| BAE Systems introduces fault-tolerant RTOS for safety-critical applications BAE Systems has launched its new CsLEOS real-time operating system (RTOS). Certifiable to DO-178B Level A, CsLEOS provides integrated fault-tolerant and hard real-time capabilities that make it ideal for a wide range of safety-critical aerospace, telecommunications, and industrial control applications. CsLEOS is the first commercial RTOS built from the ground up with a native ARINC-653 interface (no proprietary interface layers), and the first to support independently loadable applications. The native implementation facilitates fast, predictable interaction between applications and the RTOS, while the independently loadable applications reduce test and certification costs by enabling new applications to be built and installed without affecting existing applications. CsLEOS also provides native support for OpenGL graphics, enabling designers to run secure two and three-dimensional displays on the same processor alongside safety-critical applications. "CsLEOS is the only commercially available RTOS developed by a systems company for use in its own safety-critical systems, and the only one backed by a company with more than 400 million operational flight hours on certified systems," said Milan Dedek, CsLEOS product manager at BAE SYSTEMS Aerospace Controls. "The aerospace industry has traditionally relied on expensive proprietary designs, but is increasingly embracing COTS solutions to reduce development costs and shorten product development times. With its fault-tolerant architecture, and DO-178B Level A support, CsLEOS is the COTS RTOS of choice for quickly and cost effectively developing, deploying, and maintaining safety-critical systems." An ARINC-653-compliant, fault-tolerant, hard-real-time operating system, CsLEOS was designed from the ground up for safety- and mission-critical applications that place a premium on security, predictable real-time response, and testability. Utilising hardware memory protection, CsLEOS provides complete time, space, and resource partitioning between the kernel and applications operating on the same hardware platform. It also provides guaranteed resource availability in both the time and space domains. This combination facilitates the robust partitioning defined in ARINC 653, enabling applications with different DO-178B safety levels to run concurrently on the same processor. CsLEOS also supports "on-the-fly" application rescheduling, giving it the flexibility needed to meet a broad range of dynamic safety-critical applications. To guarantee fast recovery for time-critical events without compromising system safety, CsLEOS synchronises all redundant channels on a frame-by-frame, lock-step basis, ensuring that all channels process the same data concurrently. In the event of a fault on one of the channels, the RTOS restarts the channel ("fast restart") within milliseconds. To further enhance fault tolerance, CsLEOS provides a built-in health monitor. Unlike approaches that require system responses to be hand-coded into the application, CsLEOS allows developers to define their applications' responses to faults and store them separately in configuration tables. This approach enhances flexibility and guarantees that faults will be resolved reliably and in a timely fashion. To streamline application development, upgrades, and D0-178B certification, CsLEOS supports independent loading of application modules. Unlike approaches in which a portion of the kernel must be linked to each application, CsLEOS interacts exclusively with applications through its Applications Programming Interface. This enables existing applications to be modified and new applications to be built and installed without the entire system having to be recompiled and rebuilt. This flexibility makes the system less expensive to test, certify, and maintain, greatly reducing life-cycle costs. CsLEOS provides industry-standard OpenGL graphics drivers that make it easy to develop sophisticated 3-D man-machine interfaces for mission-critical applications such as synthetic vision systems that allow aircraft to land in adverse weather. Moreover, the system's graphics drivers do not require a separate host processor, but run on the same hardware platform with safety-critical flight applications without interfering with them. This not only reduces cost, but facilitates a single-processor integrated solution that simplifies new development and upward migration.
•Date:
18th September 2003 •Region: Worldwide •Type:
Article •Topic: Manufacturing |
