From mboxrd@z Thu Jan 1 00:00:00 1970 X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on polar.synack.me X-Spam-Level: X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00 autolearn=ham autolearn_force=no version=3.4.4 X-Google-Language: ENGLISH,ASCII Path: g2news2.google.com!postnews.google.com!c36g2000yqn.googlegroups.com!not-for-mail From: Ludovic Brenta Newsgroups: comp.lang.ada Subject: Re: OT?: AF 447 and avionics software Date: Fri, 5 Jun 2009 02:22:06 -0700 (PDT) Organization: http://groups.google.com Message-ID: <9ab9c181-bad4-4859-97f6-5ee70acf0ad9@c36g2000yqn.googlegroups.com> References: <78pifuF1k9uvuU1@mid.individual.net> NNTP-Posting-Host: 153.98.68.197 Mime-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable X-Trace: posting.google.com 1244193726 12546 127.0.0.1 (5 Jun 2009 09:22:06 GMT) X-Complaints-To: groups-abuse@google.com NNTP-Posting-Date: Fri, 5 Jun 2009 09:22:06 +0000 (UTC) Complaints-To: groups-abuse@google.com Injection-Info: c36g2000yqn.googlegroups.com; posting-host=153.98.68.197; posting-account=pcLQNgkAAAD9TrXkhkIgiY6-MDtJjIlC User-Agent: G2/1.0 X-HTTP-UserAgent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.10) Gecko/2009042316 Firefox/3.0.10,gzip(gfe),gzip(gfe) Xref: g2news2.google.com comp.lang.ada:6294 Date: 2009-06-05T02:22:06-07:00 List-Id: On Jun 4, 11:29=A0am, "Alex R. Mosteo" wrote: > Frankly I know nothing about the aviation standards for software/computer > use, but I suspect it is somewhat more strict than "one never really know= s". > I mean, surely you can't test everything, but I guess one can be reasonab= ly > confident on the system design! The most critical subsystems are usually certified to the DO-178B level A standard; this means that unit tests must cover 100% of the code and 100% of the decision paths; it's called MC/DC testing (Modified Condition/Decision Coverage). In case you didn't know, when working at Barco avionics I published a set of slides[1] to describe the work involved. Barco only makes cockpit displays but their internal CPU is now powerful enough to run the software for other subsystems like autopilot, air data computer, flight management system, etc. which traditionally used their own dedicated hardware. Consolidating multiple systems on a single hardware CPU (aka Integrated Modular Avionics) is the trend nowadays; it requires partitioning the CPU into multiple virtual machines running software certified for different criticality levels. [1] http://www.cs.kuleuven.ac.be/~dirk/ada-belgium/events/07/070612-abga-ev= ent.html -- Ludovic Brenta.