An approach for verification of ARINC 653 time partitioning concept

The ARINC 653 specification defines standardized interfaces between a partitioning Real-Time Operating System (RTOS) and application programs that implement the safety-critical and avionics systems. ARINC 653 requires spatial and temporal isolation between independent executing avionics applications, a.k.a. partitions. Temporal partitioning ensures that each partition is executed by the processor only within its predefined execution interval. ARINC 653 Part 3 Conformity Test Specification specifies test procedures for validation of ARINC 653 Part 1 (Required Services Specification). However, this specification does not define any procedure on how to verify the temporal partitioning. This paper describes a validation framework to measure partition jitter at runtime and verify whether a partition ever exceeds its predefined execution time. We define test cases that can quite likely cause temporal violation and by using this framework with the test cases, we experimentally verify temporal partitioning on an ARINC 653 compliant COTS RTOS.