en fr de

AVIO Selects AdaCore’s GNAT Pro Assurance Toolsuite for European Space Agency Program

Safety-critical on-board software for Vega-C launcher being developed in Ada, leveraging GNATemulator to expedite testing

NEW YORK and PARIS, January 8, 2019AdaCore, a trusted provider of software development and verification tools, today announced that the aerospace company AVIO has selected the GNAT Pro Assurance Ada Development Environment, including the GNATemulator host-based target emulation tool, to implement the on-board software for AVIO’s Vega-C launch vehicle. Sponsored by the European Space Agency (ESA), this safety-critical hard real-time embedded system is the flight software that handles guidance, navigation and control for the Vega-C.

AVIO is using the GNAT Pro Assurance Ada cross environment for certified / safety-critical development, hosted on Intel x86 Linux and targeted to LEON 2 ELF with the ZFP (“Zero Footprint Profile”) minimal run-time support library. The host environment includes the GNATemulator target emulation tool, which translates from target to host instructions on the fly and allows efficient and convenient functional testing. Scheduled for completion in 2019, the Vega-C on-board software project includes certification of the ZFP run-time library at level B of the European Space standards ECSS-E-ST-40C and ECSS-Q-ST-80C.

“Ada and AdaCore have a long and successful track record in the Space industry,” said Jamie Ayre, Commercial Director at AdaCore. “We are pleased that AVIO has recognized the many benefits that AdaCore’s GNAT Pro Assurance offering can bring to their Vega-C project, including the availability of run-time library certification material. We look forward to supporting AVIO’s software efforts on this and other projects long into the future.”

“Reliability is the key factor in the launcher industry, and the thirteen successful Vega launches demonstrate that AVIO has consistently been able to meet this requirement,” said Paolo Bellomi, Engineering Director at AVIO. “We are confident that, with the help of AdaCore ’s GNAT Pro Assurance, we will develop Vega-C launcher flight software that is reliable while also being easy to maintain and adapt based on the evolving demands of the satellites market.”

AVIO chose Ada based on the language’s strong software engineering support, with extensive built-in compile-time and run-time checks, which makes a system easier to develop, verify and maintain. Based on their past experience AVIO recognized that Ada can encourage and indeed even force programmers to write good quality code, and the language and compiler detect bugs long before they can cause safety hazards or vulnerabilities in the final deliverable. The Vega application is expected to evolve over many years, and Ada’s readability and its support for modular and extensible design will make it easier to adapt the software as new requirements emerge.

AdaCore’s strong heritage with Ada, and the availability of run-time library certification material that could be used as the basis for the ZFP certification, were prime reasons that the company was chosen as the Ada vendor. Other factors that influenced the selection were AdaCore’s excellent support services, the convenience of GNATemulator’s testing approach, the availability of source code for the tools and libraries, the quality of the documentation, good feedback from previous ECSS run-time library certification, the fact that there is no need to manage license files (the tools can be installed on any project workstation) and the support for modern 64-bit Linux systems.

AVIO’s experience with GNATemulator has been especially positive. With an earlier (pre-AdaCore) Ada environment the unit and Monte Carlo testing was complicated, since some tests could be conducted natively while others needed to be performed on the target. This required two different compiler configurations (native and cross) and produced a complex workflow. With the AdaCore toolsuite AVIO can run all the unit and Monte Carlo tests directly on GNATemulator, using the same cross-compiler with the same options. This significantly simplifies AVIO’s development processes.

About GNAT Pro 
GNAT Pro is a comprehensive and integrated software development environment, available for Ada and also C and C++. Based on the open source GCC code generation technology, GNAT Pro produces high-quality object code across a wide variety of processors and operating systems as well as bare metal target configurations. GNAT Pro Ada handles all versions of the language standard, from Ada 83 through Ada 2012, and includes a full-featured toolsuite, graphical IDEs (GNAT Programming Studio and Eclipse-based GNATbench), and extensive companion libraries, all backed by expert support provided by the GNAT Pro developers themselves.

GNAT Pro Assurance is the premium edition of the GNAT Pro toolsuite, targeted to long-lived projects and high-assurance systems. It comprises a complete Ada solution for projects with the most stringent requirements for reliability, long-term maintenance, and/or safety certification. Several features distinguish GNAT Pro Assurance from the other GNAT Pro product lines:

  • Support for sustained branches, a customized service that allows a project to continue using a specific version of the technology, including upgrades to repair critical issues;
  • Specialized small-footprint run-time libraries, which simplify the analysis effort required for compliance with certification standards; and
  • Certification material (available as an add-on), for projects that need to comply with domain-specific software standards.

GNAT Pro Assurance is available across a wide range of platforms, both for native development and for cross compilation to bare metal targets and to RTOSes from AdaCore partners Wind River, Lynx Software Technologies, and SYSGO.  The GNAT Pro technology has a proven track record in developing, verifying, and certifying long-lived critical systems in high-assurance domains such as avionics, rail, and space.

About GNATemulator 
GNATemulator is an efficient and flexible tool that provides integrated, lightweight target emulation. Based on the QEMU technology, a generic and open-source machine emulator and virtualizer, the GNATemulator tool executes on the host platform. It compiles code directly for the target architecture and runs it on the host, through an approach that translates from the target object code to native instructions on the host. This avoids the inconvenience and cost of managing an actual board, while offering an efficient testing environment.

About AdaCore
Founded in 1994, AdaCore supplies software development and verification tools for mission-critical, safety-critical and security-critical systems. Four flagship products highlight the company’s offerings:

  • The GNAT Pro development environment, a complete toolset for designing, implementing, and managing applications that demand high reliability and maintainability. GNAT Pro is available for Ada and also for C and C++.
  • The CodePeer advanced static analysis tool, an automatic Ada code reviewer and validator that can detect and eliminate errors both during development and retrospectively on existing software. CodePeer can detect a number of the “Top 25 Most Dangerous Software Errors” in the MITRE Corporation’s Common Weakness Enumeration (CWE).
  • The SPARK Pro verification environment, a toolset based on formal methods and oriented toward high-assurance systems.
  • The QGen model-based development tool suite for safety-critical control systems, providing a qualifiable and customizable code generator and static verifier for a safe subset of Simulink® and Stateflow® models, and a model-level debugger.

Over the years customers have used AdaCore products to field and maintain a wide range of critical applications in domains such as commercial and military avionics, automotive, railway, space, defense systems, air traffic management/control, medical devices and financial services. AdaCore has an extensive and growing worldwide customer base; see www.adacore.com/industries/ for further information.

AdaCore products are open source and come with expert online support provided by the developers themselves. The company has North American headquarters in New York and European headquarters in Paris. www.adacore.com/

About AVIO
AVIO is a leading international group engaged in the construction and development of space launchers and solid and liquid propulsion systems for space travel. The experience and know-how built up over more than 50 years puts AVIO at the cutting-edge of the space launcher sector, solid, liquid and cryogenic propulsion and tactical propulsion. AVIO operates in Italy, France and French Guyana with five facilities, employing approximately 850 highly-qualified personnel, of whom around 30% are involved in research and development. AVIO is a prime contractor for the Vega rocket program and a sub-contractor for the Ariane program, both financed by the European Space Agency, placing Italy among the limited number of countries capable of producing a complete spacecraft.

Press Contacts:  
press-info@adacore.com
http://www.adacore.com
http://twitter.com/AdaCoreCompany

US:
Jessie Glockner
AdaCore Public Relations Representative
+1-646-532-2723

EU: 
Pamela Trevino  
AdaCore Marketing Specialist  
+33 1 49 70 87 93