Ever wonder what the folks who design flight control systems worry about? I can't say I ever do, but I did gain some insight into their concerns when I stumbled across a recent article from the "Proceedings of the International Multiconference on Computer Science and Information Technology." The article focuses on choosing a new OS for the avionics system on an ultralight jet aircraft. But here's the twist: The avionics system was already using Linux, which, according to the article, "worked without problems." So why did the system designers want to migrate to another OS?
Because in this system, all device drivers have to be certified and "very safe." The problem with Linux, the authors say, is that device drivers run within the same address space as the OS kernel. As a result, it is difficult to ensure that the drivers won't corrupt the kernel and crash the system. In the immortal words of the avionics columnist Walter Shawlee, "pilots really hate to be told they have to reboot their plane while in flight.”
The system also had to deliver smooth frame rates on the LCD display and, not surprisingly, meet hard deadlines.
Given these requirements, the designers decided to opt for a microkernel OS, specifically the QNX Neutrino RTOS. In a microkernel architecture, each OS subsystem (network stack, file system, etc.) has a private address space similar to conventional user-space applications. To quote the article, this approach offers "complete memory protection, not only for user applications, but also for OS components." It also provides "maximum modularity and relies on robust message passing schema."
Taking advantage of this architecture, the system designers created a modular design that comprises five basic process groups:SCADA — Continuously monitors and displays avionic values.
Communication — Uses the CAN protocol and CAN device drivers; each hardware device is a CAN node.
I/O device control — Uses a GPIO driver for pin-state monitoring.
Audio — Handles voice transmittal as well as the audio warning system.
Motor control — Responsible for everything connected with plane control.
For the full story, click here.
No comments:
Post a Comment