mrcy.com
7
Next-Generation Safe and Secure Processing Systems for Aerospace and Defense Applications
• Other approaches. Looking to the future, the
imposition of strong architectural partitions offers
promise as a means to limit the ripple effect of
changes across a system. For example, if a container
for 'untrusted, non-safety-certifiable' software can
be established and adequately isolated from safety-
critical processing functions, it could be argued that
the container's software could be arbitrarily replaced
without reassuring the system. Effectively, the system
would already be assured against all possible software-
induced faults in the container.
FIGURE 9
Mercury CIOE-1390 rugged, open-systems COM Express
single-board computers (SBCs). These compact boards deliver
the highest certifiable multicore processing capabilities for
size-, weight- and power-constrained, on-platform sensor
processing and exploitation applications.
Acronyms
ARP-4754A Guidelines for Development of Civil Aircraft and Systems
DAL Design Assurance Level
DCS Direct Commercial Sales
DMEA Defense Microelectronics Activity
DO-178C
Software Considerations in Airborne Systems and
Equipment Certification
DO-254
Design Assurance Guidance for Airborne Electronic
Hardware
EASA European Aviation Safety Agency
FAA Federal Aviation Authority
FACE Future Airborne Capability Environment
FIPS Federal Information Processing Standard
FMECA Failure Mode Effects and Criticality Analysis
FMS Foreign Military Sales
MAC Mandatory Access Control
MOSA Modular Open Systems Architecture
PSE Product Service Experience
RTCA Radio Technical Commission for Aeronautics
SOSA Sensor Open System Architecture
SSE Systems Security Engineering
TPM Trusted Platform Module
UAV Unmanned Aerial Vehicle
