Avoiding a big freeze in safety-critical technology: the Open-DO initiative

By Matteo Bordin and Nicolas Setton, AdaCore

Open-DO is an initiative to address the problems of technologies settling into a big freeze condition, which particularly affect avionics and safety-critical systems, through an open and collaborative approach.

Imagine the following scenarios, which easily could have occurred. Fifteen years ago, a prime contractor in the avionics domain invested a significant amount of resources to develop a certified ARINC-653 partitioned operating system (OS) perfectly suited for its needs. Five years later, one if its subcontractors chose a commercial modelling tool to design and verify a critical part of the control system for a next generation aircraft. Fast forward to the present: the ARINC-653 operating system has been successfully deployed on several aircraft. However, due to the extremely high cost of renewing certification, recent versions of the OS adding new features or fixing bugs cannot be deployed. Unfortunately, the previously-certified release of the OS does not fit the user needs anymore; the prime contractor is forced to drop its OS in favour of an alternative solution, throwing away years…