INTEGRITY-178 tuMP RTOS:

When the U.S. Navy wanted to extend the environments and missions in which Lithium-ion (Li-ion) batteries can be used safely, they turned to VTG in Chantilly, VA. When VTG needed the safest possible operating system for their battery management system (BMS), they selected the INTEGRITY-178 tuMP safety-critical real-time operating system (RTOS).

Li-ion batteries utilize flammable electrolytes that pose a risk of fire and explosion if the batteries get damaged through thermal abuse, physical abuse, or over-charging. The danger from Li-ion batteries increases with the capacity of the battery and the environment in which the battery is charged, stored, and used (discharged). Batteries used in military and aerospace applications can be more than double the capacity of electric automobiles. Confined spaces, such as aircraft, submarines, and surface ships, increase the impact of a Li-ion battery fire in terms of equipment damage, injury to personnel, and loss of life.

The CBMS consists of redundant Critical Battery Monitoring Unit and Interface Ethernet Converter pairs, each connected to the battery over Ethernet. A Critical Battery Management Computer oversees the charging process, which is when the greatest danger of a short circuit occurs. VTG selected the INTEGRITY-178 tuMP RTOS to run on the CBMS because it meets the highest level of design assurance (DAL A) as defined in RTCA/DO-178C, “Software Considerations in Airborne Systems and Equipment Certification.” INTEGRITY-178 tuMP runs on both the Critical Battery Monitoring Units and the Critical Battery Management Computer.

The redundant channels in the CBMS connect to the BMEs in the battery strings.