An Xml Based Interface Taxonomy and Its Use in the Partitioning of a Monolithic Avionics Software Application

Abstract

As requirements for communication navigation surveillance/air traffic management (CNS/ATM) and network centric operations (NCO) continue to become prevalent in military avionics systems, application of commercial real-time operating system (RTOS) products that support time and space partitioning are getting increased attention as tools for mitigating costs associated with safety and security certification. Isolation in time and space allows for multiple hazard levels to be independently assessed on the same processor. It also provides the necessary robustness for data of differing security levels to coexist as well, supporting a multiple independent level security (MILS) environment. Boeing under contract to Air Force Research Laboratory (AFRL) Information Directorate conducted a study that focused on the development and application of partitioned RTOS products. The target of the study was an example monolithic (single time/space) operational flight program (OFP) that was to be partitioned on a commercially available RTOS product and demonstrated in a Boeing systems integration lab. The end system consisted of three partitions: (1) an input/output (I/O) partition, (2) a navigation partition, (3) and the remaining components of the OFP. Anomalous behavior generated during the decoupling (partitioning) of computer software components (CSCs) often arises due to incorrect interpretation of syntactic, semantic, and contextual (temporal) elements. This is especially true during the decomposition into multiple time/spaces of software that was originally designed and tested within a single time/space. Generally syntactic errors are identified during the compilation portion of building a program, semantic errors identified during unit-level testing, and temporal errors identified during high-level integration. Since high-level integration typically relies on the concurrent execution of large amounts of code and more than one execution thread, it is this temporal error that proves to be the most difficult to identify and fix. To save development time and to reduce errors during execution, Boeing sought to identify where problems manifested by component decomposition might arise. A partitioning whitepaper was generated to proactively identify an approach for accomplishing the partitioning with minimal errors. Early in the whitepaper generation it was realized that a capability for the consistent and methodical analysis of disparate software interfaces needed to be developed. This capability essentially evolved into a taxonomy of behaviors of software interfaces within an Ada programming environment. This taxonomy focused on the syntax, semantics, and context of computer software interfaces in general. Additional emphasis was placed on how program units are related temporally since it was believed that the most difficult errors introduced by partitioning would be related to the temporal differentiation of the components imposed by the partition schedule. To represent this taxonomy, an XML schema was generated to capture the details necessary for a formal representation. Applying an XML schema was a useful method for capturing this detail since it provided a basis for application of future tools in the analysis of these interfaces. This paper is a product of that original partitioning whitepaper. It describes the original motivation for the study, the details and application of the taxonomy, and a comparison of the original ideas in the whitepaper versus the actual partitioned OFP result