LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

Linux support for ARM big.LITTLE

LWN.net Weekly Edition for February 9, 2012

XBMC 11 "Eden"

LWN.net Weekly Edition for February 2, 2012

A tempest in a toybox

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

Interview: Wind River's John Bruggeman

Interview: Wind River's John Bruggeman

Posted Jul 22, 2008 7:04 UTC (Tue) by aleXXX (subscriber, #2742)
In reply to: Interview: Wind River's John Bruggeman by smitty_one_each
Parent article: Interview: Wind River's John Bruggeman 

Software for airborne systems must be DO178B certified in the US, in 
Europe there's a similar standard, can't remember the abbrev. right now. 
There are different levels for that, depending on the criticality of the 
software. E.g. the inflight entertainment system requires a less strict 
level of certification than the fly-by-wire software, since this can kill 
people.

For the highest criticality levels you need things like testing with 100% 
code coverage, you need to track all requirements and you have to be able 
to document in which lines of code each requirement is implemented, you 
must not have code where you don't have a requirement for it, each line 
of code must be "signed" by at least two developers, etc.

I think the Linux kernel is just too big and moving too fast to do this. 
Or, as somebody else already said, if you snapshot a kernel, strip out 
unneeded drivers, then start the testing, documenting etc., you are 
probably not better off than with another solution (months or years 
behind Linus tree, patches don't apply, behaviour is different because 
you changed so much, etc.).

So for these systems really a small OS (in LOC) is a good choice, it is 
just easier to certifiy (there are also free RTOS). RTOS in general are 
not necessarily something very sophisticated or complex, often they are 
actually quite simple and stripped down compared to a general purpose OS. 
But this makes them easier predictable and also certifiable.

Alex

(Log in to post comments)

Interview: Wind River's John Bruggeman

Posted Jul 25, 2008 11:51 UTC (Fri) by chema (subscriber, #32636) [Link] 

European "mirror" of the DO-178B is called ED-12B. It is just a copy, since the DO-178B was
developed by both RTCA and EUROCAE.
DO-178B "name" is widely used in EU. We used to name DO-178B instead ED-12B all the time :)

DO-178B is not only a certification, it is a process that starts the same day as the
development project itself. It will be very hard for an existing application get certified for
any DO-178B level and of course, definitively almost imposible to get Level A certification.

Copyright © 2012, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds