In modern avionics systems, partitioning operating systems are being used to meet stringent safety- and mission-critical requirements especially where predictability is of concern. Specifically, partitioning operating systems used in avionics systems are designed to separate safety related functions from other functions, so that an action in a non-safety related function will not cause a failure of a safety related function. Generally, in a typical partitioning operating system, memory is divided into a plurality of statically allocated partitions. Each partition is permanently limited to its initial fixed memory and time allocation. Thus, a partitioning operating system enables a single processor to function as if it is multiple processors, by isolating the subsystems or processes within the different partitions involved.
Aeronautical Radio Inc. (ARINC) is an international aviation industry organization that sponsors industry committees and participates in related industry activities that contribute to flight safety and efficiency. The Airlines Electronic Engineering Committee (AEEC) is an international standards organization (sponsored by ARINC) composed of major airline operators and other airspace users, which establishes consensus-based, voluntary functional and interface standards published by ARINC (known as ARINC Standards). ARINC Standards provide specifications for avionics equipment and systems used by thousands of commercial aircraft world-wide.
ARINC-653 is a general purpose specification for a hardware-partitioned Application/Executive (APEX) interface for avionics computers' operating systems and application software. ARINC-653 was defined to create an aviation industry standard for a time and space partitioning operating system. The specification includes interface requirements and a list of services that enable the application software to control the scheduling, communication and status information of its internal processing elements. Notably, ARINC-653 provides an APEX interface for avionics systems that may be used wherever multiple applications are required to share a single processor and memory, and also provides a guarantee that a failure of one application will not cause another application to fail. Thus, each partition in an ARINC-653 system represents a separate application and utilizes the memory space allocated to it (e.g., space partitioning). Also, the APEX interface allots a dedicated time slice to each partition (e.g., time partitioning).
Notwithstanding the numerous advantages of ARINC-653, a significant problem arises in attempting to meet the basic requirements of the specification. Specifically, each ARINC-653 operating system is capable of hosting multiple partitions on a shared processing resource within a safety-critical avionics environment. In that regard, the specification requires that each partition be isolated from the others, by dedicating a static allocation of memory space and execution time to each partition. The system integrator specifies this static allocation of memory space and execution time for each partition when the system is initially configured. Thus, ARINC-653 requires that a scheduling timeline be statically generated that allocates processor time to each hosted partition. In generating this timeline, the technique used has to support multiple partitions with various frame times, and also minimize the number of context switches between partitions. However, the problem in attempting to meet these requirements of ARINC-653 is that the specification provides no algorithm or guidance for generating the static allocation scheduling timeline. Therefore, it would be advantageous to provide a method and system for generating a static allocation scheduling timeline for a plurality of partitions that meets, among other things, the above-described requirements of the ARINC-653 specification, and also minimizes the number of context switches between partitions. As described in detail below, the present invention provides such a method and system, which resolves the above-described problem and other similar problems.