GNAT Pro Safety-Critical used by Terma A/S for Space Monitor Project
PARIS, NEW YORK, December 17, 2012 – Paris Space Week 2012- AdaCore today announced that Terma A/S has selected the GNAT Pro Safety-Critical development environment to develop onboard software for the Atmosphere-Space Interactions Monitor (ASIM) that will be mounted on the Columbus module of the International Space Station. Terma will use
GNAT Pro Safety-Critical combined with the GNATemulator and GNATcoverage dynamic testing tools to develop and test the application prior to deployment on the actual LEON 3 embedded processor.
ASIM is used to detect lightning formations known as “red sprites”, “blue jets” and “elves”, and to detect X-ray and γ-ray discharges. The objective is to search for a correlation between these formations and large thunderstorms, improving our understanding of these phenomena and their influence on the Earth’s climate. Terma is – under contract to the European Space Agency (ESA) – the prime contractor for the development of the ASIM instrument including development of the on-board software.
ASIM will be deployed in space where repairs are costly if possible at all, making reliability of the platform and its software essential. This need for reliability was a principal factor in selecting the Ada programming language for the software development. The Ravenscar profile (a subset of the Ada tasking features designed for safety-critical hard real-time computing) will be used to ensure that all multi-processing/tasking within the application can be proven deterministic and schedulable. Ada’s ability to define static and dynamic contracts and checks – including features recently introduced in the new Ada 2012 standard – helps developers express requirements directly in the software. This allows early detection of inconsistencies, either statically (at compile time) or dynamically (during testing).
To carry out the Ada development, Terma selected the LEON 3 ELF configuration of the GNAT Pro Safety-Critical development environment. It includes tools that take advantage of the language’s properties to perform additional static and dynamic analysis, reaching even higher levels of reliability. Complexity and other metrics are automatically monitored using GNATmetrics, while GNATcheck enforces a consistent coding style, and detects well-defined categories of code vulnerabilities. The GNATstack tool performs static stack analysis, so that stack size requirements can be verified prior to execution. For dynamic analysis, GNATemulator is used to perform unit testing of the software using the LEON 3 toolchain, independent of and prior to the availability of the final hardware. In combination with GNATemulator, GNATcoverage is used to provide very early structural coverage analysis without need to instrument the software under test. The software is tested in a fully simulated environment, ensuring that only integration and system-specific verification need to be performed on the final target.
“At Terma we find Ada to be suitable for on-board software development, due to its strengths and proven track record in the field of critical real-time software. By choosing GNAT Pro for LEON 3 ELF, we have an Ada development toolchain that can deliver the required quality, and body of evidence thereof, needed when developing critical software. We are excited about not having to rely on a separate real-time operating system, as GNAT Pro for LEON 3 ELF allows us to develop Ravenscar-compliant real-time software targeting a LEON 3 bare-board with a minimum of fuss.” [Mark Lorenzen, Software Engineer, ASIM instrument software responsible]
“Ada and GNAT Pro have a solid track record in space applications, and their selection for the ASIM software continues to demonstrate their advantages in this critical domain.” said Cyrille Comar, Managing Director at AdaCore. “What is particularly pleasing in this project is to see Terma using the full range of complementary technologies that make up GNAT Pro to ensure the highest levels of reliability.”
About Terma A/S
Operating in the aerospace, defense, and security sector, Terma supports customers and partners all over the world. With more than 1,100 committed employees worldwide, the company develops and manufactures mission-critical products and solutions that meet customers’ needs and requirements.
Founded in 1994, AdaCore is the leading provider of commercial software solutions for Ada, a state-of-the-art programming language designed for large, long-lived applications where safety, security, and reliability are critical. AdaCore's flagship product is the open source GNAT Pro development environment, which comes with expert on-line support and is available on more platforms than any other Ada technology. AdaCore has an extensive world-wide customer base; see http://www.adacore.com/home/company/customers/ for further information.
Ada and GNAT Pro see a growing usage in high-integrity and safety-certified applications, including space-based systems, commercial aircraft avionics, military systems, air traffic management/control, railroad systems, and medical devices, and in security-sensitive domains, such as financial services. The SPARK Pro toolset, available from AdaCore, is especially useful in such contexts.
AdaCore has North American headquarters in New York and European headquarters in Paris. www.adacore.com
US: Jessie Glockner AdaCore Public Relations Representative +1-646-532-2723
EU: Juliana Silva AdaCore Marketing Specialist +33 1 49 70 87 93
Posted on: 12/17/2012