From mboxrd@z Thu Jan 1 00:00:00 1970 X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on polar.synack.me X-Spam-Level: X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00 autolearn=ham autolearn_force=no version=3.4.4 X-Google-Language: ENGLISH,ASCII-7-bit X-Google-Thread: 103376,f948976d12c7ee33 X-Google-Attributes: gid103376,public X-Google-ArrivalTime: 2003-06-23 06:15:06 PST Path: archiver1.google.com!news1.google.com!newsfeed.stanford.edu!logbridge.uoregon.edu!news.telebyte.nl!news.tele.dk!news.tele.dk!small.news.tele.dk!newsfeed.multikabel.nl!newsfeed.kabelfoon.nl!195.129.110.21.MISMATCH!bnewsfeed00.bru.ops.eu.uu.net!bnewsinpeer01.bru.ops.eu.uu.net!bnewspost00.bru.ops.eu.uu.net!emea.uu.net!read.news.de.uu.net!not-for-mail From: bitbucket@invalid-domain-see-sig.nil (Robert Kaiser) Newsgroups: comp.lang.ada Subject: Re: Boeing and Dreamliner Date: 23 Jun 2003 13:02:00 GMT Organization: Sysgo AG Message-ID: References: <20030619221951073-0500@library.airnews.net> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii X-Complaints-To: news@dagobert.svc.sysgo.de NNTP-Posting-Host: ns.sysgo.de X-Trace: 1056374103 read.news.de.uu.net 10140 213.68.67.98 X-Complaints-To: abuse@de.uu.net Xref: archiver1.google.com comp.lang.ada:39598 Date: 2003-06-23T13:02:00+00:00 List-Id: In article , Kilgallen@SpamCop.net (Larry Kilgallen) writes: > In article , bitbucket@invalid-domain-see-sig.nil (Robert Kaiser) writes: >> In article , >> "Mark A. Biggar" writes: >>> If I was part of the 7E7 design team I would >>> insist that the "internet aboard" system be a complete isolated stand >>> alone system that shared at most power supply with the rest of the >>> plane. And if I were part of the FAA certification team I wouldn't >>> approve it otherwise. >> >> Is physical isolation of the system really a requirement? AFAIK DO-178B >> explicitly allows for software partitioning. (I.e. suppose I had a kernel >> that can provide -say- an Ada runtime system and a Linux environment >> in the same physical machine, protected from each other by the MMU, and >> I could prove that there is no way for those systems to interfere.) > > I don't understand how a Memory Management Unit could keep one of those > partitions from grabbing all the CPU time. Sorry, I forgot to mention this: Of course, an MMU can only help with memory partitioning. In addition to that, a time partitioning mechanism (e.g. something like an ARINC-(653?) scheduler) would be required, too. I'm thinking of a small (thus easily testable) kernel that implements partitioning, where partitions are assigned individual subsets of the hardware's resources (CPU time, memory, IO-space). In each partition, it would provide enough mechanisms to support basically any OS, be it some form of UNIX or an Ada runtime system. I really don't want to start a technical discussion, I'm merely interested in people's opinions whether something like this would stand any chance of obtaining, e.g. FAA acceptance, whether it would be a worthwhile approach to pursue, etc. Rob -- Robert Kaiser email: rkaiser AT sysgo DOT de SYSGO AG http://www.elinos.com Klein-Winternheim / Germany http://www.sysgo.de