Accelerating Safety and Security Certification with FACE™ COTS
Solutions
Chip Downing, Senior Director of Aerospace and Defense, Wind River
David French, Director of Business Development, GE Intelligent Platforms
Dr. Edwin de Jong, Director of Product Management and Strategy, RTI
Bernard Dion, CTO, Esterel Technologies
FACE™ is a Trademark of The Open Group
Quick Introductionto FACE™
Chip Downing, Wind RiverFACE Outreach Working Group Chair
NAVAIR Public Release 2012-1233
Distribution Statement A "Approved for public release
distribution is unlimited”
3 http://www.opengroup.org/face
FACE - Purpose
• Delivers an open architecture that enables rapid deployment and re-use of software across platforms Includes both a technical specification and a business
model
• Enables more capability sooner, on more platforms Expands software supplier choices and enables
interoperability Creates a platform for integrating both future and
legacy systems
• Provides an industry library of conformant software and supporting safety / security evidence to accelerate usage
4 http://www.opengroup.org/face
Applications written to Baseline Profile would run on ALL platforms (Extremely Portable but may not leverage fuller capabilities of some
platforms!)
Overlap of Capabilities
Fighter
Bomber
Helicopter
Cargo
UAS
• Nav• Comm• SA• …
5 http://www.opengroup.org/face Distribution Statement A: Approved for Public Release
The FACE Consortium was formed in 2010 by The Open Group
Sponsors:
• Lockheed Martin• Naval Air Systems Command (NAVAIR)
• US Army PEO Aviation• Rockwell Collins
Associates: • AdaCore• Aitech Defense
Systems• Barco Federal Systems• Brockwell
Technologies• CALCULEX• Chesapeake
Technology Int’l.• CMC Electronics• CoreAVI• CTSi• Curtiss-Wright Controls
Defense Solutions• DDC-I• DornerWorks• Draper Laboratory• Esterel Technologies• FMS Secure Solutions• GE Intelligent
Platforms• Johns Hopkins Applied
Physics Lab
• L-3 Communications
• LDRA Technology• LynuxWorks• Objective Interface Systems
• Physical Optics Corp.• Presagis• QinetiQ North America• Real-Time Innovations• Richland Technologies• Stauder Technologies• Support Systems
Associates• Symetrics Industries• Thomas Production
Company• Tresys Technology• TTTech North America• Tucson Embedded
Systems• Verocel• ViaSat• Zodiac Data Systems
FACE Consortium Members
Principals: • ATK• BAE Systems• Bell Helicopter• Boeing• Elbit Systems of America
• GE Aviation Systems
• General Dynamics
• Green Hills Software
• Harris Corporation
• Honeywell Aerospace
• Northrop Grumman
• Raytheon• Sierra Nevada Corp.
• Sikorsky Aircraft• Textron Systems• US Army AMRDEC• UTC Aerospace Systems
• Wind River
6 http://www.opengroup.org/face
Smart Phone Analogy
FACE introduces smartphone application and portability concepts to DoD avionics while adding
variability (and competition) to all segments of the FACE Architecture
Commercial Military
TM
7 http://www.opengroup.org/face
FACE Architectural Segments
• FACE Portable Components Segment
• Portable Applications• Portable Common
Services
• Transport Services Segment
• Platform Specific Services Segment
• Platform Device Services• Platform Common
Services• Graphics Services
• I/O Services Segment• Drivers
• Operating System Segment
FACE™ COTS Solution Segments
9 http://www.opengroup.org/face
FACE – Program Adoption• Although only formed in June, 2010 FACE already has
significant program support:
• Navy Next Generation Jammer Technology Development• Navy C-130T• Army Airborne Radio Control Display Unit (CDU) Replacement• Navy H-1 HMD• Navy ADDS• Navy Full Motion Video• Navy RNP/RNAV Portable Software Component• Army Joint Multi-Role Technology Generator Phase 2• Navy AACUS• Army Air-to-Air Targeting of Turreted Systems• Navy FACE Software Reference Architecture• Navy AMCD/MSC 2nd OSP Upgrade
See current program tracking at: http://www.opengroup.org/FACE/procurements
10 http://www.opengroup.org/face
• FACE is supported by both industry and government
• FACE solves the military platform reuse challenge
• FACE delivers more capability at lower cost
FACE Summary
FACE™ COTS Solution Segments
GE Intelligent PlatformsMilitary and Aerospace Embedded
Computing
June 2011
FACE™ and COTS MOSA HardwareOperating System Segment
Transport Services Segment
Platform Specific Services Segment
I/O Services Segment
FACE Portable Components
Device Drivers
FACE Portable Components
FACE Portable Components
…FACE™
Architecture
COTS Modular
Open Systems
Architecture
FACE™ Board & System Support (preliminary)
Transport Services Segment
Platform Specific Services Segment
I/O Services Segment
Operating System Segment
OS API for Network
Stack Services
OS API forCommon
Processing Services
GE BSP/ESP
GE FABRIC Suppor
t
1553
429
Serial
other
P2P
SRIO
ESP1
ESP2
1-10GE
other
GE Intelligent Platforms
IB
Drivers HPEC
AXISView
AXISFlow
FACE Architecture
GE AXIS - Advanced Multiprocessor Integrated Software
FACE™ Deployed Test (preliminary)
Platform Specific Services Segment Platform Common Services
ARINC 653 Health Monitoring
Configuration Services
GE Intelligent Platforms BIT
Power-Up / Initialization BIT functions; INTRUSIVE for highest
coverage
GE Intelligent Platforms BCS
Background Condition Screening : NON-INTRUSIVE CBIT / IBIT
functions
Reports
Operating System Segment
Reports
FORCE1™FACE™ Open Reference Computing EnvironmentSBC312 Freescale P4080 processor
GPU
I/O Dual DVI, VGA output 2x USB 3x Gigabit Ethernet 2x RS232 serial comms 28 VDC input power
Software VxWorks 653 Wind River Hypervisor 2.0
– With VxWorks (AMP/SMP) Guest OS, Linux Guest OS VxWorks MILS
FORCE1™ Block DiagramFACE Open Reference Computing Environment
PCIe-PCI-X
PSUFilter
DDR3
DDR3
DDR3
DDR3
DDR3
DDR3
DDR3
DDR3
DDR3
DDR3
PHY
P4080
GPU
2x DVI
2x VGA
2x USB
2x RS232
3x 1000BASE-T
x4 PCIe
FACE™ COTS Solution Segments
Wind River A&D Solutions Portfolio
Networking, Graphics, Security, and Connectivity Middleware
Wind River Virtualization
VxWorksWind River
LinuxAndroid
Optimized Hardware Integration
Simics Workbench
Wind River
Services
PartnerSoftware
Ecosystem
20
Land Military Aviation Space Commercial AviationSea
Wind River VxWorks 653
VxWorks 653
ARINC 653 Application
Optimized Hardware Integration
21
ARINC653
Health Management
POSIXApplication
VxWorksApplication
Wind River Hypervisor Vision
Wind River Hypervisor
FACEMinimum
Safety Profile
Guest OS
Optimized Hardware Integration
22
ARINC653
Guest OS
FACEGeneralPurposeProfile
Guest OS
Linux
Guest OS
VxWorks
Guest OS
Android
Guest OS
Simics System Simulation
Processorand Memory
SoC Devices Complete Boards Complete Systems and Networks
Devices, Racks of Boards,and Backplanes
System Complexity
Cu
sto
me
r E
ffic
ien
cy
an
d P
rod
uc
tiv
ity
Wind River Proven leader in aerospace and defense
Wide range of COTS solutions
Ready to respond to large industry trends and migrations
FACE™ COTS Solution Segments
Peer-To-Peer/Portable Databus
OMG Data Distribution Service (DDS)
Sen
sor
Dat
a
Control App
Com
man
ds
Sta
tus
Sensor
Sen
sor
Dat
a
Actuator
Com
man
ds
Sta
tus
Sensor
Sen
sor
Dat
a
Display App
Sen
sor
Dat
a
Sta
tus
Data-Centric Messaging
Source(Key) Latitude Longitude Altitude
RADAR1 37.4 -122.0 500.0
UAV2 40.7 -74.0 250.0
LPD3 50.2 -0.7 0.0
Distributed Data Model and System State
Hundreds Of DDS Applications
Introducing RTI Connext DDS Micro
• Scalable product linefor constrainedenvironments
• Certifiable component– Targeting DO-178C Level A– ~25K ELOC
• Follows OMG DDS specification• FACE Transport Services Interface
Tran
spor
t Ser
vice
s
Flexible and Highly Portable FACE TSS
Portable FACE App
Portable FACE App
PSS Component
Opti
mize
d in
tra
proc
ess
‑co
mm
unic
ation
Shar
ed m
emor
y (in
ter-
proc
ess,
in
tra-
parti
tion)
ARIN
C Po
rts
(inte
rpa
rtitio
n)‑ So
cket
s(u
nica
st, m
ultic
ast;
inte
rno
de)
‑
Oth
er/C
usto
m(e
.g.,
bus,
DIL
)
RTI Connext DDS Micro
PSS Component
FACE Security Profile(upward compatible with Safety and General-Purpose profiles)
FACE™ COTS Solution Segments
© 2013 ANSYS, Inc. April 8, 202332 © Esterel Technologies - An ISO 9001:2008 Certified Company - Confidential & Proprietary
Esterel Technologies mission
Provide critical system and software developers
with model-based development solutions
that reduce cost, risk and time-to-certification
© 2013 ANSYS, Inc. April 8, 202333 © Esterel Technologies - An ISO 9001:2008 Certified Company - Confidential & Proprietary
What is unique about SCADE ?
•SCADE is developed specifically to be able to address critical system and software applications
•SCADE Suite and Display Code Generators are certified/qualified according to the following international safety standards:
• DO-178B / DO-178C (2013) qualification up to Level A – Aerospace & Defense
• EN 50128 certification up to SIL 3/4 – Rail Transportation • IEC 61508 certification up to SIL 3 – Industrial & Energy
• IEC 60880 full compliance – Nuclear Instrumentation & Control• IEC 62304 full compliance – Medical Systems• EN 13849 full compliance – Industrial Machines Safety
• ISO 26262 certification up to ASIL D – Automotive (2013)
•Same products qualified at the highest level of safety across 5 market segments by 10 safety authorities, worldwide
© 2013 ANSYS, Inc. April 8, 202334 © Esterel Technologies - An ISO 9001:2008 Certified Company - Confidential & Proprietary
SCADE Product Family
Model-Based System Engineering
System Architecture,System Verification
HMISoftware Design
Prototyping, Design, Verification, Qualified
Code GenerationSystem & Software
Lifecycle Mgt
Certification Plans, Metrics, Requirements, Configuration
Management,Documentation
Generation
ControlSoftware Design
Prototyping, Design,Verification, Qualified
Code Generation
© 2013 ANSYS, Inc. April 8, 202335 © Esterel Technologies - An ISO 9001:2008 Certified Company - Confidential & Proprietary
The ARINC 661 Use Model
UA SUPPLIER
Embedded IMA System(Logics)
EmbeddedCockpit Display System
(Graphics)
A661 RunTime ServerUA2
(e.g. ATC)UA3
(e.g. TCAS)UA1
(e.g. FMS)
01101010100011100101010001010111101
Binary Definition Files
Set Parameter
Notify
ARINC 661
Pilot inputs
CDS SUPPLIER
© 2013 ANSYS, Inc. April 8, 202336 © Esterel Technologies - An ISO 9001:2008 Certified Company - Confidential & Proprietary
SCADE Solutions for ARINC 661Cockpit Display System: Configurable ARINC 661 Server Generation
Embedded IMA System(Logics)
EmbeddedCockpit Display System
(Graphics)
Request/Notify
WidgetCreator
EmbeddedA661Server
Configurable
A661 Server
+ Widget Library
Custom A661 Widget Library
C
UA SUPPLIER(s) / AIRFRAMER CDS SUPPLIER / AIRFRAMER
UA Logic (SCADE Suite)
UA PageCreator
Logic / Graphics Coupling
CodeC
SCADE Suite KCG
DFXML BIN
SCADE UA1
(e.g. FMS)
SCADE UA2
(e.g. TCAS)
Other UA3
(e.g. ATC)
ARINC 661
Custom A661 Widget Library
Server CreatorSCADE Suite & Display KCG)
A661 Widget Library
Custom A661 Widget Library
A661 Conf
UA Adaptor
UA DF Generator
© 2013 ANSYS, Inc. April 8, 202337 © Esterel Technologies - An ISO 9001:2008 Certified Company - Confidential & Proprietary
SCADE Solutions for IMA
IMA HW Platform (CPU, I/O, Networks: AFDX, ARINC 429…)
IMA Operating System
IMA Configuration
Table
Application2(e.g. FCS)
Application3(e.g. TCAS)
Application1(e.g. FMS)
CPANI106
DPCAPMON
DPCAPCOM
DPFOCOM
DPFOMON
CPANI108
BPRIMOK
... ...2.0
1...
13 0 f alse
CONFS
R
f alse f alse
BASC
778
*
11
N080110
(-24.0) 24.0 4P080525Z8
... ...2.0
1...
13 0 f alse
CONFS
R
f alse f alse
BASC
779
*
12
N080110
(-24.0) 24.0 4P080525Z8
BPO...
BFSSRDPCAPMONP
BFSSRDPCAPMON
BFDPCAP
BFDPFO
BFSSRDPFOMONP
BFSSRDPFOMON
BFFOROLL
BFCAPROLL
P080525ZU P080525ZA P080525ZB
P080525ZR
P080525Z7
P080525Z6
P080525Z8
P080525ZS P080525ZG P080525ZH
P080525ZR
P080525Z0
P080525Z1
P080525Z8
P080525ZP
P080525ZQ
P080525ZC
P080525ZI
P080525ZD
P080525ZE
P080525ZHP080525Z5
P080525Z6
P080525Z1
P080525Z3 P080525ZB
Partitions
Manual or legacy Code
IMA Usage Domain (Platform Constraints)
IMA Platform provider
Partitions Partitions
A653 API
© 2013 ANSYS, Inc. April 8, 202338 © Esterel Technologies - An ISO 9001:2008 Certified Company - Confidential & Proprietary
What is in SCADE for FACE?
• SCADE provides a complete set of solutions for efficient implementation of applications in the FACE environment:o Code generation: SCADE Suite KCG
• DO-178B/C certified and automatic code generation from SCADE models (Portable Components)
• Automatic wrapping of SCADE generated code with FACE communication layers/API (i.e. TS)
o CDS and User Applications: SCADE Solutions for ARINC 661 Compliant Systems • Full implementation of the ARINC 661 standard to generate the Cockpit
Display Server and the User Applications (Portable Components)• Support Direct or In-Direct Graphic Rendering with OPENGL SC/ES graphic
driverso IMA: SCADE Solutions for IMA
• Description of ARINC 653/IMA architecture and automatic generation of IMA configuration tables
FACE™ Technical Interchange Meeting
(TIM)
April 2, 2013
Wright-Patterson Air Force Base
Holiday Inn Dayton Fairborn
http://www.opengroup.org/FACE/events
Over 25 FACE Consortium vendors will display their products at this event
Joint FACE™ COTS Solution Demonstration at WPAFB TIM
Audience Q & A
Chip Downing, Senior Director of Aerospace and Defense, Wind River
David French, Director of Business Development, GE Intelligent Platforms
Dr. Edwin de Jong, Director of Product Management and Strategy, RTI
Bernard Dion, CTO, Esterel Technologies
Thanks for joining us
Event archive available at:
http://ecast.opensystemsmedia.com/
E-mail us at: [email protected]
The FACE Consortium
Steering CommitteeChair: Bob Matthews
(NAVAIR)Vice Chair: Jeff Howington
(Rockwell Collins)Judy Cerenzia
(The Open Group)
OutreachSubcommitteeChip Downing (Wind River)
LibrarySubcommittee
David Boyett(US Army AMRDEC)
ConformanceSubcommitteeSteve Goetz
(US Army AMRDEC)
Business Model SubcommitteeGabriel Flores
(Northrop Grumman)
Enterprise ArchitectureSteve Davidson
(Raytheon)
AdvisoryBoard
FACE / UCS AlignmentBill Antypas
(Real Time Innovations)
Data Model & Data Definition
Jeff Hegedus(Raytheon)
Reference Implementation
GuideKirk Avery
(Lockheed Martin)
SecuritySubcommittee
Joe Neal(Harris)
Verification Matrix
Marcell Padilla (NAVAIR)
Technical Working GroupChair: Rob Sweeney
(NAVAIR)Vice Chair: Kirk Avery
(Lockheed Martin)
Business Working GroupChair: Dennis Stevens
(Lockheed Martin)Vice Chair: David Boyett
(US Army AMRDEC)
575 Individual Participants
50+ FACE Consortium
Members
FACE Consortium ContactsBob Matthews, PMA209EA
FACE Steering Committee Chair
[email protected](301) 995-4971
Website: www.opengroup.org/face
Judy Cerenzia, The Open Group
FACE Program [email protected]
(814) 234-2234
Mike Hickey, The Open Group
Membership [email protected]
(512) 343-9159