T 50 avionics embedded software development using java

ISET 2011 - The 6th International Symposium on Embedded Technology (May 20-21, 2011)

T-50 Avionics Embedded Software
Development using Java

Warning: This material may contain defense sensitive data, competitive and sensitive trade secret or technical
information of KAI proprietary rights. The use (to provide, disclose, reproduce or copy to the third person/party) of this
material without the prior approval of KAI is strictly prohibited in accordance with the related laws and regulations.

Overview
• The Flagship Project
− Core Software
• Why Java?
− C/C++ Experience in Other Projects
• Pointer Problems
− Java Pros and Cons
• Real-time Java
• Language Selection
• Development
− OFP Layers
− Speed & Size Issues
− Optimizations
• Points to Ponder
Korea Aerospace Industries Proprietary Information 2

The Flagship Project
• Total systems development
− Core software: FC, MFDS, IUFC, HUD, and SMS
− Core avionics hardware: KMC, SMC
− Test bench, and Mission support system
Avionics Embedded System Verification
Software Development Test Bench Development
- FC
- System Integration Laboratory
- MFDS - Software Development Station
- IUFC by AMC
- HUD by DoDaam Systems
Operation & Maintenance
RTOS Certification Ground Support System
- NEOS by MDS Technology
(DO-178B Level A Certifiable) - MPSS by KIDA

Hardware Development
- KMC by Intellics
KMC: Korea Mission Computer
- SMC by DoDaam Systems
FC: Fire Control MFDS: Multi-Function Display Set
HUD: Head Up Display MPSS: Mission Planning and Support System
IUFC: Integrated Up Front Controls SMC: Stores Management Computer
KIDA: Korea Institute for Defense Analysis SMS: Stores Management System


Core Software
• Software (OFP) developed from scratch with
enhanced capabilities compared to initial T-50 OFPs
− 6 independent 5x7 MFD pages (3 for each seat)
− Embedded Training functions

Aerial Gunnary Target Simulation

MFD: Multi-Function Display
OFP: Operational Flight Program


Core Software
• Central to Systems integration & mission operations
Aircraft & Weapon Pilot Interface
Specific Characteristics

Static & Pilot
Dynamic Control &
Parameters Command

Control Core Software Mission/Flight
Commands Flight Mission & Stores Information
Control Displays Mgmt

Secondary, Tertiary Software Vehicle
Nav. Aids Management
Communication Targeting

Avionic Systems


Why Java?
• Avionics Needs An Empirical Study of Programming Language Trends, IEEE Software, 2005
30

− Safety (DO-178) 25
Java

Percent of respondents
C
− Long lifecycle support 20

15
C++

• Language Trends
10 Ada
C++
5 Ada

− F-16: Jovial 0
Java
C

1993 1998 2003 2008
− F-22: Ada Year

− F-35: C++ TIOBE Programming Community Index, www.tiobe.com, 2011

− T-50: C/C++ 25
Java

Percent search hits
20 Java
C

15 C
• Evolution of Java
C++
C++
10

− Real-time Java (JSR-1) 5

− Safety Critical Java (JSR-302) 0
2002 2005 2008 2011
Year
JSR: Java Specification Request


C/C++ Experience in Other Projects
• C/C++ demands high alertness and workload
− Resource management : new/delete, open/close, lock/unlock
• For C++, RAII helps but not without attention to copy constructors
and copy assignment operators (The Rule of Three)
− Exception handling: assert was used instead for debugging
− Pointers: cannot live without but usually the culprit of most of
the troubles
− Many other do’s and don’ts

• Lessons learned from prior projects including T-50 went
into KUH
− Coding guidelines became Coding Standards
− Peer review prerequisites are enforced with automated tools
• LDRA coding rule checking and PolySpace static verification
KUH: Korea Utility Helicopter
RAII: Resource Acquisition is Initialization


Pointer Problems
• Problems such as an example shown below would
easily be identified by a static analysis tool
− An example of one of the problems
• extract_data outputs an address of a data block to MESSAGE_DATA
• sidd_write_link uses MESSAGE_DATA to transmit the data block

// doubleTrouble.c

typedef void* Data_Pointer_Type; Would read better if named:
Data_Pointer_Type MESSAGE_DATA; MESSAGE_DATA_PTR

void extract_data(Data_Pointer_Type* MSG_DATA_PTR,...);
void write_link(Data_List_Type* DATA_LIST,...);

Should be a reference: :
&MESSAGE_DATA : Should not dereference:
(MESSAGE_DATA)
extract_data(MESSAGE_DATA,...); Casting not needed
...
write_link((Data_List_Type *)(*(unsigned int*)MESSAGE_DATA),...


Java Pros and Cons
• Lessons learned from prior projects also led to
considering Java
− Boosted by the presence of OOTiA and RTSJ (2004)

• Pros
− C/C++ like syntax : easier transition to the new language
− No pointers, No header files
− Safer and more secure

• Cons
− Garbage Collection
− Big JamaicaVM caught our attention so it
was evaluated
− Slow
OOTiA: Object Oriented Technology in Aviation
RTSJ: Real-time Specification for Java


Real-time Java
• JSR-1 RTSJ adds features that are immune to GC
− Memory models and regions that are not subject to GC
− Real-time threads that are not preemptible by GC

From aicas technology brief

GC: Garbage Collection
JSR: Java Specification Request


Real-time Java
• JamaicaVM from aicas
− Implements Work-Based GC which runs when and where
memory allocation occurs
− Also implements RTSJ but having deterministic GC enables
real-time programming easier

From aicas technology brief

GC: Garbage Collection


Language Selection
• Performance Evaluation
− Test program
• Existing in-house tool written in C
was converted to Java
• The tool was a weapon delivery
accuracy analysis software based
on actual ballistics algorithm

− Target Environment
• OS: VxWorks 5.5.1, BSP 1.2/1.10
• CPU: SBS CK5 MPC 7447A 999MHz
• RAM: 512MB

− Some optimizations were done with profiling and adjusting
compile options to get the best possible results
BSP: Board Support Package


Language Selection
• Results
C Java
Speed (msec) 1.43 2.8 Java is 1.98 times slower
Java includes JVM which is
File Size 157KB 4MB
3~4MB depending on packages

• Conclusion
− Target CPU speed (1.6 GHz) and large memory size (1 GB)
were thought to be sufficient enough to run Java
applications

• JamaicaVM was selected for the development of the
Flagship Project


Development
• Development Environment
− Models containing code are put under configuration control

Requirements : DOORS
Version Control : PVCS

Ground Test /
Rhapsody
Flight Test

Eclipse STE & SIL

JamaicaVM

EMMA /
VeriFlux
CodeCover

GUI : GL Studio - evaluated but not integrated with the process, yet

SIL: System Integration Laboratory
STE: Software Test Equipment


OFP Layers
• JVM’s platform independence enables modular
development
− Success story : One day integration of JVM and HUD OFP
JVM provided portability Self (KAI) provided portability
T-50 Java Applications (OFP) KUH C++ Applications (OFP)

FC HUD MFDS IUFC SMM PFD MFDS CDU
KAI Works

JNI JOGL KAI API KAI OpenGL
Framework
Real-time JVM based on
Vendor Rhapsody OXF
Device Works Device (OS Services)
OpenGL SC
Drivers Drivers

OS* OS*

* OS : VxWorks, NEOS, Windows * OS : VxWorks, Windows
CDU: Control & Display Unit JNI: Java Native Interface JOGL: Java OpenGL JVM: Java Virtual Machine
KUH: Korea Utility Helicopter OXF: Object Execution Framework PFD: Primary Flight Display SC: Safety Critical
SMM: System Mission Management


Speed & Size Issues
• OFP is designed with 50Hz rate groups
− Each rate group should complete well within 20msec

• Initially, it took almost 40msec for a FC OFP rate
group to complete which was double the time limit
− One of the reasons was data I/O utilizing JNI, especially
MIL-STD-1553 due to its tight coupling with the OFP
− The other reasons were compile options

• HUD and MFDS were also suffered
− HUD requires many JNI calls to present cursive graphic
objects on the display
− MFDS initially had a size of over 300MB before optimization


Optimizations
• Took a few months to optimize
− Compile/build options including
• Tradeoff between profiled interpreter code vs compiled code
• Static binding for virtual calls (no dynamic class loading), etc.
− JNI
• Reducing the number of JNI calls
• Reducing run-time creation of temporary data buffers
− Some design considerations
• Making final and static where applicable e.g. constants
• Reducing the number of threads

• Overall efforts brought down the speed to within
20msec, and the size from over 80MB to 50MB and
then to 30MB in case of FC OFP

Points to Ponder
• JNI
− With some care, it is a nice solution for hardware interfaces
− Alternatives may be considered e.g. CORBA, XML
• But are they DO-178 compliant?

• Sound practice is needed regardless of languages
− Programming idioms such as LSP, and
− Design & Coding standards enforcing them, and
− Review processes with support from automated tools

• But within the same rules, Java eases much of a
burden off the programmer
− Enables spending more time on design, or having a longer
coffee break LSP: Liskov Substitution Principle


Points to Ponder
• DO-178C and supplement documents are due by the
end of 2011
− After 7 years of preparation since OOTiA handbook in 2004
− Will enable the use of real-time Java Technology with
deterministic garbage collection in critical avionics software

• Open source, cost effective tools and environments
− One such case is TOPCASED
• Eclipse based systems/software development environment
promoting model-driven development and formal methods

• Java is a good language of choice for safety-critical,
hard real-time embedded software development
DO-178C: Safety Considerations in Airborne Systems and Equipment Certification
OOTiA: Object Oriented Technology in Aviation
TOPCASED: The Open-Source Toolkit for Critical Systems


Thank you
Bang, Keugyeol 방극열
Principal Research Engineer 수석연구원
Avionics Advanced R&D Team 항전선행연구팀
bkyeol@koreaaero.com 010-9048-0828


Acronyms

Air-BEST Air-borne Embedded System and Technologies MIL-STD Military Standard
API Application Program Interface MPSS Mission Planning and Support System
ARINC Aeronautical Radio Incorporated OFP Operational Flight Program
BSP Board Support Package OOTiA Object Oriented Technology in Aviation, FAA
CDU Control and Display Unit OpenCL Open Computing Language
FAA Federal Aviation Administration OpenGL Open Graphics Library
FC Fire Control OS Operating System
GC Garbage Collection OXF Object Execution Framework
HUD Head Up Display PDR Preliminary Design Review
IUFC Integrated Up Front Controls PFD Primary Flight Display
JNI Java Native Interface RAII Resource Acquisition Is Initialization
JOGL Java OpenGL RTOS Real-time Operating System
JSR Java Specification Request RTSJ Real-time Specification for Java
JVM Java Virtual Machine SC Safety Critical
KAI Korea Aerospace Industries, Ltd. SIL System Integration Laboratory
KIDA Korea Institute for Defense Analysis SMC Stores Management Computer
KUH Korea Utility Helicopter SMM System Mission Management
KMC Korea Mission Computer SMS Stores Management System
LSP Liskov Substitution Principle STE Software Test Equipment
MFDS Multi-function Display Set UFC Up-front Controls


T 50 avionics embedded software development using java

Recomendados

Recomendados

Mais conteúdo relacionado

Mais procurados

Mais procurados (20)

Destaque

Destaque (20)

Semelhante a T 50 avionics embedded software development using java

Semelhante a T 50 avionics embedded software development using java (20)

Último

Último (20)

T 50 avionics embedded software development using java