Preview: "Overarching Properties—an alternative design assurance approach to DO-178C—marks the biggest change in airborne software safety certification since DO-178B was unveiled in 1992. Intended to be more efficient and flexible than DO-178C, the approach was introduced as DO-178C and the Overarching Properties Initiative during FAA Chief Scientist George Romanski’s keynote address at the High Integrity Software Conference in Bristol, United Kingdom (UK). Overarching Properties aims to simplify the certification process and reduce the burden on both applicants and the FAA while maintaining the same level of safety..."
DO YOU NEED A REAL-TIME OPERATING SYSTEM (RTOS)?
Preview: "Most of the benefits our customers are seeking from an RTOS are not exclusively RTOS benefits. After all, not all applications need real-time features, nor do all elements in a system design need to be built with the same tools. More importantly, there are broad system-level benefits that RTOSes themselves cannot often provide, including simplicity; greater openness; stronger partitioning; and more scalable determinism. Therefore, while there are benefits to RTOSes, the most straightforward answer to the question, “Do You Always Need an RTOS?” is “No.” In fact, when customers come to Lynx and say they want to buy one of our RTOSes, one of the first questions we ask them is: “Are you sure?”
POSIX® PROCESSES AND VIRTUAL MEMORY
Preview: "InPOSIX®, an executing instance of a program is called a process. To be conformant with the POSIX®standard, processes must be kept separate through the use of memory protection. An operating system (OS) that supports multiple processes is referred to as a “multiprocessing” OS. It is important to understand that not all OSes that claim to support some of the POSIX®APIs actually support the POSIX®process model and its separation of processes into their own memory address spaces. Many OSes run proprietary APIs with a wrapper layer over them so that they can claim support for a subset of POSIX®APIs. However, if your OS doesn’t have proper address space separation for processes, a bad pointer or invalid memory access can corrupt data in the applications..."
HOW TO CHOOSE A REAL-TIME OPERATING SYSTEM (RTOS)
Preview: "There is much more to building an embedded device than just choosing an RTOS, and much more to choosing an RTOS than just its size. The design choices covered here make a huge impact on the software architecture of your embedded system. There are exciting and innovative options at every level and opportunities to build a better product in your market in whatever dimension you choose—be it size, price, flexibility, features, maintainability, security, safety or performance. There are a myriad of commercial products as well as open source RTOSes, OSes, hypervisors and separation kernels to choose from. Be sure to understand the complete picture—including design considerations and innovative approaches—before narrowing your scope..."
EMBEDDED BEST PRACTICES DEMONSTRATED AT ARM TECHCON 2019
Preview: "Minimize Your Trusted Codebase — What is a trusted codebase? In a security context, it’s determined by the security level that the component must reach. For example, whether a component has to work at a security level that is secret or top secret. In a safety-critical context, it’s determined by the safety-criticality level that the component must achieve. For example, whether a component has to work at DO-178C DAL C, or DAL A. A benefit of decomposing your architecture with a separation kernel is the ability to minimize your trusted codebase. For example, you don’t want to be forced..."
WHAT IS SR-IOV AND WHY IS IT IMPORTANT FOR EMBEDDED DEVICES?
Preview: "Single Root I/O Virtualization (SR-IOV) is the complex name for a technology beginning to find its way into embedded devices. SR-IOV is a hardware standard that allows a PCI Express device – typically a network interface card (NIC) – to present itself as several virtual NICs to a hypervisor. The standard was written in 2007 by thePCI-SIG(Peripheral Component Interconnect - Special Interest Group) with key contributions from Intel, IBM, Hewlett-Packard, and Microsoft (among others). We can thank the PCI-SIG for the interoperability of the vast range of computer PCI add-in cards and Intel’s famous — in tech circles — 8086 hardware vendor ID that PCI devices report on the bus..."
WHAT ARE THE BENEFITS OF POSIX® FOR EMBEDDED SYSTEMS?
Preview: "Lynx is firmly committed to open standards. POSIX®—an open standard based on UNIX operating systems and their APIs—brings a powerful set of features and capabilities to the table for embedded application development, resulting in benefits to software vendors such as ourselves as well as to our customers. The following list is a brief set of answers to the question “What are the benefits of POSIX®” to our customers—the builders of complex safety- and security-critical embedded software systems..."
WHAT IS THE COST OF A BOARD SUPPORT PACKAGE (BSP)?
Preview: "The board support package (BSP) is the glue software that allows an embedded real-time operating system (RTOS) to run on a specific target board. Creating a BSP for your chosen board is a detailed software engineering task that takes 2 to 8 weeks. Expect an embedded software consultant to charge $20,000 to $100,000 for the work. The task involves interfacing the RTOS to the new board’s memory layout as well as to a timer, a serial console, and a network interface, at least. Because it is the foundation of your software, it is important that it be high quality and support all the peripherals you need. This article will guide you through the minefield of getting the right BSP and suggest options..."
WHAT IS A REUSABLE SOFTWARE COMPONENT (RSC)?
Preview: "A DO-178B/C Reusable Software Component (RSC) is a software collection that is recognized as meeting the requirements of RTCA/DO-178B/C and that may be used on more than one project without having to regenerate certification artifacts. The LynxOS-178 RTOS is the first and only COTS operating system to receive acceptance for re-usability from the FAA for DO-178B/C certification. The FAA grants RSC acceptance as part of a normal certification process, provided that the applicant complies with the guidance policy defined in FAA Advisory Circular AC 20-148. The acceptance allows future users of the DO-178B/C RSC to deploy the software without the added cost and risk of re-certification..."
MITIGATING THE "NOISY NEIGHBOR" WITH CACHE ALLOCATION TECHNOLOGY (CAT)
Preview: "This week saw Lynx’s cache partitioning feature for Lynx MOSA.ic™ demonstrated for the first time at the Collins Aerospace Embedded Computing Conference in Cedar Rapids, Iowa. Cache partitioning is a new feature of Lynx MOSA.ic™ released in September 2019 and based on Intel’s Cache Allocation Technology (CAT) CPU hardware feature. What is Cache Allocation Technology (CAT)? Cache Allocation Technology (CAT) has been available in Intel chips since 2015. Together with Cache Monitoring Technology (CMT) and Memory Bandwidth Monitoring (MBM), CAT forms a suite of hardware features aimed at mitigating the "noisy neighbor" problem..."
LYNX MOSA.ic™ — DELIVERING THE MODULAR OPEN SYSTEMS APPROACH (MOSA)
Preview: "The objective of the U.S. Department of Defense’s (DoD) Modular Open Systems Approach (MOSA) is to design systems with highly cohesive, loosely coupled, and severable modules that can be competitively sourced from independent suppliers. As a software development framework for rapidly building comprehensible software systems out of independent application modules, Lynx MOSA.icTM is designed specifically to deliver on the open architecture vision of MOSA. In traditional platform architectures, applications are compiled against APIs provided by an OS and run as processes on the OS. The means by which multiple applications are realized onto the CPU..."
DESIGN PREVAILS — PROTECTING SYSTEMS FROM MELTDOWN & SPECTRE
Preview: "While Meltdown and Spectre challenge the validity of longstanding software and hardware designs, they also provide us with insights into how to defend systems against them; in revealing problems, they point us to solutions. After all, not all systems were vulnerable. Some deployed critical systems were, in fact, protected—not requiring patches, reconfigures, recompiles, or redesigns. What distinguishes these resilient systems is a unique kernel technology based on the work of John Rushby that provides system developers a stronger ability to separate critical computing environments through increased hardware control. In this paper, we (1) detail the mechanics of Meltdown and Spectre; (2) introduce an alternative kernel technology that is immune to Meltdown; and (3) provide a system development approach that mitigates Spectre attacks..."
REALIZING MODERN AUTOMOTIVE SOFTWARE ENVIRONMENTS
Preview: "The complexity of today’s automobiles is increasing with every new model on the market. A modern car can contain hundreds of electronic control units and with connectivity and autonomy becoming commonplace, this is increasing dramatically as we enter the 2020s. Many of these systems up until a few years ago have safely run on microcontrollers on an unsecured vehicle network, and this has been fine; the networks were ‘air-gapped’ from the rest of the world, and the risk of a malicious attacker causing any kind of danger to a car’s occupants by directly plugging in a new device was as likely as someone cutting the brake lines. The automotive industry on the whole were happy with this risk. Today, however, we are seeing a shift from mechanical cars that use computing for assistance, to computerized cars that use mechanics for movement. As the Internet of Things (Iot), artificial intelligence (AI), and autonomy find their way into automotive designs..."
CAST-32A — SIGNIFICANCE AND IMPLICATIONS
Preview: "CAST-32A presents the coordinated position of avionics certification authorities regarding Multi-Core Processors (MCPs). While today’s aerospace ecosystem could benefit from the use of MCPs, when CAST-32A was published, FAA/EASA had not yet devised a means to obtain certification credit for safety-critical software deployed to an MCP. Toward that end, the CAST-32A position paper identifies topics of concern that could impact the safety, performance, and integrity of DO-178C aviation software deployed to MCP(s)...."
Check this page for new articles weekly or subscribe to our mailing list and receive alerts as new articles and whitepapers are posted.
San José, CA 95138-1018
Lynx Software Technologies is dedicated to crafting software platforms founded on simple, elegant architectures that adapt to evolving hardware while balancing the need to preserve hosted application compatibility with open standard APIs.