Better Together – A Community for Safety Certification on Multi-Core Processors

Better Together – A Community for Safety Certification on Multi-Core Processors

By Tim Skutt

Tim Skutt PhotoLast week, I participated in one of a series of collaborative workshops on Multi-Core Processor (MCP) Certification at Wright-Patterson Air Force Base hosted by the US Army.

Wait, was that a typo?

No.  The US Army Combat Capability Development Command (CCDC) Aviation & Missile Center was indeed the host for a workshop at a US Air Force base.  This is part of an effort to address the increasing complexity of safety certification for aircraft systems built on multi-core processors.

Throughout the industry, both civilian and military airworthiness certification/approval stakeholders are wrestling with the challenges of certifying systems based on MCPs.  One of the primary issues is shared resources (memories, busses, etc.) within the MCP and the interference that may arise from functions on one core with functions on another core via these shared resources.

These challenges impact a diverse set of stakeholders, including:

-          Policymakers such as the military services and civilian agencies

-          CPU and SoC designers and manufacturers

-          Board and box level OEMs and ODMs

-          Software operating system and infrastructure suppliers

-          Integrators

-          Application developers

-          Tool vendors

As a catalyst for driving success in the approval and operation of safe multi-core based systems, the US Army brought multiple representatives from each of these stakeholder groups together for the workshop.  Participants shared perspectives, research, plans, and results in an open and cooperative exchange reinforcing the concept that whether we’re partners, regulators, customers, suppliers, or competitors, we need to work together to establish the patterns needed for assuring the safety of systems based on MCPs.

The choice of the workshop to have a US Army hosted event at a US Air Force base is an example of the diversity of participants and of their highly collaborative efforts.  There were multiple presentations by the US Army, US Air Force, and US Navy as well as research organizations such as the University of North Carolina and Carnegie Mellon University.  A representative from the RTCA (part of the civilian regulatory community) presented and an FAA representative participated in the workshop, having presented at prior workshop events.

There were too many highlights to fully capture them in a short blog, but one that hit close to home was the presentation on multi-core processor testing and verification by Wind River’s David Reiter.  Mr. Reiter provided in-depth insight into multi-core processor interference testing methodologies and tools leveraged for our successful DO-178C based certification efforts on an FAA program of record.  He described how the complexities of multi-core interference identified in DOT/FAA/TC-16/51, “Assurance of Multicore Processors in Airborne Systems”, is minimized through those methodologies and tools.

Later that same day, Harold Tiedeman, Jr. of Collins Aerospace presented providing insight into the Collins Aerospace experience gained from the MCP-based DO-178C safety certification effort on an FAA program of record.  Wind River and Collins Aerospace jointly developed a white paper based on our experience on this program.

In his presentation, Mr. Tiedeman described the techniques, tools, and processes Collins used in their MCP-based certification effort.  This included how multi-core interference concerns were addressed and how FAA CAST-32A MCP objectives were satisfied.  His presentation highlighted how the solution embodies a reusable, repeatable approach for certification of MCP systems.

Reusable, repeatable approaches are key to cost effective, affordable systems and the workshop was a great forum for cross-pollinating perspectives and solutions so we can establish successful patterns for approval and operation of safe multi-core based systems.  It was refreshing to be part of such a collaborative exchange from a range of diverse participants and I’m definitely looking forward to these continued opportunities to work together on how we address the challenges of certifying systems based on multi-core processors.

For additional insights about certification, check out  a short video entitled “The Road to Multi-core Certification.”  It is a joint Collins Aerospace and Wind River collaboration describing the journey of bringing multi-core processing to avionics systems. If you have additional questions, feel free to contact us.

Tweet about this on TwitterShare on Google+Share on FacebookShare on LinkedInEmail this to someone