No Linux OS Has RTCA DO-178B Certification
Robert L Cochran
cochranb at speakeasy.net
Sun Nov 28 18:07:21 UTC 2004
Several hours of research seems to establish that no Linux OS has
achieved any Level of Radio Technical Commission for Aeronautics (RTCA)
DO-178B certification, which is required by the Federal Aviation
Administration (FAA) of software systems used in flight. I've read one
uncorroborated claim that a Linux OS (no mention of vendor name or
kernel version) has DO-178B Level C certification for use in a Pilot
Information Display, but a check of the manufacturer's web page for the
part says the OS is certifiable to DO-178B, not that it is already
certified to any particular Level within the standard.
There are Unix-like real-time OS'es that do have DO-178B certification.
One of these is LynxOS-178 by LynuxWorks. This software is actually
licensed from Rockwell-Collins, and uses their Virtual Machine Operating
System (VMOS) technology, which has its own DO-178B Level A
certification. The LynxOS-178 product was announced in 2002 but
apparently VMOS has been around since 1988. They claim to have DO-178B
Level C certification for one in-flight application and further claim
they are certifiable to Level A, no doubt due to the VMOS licensing.
Green Hills Software also offers a product which is DO-178B Level A
certifiable named Integrity-178. But this, too, is not a Linux OS.
Across the ocean, The British Health and Safety Executive issued a study
in 2002, "RR 011 - Preliminary assessment of Linux for safety related
systems", which concludes that the 2.4 vanilla kernel may be certifiable
to their Safety Integrity Levels 1, 2, and 3 but probably not to Level
4. They noted that the OS was being studied for a railroad traffic
control application. Linux may not be certified in the UK for their
safety systems.
Perhaps some day a Linux OS version will achieve DO-178B certification
at some level, or a European certification at an equivalent level, but
it is a very costly effort. The documentation requirements from the FAA
and it's functionally equivalent agencies in other countries for such
certification covers a lot of ground and a vendor's documentation and
claims would be independently checked. Someone will have to pay for that
plus the various other expenses.
More information about the fedora-list
mailing list