LynxOS-178 powers adaptive flight-display architecture

LynxOS-178 powers adaptive flight-display architecture

LynxOS-178 powers adaptive flight-display architecture

Keywords: Aircraft, Flight, Testing

Rockwell Collins is using LynuxWorks(TM) LynxOS(r)-178 as the embedded real-time operating system (RTOS) in the Adaptive Flight Display systems on board the Bombardier Challenger 300 aircraft. The aircraft recently received FAA, JAA, and Transport Canada certification and is completing flight tests in anticipation of first aircraft delivery.

“The deployment of LynxOS-178 in the Bombardier Challenger 300 aircraft demonstrates how our collaboration with Rockwell Collins has lead to the development of ground breaking technology for the military and aerospace industry,” said Bob Morris, Vice- President of Sales and Marketing for LynuxWorks. “This collaboration between two highly specialised, “best of class” organisations proves what can be accomplished when individual expertise is combined to develop a joint solution.”

A novel feature of the LynxOS-178 architecture is the brick-wall partitioning of memory, time and device resources coupled with POSIX compatibility, which reportedly ensures that safety-critical applications can execute in a “Virtual Machine” environment that is strictly partitioned, highly protected and completely isolated from other applications.

The first level of protection in LynxOS-178 partitions or virtual machines is enabled by the processor's memory management unit (MMU), which enforces strict memory allocation for individual partitions through the appropriate use of virtual address space management. This mechanism is also used to provide fault containment, by preventing faults in one partition from propagating to other partitions. LynxOS-178's full MMU support provides the reliability advantages of protected memory and the performance advantages of hardware-mapped address protection for hard partitioning between virtual machines.

Additionally, with the LynxOS-178 RTOS, there is a second level of protection where the processor's MMU is also used to isolate processes within a partition. This is said to enable each process to run in its own protected address space for uncompromising reliability within a hard partition. This additional level of fault containment enables easier user application certification, through a two-level protection mechanism.

LynxOS-178 also supports an ARINC 653-based, configurable, fixed cyclical time-slicing scheduler for deterministic time partitioning, providing guaranteed availability of CPU time for partitions running safety-critical applications.

With LynxOS-178, hard partitions serve as virtual machines, where each application executes within its own OS environment that is certifiable up to DO-178B criticality level A.

The military and aerospace industry mandates rigorous technical and process requirements for safety-critical computing. In the US, these are expressed in the Radio Technical Commission for Aeronautics (RTCA) DO-178B standard for the production of software for airborne systems. The targeted DO-178B certification level is either A - catastrophic; B - hazardous-severe; C - major; D - minor; or E - no effect. Until the formidable specifications of this standard are met, safety-critical computing systems literally never get off the ground.

Details available from: LynuxWorks. Tel: +33 1 30 85 06 00; Fax: +33 1 30 85 06 06; E-mail: gwinckler@lnxw.com; Web site: http://www.lnxw.com