High levels of complexity and real-time responsiveness rank high as priorities in military and avionics system designs. In the past, the solution for these demanding environments revolved around specialized software applications based on proprietary operating systems running on customized hardware. The problem with such approaches was low reusability and poor portability of software and system components.

Today, a move toward off-the-shelf solutions for both hardware and operating systems has fueled reusability and allowed for easier migration between different operating systems. In addition to increased usage of off-the-shelf hardware and operating systems, application portability has long-term implications for reuse and deployment longevity in these demanding environments. Application portability is directly linked to the selection and use of open-standard application programming interfaces (API) in military and avionics applications, and has important implications for the maintenance and reusability of embedded applications.

The POSIX (Portable Operating System Interface for UNIX) family of API standards has been integral in fostering development of complex applications for safety- and security-critical systems for military and avionics environments. With the availability of real-time operating systems (RTOS) that support the current version of POSIX, developers are gaining the ability to include ever more rich and complex functionality for the defense and airline industries of both today and the future. POSIX-based LynxOS software is used in a wide array of Navy Open Architecture programs including the DDG-1000 next-generation warship (Figure 1).

Without POSIX, there is no easy way to migrate embedded and Unix-compatible applications between different computer systems. Developers of military and avionics systems would not be able to take advantage of today’s powerful hardware and improvements in RTOS. POSIX has enabled these developers to continually innovate new solutions for their markets.

POSIX: A Flexible API

POSIX is a family of related standards governed by the Institute of Electrical and Electronics Engineers (IEEE) and maintained and evangelized by The Open Group. POSIX defines the API for software compatibility with the different flavors of UNIX. First released nearly 20 years ago, POSIX defines the specifications for the characteristics of operating systems, database management systems, data interchange, programming interface, networking and user interface. POSIX enables developers to write their applications for a single target environment in which they can port and run unchanged on a variety of systems that support the POSIX API.

The key value in the POSIX standard lies in its all-encompassing nature, which allows developers to move from one OS to another—and thus easily port applications to a new OS. This can have far-reaching implications in industries such as avionics, where applications that control certain aircraft operations may need to last a decade or more and execute on multiple operating systems and hardware environments in the future. POSIX allows an easy migration path from the non-embedded space to embedded, enabling applications developed on other UNIX platforms, such as Hewlett-Packard UX, Sun Solaris and others, to be deployed on an embedded RTOS.

The POSIX standards underwent a significant expansion and unification in the 21st century, to evolve into the new standard IEEE 1003.1-2004. This new edition provides a comprehensive set of API standards that allows for myriad applications to be developed using this rich API.

The POSIX committee has also developed the IEEE 1003.13-2003 (POSIX.13) standard for real-time profiles (Figure 2) and applications specifically targeted for embedded applications. This standard defines four real-time POSIX profiles: PSE 51: Minimal; PSE 52: Controller; PSE 53: Dedicated; and PSE 54: Multipurpose.

These four profiles specify increasing levels of complexity and functionality to satisfy the full spectrum of real-time applications that can be designed using POSIX. It also defines a strict API compatibility standard that requires each higher POSIX profile to be a superset of the lower profiles. This guarantees that POSIX applications written to the most minimal profile (PSE 51) will run even on the highest, multipurpose profile (PSE 54) on compatible operating systems.

These POSIX standards, along with other associated specifications, provide the framework for military and avionics applications with high levels of portability, reusability and maintainability.

POSIX Conformance vs. Compliance

The evaluation and selection of an operating system that supports POSIX standards is a key decision that determines the level of reuse and portability that can be designed into a system. POSIX “conformance” and “compliance” are two terms that have been used by vendors somewhat interchangeably to describe their POSIX compatibility. The difference between the two, however, is significant.

POSIX conformance indicates adherence to the standard without any deviation. A conforming implementation of this standard offers the highest level of API compatibility with the specification. POSIX compliance, however, offers a much weaker adherence to the standard. An implementation claiming POSIX compliance merely needs to disclose APIs that it supports—and the ones that it does not.

In evaluating an RTOS, real-time embedded developers first should make certain it holds POSIX conformance status to ensure that they can use an implementation that provides for strict adherence to the standard. A higher level of the standard exists when an RTOS’ conformance is approved by an accredited, independent certification organization. LynuxWorks’ LynxOS, for example, has been certified conformant to the POSIX standard, by one of the testing firms approved by The Open Group to conduct certification.

To be conformant with any POSIX standard, the conforming implementation must undergo independent certification using a third party (such as The Open Group) and obtain a POSIX conformance certification. The presence of this certification guarantees to the RTOS user a complete adherence to the POSIX standard by the operating system.

Special Standards for Military, Avionics

Some of the other companion standards that are prevalent in military and avionics systems provide additional insurance against proprietary lock-in and independence of certification. For example, in an effort to streamline operations and reduce costs, the U.S. military has initiated efforts such as the Navy’s Open Architecture initiative, which designates the use of open standards and open systems wherever possible. This has obvious implications for field operations—it is much quicker and cost-effective to swap out code from a malfunctioning computer to a new one than it is to rebuild the broken system out in the field.

Due to the catastrophic consequences of system failures, the military and avionics industries must adhere to the highest standards for safety, security and reliability. To be viable in these environments, an RTOS must adhere to at least one—but ideally all three—of the major security and safety standards set for military and avionics systems. These include ARINC 653, DO-178B and Common Criteria Evaluation Assurance Level (EAL). Table 1 lists a description of this set of standards.

With all these different requirements and certifications, it becomes vital for developers of military and avionics applications to retain portability and certifications when moving these applications between embedded systems. These complex systems comprise millions of lines of code and often take years to develop. It would be cost-prohibitive—not to mention time-prohibitive—to redesign or rewrite an application in order to capitalize on more powerful hardware.

Given the strict standards and requirements laid out for developers of military and avionics systems, the POSIX API fills a very urgent need. By employing the POSIX API in conjunction with these other standards, system developers can update hardware systems much more easily, even allowing applications developed years apart—or on different operating systems—to run on the same hardware, without having to recertify the system.

Strong Support for POSIX

Since its founding, LynuxWorks has been a strong supporter of open standards. The company was among the earliest supporters of POSIX, is a member of The Open Group, and is an active participant in the work to keep the standard current. While the benefits of POSIX outlined above show POSIX’s relevance and importance in military and avionics environments, it is not an industry-specific standard. POSIX plays a role in many leading technologies, including those from HP, IBM, NEC, Oracle and many others.

In the embedded space there are a number of options with varying levels of POSIX conformance. LynuxWorks products, such as LynxOS-178, LynxOS and LynxOS-SE—all with native POSIX support—offer developers the highest levels of POSIX compatibility and the ability to write their applications directly using the POSIX API. This provides a distinct advantage over other RTOSs that use POSIX as a layer on top of a proprietary API in the areas of performance optimization and compatibility.

As military and avionics systems become increasingly complex and interconnected, POSIX offers developers of military and avionics applications a flexible, rich API. The ability to migrate from one OS to another provides developers the ability to capitalize on today’s powerful hardware configuration—and can help retain the portability for the next-generation hardware configurations of tomorrow.

LynuxWorks
San Jose, CA.
(408) 979-3900.
[www.lynuxworks.com].