Safety Critical Products: GSTART

A complete safety critical line
GSTART definition
  • Task type and object declarations at the library level
  • No unchecked deallocation of protected & task objects
  • No dynamic allocation of task or protected objects
  • Tasks are assumed to be non-terminating
  • Library level protected objects with no entries (to ensure atomic updates to shared data)
  • No requeue
  • No Task Aborts or Asynchronous Transfer of Control
  • No rendezvous mechanism due to more efficient protected objects
  • Real-time package, no reliance on Calendar package
  • Atomic and volatile pragmas
  • 'Delay until' statements. Ada83 relative delays are not allowed
  • All priorities are static
  • Protected procedures as interrupt handlers

 Key customers           
  • Lockheed Martin
  • Boeing
  • Rockwell
  • Raytheon
  • BF Goodrich Aerospace
  • Alenia Aerospatiale
  • Project Details

Green Hills Software offers a complete safety critical product line that includes:

  • INTEGRITY-178B—a full time and memory-partitioned ARINC-653-1 real-time operating system (RTOS)
  • GMART—a safety critical minimal Ada run-time kernel
  • GSTART—a safety critical small-tasking Ada run-time
  • language support for C, C++ and Ada
  • a full set of safety critical testing tools

GMART, GSTART, and INTEGRITY-178B are available with full off-the-shelf DO-178B Level A certification material. All have formally passed DO-178B Level A multiple times as a part of avionics systems and thus are certified and not just certifiable.

A safe-tasking model that supports determinism & schedulability analysis

GSTART—Green Hills Software’s Small Tasking Ada Run-Time product—is designed from the ground up to be certifiable to DO-178B Level A, the highest level within the FAA’s commercial avionics safety critical standard.

GSTART also supports the established safety critical Ravenscar Profile language subset. The Ravenscar Profile was intended to define a tasking model that supports determinism and schedulability analysis. Developed at the Eighth International Real-Time Ada Workshop in Ravenscar England, the Ravenscar Profile is also advocated in ISO/IEC JTC 1/SC22/WG9 draft standard ISO/IEC, DTR 15942: “Programming Languages Guide for the Use of the Ada Programming Language in High Integrity Systems.”

The Ravenscar Profile defines a safe language subset that includes tasking. Memory allocation is allowed, but only at program elaboration time to prevent memory creep by allowing allocation only once. Deallocation is disallowed since, without the ability to dynamically allocate new objects, it adds no value and simplifies run time system (RTS) requirements. Task rendezvous are disallowed but tasks can communicate via Ada 95 protected objects. This provides a deterministic tasking model. All task dispatching is handled in a FIFO manner with priority given to Ceiling Locking priority values. General exception handling is also disallowed in favor of a single global handler. This removes the non-determinism of general handlers while still supporting a graceful system shutdown should a runtime error occur.

Although use of the Ravenscar Profile removes some generally useful language features, the resulting program is likely simpler and easier to certify to safety critical standards. Removing these language features also allows the Ada Run Time System (RTS) to be simplified and optimized for this subset. Thus the GSTART RTS is smaller and faster than general purpose full Ada RTSes.

Available with INTEGRITY-178B

GSTART is available as a bare machine Ada RTS or integrated with the INTEGRITY-178B partitioned RTOS. As a bare RTS, GSTART provides a small and fast multi-tasking single application execution environment. As a kernel within an INTEGRITY-178B partition the user has all the advantages of the bare model but now with the support of potentiallymultiple applications being able to run on the same single processor.

Safety Critical Products:

INTEGRITY - High Reliability RTOS Solution
INTEGRITY-178B - DO-178B Level A Safety Critical Certified RTOS
MULTI - Advanced Multi-Language Development Environment
AdaMULTI - Ada Enabled Advanced Multi-Language Development Environment
GMART - DO-178B Level A SPARK Compliant Safety Critical kernel
GSTART - DO-178B Level A Ravenscar Compliant Safety Critical kernel
G-Cover - DO-178B Level A Qualified Test Capability

© 1996-2017 Green Hills Software Trademark & Patent Notice