Rapid Modular Software Integration (RMSI) Larry Lavender Overview Rapid Modular Software Integration (RMSI) Overview Future Airborne Compatibility Environment (FACE) Analog Computer Rehost Integration of Modular Components Demonstration Setup Results RMSI Overview An Air Force Research Labs (ARFL) funded initiative to demonstrate software compartmentalization using FACE/ARINC 653 Integrated Off-The-Shelf (OTS) processor and OTS signal data converter into A-10C System Integration Laboratory Rehosted flight critical Alpha Mach Computer into common hardware with OTS moving map application and bad actor test software Created specifications for new A-10C FACE based components to support sustainment goals Rehost of obsolete analog avionics Plug and play small software apps Reduce software integration and test Improved fault tolerance Successfully Demonstrated FACE based software compartmentalization provides a modular approach for new development and sustainment App like approach allows software module reuse and commonality across platforms Major segments are time and space partitioned to ensure safe non-interfering operation Reduces sustainment and development costs Shortens software regression test cycles FACE TM Analog Computer Rehost Rehosted A-10C Alpha Mach Computer (AMC)* Part of the secondary flight control system Receives air pressure and lift data Operates leading edge slats to improve high angle of attack airflow to engines Provides peak performance and stall warning tones to pilot New system runs entirely in FACE based software architecture Defined A-10C Integrated Functions System (AIFS), a new subsystem AIFS provides an infrastructure for processing capability and analog signal data for FACE conformant software modules on the A-10C *Technical Description Source: Chase, B. (2015, March/April). Portable Automated Test Station: Using Engineering-Design Partnerships to Replace Obsolete Test Systems. CrossTalk, pp. 4-7. Integration of Modular Components Integrated OTS modular components to demonstrate interoperability of custom software with existing software from vendors Added primary flight display to demonstrate possible solution to legacy gauge sustainment in a safety critical software environment OTS moving map component demonstrated enhanced situational awareness capabilities and support for new or enhanced software capabilities of AIFS Demonstration Setup Lab demonstration utilized existing A-10C System Integration Lab (SIL) at Lockheed Martin Owego, NY Mixture of real and simulated hardware ensured aircraft representative operation Added bad actor components to demonstrate modularity Tested each component Primary flight display AMC rehost Moving map Bad actor Flight Manual Schedule Aircraft Simulation Environment A/C: Aircraft CADC: Central Air Data Computer EGI: Embedded Global Positioning System Inertial Navigation System Representative block diagram Demo Characteristics Mix of real & simulated signals using real & simulated devices Real hardware & signals assured demonstration system operated properly within aircraft architecture Simulated hardware & signals provided ability to: Define and execute repeatable scenarios Avoid tolerance variations in analog equipment (used nominal performance as baseline) Used Bus Monitor mode to avoid cracking existing OFPs Lacked resources to temporarily modify operational software on various devices involved in test (bus controller, backup bus controller, data sources) Identified existing messages containing necessary data Implemented demonstration software behaviors to ensure data validity Implemented fault behaviors and fault recovery behaviors Mitigated timing drift issues due to lack of message synchronization in monitor mode Bad Actor Scenarios Bad actor designed to maliciously consume time & memory Two Bad Actor scenarios defined Sharing partition with moving map Separate partition Shared partition scenario Intended to show effect of malfunctioning software Moving map consistently hung and/or crashed Alpha Mach operated with no visible impact Separate partition scenario Intended to show isolation benefits Moving map operated with no visible impact Alpha Mach operated with no visible impact VxWorks 653 Operating System Portable Components Alpha Mach Portable Components Avionics Display Program (ADP) Moving Map Bad Actor Portable Components Transport Services Platform-Specific Services I/O Services VxWorks 653 Operating System Portable Components Alpha Mach Portable Components Avionics Display Program (ADP) Moving Map Portable Components Bad Actor Transport Services Platform-Specific Services I/O Services Demo Observations Timing considerations At single function level Must provide sufficient time to complete function processing (may be variable) Must ensure revisit interval supports function response requirements At system level Must ensure master schedule satisfies time & revisit requirements for each function (definition of minor frames and major frame) End-to-end timing must accommodate time for sensor ingest, digitization into messages, data transmission, processing, response transmission, command implementation Sensor Data Converter Input Processor Control Data Converter Output Program Observations Reinforced the proof-of-concept of FACE for legacy platform support & sustainment Provides flexible update path for older platforms Existing capabilities can be more easily updated New capabilities can be introduced End-of-life components can be replaced for maintainability Qualified off-the-shelf components can provide a range of capabilities as well as: Shorten lead time & development costs Increase options for replacement components Growth considerations Can provide incremental expandability from initial deployment Software functions - Could initially reserve partitions for future capabilities Hardware May employ expansion slots or introduce new units integrated via various communications options (e.g., 1553, E-1553, Ethernet, etc.) Program Results Summary Successful demonstration. All components provided expected results. OTS components successfully executed in A-10C environment AMC software met or exceeded performance of legacy hardware Bad actor software did not compromise integrity of safety critical items Potential Way Forward: Install AIFS on test jet to demonstrate system in operational environment Rehost additional analog components into software Integrate AIFS with A-10C sustainment roadmap for legacy systems NOTE Program products included an A-10C FACE Way Forward Report Key takeaways: FACE provides significant advantages to platform sustainment RMSI work can transition to platforms other than A-10C Modularized, open architecture software allows multiple vendors to provide components with minimal interoperability concerns Future systems benefit from a FACE based approach in terms of additional safety, reduced lifecycle costs and increased commonality Questions?