Ada: Let's Hear for the Tried and Trusted

Years ago, I was talking with engineers at a company that had just come out with a new pacemaker for hearts and I asked them what CPU they were using. The answer, of course, was a "duh" moment for me.

It turns out that the processor was the venerable 6502, used in Apple II era PCs and more recently embedded systems. With all the new technology available, why the 6502? The answer was as obvious as my "duh" -- because, they said, there are no surprises with the 6502. Everything that needs to be known about it is known, included the bugs. Would you really want a new, hot-shot CPU with unknown bugs making decisions for your pacemaker?

You could say the same about airplanes. Do you really want to fly on the first commercial airlines that operates under Windows Vista with code written in C#? Okay, that's a stretch, but you get the idea.

Which is why, of course, software for the first flight of the the C-130 Avionics Modernization Program (AMP) aircraft was based on Ada and operating system on WindRivers RTOS. Both are known quantities.

The C-130's new avionics system features digital displays and the 737 commercial airliner's proven flight management system, which provide navigation, safety, and communication improvements to meet Communication Navigation Surveillance/Air Traffic Management (CNS/ATM) requirements. The U.S. Air Force initiated the C-130 AMP program to reduce the number of C-130 configurations in the fleet, including highly specialized versions in service with the Air Force Special Operations Command.

The C-130 AMP’s Mission Processor (MP) provides primary computing capability for the cockpit display generation, and extensive video processing, which supports the manipulation and distribution of new and legacy video sources to all aircraft displays. The U.S. Air Force initiated the C-130 AMP to standardize configurations, lower the cost of ownership, and increase survivability of its aging C-130 aircraft.

The MP’s infrastructure software is a combination of Wind River’s Platform for Safety Critical ARINC-653 real-time commercial operating system and development tools, AdaCore’s GNAT Pro Ada 95 compiler and development environment for PSC ARINC-653 (including GPS), and Smiths Aerospace’s infrastructure software. The Software Common Operating Environment (SCOE) delivery provides the C-130 AMP team with an ARINC-653 software partitioned operating system, as well as a full set of "partitioning aware" tools to support software development and debug for the PowerPC.

As part of the Smiths Aerospace contract, AdaCore ported the compiler, tools and run-time libraries to work with PSC ARINC-653. AdaCore also provided an Ada binding to the ARINC-653 APEX facilities for partitioned operating systems, as provided in PSC ARINC-653. New debugging modes were supported as well. The company developed an Ada run-time library certifiable to avionics safety standard DO-178B Level A, and worked with Verocel to develop certification evidence for it.

"The MP project is a perfect illustration of how mission-critical aerospace systems should be architected," said Robert Dewar, CEO of AdaCore. "Turnkey avionics configurations, like the SCOE, facilitate the integration of future upgrades and minimize the impact of obsolescence."

Yes, but what are the on-flight meals like? And is this what I'll be flying in on my upcoming trip to India?

Posted by Jon Erickson at 06:07 PM  Permalink