Incremental certification and Integrated Modular Avionics

When designing Integrated Modular Avionics (IMA) systems, the traditional design life cycle must be adapted and rearranged to allow multiple vendors to contribute not only to the systems design, but also to the safety case for the system. Simply using guidelines from the DO-178B and the ARINC 653 standards does not guarantee that one will be able to have multiple applications running at different safety criticality levels. One needs to be able to merge applications written by different vendors, reuse applications from previous projects, and integrate different safety requirements, while constructing a safety case for the overall IMA system. This, of course, must be done within a constrained budget that includes potential costs associated with changing program requirements. In order to achieve these goals, the design life cycle must be constructed in a way that allows for configuration and build partitioning of these applications, in parallel with the IMA platform itself and the overall systems integration. This paper investigates how the ARINC 653 standard can be used to provide this application and safety criticality level independence using guidelines from DO-178 and DO-297. It explores the use of qualified XML-based configuration tools, the emerging ARINC 653 Supplement 3 XML Schema design and shows the importance of configuration and build partitioning.