Re: OT?: AF 447 and avionics software

[Ludovic Brenta <ludovic@ludovic-brenta.org>]

On Jun 4, 11:29 am, "Alex R. Mosteo" <alejan...@mosteo.com> wrote:
> Frankly I know nothing about the aviation standards for software/computer
> use, but I suspect it is somewhat more strict than "one never really knows".
> I mean, surely you can't test everything, but I guess one can be reasonably
> confident on the system design!

The most critical subsystems are usually certified to the DO-178B
level A standard; this means that unit tests must cover 100% of the
code and 100% of the decision paths; it's called MC/DC testing
(Modified Condition/Decision Coverage).

In case you didn't know, when working at Barco avionics I published a
set of slides[1] to describe the work involved. Barco only makes
cockpit displays but their internal CPU is now powerful enough to run
the software for other subsystems like autopilot, air data computer,
flight management system, etc. which traditionally used their own
dedicated hardware. Consolidating multiple systems on a single
hardware CPU (aka Integrated Modular Avionics) is the trend nowadays;
it requires partitioning the CPU into multiple virtual machines
running software certified for different criticality levels.

[1] http://www.cs.kuleuven.ac.be/~dirk/ada-belgium/events/07/070612-abga-event.html

--
Ludovic Brenta.