Your browser does not support JavaScript! Skip to main content
Free 30-day trial Customer portal Careers DO-178C Handbook RapiCoupling Preview DO-178C Multicore Training
Rapita Systems
 

Industry leading verification tools & services

Rapita Verification Suite (RVS)

  RapiTest - Unit/system testing  RapiCover - Structural coverage analysis  RapiTime - Timing analysis (inc. WCET)  RapiTask - Scheduling visualization  RapiCoverZero - Zero footprint coverage analysis  RapiTimeZero - Zero footprint timing analysis  RapiTaskZero - Zero footprint scheduling analysis  RapiCouplingPreview - DCCC analysis

Multicore Verification

  MACH178  MACH178 Foundations  Multicore Timing Solution  RapiDaemons

Engineering Services

  V&V Services  Data Coupling & Control Coupling  Object code verification  Qualification  Training  Consultancy  Tool Integration  Support

Industries

  Civil Aviation (DO-178C)   Automotive (ISO 26262)   Military & Defense   Space

Other

RTBx Mx-Suite Software licensing Product life cycle policy RVS Assurance issue policy RVS development roadmap

Latest from Rapita HQ

Latest news

Magline joins Rapita Trailblazer Partnership Program to support DO-178 Certification
Eve Air Mobility joins Rapita Systems Trailblazer Partnership Program for eVTOL projects
Rapita Systems launches MACH178 Foundations for multicore DO-178C compliance
Collins Aerospace and Rapita present award winning paper at DASC 2024
View News

Latest from the Rapita blog

Data Coupling Basics in DO-178C
Control Coupling Basics in DO-178C
Components in Data Coupling and Control Coupling
The ‘A’ Team comes to the rescue of code coverage analysis
View Blog

Latest discovery pages

control_tower DO-278A Guidance: Introduction to RTCA DO-278 approval
Picture of a car ISO 26262
DCCC Image Data Coupling & Control Coupling
Additional Coe verification thumb Verifying additional code for DO-178C
View Discovery pages

Upcoming events

DO-178C Multicore In-person Training (Fort Worth, TX)
2025-04-15
DO-178C Multicore In-person Training (Toulouse)
2025-11-04
View Events

Technical resources for industry professionals

Latest White papers

Mitigation of interference in multicore processors for A(M)C 20-193
Sysgo WP
Developing DO-178C and ED-12C-certifiable multicore software
DO178C Handbook
Efficient Verification Through the DO-178C Life Cycle
View White papers

Latest Videos

Streamlined AMC 20-193 compliance with MACH178 Foundations
Streamlined software verification with RVS 3.21
Integrating & verifying time-critical applications on multicore platforms - Rapita & Asterios Technologies
A(M)C 20-193 vs AA-22-01 Webinar
View Videos

Latest Case studies

GMV case study front cover
GMV verify ISO26262 automotive software with RVS
Kappa: Verifying Airborne Video Systems for Air-to-Air Refueling using RVS
Supporting DanLaw with unit testing and code coverage analysis for automotive software
View Case studies

Other Downloads

 Webinars

 Brochures

 Product briefs

 Technical notes

 Research projects

Discover Rapita

Who we are

The company menu

  • About us
  • Customers
  • Distributors
  • Locations
  • Partners
  • Research projects
  • Contact us

US office

+1 248-957-9801
info@rapitasystems.com
Rapita Systems, Inc.
41131 Vincenti Ct.
Novi
MI 48375
USA

UK office

+44 (0)1904 413945
info@rapitasystems.com
Rapita Systems Ltd.
Atlas House
Osbaldwick Link Road
York, YO10 3JB
UK

Spain office

+34 93 351 02 05
info@rapitasystems.com
Rapita Systems S.L.
Parc UPC, Edificio K2M
c/ Jordi Girona, 1-3
Barcelona 08034
Spain

Working at Rapita

Careers

Careers menu

  • Current opportunities & application process
  • Working at Rapita
Back to Top Contact Us

DO-178B Level A Embraer FCS

Breadcrumb

  1. Home

DO-178B Level A Embraer FCS

  Download
.

Since 1969 Embraer® has built more than 5,000 aircraft that operate in 92 countries on five continents.

Working on the R&D stage of a DO-178B Level A Flight Control System (FCS) software application, Embraer wanted to obtain worst-case execution times (WCET) and worst-case stack usage data.

Their solution was to choose Rapita Verification Suite (RVS) from Rapita Systems.

An important part of the development of this system’s software was meeting the verification objectives required by DO-178B while at the same time decreasing development costs.

Summary

The challenge

  • To capture WCET times and data while meeting DO-178B standards and reducing costs

The solution

  • Use RVS tools to instrument the FCS source code and analyze the results from on-target testing

The benefits

  • Obtaining a WCET and stack usage value without the need to generate and demonstrate a test scenario saves resources and time by automatically determining test scenarios for WCET and largest stack usage

The challenge

The Embraer FCS employs Fly-By-Wire (FBW) technology. Data processing and the logic of the FCS are implemented by software, which due to the criticality of the FCS function, is classified as Level A software. Initial requirements for the FCS application required a WCET of less than 5 milliseconds, and a maximum stack usage of 20,000 bytes.

Embraer faced three major challenges during FCS development:

  • Effectively capture worst case execution times and worst case stack usage data
  • Meet DO-178B requirements
  • Reduce development costs

The solution

Instrumenting source code

Using RVS, instrumentation is added to the source code, which is then built using a compiler configured in the same way as during development activities.

The process for stack analysis is similar to that for timing analysis, except that points of instrumentation are only used for function entry and exits, and timestamps are replaced with the value of the stack pointer.

Analyzing the source code

RVS analyzes the source code and determines an overall structure of the code and the paths through it.

It was not necessary to design a test case for the paths leading to WCET or biggest stack usage because RapiTime calculates them and reports whether that path corresponds to the longest path observed during testing.

This leads to a significant reduction of resource effort since generating a worst-case time scenario is a time consuming activity.

On-target testing

Since the purpose of this testing activity was only to exercise the paths of the application, the outputs were not evaluated and could be ignored. This method achieved coverage of approximately 77% of the instrumentation points for timing analysis, and 100% of the instrumentation points for stack analysis.

The benefits

Because it was not necessary to manually design a test case for the worst-case path, a significant resource effort was avoided, saving time and money.

After running and processing data, the WCET value for the whole integrated application was computed as 2.279ms and the worst-case stack usage was 3416 bytes.

Even with the partial timing coverage, the results confirmed that the FCS was compliant with the required limit on the execution time of 5ms, and that the stack usage was below the limit of 20,000 bytes.

“We have successfully shown the viability of using RapiTime to measure WCET.

It was able to support our hardware platform and once the system was set up, the analysis method could be repeated with relative ease.

With the WCET results, time partitioning was easily configured in the platform for the FCS application.

Processing resources could be optimized by tightening the time window, even leaving some room for future expansion.

Additionally the application hard deadline could be configured based on the results, with a Health Monitor to trigger if exceeded.”

Felipe Kamei
Embraer

Next Steps

To learn how RapiTime can help reduce the cost and effort of execution time analysis, see our product page.

To enquire about how Rapita can help, visit our contact page.

Other case studies

Case study

GMV verify ISO26262 automotive software with RVS

Case study

Collins Aerospace: DO-178C code coverage analysis

Case study

Alenia Aermacchi (Leonardo) M-346

Case study

Cobham Aerospace Connectivity: RapiCover continues to deliver on the most challenging targets

  • Solutions
    • Rapita Verification Suite
    • RapiTest
    • RapiCover
    • RapiTime
    • RapiTask
    • MACH178
    • Verification and Validation Services
    • Qualification
    • Training
    • Integration
  • Latest

    • Latest menu

    • News
    • Blog
    • Events
    • Videos
  • Downloads

    • Downloads menu

    • Brochures
    • Webinars
    • White Papers
    • Case Studies
    • Product briefs
    • Technical notes
    • Software licensing
  • Company

    • Company menu

    • About Rapita
    • Careers
    • Customers
    • Distributors
    • Industries
    • Locations
    • Partners
    • Research projects
    • Contact
  • Discover
    • Multicore Timing Analysis
    • Embedded Software Testing Tools
    • Worst Case Execution Time
    • WCET Tools
    • Code coverage for Ada, C & C++
    • MC/DC Coverage
    • Verifying additional code for DO-178C
    • Timing analysis (WCET) & Code coverage for MATLAB® Simulink®
    • Data Coupling & Control Coupling
    • Aerospace Software Testing
    • Automotive Software Testing
    • Certifying eVTOL
    • DO-178C
    • AC 20-193 and AMC 20-193
    • ISO 26262
    • What is CAST-32A?

All materials © Rapita Systems Ltd. 2024 - All rights reserved | Privacy information | Trademark notice Subscribe to our newsletter