Safety Critical Products: GSTART

A product for statically provable & safe application development

GSTART—Green Hills Software’s Small Tasking Ada Run-Time product—is designed from the ground up to be certifiable to DO-178B Level A, the highest level within the FAA’s commercial avionics safety critical standard.

GSTART also supports the established safety critical Ravenscar Profile language subset. The Ravenscar Profile was intended to define a tasking model that supports determinism and schedulability analysis. Developed at the Eighth International Real-Time Ada Workshop in Ravenscar England, the Ravenscar Profile is also advocated in ISO/IEC JTC 1/SC22/WG9 draft standard ISO/IEC, DTR 15942: “Programming Languages Guide for the Use of the Ada Programming Language in High Integrity Systems.”

The Ravenscar Profile defines a safe language subset that includes tasking. Memory allocation is allowed, but only at program elaboration time to prevent memory creep by allowing allocation only once. Deallocation is disallowed since, without the ability to dynamically allocate new objects, it adds no value and simplifies run time system (RTS) requirements. Task rendezvous are disallowed but tasks can communicate via Ada 95 protected objects. This provides a deterministic tasking model. All task dispatching is handled in a FIFO manner with priority given to Ceiling Locking priority values. General exception handling is also disallowed in favor of a single global handler. This removes the non-determinism of general handlers while still supporting a graceful system shutdown should a runtime error occur.

Although use of the Ravenscar Profile removes some generally useful language features, the resulting program is likely simpler and easier to certify to safety critical standards. Removing these language features also allows the Ada Run Time System (RTS) to be simplified and optimized for this subset. Thus the GSTART RTS is smaller and faster than general purpose full Ada RTSes.

Available with INTEGRITY-178

GSTART is available as a bare machine Ada RTS or integrated with the INTEGRITY-178 partitioned RTOS. As a bare RTS, GSTART provides a small and fast multi-tasking single application execution environment. As a kernel within an INTEGRITY-178 partition the user has all the advantages of the bare model but now with the support of potentiallymultiple applications being able to run on the same single processor.

A complete safety critical line

Green Hills Software offers a complete safety critical product line that includes:

GMART, GSTART, and INTEGRITY-178 are available with full off-the-shelf DO-178B Level A certification material. All have formally passed DO-178B Level A multiple times as a part of avionics systems and thus are certified and not just certifiable.