we need to be able to synchronize the execution of the task with the execution of RapiDaemons (the applications that generate contention on the resource).

Usually it is highly desirable to have RTOS/HV support for enabling user-level access to performance counters. Additionally, context switch information is very valuable when performing timing analysis.

Yes. Our solution makes it easy to specify the core on which you run your tests, and the level of resource contention to apply from each other core in the system.

We can also analyze systems that use non-synchronized clocks such as those often present in AMP platforms, by using the RTBx to timestamp data.

The maximum number of metrics we can collect depends on the performance monitoring unit(s) (or equivalent) on the hardware. An ARM A53, for example, lets us collect at least 30 metrics, but only access 6 in a single test. By running tests multiple times, however, we could collect all 30 metrics.

Developing a one-button tool solution for multicore timing analysis would be impossible. This is because interference, which can have a huge impact on a task’s execution time, must be taken into account when analyzing multicore timing behavior.

Analyzing interference effects is a difficult challenge that cannot be automatically solved through a software-only solution. Using approaches developed for timing analysis of single-core systems would result in a high level of pessimism, as it would assume that the highest level of interference possible is feasible, while this is almost never the case.

It is possible to collect a range of metrics by instrumenting your source code with the Rapita Verification Suite (RVS), including a range of execution time metrics:

  • RapiTime: high-water mark and maximum execution times
  • RapiTask: scheduling metrics such as periodicity, separation, fragmentation and core migration

It is also possible to collect information on events in your hardware using performance counters. The information we can collect depends on the performance monitoring unit(s) (or equivalent) of your system, but typically includes events such as L2 cache accesses, bus accesses, memory accesses and instructions executed. We can also collect information about operating system activity such as task switching and interrupt handling via event tracing or hooks.

Yes, we formally test and assess the accuracy of performance counters to ensure the validity of results we collect for the software under analysis.

The RTBx is a data logger that provides a cost-effective, easy-to-use solution for collecting and timestamping long streams of verification data from software tests run on embedded hardware. It is target-independent, supporting a wide variety of target architectures, and provides an excellent way of collecting trace data for use by RVS.

We supply standard data cables, an adapter, and flying leads to connect RTBx to LVDS or TTL I/O ports. If your target hardware uses non-standard pins or electrical signalling, we provide advice on the best way to connect RTBx to your target, and can develop high performance custom cables to meet your needs.

You can connect RTBx to an address bus that runs at up to 250 MHz. To do this, you must reserve a range of addresses for ipoints, with one bit reserved to indicate that the value on the address bus is an ipoint. The ipoint instrumentation writes a value to a specific address in that region to denote a specific ipoint. This approach reduces the maximum trace duration of the RTBx.

The RTBx automatically timestamps data it collects, using either an internal clock or that on embedded hardware. This removes the need to configure a timestamping procedure on the embedded target itself, which would incur code size and execution time overheads.

Compared to other hardware that can be used for timestamping such as debuggers and logic analyzers, the RTBx can collect trace data for far longer, meaning that it doesn't become a bottleneck in your testing.

This is the maximum tracing rate that can be sustained over time, calculated from the number of ipoints the RTBx can process per second. The RTBx can support a higher tracing rate for short periods of time, provided that the minimum separation between instrumentation points is met.

This depends on the number of CPU cycles it takes to output successive ipoints, and the rate ipoints are written at. For example, RTBx 2220 can collect trace data via an I/O port with a minimum separation of 4 ns (250 MHz). This model can therefore support a 1 GHz CPU that outputs trace data once every 4 cycles.