DornerWorks

Taming Interrupts: Deterministic Asynchronicity in an ARINC 653 Environment

Taming Interrupts: Deterministic Asynchronicity in an ARINC 653 Environment

Interrupts are forbidden in ARINC 653 partitioned environments – or so it appears. In this paper we will examine that prohibition and explore a means of using interrupts in a system while maintaining deterministic behavior.

We begin with an overview of the benefits and costs of Integrated Modular Avionics (IMA), along with a review of associated standards. Next, we look at interrupt-driven Input/Output (I/O) handling, which is considered best practice, except in ARINC 653 systems. Because DO-248 requires deterministic behavior as a fundamental system property necessary to certify safety, most IMA system designers avoid interrupts, presuming that such asynchronous events introduce non-determinism and cause interpartition interference.

We conclude with a description of our initial implementation of this innovation within a customized version of the Xen hypervisor.

Topics covered in this paper:

  • Standards
  • Certification
  • Aerospace electronics
  • ARINC 653 environment software development
  • And more…

 
This paper is hosted by IEEE.org, the world’s largest technical professional organization dedicated to advancing technology for the benefit of humanity. Click the button below to find the work.
 
Read The Paper


Author

Steve VanderLeestSteve VanderLeest
Steve is DornerWorks former COO, a multi-talented technical expert and entrepreneur with proven expertise in engineering design and processes. Steve has experience in both industry and academia, having been a professor of engineering at Calvin College for many years. He has published dozens of papers on a variety of technology-related topics.