Safety-Critical Industries and Standards

GNAT Pro Safety-Critical is an ideal environment for any high-reliability / safety-critical embedded application. In addition, we have tailored solutions to address the programming challenges and requirements associated with many industries and international safety standards.

Key Features of GNAT Pro Safety-Critical

Configurable Run-Time Library

Using GNAT Pro Safety-Critical's configurable run-time capability, you can specify any level of support for Ada's dynamic features, from none at all to the full Ada 95, Ada 2005, Ada 2012 language versions. The units included in the library may be either a subset of the standard units provided with GNAT Pro, or they may be specially tailored to the application. This capability is useful, for example, if one of the predefined profiles provides almost all the features needed to adapt an existing system to new safety-critical requirements, and where the costs of adaptation without the additional features are considered prohibitive.

Full Ada 2005 / 2012 Implementation

In keeping with its status as the leading Ada technology, GNAT Pro is the first Ada environment to implement all of the major features included in Ada 2012, the latest revision of the Ada language. With Ada 2012, Ada continues to be the benchmark for programming language designed for the development safe and secure software systems.

Sustained Branch Service

Another service is a specialized option for customers who need access to corrections for defects while continuing to use defined release branches. With a regular GNAT Pro subscription, defects are corrected in the development branch and corrected technology is made available through wavefronts, which are pre-releases of the future official GNAT Pro versions. With a "sustained branch" service, customers can obtain critical fixes on existing release branches, minimizing the impact of compiler toolchain upgrades. In addition, customers with a sustained branch service receive more detailed information about known defects and how to detect them, as well as support for impact analysis when a minor compiler upgrade occurs on the sustained branch.


Approval of aviation software to the guidance of DO-178B/ED-12B and DO-178C/ED-12C [DO178C] requires an applicant to assess the correspondence between source code and object code in certain circumstances. In particular, for Level A software, source code to object code traceability must be established (see paragraph of DO-178C/ED-12C). When the compiler generates object code that is not directly traceable to the source code, additional verifications must be performed. As proposed in the position paper CAST-12 [CAST12], an acceptable approach is to identify that untraceable compiler-generated object code and verify it.

Read the study: Source Code to Object Code Traceability Study

Simplification of Certification Effort

You can restrict language features that, although not requiring a run-time library, nevertheless could complicate the test coverage analysis part of the certification effort. For example, you can prohibit the use of constructs that would result in code with implicit loops and conditionals (such as a slice assignment).

Advanced Static Analysis

The GNATstack static analysis tool is supplied with this edition. GNATstack statically calculates the maximum stack space required by each task in an application. The computed bounds can be used to ensure that sufficient space is reserved, thus guaranteeing safe, predictable execution with respect to stack usage. GNATstack uses conservative analysis to deal with complexities such as subprogram recursion, while avoiding unnecessarily pessimistic estimates. The tool's output data can be used directly to satisfy DO-178B / DO-178BC requirements (Table A-5, Objective 6, which relates to the Accuracy and consistency issues itemized in Section 6.3.4f) and the associated sections from DO-278 for native safety systems.

For additional kinds of advanced static analysis of your Safety-Critical Ada code, our CodePeer toolset is recommended.
More about GNATstack »
More about CodePeer»

Safety-Critical Support and Expertise

At the heart of every AdaCore subscription are the consulting and support services we provide to our customers. AdaCore staff are recognized experts on the Ada language, certification, compilation technologies and static and dynamic verification. They have a strong experience in supporting customers in avionics, railway, energy, space, air traffic management and military projects.

Every piece of technology provided by AdaCore comes with first-hand support provided directly by these experts, who are also the developers of the technology. This ensures that customers' questions (requests for advice, technology enhancements or bug reports) are handled efficiently and effectively.

On top of this bundled support, AdaCore provides training on language and/or tools, as well as on- site consulting to help deploy the technology and provide additional help in case of start-up issues. On-demand tool development or ports to new platforms complete the service offer. More about our Frontline Support »

Often Safety and Security go hand in hand and GNAT Pro can provide an integrated solution. Learn about GNAT Pro's specialized tools and services for developing security-critical applications and MILS environments that must meet Evaluation Assurance Levels (EAL) 5-7. Learn More »


The GNAT Pro Difference: Frontline Support


The world’s largest team of Ada experts at your fingertips. Learn More »

GNAT Tracker

Our powerful, secure, customer web server, brings you timely online support. Learn More »

Knowledge Center


  • The InSight webinar series continues with a webinar demonstrating how to write unit tests in a cost-effective way using the AdaCore toolset. More precisely it will show how to generate the unit testing framework using GNATtest, how to run the tests on an emulator such as GNATemulator and how to extract coverage results using GNATcoverage. This is primary aimed at developers and projects managers that already have unit testing infrastructure in place and are looking to reduce maintenance costs, as well as teams that are looking at implementing such techniques with minimal effort.
  • Wind River, Ada Core and Verocel will show the webcast audience how use of COTS technology and best practices in software certification can improve time to market and reduce risk for safety-critical software developers.

    AdaCore will introduce tools and techniques for easing the development and certification costs for applications to be deployed within an IMA architecture. Options for certification approaches will be discussed along with methods for automating these approaches. Full software development environments will be discussed with tight integration of tools and toolsets when they are applicable to the development or safety certification effort for a particular safety standard.

Developer Gems    

  • Gem #63: The Effect of Pragma Suppress

    Ada Gem #63 — The features of Ada have generally been designed to prevent violating the properties of data types, enforced either by compile-time rules or, in the case of dynamic properties, by using run-time checks. Ada allows run-time checks to be suppressed, but not with the intent of allowing programmers to subvert the type system.

  • Gem #53: Safe and Secure Software: Chapter 12: Conclusion

    Gem #53 is the concluding chapter of John Barnes' new booklet:

    Safe and Secure Software: An Introduction to Ada 2005.

    We hope you have enjoyed this series. In the attachment at the bottom of Gem #30 you can access the contents and bibliography for the entire booklet.