The reality of the Army INTEGRITY-178 tuMP RTOS selection and DO-178
Green Hills Software News & Press Release
"Green Hills Software (GHS) Delivers Proven Multicore
Architecture for Safety Certification"
Tooting all the horns, beating all the drums Green Hill Software announces that the Army has selected their INTEGRITY-178 tuMP RTOS for the Improved Data Modem.
So what does all this hoopla mean? Lets discuss DO-178 Software Considerations in Airborne Systems and Equipment Certification first. Pedigree means NOTHING in DO-178 certification! There is NO pre-certified stand alone DO-178 software. Certification is ALWAYS to a system. It may have been certified before (which GHS is bragging about) but it was certified for a specific system and EVERYTIME you install the software on a different system the system has to go completely through the DO-178 process to be certified to DO-178 and once again to repeat, the certification is only good for the system it was certified on. A key point - GHS is calling this a "safety certification." This safety certification most likely DOES NOT include certification of the Improved Data Modem to DO-178. Nothing against GHS who is just selling their RTOS to the Army who "Certifies" airworthiness by their rules which does not require software compliance to DO-178 (isn't mentioned ANYWHERE in army regulation - Duh). If you check postings on this blog the Army position is NO we don't have to meet DO-178 in their first response. The second response (posted) they did not even state they do not have to meet DO-178 (completely ignoring it?) but do state they do not have to meet DO-254. Their response changes. First time saying NO and the second time ignoring it completely. As stated the Army does not certify to DO-178. In any case, as pointed out in this blog all the necessary data required for DO-178 certification is not purchased by the Army on the contract anyway. You have to be aware that no matter how many past certifications the software has gone through in the past it has to go through a completely new and full certification to DO-178. This would have to be carried out on the new system to be declared DO-178 compliant, and once again ONLY on that system. The Application software (AS) that runs on the OS would also have to be certified too.
Why Not? The Army writes its own regulations [it's good to be King] and doesn't include technical requires because.... it doesn't want to have to adhere to them. The main point is putting the software on a system and NOT certifying to DO-178 renders all this hoopla totally meaningless. If a contractor (e.g. Boeing or Airbus) selected this RTOS for commercial use they would have to certify the system to DO-178 yet the Army can and does ignore DO-178 certification of Army systems.... because it can. It writes it's own rules so DO-178 is not stated in Army regulation.
Issues do exists with GHS boastful release
itself. As an example:"
INTEGRITY-178 tuMP RTOS can run more applications than previous software because
it is DO-178C
You have to be aware that no matter how many past
certifications the software has gone through it has to go thought a completely
So are we clear, DO-178 certification of software is only valid for the target system the certification occurred on. Different system then a new complete DO-178 certification is necessary to state that the RTOS and the Applications Software running on the ROTS is DO-178 certified.
The Army not certifying the system to DO-178 negate the "goodness" claimed by GHS which could possibly impact safety and airworthiness.
The reality is that none of this hoopla means anything because the Army doesn't meet DO-178 as stated by the Army itself. PERIOD.
Comments
Post a Comment