1. 1 Software and Digital Systems Safety (SDSS) Research Program Barbara Lingberg FAA/AIR-120 SDSS Program Sponsor May 6, 2003

2. 2 Acronym List AVSIAerospace Vehicle Systems Institute COTSCommercial-off-the-shelf CSTAChief Scientific and Technical Advisor FAA Federal Aviation Administration FPGAField-Programmable Gate Array FYFiscal Year HUMSHealth Usage Monitoring System IMAIntegrated Modular Avionics ISSInformation Systems Security

3. 3 Acronym List (cont) ITInformation Technology LANLocal Area Network MC/DC Modified Condition/Decision Coverage NASANational Aeronautics & Space Administration OOObject-oriented OSOperating System RTOSReal-Time Operating System SDSS Software and Digital Systems Safety TCRGTechnical Community Research Group

4. 4 Briefing Outline SDSS Research Program Purpose SDSS Technical Community SDSS Research History SDSS Research Priorities Overview of SDSS Tasks

5. 5 SDSS Research Program Purpose To address safety, performance, and technology issues in the areas of: –Software –Complex electronic hardware –Digital systems SDSS research supports the policy and guidance initiatives of the FAA

6. 6 SDSS Technical Community Research Group (TCRG) Leader: Leanna Rierson, CSTA for Aircraft Computer Software Sponsor: Barbara Lingberg Program Manager: Chuck Kilgore Members: Will Struck Jorge Castillo Robin Sova Gary Horan Brenda Ocker Dennis Wallace John Lewis Jim Treacy Tony Lambregts Tom Kraft Larry Bessette Steve VanTrees

7. 7 SDSS Research History Past Research in the Areas of: –Modified Condition/Decision Coverage (MC/DC) –Service History –COTS Software –COTS Hardware –COTS RTOS –Structural Coverage of Object-oriented Software See FAA Software Website for Reports: –http://av-info.faa.gov/software

8. 8 SDSS Task Priorities (as of Sept 2002) and Activation Status Status PriorityTask Done 1 COTS software and component protection FY03 2 Microprocessor evaluations FY03 3 Object oriented technology 4 Complex electronic hardware case study FY03 5 Semiconductor wearout effects $$ 6Databus evaluation criteria $$ 7 Structural coverage at the object code level FY03 8 COTS component integration (follow-on to 1 above) 9 Software verification tools assessment $$ 10 Safety engineering in software Legend -In Work FY03 -Start in FY03 $$ - Start in FY04+ Done -Complete

9. 9 Status PriorityTask Done 11 Augmented manual control (fly-by-wire/light) 12 Ethernet as an aviation databus (related to 1, 6, 8, 22) $$ 13 Adaptive flight controls for general aviation $$ 14 Requirements engineering management $$ 15 Advanced guidance & control system functional design $$ 16 Tool qualification of complex electronic hardware 17 Software development tools assessment $$ 18 Flight critical systems design assurance 19 Real-time scheduling analysis $$ 20 Accelerated life qualification methods Legend -In Work FY03 -Start in FY03 $$ - Start in FY04+ Done -Complete SDSS Task Priorities and Activation Status (cont)

10. 10 Status PriorityTask $$ 21 Avionics computer resource issues $$ 22 Wrappers with COTS software (follow-on to 1, 8 above) $$ 23 Local area networks onboard aircraft 24 Software service history case study 25 COTS ground systems verification $$ 26 Criteria for burn-in testing $$ 27 Environmental qualification of electronic components $$ 28 Transfer of aviation data on the internet $$ 29 Software service history and reliability models Legend -In Work FY03 -Start in FY03 $$ - Start in FY04+ Done -Complete SDSS Task Priorities and Activation Status (cont)

11. 11 Task Categories  COTS-Related  Verification  Complex Hardware  Complex Hardware Environment  Databus  Flight Controls  IMA-Related  Software Tools  Service History

12. 12 COTS-Related Tasks PriorityTask 1COTS Software and Component Protection 2 Microprocessor Evaluations 8 COTS Component Integration 22Wrappers with COTS Software 25COTS Ground Systems Verification

13. 13 Verification Tasks PriorityTask 3Object Oriented Technology 7Structural Coverage at the Object Code Level

14. 14 Complex Hardware Tasks PriorityTask 4Complex Electronic Hardware Case Study 5Semiconductor Wearout Effects 16Tool Qualification of Complex Electronic Hardware

15. 15 Complex Hardware Environment Tasks PriorityTask 20Accelerated Life Qualification Methods 26 Criteria for Burn-in Testing 27 Environmental Qualification of Electronic Components

16. 16 Data / Databus Tasks PriorityTask 6Databus Evaluation Criteria 12Ethernet as an Aviation Databus 23Local Area Networks (LANs) onboard Aircraft 28Transfer of Aviation Data on the Internet

17. 17 Flight Control Tasks PriorityTask 11Augmented Manual Control 13 Adaptive Flight Controls for General Aviation 15 Advanced Guidance & Control System Functional Design 18Flight Critical Systems Design Assurance

18. 18 IMA-Related Tasks PriorityTask 10Safety Engineering in Software 14Requirements Engineering Management 19Real Time Scheduling Analysis 21 Avionics Computer Resource Issues

19. 19 Software Tools Tasks PriorityTask 9*Software Verification Tools Assessment 17Software Development Tools Assessment *AIO Funded 1 st Year

20. 20 Software Service History Tasks PriorityTask 24Software Service History Case Study 29Software Service History and Reliability Models

21. 21 Research Affiliations NASA’s Aviation Safety Program Aerospace Vehicle Systems Institute (AVSI) Individual Companies Universities

22. 22 Potential IT and ISS Task Collaboration 1 COTS software and component protection 6Databus evaluation criteria 8 COTS component integration 12 Ethernet as an aviation databus 22 Wrappers with COTS software 23 Local area networks onboard aircraft 25 COTS ground systems verification 28 Transfer of aviation data on the internet

23. 23 More Information See FAA software website for research reports –http://av-info.faa.gov/software Contacts for detailed task information –Barbara.Lingberg@faa.gov or Leanna.Rierson@faa.gov

24. 24 Background Slides

25. 25 COTS-Related Tasks (1, 2, 8, 22, & 25) Tasks 1 & 8: Evaluate COTS operating systems (OS), integration techniques, and protections schemes. Focus on RTOS integration. Task 2: Develop criteria for new microprocessor technology. Task 22: Investigate use of wrappers for protecting against problems in COTS components. Task 25: Evaluate COTS issues in support of health-usage monitoring system (HUMS) (e.g., safety, security, & integrity).

26. 26 Verification Tasks (3, 7 & 9) Task 3 - Identify and address object- oriented issues in airborne software. To date research has focused on structural coverage. New task will focus on data and control coupling. Task 7 - Determine if structural coverage (MC/DC in particular) at the object code level is a feasible alternate to the source code level.

27. 27 Complex Hardware Tasks (4, 5, & 16) Task 4 – Perform a case study using RTCA/DO-254. On-going with NASA Langley: – Designed a field-programmable gate array (FPGA) using RTCA/DO-254 (SPIDER). –Data will be used to support FAA training and to identify areas where clarification is needed. Task 5 – Identify and address effects of semiconductor wearout. Task 16 – Develop criteria for accepting tool experience and evaluating accuracy (for tools used in complex hardware design or verification).

28. 28 Complex Hardware Environment Tasks (20, 26, & 27) Task 20 (Accelerated life qualification) – Develop methods to analyze and test devices in order to establish life limits for the equipment, if necessary. Task 26 (Burn-in testing) – Develop burn- in testing criteria for critical electronic equipment. Task 27 (Environmental qualification) – Develop methods to determine reliability of components, when installed in more severe environment than originally designed for.

29. 29 Data / Databus Tasks (6, 12, 23, & 28) Task 6 – Evaluate a number of databuses and develop criteria for evaluation. Driven by the biz-jet architectures. Task 12 – Identify safety issues with Ethernet and address them. Driven by the large transport architectures. Task 23 - Identify and address safety concerns regarding networks used for loading flight critical data and serving passengers. Task 28 (transfer of data on internet) - Evaluate safety and security issues of transferring flight critical data via internet.

30. 30 Flight Control Tasks (11, 13, 15, & 18) Task 11 – Identify guidance materials for fly-by-wire systems Task 13 – Develop and implement nonlinear adaptive control concepts for general aviation aircraft Task 15 - Identify guidance materials for advanced guidance and flight control systems Task 18 - Identify guidance materials for flight critical systems architecture design assurance

31. 31 IMA-Related Tasks (10, 14, 19, & 21) Task 10 (safety engineering) - Evaluate the safety assessment processes and their applicability in software assurance. Task 14 - Identify techniques and practices for management of overall system requirements. Particularly, focused on complex, integrated avionics, with multiple developers. Task 19 - Identify and address safety issues of real-time schedulers. Task 21 - Identify IMA issues and propose solutions for safe implementation. Focuses on the integration aspects of IMA.

32. 32 Software Tools Tasks (9 & 17) Task 9 - Identify software verification tool qualification issues and propose solutions to help cert authorities & applicants. Focus is on structural coverage tools. Task 17 - Identify software development tool qualification issues and propose solutions to help cert authorities & applicants.

33. 33 Software Service History Tasks (24 & 29) Task 24 - Document criteria for applying software service history based on an actual project and using previously-developed handbook Task 29 - Consider use of software service history & reliability models.