AdaCore publishes handbook on DO-178C/ED-12C guidance
AdaCore announced the publication and immediate availability of a free booklet, AdaCore Technologies for DO-178C / ED-12C. The booklet addresses the DO-178C / ED-12C standards suite – the “core” DO-178C / ED-12C standard and its technology supplements – and explains many of their more subtle aspects in the context of several different development scenarios. In so doing, the booklet provides insights into how the Ada and SPARK languages, combined with AdaCore’s products and services, can help customers develop and verify airborne software. Many of AdaCore’s tools have been qualified on safety-critical projects and have qualification material available; using a qualified tool can save considerable effort in demonstrating that various objectives in the DO-178C / ED-12C standards suite have been met.
The booklet approaches its subject matter from several angles. One chapter summarizes the Ada and SPARK languages and describes various AdaCore tools, many of which have been qualified or are qualifiable for safety-critical systems:
- The GNAT Pro Assurance development environment, including support for “sustained branches”, which allows customers to evolve their software on a stable but maintained version of the GNAT Pro environment;
- The CodePeer advanced static analysis tool for Ada, which can find subtle bugs and vulnerabilities both during development and retrospectively on existing codebases;
- Basic static analysis tools, including the GNATcheck code standard enforcer and the GNATstack tool for computing maximum stack usage;
- Dynamic analysis tools: GNATtest (a test harness generator), GNATemulator (a target emulator), and GNATcoverage (a code coverage analyzer at both the object and source levels, handling statement coverage, decision coverage, and modified condition/decision coverage);
- Integrated Development Environments: GNAT Programming Studio, GNAtbench, and GNATdashboard; and
- The QGen model-based development and verification toolset, which includes a tunable and qualifiable code generator from a safe subset of Simulink and Stateflow models to SPARK or MISRA-C.
A major section of the booklet is a chapter that shows how to exploit AdaCore’s technologies to comply with the guidance in the DO-178C / ED-12C suite, in the context of several development scenarios (use cases):
- Coding with Ada 2012 without using Object-Oriented Technology. This use case shows how AdaCore’s products and services contribute to the activities in the core DO-178C / ED-12C standard.
- Coding with Ada 2012 and using OOT. This use case takes into account the guidance in DO-332 / ED-217 (Object-Oriented Technologies and Related Techniques), in particular the objective of Local Type Consistency.
- Developing a design model and using a qualified code generator (QGen). This use case takes into account the guidance in DO-331 / ED-218 (Model-Based Development and Verification).
- Using SPARK and formal analysis. This use case takes into account DO-333 / ED-216 (Formal Methods) and explains how to gain credit for formal proofs to reduce or eliminate testing activities.
For each use case, the booklet explains which AdaCore technologies are applicable, and which activities in the DO-178C / ED-212 suite they contribute to. The booklet also includes a set of reference tables that summarize how the various AdaCore technologies help satisfy the specific objectives in the DO-178C / ED-12C suite.